This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/kWTcOrIiLDSFikv0fIN21WNBkZo.roa File: kWTcOrIiLDSFikv0fIN21WNBkZo.roa (raw, json) Hash identifier: RwODoFceOeF+8neem79Sg6vrd+BjCMqAwo9dbQoopJc= Subject key identifier: 91:64:DC:3A:B2:22:2C:34:85:8A:4B:F4:7C:83:76:D5:63:41:91:9A Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Certificate serial: 019B7D5D36954BCE30B789F00D7BA3D61565 Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/kWTcOrIiLDSFikv0fIN21WNBkZo.roa Signing time: Fri 02 Jan 2026 06:20:19 +0000 ROA not before: Fri 02 Jan 2026 06:20:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 30456 IP address blocks: 45.141.24.0/24 maxlen: 24 45.144.225.0/24 maxlen: 24 89.31.216.0/24 maxlen: 24 178.239.199.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 11:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:36:95:4b:ce:30:b7:89:f0:0d:7b:a3:d6:15:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Validity Not Before: Jan 2 06:20:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9164dc3ab2222c34858a4bf47c8376d56341919a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:d0:6d:33:a2:c8:bd:52:c4:79:c9:f6:46:7a: df:cf:36:c2:3b:eb:0f:3c:aa:2e:7d:fc:fc:34:7a: 69:33:ed:9b:4d:9b:91:fd:c7:ff:d9:d1:a4:d6:b0: b7:6b:cc:dd:4e:23:ff:50:4f:8f:05:da:a4:ec:93: fe:b3:6c:ae:5a:70:8a:7d:a9:25:ba:24:2a:d6:27: 3f:91:13:22:47:b7:b1:bb:24:2e:74:e0:78:d4:02: 83:d8:f2:ad:c5:23:a4:6c:1c:f5:64:a6:8d:18:ea: d3:5c:f4:58:26:02:64:d2:03:39:0c:31:69:0f:3f: 3e:f4:f6:8b:68:a0:50:51:43:c9:bc:78:0e:45:d0: fe:a5:05:59:e4:40:00:23:1d:5e:e6:32:f1:72:ad: 96:42:13:33:47:ca:1d:49:85:00:70:4d:e1:fc:92: ce:fc:e8:ce:6b:e9:f2:4d:62:5a:0d:1a:0f:48:f0: d0:e2:3d:e3:46:75:e2:7a:17:31:2c:01:9b:73:0b: 7c:70:b4:4a:84:26:c0:2a:fc:f8:70:23:cf:44:07: 55:a9:2c:4f:69:95:5e:93:36:3c:ad:69:70:44:04: 61:c9:8d:ea:0c:32:77:dc:41:af:82:c8:68:da:26: 78:ce:85:e3:4a:19:f2:98:82:9e:f7:c4:f1:0c:50: ca:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:64:DC:3A:B2:22:2C:34:85:8A:4B:F4:7C:83:76:D5:63:41:91:9A X509v3 Authority Key Identifier: keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/kWTcOrIiLDSFikv0fIN21WNBkZo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.141.24.0/24 45.144.225.0/24 89.31.216.0/24 178.239.199.0/24 Signature Algorithm: sha256WithRSAEncryption 52:1a:97:5c:11:db:b8:88:9f:62:c7:25:72:d2:94:21:ba:4b: 06:bd:c4:f7:be:b4:7a:bb:87:2d:c0:7e:28:1d:5c:1d:73:1e: 9a:02:d2:9f:f8:14:96:e1:df:1a:5d:33:86:55:f3:9d:2e:16: 4a:87:d6:e5:b7:cb:ab:12:21:d1:06:5d:bc:a0:cd:b4:03:e2: 36:15:ca:09:38:f3:8a:84:f7:25:79:0d:87:e7:85:d3:07:d1: 4c:02:c6:36:14:8d:87:20:2a:28:d0:fd:8b:b9:a4:24:e5:29: a0:45:b5:20:8d:e1:31:39:39:26:6b:0a:89:c5:06:52:aa:66: 3e:a2:90:dc:9c:e0:7e:07:a9:ae:ae:48:ff:ad:34:67:75:6b: 01:cb:ba:c2:85:c4:dd:85:37:ff:79:96:47:94:24:5e:e0:95: 74:38:09:7b:3f:56:03:f0:6f:47:09:19:9f:de:72:df:30:12: c7:6f:64:fe:d7:63:8b:cd:db:30:e9:54:8c:30:f1:b5:bc:26: e7:3f:49:9d:fe:a2:37:64:d1:d6:9c:3f:fa:c0:c6:2b:80:9c: 05:fa:d8:a8:27:3c:f0:8b:23:5b:94:9f:5f:f6:b4:39:b2:b6: b4:fa:23:f9:05:4e:e4:54:e2:c7:a5:32:f4:8e:c7:12:94:dc: 03:8e:d9:c7 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt9XTaVS84wt4nwDXuj1hVlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw NWIwZTIwHhcNMjYwMTAyMDYyMDE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MTY0ZGMzYWIyMjIyYzM0ODU4YTRiZjQ3YzgzNzZkNTYzNDE5MTlhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6dBtM6LIvVLEecn2RnrfzzbCO+sP PKouffz8NHppM+2bTZuR/cf/2dGk1rC3a8zdTiP/UE+PBdqk7JP+s2yuWnCKfakl uiQq1ic/kRMiR7exuyQudOB41AKD2PKtxSOkbBz1ZKaNGOrTXPRYJgJk0gM5DDFp Dz8+9PaLaKBQUUPJvHgORdD+pQVZ5EAAIx1e5jLxcq2WQhMzR8odSYUAcE3h/JLO /OjOa+nyTWJaDRoPSPDQ4j3jRnXiehcxLAGbcwt8cLRKhCbAKvz4cCPPRAdVqSxP aZVekzY8rWlwRARhyY3qDDJ33EGvgsho2iZ4zoXjShnymIKe98TxDFDKIwIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFJFk3DqyIiw0hYpL9HyDdtVjQZGaMB8GA1UdIwQY MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt MmNjZWRiOTY2YTU4LzEva1dUY09ySWlMRFNGaWt2MGZJTjIxV05Ca1pvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4 LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALY0YAwQA LZDhAwQAWR/YAwQAsu/HMA0GCSqGSIb3DQEBCwUAA4IBAQBSGpdcEdu4iJ9ixyVy 0pQhuksGvcT3vrR6u4ctwH4oHVwdcx6aAtKf+BSW4d8aXTOGVfOdLhZKh9blt8ur EiHRBl28oM20A+I2FcoJOPOKhPcleQ2H54XTB9FMAsY2FI2HICoo0P2LuaQk5Smg RbUgjeExOTkmawqJxQZSqmY+opDcnOB+B6murkj/rTRndWsBy7rChcTdhTf/eZZH lCRe4JV0OAl7P1YD8G9HCRmf3nLfMBLHb2T+12OLzdsw6VSMMPG1vCbnP0md/qI3 ZNHWnD/6wMYrgJwF+tioJzzwiyNblJ9f9rQ5sra0+iP5BU7kVOLHpTL0jscSlNwD jtnH -----END CERTIFICATE-----Generated at Mon Jan 19 19:57:18 2026 by rpki-client