This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/KLNITSlV517b4Qan6MKLyoM8iFI.roa File: KLNITSlV517b4Qan6MKLyoM8iFI.roa (raw, json) Hash identifier: sXR+lvLvVIC2TEhhA+WkxHLrslGZwv5EeqK9Ngr2eS0= Subject key identifier: 28:B3:48:4D:29:55:E7:5E:DB:E1:06:A7:E8:C2:8B:CA:83:3C:88:52 Certificate issuer: /CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a Certificate serial: 019B7A5B11D934EDB375F592F62153C7BDE6 Authority key identifier: B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/KLNITSlV517b4Qan6MKLyoM8iFI.roa Signing time: Thu 01 Jan 2026 16:19:07 +0000 ROA not before: Thu 01 Jan 2026 16:19:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 1299 IP address blocks: 153.112.128.0/24 maxlen: 24 153.112.195.0/24 maxlen: 24 153.112.200.0/23 maxlen: 24 153.112.203.0/24 maxlen: 24 153.112.205.0/24 maxlen: 24 153.112.210.0/24 maxlen: 24 153.112.216.0/24 maxlen: 24 153.112.217.0/24 maxlen: 24 153.112.223.0/24 maxlen: 24 153.112.224.0/24 maxlen: 24 153.112.225.0/24 maxlen: 24 153.112.226.0/24 maxlen: 24 153.112.227.0/24 maxlen: 24 153.112.228.0/24 maxlen: 24 153.112.229.0/24 maxlen: 24 153.112.230.0/24 maxlen: 24 153.112.231.0/24 maxlen: 24 192.131.25.0/24 maxlen: 24 192.157.12.0/23 maxlen: 24 192.157.14.0/24 maxlen: 24 192.157.15.0/24 maxlen: 24 192.157.16.0/23 maxlen: 23 192.157.16.0/24 maxlen: 24 192.157.17.0/24 maxlen: 24 193.53.25.0/24 maxlen: 24 193.53.29.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/tIUv-6fVfFqK-7bqW-r33-wMFFo.crl rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/tIUv-6fVfFqK-7bqW-r33-wMFFo.mft rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:11:d9:34:ed:b3:75:f5:92:f6:21:53:c7:bd:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a Validity Not Before: Jan 1 16:19:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=28b3484d2955e75edbe106a7e8c28bca833c8852 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:30:0c:7a:1d:6c:a0:b6:9f:d9:43:6b:c1:a7: 90:e4:4a:10:a3:e5:03:a3:6d:45:78:d0:a9:01:4c: 43:19:e9:51:a3:69:01:c1:07:6f:a7:3a:d5:ac:01: a3:62:e9:bd:55:67:5c:4b:c0:e2:8a:62:a2:19:12: 1e:73:6e:b5:47:5e:29:b0:a5:d5:a6:38:ce:76:d7: b8:3e:60:c0:6d:f1:db:12:a9:12:08:96:d9:ed:f9: 56:7c:9b:42:b3:4a:30:ca:cd:9a:76:2f:b2:44:0d: 5b:0e:cf:96:6a:8c:8b:5c:0b:8d:3c:22:91:ed:3d: ca:a2:bf:cd:1c:25:e5:7b:33:36:01:87:4f:66:4e: fa:00:8d:d1:2b:9e:7b:b7:2e:cb:9b:a3:4d:55:54: 39:36:ef:bc:3b:f7:60:74:9b:12:10:2e:bf:78:64: a1:0d:c7:fd:24:5a:09:26:86:8c:b4:98:01:d5:9b: 11:d0:3d:6f:43:d2:9b:27:85:cd:7b:2c:77:05:91: 68:c9:7d:10:12:1b:f7:80:be:f7:f9:3f:21:51:4f: ca:2d:70:83:01:99:01:ed:94:bc:2b:bd:39:f5:a2: 0e:95:61:f2:8f:9f:30:b7:00:21:85:8a:fa:5a:09: c5:cc:cc:07:80:7b:ff:69:11:b6:e0:9f:c7:50:67: 7a:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:B3:48:4D:29:55:E7:5E:DB:E1:06:A7:E8:C2:8B:CA:83:3C:88:52 X509v3 Authority Key Identifier: keyid:B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/KLNITSlV517b4Qan6MKLyoM8iFI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/tIUv-6fVfFqK-7bqW-r33-wMFFo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 153.112.128.0/24 153.112.195.0/24 153.112.200.0/23 153.112.203.0/24 153.112.205.0/24 153.112.210.0/24 153.112.216.0/23 153.112.223.0-153.112.231.255 192.131.25.0/24 192.157.12.0-192.157.17.255 193.53.25.0/24 193.53.29.0/24 Signature Algorithm: sha256WithRSAEncryption 80:d7:71:eb:47:00:2c:8d:6a:b1:ae:90:0e:21:bb:1e:36:51: 3a:61:69:e0:c7:a2:53:00:2c:2e:5e:5e:ee:dc:ae:08:a6:65: ba:da:b9:c1:2a:5a:c0:4c:5a:f3:3b:70:5c:d4:21:cf:63:21: a6:e7:ca:b2:4f:84:5d:7b:e9:c7:73:d6:05:a1:e5:60:7a:9c: ba:95:b6:3e:03:04:ea:e4:23:1a:41:c3:c2:2a:d4:66:1f:ed: ac:39:0f:62:ff:69:68:e3:d3:6f:ad:b0:4f:6c:d9:61:77:01: 85:d8:d9:6c:68:a9:57:74:1b:d8:48:02:45:76:b8:cd:5f:b3: df:aa:d2:dd:4c:9a:bb:d1:dc:b7:ba:26:bd:6f:60:93:e7:e8: bd:d6:61:97:1a:8d:00:1a:3e:3b:63:0d:cc:a4:8d:fd:40:da: b1:75:94:7e:63:fb:34:c5:07:74:67:73:00:bb:76:1b:21:1a: 89:39:e5:56:63:5c:f5:ef:8b:d5:2c:dc:d6:ee:4a:5a:ed:b4: b3:20:b1:52:7a:82:cd:37:75:48:07:89:97:e2:25:21:6a:6c: d1:cf:94:e2:52:d2:f6:cb:cb:f0:e9:35:c7:47:11:bb:c7:52: 2b:70:56:2c:77:61:c5:e3:33:c9:ab:47:b8:3d:64:66:30:dc: f3:21:3f:ca -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgISAZt6WxHZNO2zdfWS9iFTx73mMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0ODUyZmZiYTdkNTdjNWE4YWZiYjZlYTViZWFmN2RmZWMw YzE0NWEwHhcNMjYwMTAxMTYxOTA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOGIzNDg0ZDI5NTVlNzVlZGJlMTA2YTdlOGMyOGJjYTgzM2M4ODUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDAMeh1soLaf2UNrwaeQ5EoQo+UD o21FeNCpAUxDGelRo2kBwQdvpzrVrAGjYum9VWdcS8DiimKiGRIec261R14psKXV pjjOdte4PmDAbfHbEqkSCJbZ7flWfJtCs0owys2adi+yRA1bDs+WaoyLXAuNPCKR 7T3Kor/NHCXlezM2AYdPZk76AI3RK557ty7Lm6NNVVQ5Nu+8O/dgdJsSEC6/eGSh Dcf9JFoJJoaMtJgB1ZsR0D1vQ9KbJ4XNeyx3BZFoyX0QEhv3gL73+T8hUU/KLXCD AZkB7ZS8K7059aIOlWHyj58wtwAhhYr6WgnFzMwHgHv/aRG24J/HUGd6NQIDAQAB o4ICWzCCAlcwHQYDVR0OBBYEFCizSE0pVede2+EGp+jCi8qDPIhSMB8GA1UdIwQY MBaAFLSFL/un1Xxaivu26lvq99/sDBRaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQt ZjcxMDM4ZTk2N2E0LzEvS0xOSVRTbFY1MTdiNFFhbjZNS0x5b004aUZJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQtZjcxMDM4ZTk2N2E0 LzEvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQAmXCAAwQA mXDDAwQBmXDIAwQAmXDLAwQAmXDNAwQAmXDSAwQBmXDYMAwDBACZcN8DBAOZcOAD BADAgxkwDAMEAsCdDAMEAcCdEAMEAME1GQMEAME1HTANBgkqhkiG9w0BAQsFAAOC AQEAgNdx60cALI1qsa6QDiG7HjZROmFp4MeiUwAsLl5e7tyuCKZlutq5wSpawExa 8ztwXNQhz2MhpufKsk+EXXvpx3PWBaHlYHqcupW2PgME6uQjGkHDwirUZh/trDkP Yv9paOPTb62wT2zZYXcBhdjZbGipV3Qb2EgCRXa4zV+z36rS3Uyau9Hct7omvW9g k+fovdZhlxqNABo+O2MNzKSN/UDasXWUfmP7NMUHdGdzALt2GyEaiTnlVmNc9e+L 1Szc1u5KWu20syCxUnqCzTd1SAeJl+IlIWps0c+U4lLS9svL8Ok1x0cRu8dSK3BW LHdhxeMzyatHuD1kZjDc8yE/yg== -----END CERTIFICATE-----Generated at Wed Jan 21 07:23:25 2026 by rpki-client