This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/a7fec4-df2d-45eb-8520-73c2740ea8bf/1/KZrT9vMzu7K3Un0s9bEKCsYgn2g.roa File: KZrT9vMzu7K3Un0s9bEKCsYgn2g.roa (raw, json) Hash identifier: AIX5thmAvFyA3Ct0qYMz82ptq3CBSFPlNtikY3jmQXE= Subject key identifier: 29:9A:D3:F6:F3:33:BB:B2:B7:52:7D:2C:F5:B1:0A:0A:C6:20:9F:68 Certificate issuer: /CN=14435c7fdc48289ec559f01ea51dac1723f091ed Certificate serial: 019B78A34BFFE46F8226B3F5AC0FDC8FAC58 Authority key identifier: 14:43:5C:7F:DC:48:28:9E:C5:59:F0:1E:A5:1D:AC:17:23:F0:91:ED Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FENcf9xIKJ7FWfAepR2sFyPwke0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/a7fec4-df2d-45eb-8520-73c2740ea8bf/1/KZrT9vMzu7K3Un0s9bEKCsYgn2g.roa Signing time: Thu 01 Jan 2026 08:18:46 +0000 ROA not before: Thu 01 Jan 2026 08:18:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59518 IP address blocks: 5.158.200.0/21 maxlen: 24 5.158.200.0/24 maxlen: 24 5.158.201.0/24 maxlen: 24 5.158.202.0/24 maxlen: 24 5.158.203.0/24 maxlen: 24 5.158.204.0/24 maxlen: 24 5.158.205.0/24 maxlen: 24 5.158.206.0/24 maxlen: 24 5.158.207.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/a7fec4-df2d-45eb-8520-73c2740ea8bf/1/FENcf9xIKJ7FWfAepR2sFyPwke0.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/a7fec4-df2d-45eb-8520-73c2740ea8bf/1/FENcf9xIKJ7FWfAepR2sFyPwke0.mft rsync://rpki.ripe.net/repository/DEFAULT/FENcf9xIKJ7FWfAepR2sFyPwke0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:4b:ff:e4:6f:82:26:b3:f5:ac:0f:dc:8f:ac:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=14435c7fdc48289ec559f01ea51dac1723f091ed Validity Not Before: Jan 1 08:18:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=299ad3f6f333bbb2b7527d2cf5b10a0ac6209f68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:f5:00:7a:55:9c:c2:98:b7:da:75:a3:ac:1d: d4:e4:d1:4f:18:c1:45:0a:2a:c0:e5:bb:bb:b7:a1: 76:ee:27:51:33:c4:44:6a:2f:72:02:1a:cc:13:57: 99:1c:6d:7a:e7:08:6a:7c:6f:68:20:c5:04:c9:c7: e9:ca:88:92:4b:35:f6:9d:ca:b6:52:6c:af:25:d9: 5a:03:8e:03:cf:b8:3e:1d:5d:c6:1d:8b:15:8c:83: ad:f4:72:dd:27:b2:da:20:27:6d:65:1a:de:0f:f3: c2:c0:72:d1:09:72:ec:ca:1f:39:aa:7d:8f:89:ef: dc:9d:be:52:37:e2:be:a2:17:b3:a6:2f:af:7a:72: 95:64:33:22:b1:92:fc:95:6a:c8:90:a8:7b:68:f3: 5a:58:28:f5:e0:6a:7e:96:8d:63:d4:8a:a2:eb:9c: 99:96:fa:ef:01:27:bb:4c:45:bb:e2:ed:99:2c:7a: 69:dc:98:5d:db:49:4e:ea:89:ea:bf:24:b7:f9:dc: 18:7a:b6:82:80:ec:b0:d0:d1:81:53:56:5a:cf:74: a3:7f:f4:51:dc:11:61:8a:a7:0a:31:86:c6:6e:1a: d3:60:c4:08:11:01:11:87:2b:c5:ef:b4:54:95:3c: 29:42:ea:58:4b:9a:7a:f4:af:0a:21:58:e8:52:56: 4d:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:9A:D3:F6:F3:33:BB:B2:B7:52:7D:2C:F5:B1:0A:0A:C6:20:9F:68 X509v3 Authority Key Identifier: keyid:14:43:5C:7F:DC:48:28:9E:C5:59:F0:1E:A5:1D:AC:17:23:F0:91:ED X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FENcf9xIKJ7FWfAepR2sFyPwke0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/a7fec4-df2d-45eb-8520-73c2740ea8bf/1/KZrT9vMzu7K3Un0s9bEKCsYgn2g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/a7fec4-df2d-45eb-8520-73c2740ea8bf/1/FENcf9xIKJ7FWfAepR2sFyPwke0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.158.200.0/21 Signature Algorithm: sha256WithRSAEncryption 80:6e:69:7b:4b:2f:9f:f8:22:68:cf:82:a0:c7:bc:6a:f7:4a: 39:2a:9f:a0:65:89:a0:ec:09:26:02:8d:e7:e5:7e:57:a9:77: b8:5c:ec:06:86:27:77:85:6f:bc:3f:5d:1f:f2:cb:ed:e0:8c: 45:bb:de:0f:7f:59:b9:db:78:28:12:54:28:5c:84:66:d5:c2: 96:de:3c:17:74:19:03:cb:a5:0d:5b:64:33:fe:91:1b:23:ff: 0b:97:bd:99:eb:ae:33:3d:87:f7:03:64:d7:78:d0:41:3f:fa: ae:03:15:50:bf:a5:03:b7:c9:0f:7b:3a:68:3f:b7:c9:9e:5b: dd:15:94:f2:7b:86:07:d6:6e:4a:01:2d:a0:db:f8:e0:77:5d: e4:d0:99:a3:d4:f6:0b:8c:1d:e7:4e:9a:3c:6a:a2:dc:bd:06: a1:45:81:53:fa:5a:d7:f7:52:bf:6c:cf:86:ee:d0:9b:29:57: f6:6d:34:da:31:f6:cc:9f:d1:bb:bc:c2:46:3f:c0:bd:3c:b7: 49:ee:ac:44:e9:fa:5f:f0:23:b1:aa:fe:12:e1:52:10:ff:91: f6:e4:a7:9d:79:47:29:70:14:dd:d4:e9:db:b7:c0:e1:bc:b0: 17:75:94:bb:57:fd:05:8d:c8:28:9e:e0:90:aa:ad:37:cb:65: 07:92:f0:81 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4o0v/5G+CJrP1rA/cj6xYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE0NDM1YzdmZGM0ODI4OWVjNTU5ZjAxZWE1MWRhYzE3MjNm MDkxZWQwHhcNMjYwMTAxMDgxODQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOTlhZDNmNmYzMzNiYmIyYjc1MjdkMmNmNWIxMGEwYWM2MjA5ZjY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvUAelWcwpi32nWjrB3U5NFPGMFF CirA5bu7t6F27idRM8REai9yAhrME1eZHG165whqfG9oIMUEycfpyoiSSzX2ncq2 UmyvJdlaA44Dz7g+HV3GHYsVjIOt9HLdJ7LaICdtZRreD/PCwHLRCXLsyh85qn2P ie/cnb5SN+K+ohezpi+venKVZDMisZL8lWrIkKh7aPNaWCj14Gp+lo1j1Iqi65yZ lvrvASe7TEW74u2ZLHpp3Jhd20lO6onqvyS3+dwYeraCgOyw0NGBU1Zaz3Sjf/RR 3BFhiqcKMYbGbhrTYMQIEQERhyvF77RUlTwpQupYS5p69K8KIVjoUlZNbQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCma0/bzM7uyt1J9LPWxCgrGIJ9oMB8GA1UdIwQY MBaAFBRDXH/cSCiexVnwHqUdrBcj8JHtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRkVOY2Y5eElLSjdGV2ZBZXBSMnNGeVB3a2UwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9hN2ZlYzQtZGYyZC00NWViLTg1MjAt NzNjMjc0MGVhOGJmLzEvS1pyVDl2TXp1N0szVW4wczliRUtDc1lnbjJnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy9hN2ZlYzQtZGYyZC00NWViLTg1MjAtNzNjMjc0MGVhOGJm LzEvRkVOY2Y5eElLSjdGV2ZBZXBSMnNGeVB3a2UwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDBZ7IMA0G CSqGSIb3DQEBCwUAA4IBAQCAbml7Sy+f+CJoz4Kgx7xq90o5Kp+gZYmg7AkmAo3n 5X5XqXe4XOwGhid3hW+8P10f8svt4IxFu94Pf1m523goElQoXIRm1cKW3jwXdBkD y6UNW2Qz/pEbI/8Ll72Z664zPYf3A2TXeNBBP/quAxVQv6UDt8kPezpoP7fJnlvd FZTye4YH1m5KAS2g2/jgd13k0Jmj1PYLjB3nTpo8aqLcvQahRYFT+lrX91K/bM+G 7tCbKVf2bTTaMfbMn9G7vMJGP8C9PLdJ7qxE6fpf8COxqv4S4VIQ/5H25KedeUcp cBTd1Onbt8DhvLAXdZS7V/0FjcgonuCQqq03y2UHkvCB -----END CERTIFICATE-----Generated at Mon Feb 9 21:01:39 2026 by rpki-client