This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/afbb62-0098-42b3-81ae-f0bb2e15f6d0/1/KbzoEmier03k-bAxooHX4fi4kAg.roa File: KbzoEmier03k-bAxooHX4fi4kAg.roa (raw, json) Hash identifier: Oe86JI/m3KNCvkhgJcf9jSdxx7AK1v05tkIkcxRpnrM= Subject key identifier: 29:BC:E8:12:68:9E:AF:4D:E4:F9:B0:31:A2:81:D7:E1:F8:B8:90:08 Certificate issuer: /CN=e57731ea857b903aa40a8e5fd8d88446505b5233 Certificate serial: 019B7834ADE6B8C1698F93E8E9F0B39ED678 Authority key identifier: E5:77:31:EA:85:7B:90:3A:A4:0A:8E:5F:D8:D8:84:46:50:5B:52:33 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Xcx6oV7kDqkCo5f2NiERlBbUjM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/afbb62-0098-42b3-81ae-f0bb2e15f6d0/1/KbzoEmier03k-bAxooHX4fi4kAg.roa Signing time: Thu 01 Jan 2026 06:17:56 +0000 ROA not before: Thu 01 Jan 2026 06:17:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 7046 IP address blocks: 193.67.192.0/20 maxlen: 20 193.67.192.0/22 maxlen: 22 193.67.200.0/24 maxlen: 24 193.67.201.0/24 maxlen: 24 193.67.206.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/afbb62-0098-42b3-81ae-f0bb2e15f6d0/1/5Xcx6oV7kDqkCo5f2NiERlBbUjM.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/afbb62-0098-42b3-81ae-f0bb2e15f6d0/1/5Xcx6oV7kDqkCo5f2NiERlBbUjM.mft rsync://rpki.ripe.net/repository/DEFAULT/5Xcx6oV7kDqkCo5f2NiERlBbUjM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:ad:e6:b8:c1:69:8f:93:e8:e9:f0:b3:9e:d6:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e57731ea857b903aa40a8e5fd8d88446505b5233 Validity Not Before: Jan 1 06:17:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=29bce812689eaf4de4f9b031a281d7e1f8b89008 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:64:60:89:9a:f1:06:1d:ad:0f:a2:ee:5c:af: 0c:9c:67:89:24:63:b8:e6:1d:20:b2:bc:73:13:a2: 8a:b0:5d:f7:5b:70:c6:7e:0e:4f:9f:9e:aa:e0:1a: a9:af:d7:60:7c:e6:c7:0e:36:34:81:de:9b:8a:94: 67:05:d2:41:e1:19:6e:b0:04:31:13:f4:53:a7:a2: 8a:90:73:6e:d6:da:69:61:8d:62:83:9e:a4:72:d5: d5:73:e4:d8:2d:9b:69:d1:32:3a:59:3d:be:bc:af: bc:17:b8:aa:91:9e:ed:5f:7d:ee:b7:7a:a3:32:fa: 24:ab:9f:4d:83:39:9f:e1:3d:24:0a:82:c7:7e:72: 1b:0c:6d:e5:c8:8c:49:fb:60:d8:fd:61:1f:3b:05: 20:58:c3:51:20:f5:bd:14:74:ef:83:2b:14:cc:c2: 14:8f:ca:f2:c0:cb:28:8a:d1:d8:e6:a4:ce:b8:b1: 3e:58:c5:97:b0:70:5f:9e:77:6c:fe:89:82:9d:c6: 8f:28:46:42:db:44:f7:1e:c8:35:21:5e:15:3d:a6: 45:2d:3e:cc:bd:b3:17:87:18:c6:cd:0d:55:aa:92: cc:f9:00:06:75:74:08:61:6b:79:52:51:f6:37:f8: c7:9a:46:bf:01:6c:1b:13:6c:29:50:48:cf:86:f6: 48:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:BC:E8:12:68:9E:AF:4D:E4:F9:B0:31:A2:81:D7:E1:F8:B8:90:08 X509v3 Authority Key Identifier: keyid:E5:77:31:EA:85:7B:90:3A:A4:0A:8E:5F:D8:D8:84:46:50:5B:52:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Xcx6oV7kDqkCo5f2NiERlBbUjM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/afbb62-0098-42b3-81ae-f0bb2e15f6d0/1/KbzoEmier03k-bAxooHX4fi4kAg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/afbb62-0098-42b3-81ae-f0bb2e15f6d0/1/5Xcx6oV7kDqkCo5f2NiERlBbUjM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.67.192.0/20 Signature Algorithm: sha256WithRSAEncryption 40:0b:16:aa:74:6d:0d:99:66:16:db:9e:11:b4:11:a4:23:9a: 05:2c:c3:76:55:e2:65:20:42:a0:26:ef:5f:8c:c9:51:8c:ea: 35:1f:ff:df:74:43:c7:aa:53:e2:3c:9b:04:66:59:3e:81:e4: 43:75:2b:f7:e8:aa:f7:67:35:fb:32:00:5c:ae:fd:17:2f:1e: df:f1:2e:60:f8:7e:31:c4:28:dc:a4:62:74:47:69:2c:13:b5: 4b:82:c3:c3:75:87:24:06:90:0d:5a:de:a0:df:4a:d0:d5:a7: 7c:37:17:56:8b:7b:0d:c9:37:0b:3a:68:1b:ff:24:b4:50:9f: d7:c5:a4:65:4c:03:b0:1c:42:d6:01:b9:a4:72:77:67:c2:c6: 6d:64:2d:63:3d:a6:af:5c:60:ac:1b:ce:17:29:d2:fb:63:94: 1d:de:0f:8f:eb:f7:34:10:b8:23:0d:25:ef:46:72:e3:b8:a0: 2a:e7:0e:19:78:43:44:39:20:2e:2a:43:01:fb:43:0c:7b:0c: e3:4d:ff:78:69:42:5d:31:5e:10:0f:a5:88:a3:a5:d5:0c:a9: 6b:6d:dd:0a:73:7c:4f:97:71:a2:1d:bf:16:eb:89:13:8f:f0: 01:b2:0c:0d:44:a0:e2:ec:86:63:e5:43:1b:3f:3a:fd:33:ac: a0:68:f4:62 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4NK3muMFpj5Po6fCzntZ4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU1NzczMWVhODU3YjkwM2FhNDBhOGU1ZmQ4ZDg4NDQ2NTA1 YjUyMzMwHhcNMjYwMTAxMDYxNzU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOWJjZTgxMjY4OWVhZjRkZTRmOWIwMzFhMjgxZDdlMWY4Yjg5MDA4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2WRgiZrxBh2tD6LuXK8MnGeJJGO4 5h0gsrxzE6KKsF33W3DGfg5Pn56q4Bqpr9dgfObHDjY0gd6bipRnBdJB4RlusAQx E/RTp6KKkHNu1tppYY1ig56kctXVc+TYLZtp0TI6WT2+vK+8F7iqkZ7tX33ut3qj Mvokq59Ngzmf4T0kCoLHfnIbDG3lyIxJ+2DY/WEfOwUgWMNRIPW9FHTvgysUzMIU j8rywMsoitHY5qTOuLE+WMWXsHBfnnds/omCncaPKEZC20T3Hsg1IV4VPaZFLT7M vbMXhxjGzQ1VqpLM+QAGdXQIYWt5UlH2N/jHmka/AWwbE2wpUEjPhvZIEQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCm86BJonq9N5PmwMaKB1+H4uJAIMB8GA1UdIwQY MBaAFOV3MeqFe5A6pAqOX9jYhEZQW1IzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNVhjeDZvVjdrRHFrQ281ZjJOaUVSbEJiVWpNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hZmJiNjItMDA5OC00MmIzLTgxYWUt ZjBiYjJlMTVmNmQwLzEvS2J6b0VtaWVyMDNrLWJBeG9vSFg0Zmk0a0FnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS9hZmJiNjItMDA5OC00MmIzLTgxYWUtZjBiYjJlMTVmNmQw LzEvNVhjeDZvVjdrRHFrQ281ZjJOaUVSbEJiVWpNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwUPAMA0G CSqGSIb3DQEBCwUAA4IBAQBACxaqdG0NmWYW254RtBGkI5oFLMN2VeJlIEKgJu9f jMlRjOo1H//fdEPHqlPiPJsEZlk+geRDdSv36Kr3ZzX7MgBcrv0XLx7f8S5g+H4x xCjcpGJ0R2ksE7VLgsPDdYckBpANWt6g30rQ1ad8NxdWi3sNyTcLOmgb/yS0UJ/X xaRlTAOwHELWAbmkcndnwsZtZC1jPaavXGCsG84XKdL7Y5Qd3g+P6/c0ELgjDSXv RnLjuKAq5w4ZeENEOSAuKkMB+0MMewzjTf94aUJdMV4QD6WIo6XVDKlrbd0Kc3xP l3GiHb8W64kTj/ABsgwNRKDi7IZj5UMbPzr9M6ygaPRi -----END CERTIFICATE-----Generated at Sun Jan 11 21:00:04 2026 by rpki-client