This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/1f74e4-dc68-4b2e-8eb1-7b8d7ee9f411/1/kon4zfs2HtDhvjqeOBwf_dgUsWY.roa File: kon4zfs2HtDhvjqeOBwf_dgUsWY.roa (raw, json) Hash identifier: 12l1CUBpxL/JHum213e97OtzfcKLInprTcMxMlTQ8tk= Subject key identifier: 92:89:F8:CD:FB:36:1E:D0:E1:BE:3A:9E:38:1C:1F:FD:D8:14:B1:66 Certificate issuer: /CN=80e6205c2a210f57fb71f27f3c4baaeb53dd5e33 Certificate serial: 019B7AC7FCECCFE98AA60ECEFE7BB1F9D567 Authority key identifier: 80:E6:20:5C:2A:21:0F:57:FB:71:F2:7F:3C:4B:AA:EB:53:DD:5E:33 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gOYgXCohD1f7cfJ_PEuq61PdXjM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/1f74e4-dc68-4b2e-8eb1-7b8d7ee9f411/1/kon4zfs2HtDhvjqeOBwf_dgUsWY.roa Signing time: Thu 01 Jan 2026 18:18:05 +0000 ROA not before: Thu 01 Jan 2026 18:18:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8685 IP address blocks: 91.208.70.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/1f74e4-dc68-4b2e-8eb1-7b8d7ee9f411/1/gOYgXCohD1f7cfJ_PEuq61PdXjM.crl rsync://rpki.ripe.net/repository/DEFAULT/cd/1f74e4-dc68-4b2e-8eb1-7b8d7ee9f411/1/gOYgXCohD1f7cfJ_PEuq61PdXjM.mft rsync://rpki.ripe.net/repository/DEFAULT/gOYgXCohD1f7cfJ_PEuq61PdXjM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 03:01:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:fc:ec:cf:e9:8a:a6:0e:ce:fe:7b:b1:f9:d5:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=80e6205c2a210f57fb71f27f3c4baaeb53dd5e33 Validity Not Before: Jan 1 18:18:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9289f8cdfb361ed0e1be3a9e381c1ffdd814b166 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:c2:6b:51:6b:44:33:fd:e3:81:ee:c0:50:09: 75:78:34:e5:62:bb:b9:16:84:71:4b:a2:eb:5e:94: fb:75:b1:a3:0c:39:68:8d:25:94:fd:f0:a2:09:34: 50:2a:c4:11:3d:25:f6:57:15:7a:7d:e1:89:36:a3: 8d:9c:ad:4a:d1:c9:62:3c:24:be:03:ba:2e:74:00: 9e:cb:36:3a:cf:b2:1d:4a:0d:12:67:14:5f:9d:f0: 6c:33:88:bf:a8:0a:93:8d:eb:3f:98:cf:b0:d4:99: d5:e5:f8:4a:18:79:2b:58:52:82:51:24:55:db:d8: ac:b8:c7:82:3e:96:e3:0b:71:91:17:37:d6:4d:15: cc:67:fe:5f:1f:9e:a4:bb:56:92:bb:dd:0c:40:c6: 25:75:b5:ea:4c:ae:25:4b:7c:7d:91:c0:9a:50:c2: ba:5d:50:0c:6d:9a:05:67:05:85:ca:28:18:d6:75: 27:df:d2:8d:7a:12:4e:1e:43:61:55:ec:f2:b7:f9: e7:ec:cf:c8:55:e2:d2:a8:ae:b5:82:99:8f:92:9e: fa:1c:08:cc:86:02:1f:71:33:f7:41:55:ee:d3:54: a7:9c:80:42:2b:83:29:52:aa:e8:22:08:c5:fd:bb: cd:6c:77:e6:98:11:23:83:28:e4:83:db:b1:83:84: a1:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:89:F8:CD:FB:36:1E:D0:E1:BE:3A:9E:38:1C:1F:FD:D8:14:B1:66 X509v3 Authority Key Identifier: keyid:80:E6:20:5C:2A:21:0F:57:FB:71:F2:7F:3C:4B:AA:EB:53:DD:5E:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gOYgXCohD1f7cfJ_PEuq61PdXjM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1f74e4-dc68-4b2e-8eb1-7b8d7ee9f411/1/kon4zfs2HtDhvjqeOBwf_dgUsWY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1f74e4-dc68-4b2e-8eb1-7b8d7ee9f411/1/gOYgXCohD1f7cfJ_PEuq61PdXjM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.208.70.0/24 Signature Algorithm: sha256WithRSAEncryption 51:20:c9:11:85:8f:cb:52:ca:94:84:5c:0b:5f:1c:1f:4d:15: dc:39:b7:a0:17:e3:44:2f:c5:80:ff:49:fc:37:5e:b3:b7:ee: 54:c8:c1:5e:7c:9e:6c:0c:e4:11:3f:08:d0:e5:b3:63:ea:fd: db:e2:07:58:17:db:26:ac:cf:61:b2:e4:50:8a:23:79:47:8a: 1a:81:db:1c:84:8e:5b:e9:1a:77:13:88:fe:f5:3a:8c:2c:6a: ad:eb:95:72:3e:a1:c9:3c:a0:cd:a8:ae:87:04:17:38:f8:91: ba:d4:1d:b9:fb:78:f6:3c:fc:33:cb:63:8a:d2:e7:c8:b2:43: 18:33:d2:75:95:4b:78:eb:19:f3:95:db:58:75:dc:0c:14:3f: 36:44:c5:61:a0:e8:cd:1d:7c:09:c0:84:66:c9:75:57:86:e6: 0a:1c:a7:61:68:00:1e:ff:e2:42:22:14:90:bc:27:01:30:3e: ad:d9:46:24:79:13:86:ca:83:ec:4a:95:d3:70:24:37:81:e6: 36:ee:f6:e2:03:28:21:eb:31:ea:39:21:ba:38:15:0c:21:b4: 49:fb:93:91:33:2a:66:df:48:d5:32:73:aa:e7:70:08:e5:a6: 65:20:83:43:1d:f9:a5:72:c9:b5:8b:b9:f5:61:dd:4f:1c:8c: a2:d5:1b:c6 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6x/zsz+mKpg7O/nux+dVnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgwZTYyMDVjMmEyMTBmNTdmYjcxZjI3ZjNjNGJhYWViNTNk ZDVlMzMwHhcNMjYwMTAxMTgxODA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5Mjg5ZjhjZGZiMzYxZWQwZTFiZTNhOWUzODFjMWZmZGQ4MTRiMTY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8MJrUWtEM/3jge7AUAl1eDTlYru5 FoRxS6LrXpT7dbGjDDlojSWU/fCiCTRQKsQRPSX2VxV6feGJNqONnK1K0cliPCS+ A7oudACeyzY6z7IdSg0SZxRfnfBsM4i/qAqTjes/mM+w1JnV5fhKGHkrWFKCUSRV 29isuMeCPpbjC3GRFzfWTRXMZ/5fH56ku1aSu90MQMYldbXqTK4lS3x9kcCaUMK6 XVAMbZoFZwWFyigY1nUn39KNehJOHkNhVezyt/nn7M/IVeLSqK61gpmPkp76HAjM hgIfcTP3QVXu01SnnIBCK4MpUqroIgjF/bvNbHfmmBEjgyjkg9uxg4ShzQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJKJ+M37Nh7Q4b46njgcH/3YFLFmMB8GA1UdIwQY MBaAFIDmIFwqIQ9X+3HyfzxLqutT3V4zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ09ZZ1hDb2hEMWY3Y2ZKX1BFdXE2MVBkWGpNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8xZjc0ZTQtZGM2OC00YjJlLThlYjEt N2I4ZDdlZTlmNDExLzEva29uNHpmczJIdERodmpxZU9Cd2ZfZGdVc1dZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZC8xZjc0ZTQtZGM2OC00YjJlLThlYjEtN2I4ZDdlZTlmNDEx LzEvZ09ZZ1hDb2hEMWY3Y2ZKX1BFdXE2MVBkWGpNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9BGMA0G CSqGSIb3DQEBCwUAA4IBAQBRIMkRhY/LUsqUhFwLXxwfTRXcObegF+NEL8WA/0n8 N16zt+5UyMFefJ5sDOQRPwjQ5bNj6v3b4gdYF9smrM9hsuRQiiN5R4oagdschI5b 6Rp3E4j+9TqMLGqt65VyPqHJPKDNqK6HBBc4+JG61B25+3j2PPwzy2OK0ufIskMY M9J1lUt46xnzldtYddwMFD82RMVhoOjNHXwJwIRmyXVXhuYKHKdhaAAe/+JCIhSQ vCcBMD6t2UYkeROGyoPsSpXTcCQ3geY27vbiAygh6zHqOSG6OBUMIbRJ+5ORMypm 30jVMnOq53AI5aZlIINDHfmlcsm1i7n1Yd1PHIyi1RvG -----END CERTIFICATE-----Generated at Mon Jan 26 12:55:21 2026 by rpki-client