This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/kjiD6TFqmxMVqOnqt0_0GLgSRcU.roa File: kjiD6TFqmxMVqOnqt0_0GLgSRcU.roa (raw, json) Hash identifier: AZdOF+iEUNNu4fK6OeoAbtGKKK0ZCVUm4ff6O264PE4= Subject key identifier: 92:38:83:E9:31:6A:9B:13:15:A8:E9:EA:B7:4F:F4:18:B8:12:45:C5 Certificate issuer: /CN=c1b050211219d18e996e086cb7f6309178804860 Certificate serial: 019B7E373DF409F83A6AB7C4959B81285E08 Authority key identifier: C1:B0:50:21:12:19:D1:8E:99:6E:08:6C:B7:F6:30:91:78:80:48:60 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wbBQIRIZ0Y6Zbghst_YwkXiASGA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/kjiD6TFqmxMVqOnqt0_0GLgSRcU.roa Signing time: Fri 02 Jan 2026 10:18:28 +0000 ROA not before: Fri 02 Jan 2026 10:18:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 4755 IP address blocks: 89.108.128.0/24 maxlen: 24 89.108.129.0/24 maxlen: 24 89.108.154.0/24 maxlen: 24 89.108.176.0/22 maxlen: 22 89.108.176.0/24 maxlen: 24 212.101.249.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/wbBQIRIZ0Y6Zbghst_YwkXiASGA.crl rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/wbBQIRIZ0Y6Zbghst_YwkXiASGA.mft rsync://rpki.ripe.net/repository/DEFAULT/wbBQIRIZ0Y6Zbghst_YwkXiASGA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:02:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:3d:f4:09:f8:3a:6a:b7:c4:95:9b:81:28:5e:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c1b050211219d18e996e086cb7f6309178804860 Validity Not Before: Jan 2 10:18:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=923883e9316a9b1315a8e9eab74ff418b81245c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:e7:36:89:c2:62:5f:39:6e:84:94:23:57:35: a2:90:08:7a:3b:4d:4a:57:03:74:25:5c:e5:9f:56: 66:49:a2:57:7f:2a:99:92:2e:a0:5a:b2:86:4e:5f: 64:7a:6a:12:20:ab:fb:59:30:6a:62:c8:d9:b3:d0: 77:30:23:32:ea:db:86:05:8b:50:c0:bc:36:0e:6b: db:54:95:e8:d5:ae:ef:a5:43:d5:7a:85:6d:2e:1a: da:27:ba:ac:ab:05:15:31:28:92:fc:9c:34:38:39: 87:d8:7b:04:3b:62:2c:61:7d:65:52:38:e3:c8:88: 43:19:5d:7b:65:e4:11:84:a1:a5:d7:06:bf:3e:4e: f2:d6:4d:21:5e:5a:54:8b:47:c9:93:28:b1:1d:70: c0:90:ff:fd:8e:57:8d:15:c9:06:35:e9:36:03:95: fa:23:43:2b:99:98:a4:df:b5:bc:eb:68:b9:0d:a0: 54:66:da:d5:e0:68:03:40:ad:80:b7:0c:6f:ea:21: 36:fc:ae:08:a3:4c:dd:93:58:46:8d:8f:1c:f2:39: ff:31:e6:86:8b:ea:0a:27:aa:4a:a7:18:ac:b0:89: ff:b9:eb:03:12:02:d5:80:ff:e6:b4:84:50:cc:7d: 76:9b:75:13:11:d6:4e:0f:f5:84:1f:19:1c:3c:c6: 45:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:38:83:E9:31:6A:9B:13:15:A8:E9:EA:B7:4F:F4:18:B8:12:45:C5 X509v3 Authority Key Identifier: keyid:C1:B0:50:21:12:19:D1:8E:99:6E:08:6C:B7:F6:30:91:78:80:48:60 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wbBQIRIZ0Y6Zbghst_YwkXiASGA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/kjiD6TFqmxMVqOnqt0_0GLgSRcU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/wbBQIRIZ0Y6Zbghst_YwkXiASGA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.108.128.0/23 89.108.154.0/24 89.108.176.0/22 212.101.249.0/24 Signature Algorithm: sha256WithRSAEncryption b3:30:f3:e6:29:40:67:46:9f:e1:27:ef:cb:61:52:24:70:e4: f7:47:90:d3:7b:5a:63:2b:83:b9:07:18:ee:a5:90:67:58:fe: 85:c5:a0:b2:f8:8a:08:5f:c5:44:3a:ad:63:e8:f3:f9:57:5b: 23:60:be:81:51:de:86:b7:0b:ad:eb:94:05:c7:9b:45:ee:14: c1:0d:98:17:86:a3:6f:17:68:ed:7c:3d:b7:b1:31:8e:5c:62: 36:47:44:49:66:54:b1:d1:a1:80:84:d2:56:28:54:9d:16:b6: 39:38:da:f8:2c:a1:2a:e3:d4:61:e1:07:94:ca:8f:59:71:c0: 58:f8:5a:be:04:ed:76:8f:d0:45:ff:c1:ca:6f:b2:a9:1e:e4: d5:9a:43:26:e6:0d:22:2c:41:98:d1:5b:82:16:05:b0:18:04: 94:9b:b5:f2:c9:36:dc:33:ea:2b:57:fb:0c:1d:3c:53:a0:77: b1:4f:dd:0d:ec:e8:78:79:9f:61:45:d4:d7:fa:29:d2:a1:8e: 46:0f:20:0f:3b:a1:e6:52:f4:c9:ec:39:76:c2:db:0b:bf:ac: b9:05:31:da:ac:08:86:74:23:a2:24:52:57:9d:1e:cf:14:af: e0:ed:27:a2:ab:29:a7:7b:46:3d:7b:f3:53:98:c7:68:16:55: fe:9d:1b:d2 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt+Nz30Cfg6arfElZuBKF4IMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGMxYjA1MDIxMTIxOWQxOGU5OTZlMDg2Y2I3ZjYzMDkxNzg4 MDQ4NjAwHhcNMjYwMTAyMTAxODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MjM4ODNlOTMxNmE5YjEzMTVhOGU5ZWFiNzRmZjQxOGI4MTI0NWM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuec2icJiXzluhJQjVzWikAh6O01K VwN0JVzln1ZmSaJXfyqZki6gWrKGTl9kemoSIKv7WTBqYsjZs9B3MCMy6tuGBYtQ wLw2DmvbVJXo1a7vpUPVeoVtLhraJ7qsqwUVMSiS/Jw0ODmH2HsEO2IsYX1lUjjj yIhDGV17ZeQRhKGl1wa/Pk7y1k0hXlpUi0fJkyixHXDAkP/9jleNFckGNek2A5X6 I0MrmZik37W862i5DaBUZtrV4GgDQK2Atwxv6iE2/K4Io0zdk1hGjY8c8jn/MeaG i+oKJ6pKpxissIn/uesDEgLVgP/mtIRQzH12m3UTEdZOD/WEHxkcPMZFmQIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFJI4g+kxapsTFajp6rdP9Bi4EkXFMB8GA1UdIwQY MBaAFMGwUCESGdGOmW4IbLf2MJF4gEhgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvd2JCUUlSSVowWTZaYmdoc3RfWXdrWGlBU0dBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8yOGE4ZjMtODg5ZS00NTQ5LWE0NGUt Y2UyMjUxODdmYzM4LzEva2ppRDZURnFteE1WcU9ucXQwXzBHTGdTUmNVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZC8yOGE4ZjMtODg5ZS00NTQ5LWE0NGUtY2UyMjUxODdmYzM4 LzEvd2JCUUlSSVowWTZaYmdoc3RfWXdrWGlBU0dBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBWWyAAwQA WWyaAwQCWWywAwQA1GX5MA0GCSqGSIb3DQEBCwUAA4IBAQCzMPPmKUBnRp/hJ+/L YVIkcOT3R5DTe1pjK4O5BxjupZBnWP6FxaCy+IoIX8VEOq1j6PP5V1sjYL6BUd6G twut65QFx5tF7hTBDZgXhqNvF2jtfD23sTGOXGI2R0RJZlSx0aGAhNJWKFSdFrY5 ONr4LKEq49Rh4QeUyo9ZccBY+Fq+BO12j9BF/8HKb7KpHuTVmkMm5g0iLEGY0VuC FgWwGASUm7XyyTbcM+orV/sMHTxToHexT90N7Oh4eZ9hRdTX+inSoY5GDyAPO6Hm UvTJ7Dl2wtsLv6y5BTHarAiGdCOiJFJXnR7PFK/g7Seiqymne0Y9e/NTmMdoFlX+ nRvS -----END CERTIFICATE-----Generated at Tue Jan 20 02:57:08 2026 by rpki-client