This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/1298e1-a1e4-4abc-ab1f-649d25a95907/1/kNl2FH2h1RUbk8aiFoOzXqbZfiE.roa File: kNl2FH2h1RUbk8aiFoOzXqbZfiE.roa (raw, json) Hash identifier: 75YFC9si8AQdOYzNPqXE8Vynriw8AkUBVZlHIzni5SA= Subject key identifier: 90:D9:76:14:7D:A1:D5:15:1B:93:C6:A2:16:83:B3:5E:A6:D9:7E:21 Certificate issuer: /CN=29f3424664725d5820baa782713143a3307691f3 Certificate serial: 019B7910A3AD228F47D0D3CF72D916CFC88F Authority key identifier: 29:F3:42:46:64:72:5D:58:20:BA:A7:82:71:31:43:A3:30:76:91:F3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KfNCRmRyXVgguqeCcTFDozB2kfM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/1298e1-a1e4-4abc-ab1f-649d25a95907/1/kNl2FH2h1RUbk8aiFoOzXqbZfiE.roa Signing time: Thu 01 Jan 2026 10:18:12 +0000 ROA not before: Thu 01 Jan 2026 10:18:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43312 IP address blocks: 91.200.124.0/22 maxlen: 22 193.201.216.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/1298e1-a1e4-4abc-ab1f-649d25a95907/1/KfNCRmRyXVgguqeCcTFDozB2kfM.crl rsync://rpki.ripe.net/repository/DEFAULT/cf/1298e1-a1e4-4abc-ab1f-649d25a95907/1/KfNCRmRyXVgguqeCcTFDozB2kfM.mft rsync://rpki.ripe.net/repository/DEFAULT/KfNCRmRyXVgguqeCcTFDozB2kfM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 19:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:a3:ad:22:8f:47:d0:d3:cf:72:d9:16:cf:c8:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29f3424664725d5820baa782713143a3307691f3 Validity Not Before: Jan 1 10:18:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=90d976147da1d5151b93c6a21683b35ea6d97e21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:90:35:b1:83:db:db:bc:52:52:27:04:bc:28: f9:21:0b:73:4f:f0:60:06:05:74:05:89:89:df:76: 9c:d2:75:66:1e:b9:b2:a1:bf:69:18:fc:31:b9:47: a1:9f:5b:6e:db:82:8e:a8:d3:3a:a2:5e:07:04:37: 5c:84:77:4f:92:41:02:a9:a8:f7:4b:88:50:99:ab: 61:ab:94:6a:50:a9:23:11:26:1b:9f:e0:3e:07:a8: 23:a1:78:62:b1:0d:ee:a9:81:cc:53:d1:5f:6a:b8: 17:79:9c:36:66:cc:61:a6:51:b8:4e:b5:cc:18:cb: 45:22:60:89:47:30:6d:ee:37:ad:f8:e2:3d:d7:0b: a2:6e:30:5e:97:cc:57:01:4d:9c:24:21:02:57:b0: 20:59:ee:7e:67:d5:7b:dd:97:23:6f:ed:e0:27:00: fc:ac:73:e0:d8:c9:59:2a:ba:ef:8c:ac:9c:d1:86: e6:c9:fb:d9:13:b8:27:78:6c:d0:e8:44:30:54:1e: a7:7c:eb:23:87:c0:d6:97:06:df:ca:a8:4d:2f:7c: 5f:b2:bf:57:f2:f9:7f:c6:d9:58:7b:7a:05:f3:c2: 19:7f:33:1e:57:ac:b8:64:23:47:8d:ce:ee:29:f5: fe:7b:46:77:4c:b7:30:6b:b1:fb:34:f0:31:12:d5: 55:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:D9:76:14:7D:A1:D5:15:1B:93:C6:A2:16:83:B3:5E:A6:D9:7E:21 X509v3 Authority Key Identifier: keyid:29:F3:42:46:64:72:5D:58:20:BA:A7:82:71:31:43:A3:30:76:91:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfNCRmRyXVgguqeCcTFDozB2kfM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/1298e1-a1e4-4abc-ab1f-649d25a95907/1/kNl2FH2h1RUbk8aiFoOzXqbZfiE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/1298e1-a1e4-4abc-ab1f-649d25a95907/1/KfNCRmRyXVgguqeCcTFDozB2kfM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.200.124.0/22 193.201.216.0/22 Signature Algorithm: sha256WithRSAEncryption 9d:e4:46:06:b4:9c:94:56:02:d7:1e:fd:6d:94:8f:7e:9a:3e: b3:e9:e1:de:39:d5:44:70:2b:fa:e2:93:3c:ad:f4:85:ef:9c: 40:d1:4c:91:4a:99:3e:02:5d:3e:6e:8d:6b:1c:87:c8:fc:33: 60:d7:c7:a7:88:73:43:b4:dc:20:59:bf:9f:cc:de:c2:ce:d8: ae:a5:7f:b9:ba:38:9f:50:63:21:16:51:4c:c4:37:81:ce:84: a6:ff:27:6b:a6:6e:a3:e8:bd:39:d3:b2:35:43:3d:0d:bd:e5: 94:bf:7d:f9:e5:98:b0:65:a3:16:a0:31:9c:8b:85:bc:0e:06: fd:fb:54:00:24:ec:c5:6a:cb:4f:26:89:e2:4f:73:ad:17:22: 90:75:da:70:a4:4d:a0:89:aa:6e:62:6b:c3:7a:22:36:12:b6: d7:1f:6f:ee:34:2a:23:aa:7f:6f:63:f2:b6:13:15:c9:65:82: 49:da:29:c3:01:18:d1:a2:73:4b:88:6d:0a:2f:1c:ac:0a:ab: ea:c2:03:54:e3:0d:b0:2c:6c:f0:44:95:5d:c2:f4:35:a6:0e: 07:59:f8:ea:c6:79:07:73:f0:dd:0d:1c:58:fb:97:6c:78:e9: 9a:60:53:03:2a:c0:9f:fb:9f:cc:2c:04:70:0d:35:ae:a5:9c: b4:57:ed:0a -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5EKOtIo9H0NPPctkWz8iPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5ZjM0MjQ2NjQ3MjVkNTgyMGJhYTc4MjcxMzE0M2EzMzA3 NjkxZjMwHhcNMjYwMTAxMTAxODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MGQ5NzYxNDdkYTFkNTE1MWI5M2M2YTIxNjgzYjM1ZWE2ZDk3ZTIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpA1sYPb27xSUicEvCj5IQtzT/Bg BgV0BYmJ33ac0nVmHrmyob9pGPwxuUehn1tu24KOqNM6ol4HBDdchHdPkkECqaj3 S4hQmathq5RqUKkjESYbn+A+B6gjoXhisQ3uqYHMU9FfargXeZw2ZsxhplG4TrXM GMtFImCJRzBt7jet+OI91wuibjBel8xXAU2cJCECV7AgWe5+Z9V73Zcjb+3gJwD8 rHPg2MlZKrrvjKyc0YbmyfvZE7gneGzQ6EQwVB6nfOsjh8DWlwbfyqhNL3xfsr9X 8vl/xtlYe3oF88IZfzMeV6y4ZCNHjc7uKfX+e0Z3TLcwa7H7NPAxEtVVNQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFJDZdhR9odUVG5PGohaDs16m2X4hMB8GA1UdIwQY MBaAFCnzQkZkcl1YILqngnExQ6MwdpHzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2ZOQ1JtUnlYVmdndXFlQ2NURkRvekIya2ZNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8xMjk4ZTEtYTFlNC00YWJjLWFiMWYt NjQ5ZDI1YTk1OTA3LzEva05sMkZIMmgxUlViazhhaUZvT3pYcWJaZmlFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZi8xMjk4ZTEtYTFlNC00YWJjLWFiMWYtNjQ5ZDI1YTk1OTA3 LzEvS2ZOQ1JtUnlYVmdndXFlQ2NURkRvekIya2ZNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8h8AwQC wcnYMA0GCSqGSIb3DQEBCwUAA4IBAQCd5EYGtJyUVgLXHv1tlI9+mj6z6eHeOdVE cCv64pM8rfSF75xA0UyRSpk+Al0+bo1rHIfI/DNg18eniHNDtNwgWb+fzN7Cztiu pX+5ujifUGMhFlFMxDeBzoSm/ydrpm6j6L0507I1Qz0NveWUv3355ZiwZaMWoDGc i4W8Dgb9+1QAJOzFastPJoniT3OtFyKQddpwpE2giapuYmvDeiI2ErbXH2/uNCoj qn9vY/K2ExXJZYJJ2inDARjRonNLiG0KLxysCqvqwgNU4w2wLGzwRJVdwvQ1pg4H WfjqxnkHc/DdDRxY+5dseOmaYFMDKsCf+5/MLARwDTWupZy0V+0K -----END CERTIFICATE-----Generated at Tue Feb 10 02:22:42 2026 by rpki-client