This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/kDLKjIiCuOiqM3cdLfWCypBFAzQ.roa File: kDLKjIiCuOiqM3cdLfWCypBFAzQ.roa (raw, json) Hash identifier: OL6BLkai75AT2at+tZeyB57YDWVsYird2wT7zqooM8Q= Subject key identifier: 90:32:CA:8C:88:82:B8:E8:AA:33:77:1D:2D:F5:82:CA:90:45:03:34 Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb Certificate serial: 019B7758E991186B43762B5F684135982B03 Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/kDLKjIiCuOiqM3cdLfWCypBFAzQ.roa Signing time: Thu 01 Jan 2026 02:17:54 +0000 ROA not before: Thu 01 Jan 2026 02:17:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62387 IP address blocks: 5.1.79.0/24 maxlen: 24 2a00:f826:11::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.mft rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 14:02:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:e9:91:18:6b:43:76:2b:5f:68:41:35:98:2b:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb Validity Not Before: Jan 1 02:17:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9032ca8c8882b8e8aa33771d2df582ca90450334 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:b1:e9:b4:d4:a2:b6:ba:f6:72:cd:6c:39:73: 3e:f4:f4:6b:15:23:c3:b6:a4:af:17:13:ba:71:5c: db:92:05:24:e5:c7:de:37:23:d0:90:65:7b:0a:15: a4:7a:76:f3:9f:0b:24:a9:34:cf:00:bc:51:5e:c8: 19:83:64:94:be:82:a7:dc:f1:08:8f:78:6c:a5:9f: 3c:fb:c8:79:34:02:57:52:eb:16:a9:68:8f:1b:51: 68:ce:95:63:96:08:25:be:e3:c6:36:eb:10:23:0e: e6:c7:bf:07:3d:dc:2c:dc:1a:b2:a2:82:2b:c0:b1: 66:73:5b:7f:c0:e5:5f:27:a5:0c:40:15:73:ce:03: c0:d5:e6:72:ea:38:49:c5:63:e1:65:0c:ea:e9:9d: ff:6e:08:51:2d:6c:6c:08:9d:74:0b:ea:65:5f:33: 8b:66:74:4f:34:e5:5d:b3:7d:59:a4:a8:b2:f5:6c: 5f:c3:b7:b9:f9:e1:56:ec:8d:23:e9:da:1c:c3:97: 01:51:70:8e:d8:e0:5d:3c:c7:cd:17:2e:e5:00:4b: b7:d7:03:be:dc:34:b4:b7:81:40:76:56:49:8d:95: 22:db:85:43:45:b6:bb:37:77:0c:cd:dd:1b:f3:98: bf:b5:96:80:f4:d0:53:bf:53:60:85:78:9d:e2:c6: d1:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:32:CA:8C:88:82:B8:E8:AA:33:77:1D:2D:F5:82:CA:90:45:03:34 X509v3 Authority Key Identifier: keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/kDLKjIiCuOiqM3cdLfWCypBFAzQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.1.79.0/24 IPv6: 2a00:f826:11::/48 Signature Algorithm: sha256WithRSAEncryption 4e:17:73:44:f9:2d:41:74:0c:5c:9d:f9:20:c2:91:5b:2b:59: fe:9d:8a:24:e2:f0:c1:d1:0a:88:28:b8:90:fe:cc:05:3e:4c: 0e:45:c5:b7:31:59:8e:10:79:68:2d:09:73:d0:43:bf:8a:4a: f4:43:27:1e:ad:35:f3:d8:08:4f:7e:1f:e9:8e:c8:77:c5:ac: 6e:25:02:e1:bf:df:96:3d:68:40:1e:e7:1e:97:4b:3c:12:9e: b7:01:cf:7b:e4:c5:83:be:58:ef:22:65:0f:4a:a7:ef:99:84: d6:93:03:14:7f:8f:00:4b:fa:f4:14:ba:7e:37:f3:71:0d:f4: a9:2c:a5:01:5c:dd:47:9b:4c:ec:96:4b:31:d7:bf:ab:98:3b: 1a:41:d2:d1:69:e8:9c:67:b6:60:45:9d:ed:da:eb:d6:13:6d: 80:b6:ed:98:1d:82:6f:d3:88:a1:c6:7e:1a:93:0e:d2:c4:73: 3e:36:34:e9:fa:1f:95:3c:b0:02:1e:b3:ef:48:36:e2:1f:c9: 91:80:d6:7b:2c:b9:ea:ec:d2:e0:fb:fd:56:e0:f8:da:43:b8: dd:77:fb:8d:96:b4:31:68:0b:b9:b3:ad:f8:bb:eb:3e:2b:a2: 73:6e:e4:bf:89:f7:f0:e8:b6:c8:13:f4:d7:95:71:cf:88:c7: 15:76:7f:3c -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt3WOmRGGtDditfaEE1mCsDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi MGZhZGIwHhcNMjYwMTAxMDIxNzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MDMyY2E4Yzg4ODJiOGU4YWEzMzc3MWQyZGY1ODJjYTkwNDUwMzM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7HptNSitrr2cs1sOXM+9PRrFSPD tqSvFxO6cVzbkgUk5cfeNyPQkGV7ChWkenbznwskqTTPALxRXsgZg2SUvoKn3PEI j3hspZ88+8h5NAJXUusWqWiPG1FozpVjlgglvuPGNusQIw7mx78HPdws3BqyooIr wLFmc1t/wOVfJ6UMQBVzzgPA1eZy6jhJxWPhZQzq6Z3/bghRLWxsCJ10C+plXzOL ZnRPNOVds31ZpKiy9Wxfw7e5+eFW7I0j6docw5cBUXCO2OBdPMfNFy7lAEu31wO+ 3DS0t4FAdlZJjZUi24VDRba7N3cMzd0b85i/tZaA9NBTv1NghXid4sbRIQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFJAyyoyIgrjoqjN3HS31gsqQRQM0MB8GA1UdIwQY MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt NThiMzhmNWFjODBiLzEva0RMS2pJaUN1T2lxTTNjZExmV0N5cEJGQXpRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQABQFPMA8E AgACMAkDBwAqAPgmABEwDQYJKoZIhvcNAQELBQADggEBAE4Xc0T5LUF0DFyd+SDC kVsrWf6diiTi8MHRCogouJD+zAU+TA5FxbcxWY4QeWgtCXPQQ7+KSvRDJx6tNfPY CE9+H+mOyHfFrG4lAuG/35Y9aEAe5x6XSzwSnrcBz3vkxYO+WO8iZQ9Kp++ZhNaT AxR/jwBL+vQUun4383EN9KkspQFc3UebTOyWSzHXv6uYOxpB0tFp6JxntmBFne3a 69YTbYC27Zgdgm/TiKHGfhqTDtLEcz42NOn6H5U8sAIes+9INuIfyZGA1nssuers 0uD7/Vbg+NpDuN13+42WtDFoC7mzrfi76z4ronNu5L+J9/DotsgT9NeVcc+IxxV2 fzw= -----END CERTIFICATE-----Generated at Wed Jan 21 00:03:47 2026 by rpki-client