This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/f2fbd8-d6e1-47ad-aa21-147e4572873a/1/KeMni_7tMd8WW03JhhJAoiRDaZc.roa File: KeMni_7tMd8WW03JhhJAoiRDaZc.roa (raw, json) Hash identifier: J+/LqFSqApR1P/gNsOZB6B78O8nvHtR7KNZNBA4Da8s= Subject key identifier: 29:E3:27:8B:FE:ED:31:DF:16:5B:4D:C9:86:12:40:A2:24:43:69:97 Certificate issuer: /CN=af5bc49d5f01a235af9289cf4926affef7af92b0 Certificate serial: 019B7CEDAE2E0A3153398FD5DAD7AA9C1DF0 Authority key identifier: AF:5B:C4:9D:5F:01:A2:35:AF:92:89:CF:49:26:AF:FE:F7:AF:92:B0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r1vEnV8BojWvkonPSSav_vevkrA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/f2fbd8-d6e1-47ad-aa21-147e4572873a/1/KeMni_7tMd8WW03JhhJAoiRDaZc.roa Signing time: Fri 02 Jan 2026 04:18:29 +0000 ROA not before: Fri 02 Jan 2026 04:18:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50673 IP address blocks: 185.254.172.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/f2fbd8-d6e1-47ad-aa21-147e4572873a/1/r1vEnV8BojWvkonPSSav_vevkrA.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/f2fbd8-d6e1-47ad-aa21-147e4572873a/1/r1vEnV8BojWvkonPSSav_vevkrA.mft rsync://rpki.ripe.net/repository/DEFAULT/r1vEnV8BojWvkonPSSav_vevkrA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 04:01:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:ae:2e:0a:31:53:39:8f:d5:da:d7:aa:9c:1d:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af5bc49d5f01a235af9289cf4926affef7af92b0 Validity Not Before: Jan 2 04:18:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=29e3278bfeed31df165b4dc9861240a224436997 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:78:78:e5:dd:93:84:2d:a1:8e:6f:06:6f:e5: 64:a9:f8:40:16:91:e9:43:0a:90:98:1a:b8:3e:5a: e3:6c:e8:65:79:18:36:e1:2d:d9:fc:bf:9b:79:cb: 33:7c:9c:db:22:c5:af:08:c7:27:3b:c1:22:df:e5: 10:37:93:c8:b9:c8:97:a4:4d:d3:0c:77:47:5d:68: 65:9e:a1:2a:90:95:d1:11:2d:e9:8a:4d:11:fe:72: 60:db:42:c3:69:a5:bb:34:1a:52:53:7d:b5:6f:d9: bd:46:d8:11:57:11:ed:72:b2:51:b8:b8:c4:a3:8e: 36:45:52:4a:15:7e:b9:23:65:0f:7f:d0:dc:41:18: d9:56:ff:d8:8c:58:99:ed:be:36:58:8c:d7:bb:ee: e8:df:a1:32:0c:24:2c:09:3f:b5:be:f1:fc:2c:7f: 94:90:86:b4:a9:a4:2e:11:6c:da:ac:76:7e:f4:ea: f7:c1:55:d1:2a:34:a6:f4:a7:c7:1e:9e:1e:83:9b: dc:79:a6:3e:64:b3:a1:b2:42:58:2d:58:d7:2d:d8: 1d:9b:02:c9:2f:5d:61:86:28:05:1f:ef:37:93:e7: 09:d5:db:14:17:03:49:da:58:b4:fd:34:f0:a0:5e: eb:a4:75:af:67:82:96:fe:2c:3f:0f:d2:91:bd:d7: bd:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:E3:27:8B:FE:ED:31:DF:16:5B:4D:C9:86:12:40:A2:24:43:69:97 X509v3 Authority Key Identifier: keyid:AF:5B:C4:9D:5F:01:A2:35:AF:92:89:CF:49:26:AF:FE:F7:AF:92:B0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r1vEnV8BojWvkonPSSav_vevkrA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/f2fbd8-d6e1-47ad-aa21-147e4572873a/1/KeMni_7tMd8WW03JhhJAoiRDaZc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/f2fbd8-d6e1-47ad-aa21-147e4572873a/1/r1vEnV8BojWvkonPSSav_vevkrA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.254.172.0/22 Signature Algorithm: sha256WithRSAEncryption 6a:8f:bd:9d:40:fc:6d:5a:58:f2:a2:75:cf:9d:88:0b:f4:bd: a1:35:4e:0e:6f:f4:45:11:5c:c8:57:44:dc:09:30:44:1c:91: 1a:07:78:50:79:4e:55:d9:c6:24:f9:6d:3a:c9:8d:fc:56:6d: bf:55:ad:97:f5:53:f4:95:0e:74:90:af:20:1d:7c:05:d5:29: d2:f7:07:75:12:12:bf:34:f2:6f:16:99:73:c3:51:6b:e6:7f: 44:17:59:ba:a0:36:07:0a:97:e0:72:dd:40:fc:b6:fa:93:26: 7b:16:15:d8:29:a1:b2:a1:b3:f7:bb:08:87:30:39:9e:ca:8f: 03:4b:db:fc:c4:70:cd:9e:8a:06:06:9f:e3:3d:9f:77:84:ca: fa:7f:22:8e:25:dc:7b:b0:17:ea:58:a1:21:48:ef:23:4f:40: 86:ea:cd:ee:e8:89:6b:3b:8b:24:b3:05:bb:9a:00:ed:cc:78: 22:b1:33:6c:69:b1:60:cd:2f:ee:7c:15:5c:23:a4:3c:c8:d4: 77:8e:e1:24:d9:f4:2c:47:93:8a:14:f8:79:d5:a0:f3:c4:d7: c8:c6:31:e3:ed:ff:d2:5c:4e:21:15:ad:b4:f3:49:9b:b5:5a: 04:84:b7:d6:c4:ec:44:c5:42:ee:8b:52:98:2c:aa:dc:46:2a: 38:c8:ce:70 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt87a4uCjFTOY/V2teqnB3wMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmNWJjNDlkNWYwMWEyMzVhZjkyODljZjQ5MjZhZmZlZjdh ZjkyYjAwHhcNMjYwMTAyMDQxODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOWUzMjc4YmZlZWQzMWRmMTY1YjRkYzk4NjEyNDBhMjI0NDM2OTk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Xh45d2ThC2hjm8Gb+VkqfhAFpHp QwqQmBq4PlrjbOhleRg24S3Z/L+becszfJzbIsWvCMcnO8Ei3+UQN5PIuciXpE3T DHdHXWhlnqEqkJXRES3pik0R/nJg20LDaaW7NBpSU321b9m9RtgRVxHtcrJRuLjE o442RVJKFX65I2UPf9DcQRjZVv/YjFiZ7b42WIzXu+7o36EyDCQsCT+1vvH8LH+U kIa0qaQuEWzarHZ+9Or3wVXRKjSm9KfHHp4eg5vceaY+ZLOhskJYLVjXLdgdmwLJ L11hhigFH+83k+cJ1dsUFwNJ2li0/TTwoF7rpHWvZ4KW/iw/D9KRvde90wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCnjJ4v+7THfFltNyYYSQKIkQ2mXMB8GA1UdIwQY MBaAFK9bxJ1fAaI1r5KJz0kmr/73r5KwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcjF2RW5WOEJvald2a29uUFNTYXZfdmV2a3JBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9mMmZiZDgtZDZlMS00N2FkLWFhMjEt MTQ3ZTQ1NzI4NzNhLzEvS2VNbmlfN3RNZDhXVzAzSmhoSkFvaVJEYVpjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC9mMmZiZDgtZDZlMS00N2FkLWFhMjEtMTQ3ZTQ1NzI4NzNh LzEvcjF2RW5WOEJvald2a29uUFNTYXZfdmV2a3JBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuf6sMA0G CSqGSIb3DQEBCwUAA4IBAQBqj72dQPxtWljyonXPnYgL9L2hNU4Ob/RFEVzIV0Tc CTBEHJEaB3hQeU5V2cYk+W06yY38Vm2/Va2X9VP0lQ50kK8gHXwF1SnS9wd1EhK/ NPJvFplzw1Fr5n9EF1m6oDYHCpfgct1A/Lb6kyZ7FhXYKaGyobP3uwiHMDmeyo8D S9v8xHDNnooGBp/jPZ93hMr6fyKOJdx7sBfqWKEhSO8jT0CG6s3u6IlrO4skswW7 mgDtzHgisTNsabFgzS/ufBVcI6Q8yNR3juEk2fQsR5OKFPh51aDzxNfIxjHj7f/S XE4hFa2080mbtVoEhLfWxOxExULui1KYLKrcRio4yM5w -----END CERTIFICATE-----Generated at Sun Jan 11 11:45:48 2026 by rpki-client