This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/45f3bc-93c8-4bb9-8d4c-b12d7f892f5b/1/KK6V4tkkGOTlna1jDdLR34C1144.roa File: KK6V4tkkGOTlna1jDdLR34C1144.roa (raw, json) Hash identifier: VJsTur/NQjIjrIZYxVHk28VDPEOKoZ9mo1/7vuIP+oc= Subject key identifier: 28:AE:95:E2:D9:24:18:E4:E5:9D:AD:63:0D:D2:D1:DF:80:B5:D7:8E Certificate issuer: /CN=c42287c68458f980ca9b7c36d61f6af586464b28 Certificate serial: 019B7F15B85142A37B158A0143126FF0F13D Authority key identifier: C4:22:87:C6:84:58:F9:80:CA:9B:7C:36:D6:1F:6A:F5:86:46:4B:28 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCKHxoRY-YDKm3w21h9q9YZGSyg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/45f3bc-93c8-4bb9-8d4c-b12d7f892f5b/1/KK6V4tkkGOTlna1jDdLR34C1144.roa Signing time: Fri 02 Jan 2026 14:21:28 +0000 ROA not before: Fri 02 Jan 2026 14:21:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59414 IP address blocks: 185.72.20.0/23 maxlen: 24 185.72.22.0/23 maxlen: 24 2a05:3d80::/32 maxlen: 48 2a05:3d81::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/45f3bc-93c8-4bb9-8d4c-b12d7f892f5b/1/xCKHxoRY-YDKm3w21h9q9YZGSyg.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/45f3bc-93c8-4bb9-8d4c-b12d7f892f5b/1/xCKHxoRY-YDKm3w21h9q9YZGSyg.mft rsync://rpki.ripe.net/repository/DEFAULT/xCKHxoRY-YDKm3w21h9q9YZGSyg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:01:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:b8:51:42:a3:7b:15:8a:01:43:12:6f:f0:f1:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c42287c68458f980ca9b7c36d61f6af586464b28 Validity Not Before: Jan 2 14:21:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=28ae95e2d92418e4e59dad630dd2d1df80b5d78e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:b1:2d:5c:67:65:48:dc:2a:e0:05:f7:fd:14: b7:f0:9d:99:8a:86:40:f0:46:ca:e6:28:58:28:54: 4c:d9:7d:63:0a:da:37:00:8a:7f:01:92:a1:5a:cf: 20:2b:70:9e:d5:97:17:c6:c1:f6:09:bf:39:2d:ef: 3b:52:51:3d:fb:eb:0f:e4:86:8c:ea:19:3c:00:25: 80:b1:2d:c6:33:60:a7:45:91:67:70:a1:75:4e:e2: 92:9a:d6:d4:dc:2c:b0:95:7c:38:6c:3c:dd:74:b3: f7:8e:fe:76:93:9f:d4:d4:8a:b1:56:f6:da:d6:ce: 84:59:a3:fb:1f:c5:44:83:c9:68:80:fa:50:5b:df: 8b:01:ae:39:a3:3f:15:a9:08:69:d6:3a:40:d1:59: 06:f0:e0:50:f4:54:cf:49:16:59:de:16:67:d7:69: 0b:8c:67:a5:19:4f:ec:26:ca:63:ce:62:45:92:e2: 78:1e:a4:c9:20:b8:82:3e:79:d9:07:5c:7a:ff:38: 56:6e:fa:2f:d0:6f:05:82:0d:a3:3c:e5:c0:da:73: 9d:54:55:38:80:f8:7c:87:c0:34:63:42:2a:29:a7: d4:03:4c:51:a3:df:5d:c8:33:e6:8a:b5:8d:d1:90: 98:82:2b:9e:0e:86:f6:65:e9:71:68:54:c3:7d:33: 99:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:AE:95:E2:D9:24:18:E4:E5:9D:AD:63:0D:D2:D1:DF:80:B5:D7:8E X509v3 Authority Key Identifier: keyid:C4:22:87:C6:84:58:F9:80:CA:9B:7C:36:D6:1F:6A:F5:86:46:4B:28 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCKHxoRY-YDKm3w21h9q9YZGSyg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/45f3bc-93c8-4bb9-8d4c-b12d7f892f5b/1/KK6V4tkkGOTlna1jDdLR34C1144.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/45f3bc-93c8-4bb9-8d4c-b12d7f892f5b/1/xCKHxoRY-YDKm3w21h9q9YZGSyg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.72.20.0/22 IPv6: 2a05:3d80::/31 Signature Algorithm: sha256WithRSAEncryption 8d:82:ff:c9:0a:f4:74:1c:77:e5:51:7e:58:7e:ae:2a:6a:b7: 58:ef:9f:82:db:f8:19:a2:7d:14:b0:ae:7a:38:4e:ce:c8:96: ab:d1:2f:3c:62:3a:3e:b6:a8:4d:39:0d:e2:21:3e:96:4b:5c: 62:65:8e:b7:77:d7:df:bd:35:26:6d:8d:2f:26:e2:7c:8a:b5: a3:ff:69:bd:52:06:41:2d:91:50:26:cb:68:85:bb:5b:7f:9c: 02:86:5b:65:f2:57:e5:5c:3e:ea:6c:eb:c4:02:e7:66:d0:d2: c0:e4:88:29:af:2f:3d:b5:75:fc:44:a3:2f:26:a8:87:a0:8e: 1d:09:6d:53:61:b8:52:ef:e5:b9:28:01:ee:00:2b:ec:0b:1c: 92:bc:7e:3f:68:c5:39:9f:5a:9b:ec:38:00:19:50:df:b4:3e: 06:b0:48:cb:45:c7:1e:52:96:3a:69:e0:09:41:c2:5b:e6:90: 53:e3:16:fe:20:70:80:65:4c:1c:ce:3d:00:e1:4a:a7:4d:50: eb:1c:7a:30:10:7d:b8:0a:8b:da:9d:80:0b:1b:09:d9:04:ef: cb:32:66:15:97:dc:33:4a:52:5c:95:3a:4c:e0:58:70:4e:09: 2e:09:36:bd:89:ab:b1:9e:d9:b9:50:85:60:e6:a7:b2:f5:72: 09:a7:ba:33 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/FbhRQqN7FYoBQxJv8PE9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0MjI4N2M2ODQ1OGY5ODBjYTliN2MzNmQ2MWY2YWY1ODY0 NjRiMjgwHhcNMjYwMTAyMTQyMTI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOGFlOTVlMmQ5MjQxOGU0ZTU5ZGFkNjMwZGQyZDFkZjgwYjVkNzhlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbEtXGdlSNwq4AX3/RS38J2ZioZA 8EbK5ihYKFRM2X1jCto3AIp/AZKhWs8gK3Ce1ZcXxsH2Cb85Le87UlE9++sP5IaM 6hk8ACWAsS3GM2CnRZFncKF1TuKSmtbU3CywlXw4bDzddLP3jv52k5/U1IqxVvba 1s6EWaP7H8VEg8logPpQW9+LAa45oz8VqQhp1jpA0VkG8OBQ9FTPSRZZ3hZn12kL jGelGU/sJspjzmJFkuJ4HqTJILiCPnnZB1x6/zhWbvov0G8Fgg2jPOXA2nOdVFU4 gPh8h8A0Y0IqKafUA0xRo99dyDPmirWN0ZCYgiueDob2ZelxaFTDfTOZhwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFCiuleLZJBjk5Z2tYw3S0d+AtdeOMB8GA1UdIwQY MBaAFMQih8aEWPmAypt8NtYfavWGRksoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveENLSHhvUlktWURLbTN3MjFoOXE5WVpHU3lnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy80NWYzYmMtOTNjOC00YmI5LThkNGMt YjEyZDdmODkyZjViLzEvS0s2VjR0a2tHT1RsbmExakRkTFIzNEMxMTQ0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy80NWYzYmMtOTNjOC00YmI5LThkNGMtYjEyZDdmODkyZjVi LzEveENLSHhvUlktWURLbTN3MjFoOXE5WVpHU3lnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUgUMA0E AgACMAcDBQEqBT2AMA0GCSqGSIb3DQEBCwUAA4IBAQCNgv/JCvR0HHflUX5Yfq4q ardY75+C2/gZon0UsK56OE7OyJar0S88Yjo+tqhNOQ3iIT6WS1xiZY63d9ffvTUm bY0vJuJ8irWj/2m9UgZBLZFQJstohbtbf5wChltl8lflXD7qbOvEAudm0NLA5Igp ry89tXX8RKMvJqiHoI4dCW1TYbhS7+W5KAHuACvsCxySvH4/aMU5n1qb7DgAGVDf tD4GsEjLRcceUpY6aeAJQcJb5pBT4xb+IHCAZUwczj0A4UqnTVDrHHowEH24Cova nYALGwnZBO/LMmYVl9wzSlJclTpM4FhwTgkuCTa9iauxntm5UIVg5qey9XIJp7oz -----END CERTIFICATE-----Generated at Tue Feb 10 02:46:33 2026 by rpki-client