This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/KnbEX4UkCWaV7O0wuCkr7A4YupA.roa File: KnbEX4UkCWaV7O0wuCkr7A4YupA.roa (raw, json) Hash identifier: LLlXw5GN0fkhrRlbhrlywwISvztA4DkGKjffqRJI8NQ= Subject key identifier: 2A:76:C4:5F:85:24:09:66:95:EC:ED:30:B8:29:2B:EC:0E:18:BA:90 Certificate issuer: /CN=290bcc50a9a33ba5651efd1afe40b6fdb02556f0 Certificate serial: 019B7DCA292E8D45103CCD1B50A5A9E0A2EC Authority key identifier: 29:0B:CC:50:A9:A3:3B:A5:65:1E:FD:1A:FE:40:B6:FD:B0:25:56:F0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQvMUKmjO6VlHv0a_kC2_bAlVvA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/KnbEX4UkCWaV7O0wuCkr7A4YupA.roa Signing time: Fri 02 Jan 2026 08:19:19 +0000 ROA not before: Fri 02 Jan 2026 08:19:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210644 IP address blocks: 45.144.54.0/23 maxlen: 23 193.29.224.0/24 maxlen: 24 193.29.225.0/24 maxlen: 24 194.33.34.0/24 maxlen: 24 194.33.35.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/KQvMUKmjO6VlHv0a_kC2_bAlVvA.crl rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/KQvMUKmjO6VlHv0a_kC2_bAlVvA.mft rsync://rpki.ripe.net/repository/DEFAULT/KQvMUKmjO6VlHv0a_kC2_bAlVvA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 20:29:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:29:2e:8d:45:10:3c:cd:1b:50:a5:a9:e0:a2:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=290bcc50a9a33ba5651efd1afe40b6fdb02556f0 Validity Not Before: Jan 2 08:19:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2a76c45f8524096695eced30b8292bec0e18ba90 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:b1:da:c0:c3:97:a6:e9:d8:6e:28:3d:69:2b: 88:9c:ae:02:20:35:da:11:02:70:5f:68:f4:96:7f: 27:ed:de:a0:93:9e:a6:a7:33:72:eb:81:58:d7:7c: f7:9f:50:68:c3:cb:bf:aa:1d:6a:e3:74:3b:7f:37: b0:5e:7b:b3:42:5d:46:c4:b6:f0:db:13:38:2c:ed: e9:13:90:3b:01:b3:1b:73:7c:3e:77:b8:fc:00:90: a8:ae:7c:d8:16:26:01:7d:3b:63:87:8f:29:b2:c2: 14:32:5a:d2:7e:92:73:7e:e3:24:0a:85:27:2a:0e: 8e:aa:8f:eb:f3:2c:18:91:e4:a3:c2:ea:be:24:e1: 26:79:79:32:2b:93:2f:46:ea:53:66:3b:ca:7e:95: 28:db:9a:da:31:d3:e5:c8:e7:9d:60:5c:c7:9c:8c: fe:c6:4d:df:63:6d:1f:83:a9:26:4c:18:28:eb:74: 7d:12:54:1d:33:53:e0:49:fb:71:c6:c1:27:d6:5e: 34:92:5b:89:b1:47:3f:3f:b6:5e:47:95:57:c3:ac: 4e:72:8e:5c:4a:1d:76:e7:a9:c7:48:9f:51:c6:17: 9d:da:76:9f:2c:82:30:45:11:bf:e1:bd:b3:8d:03: fa:12:ed:d6:d6:71:65:e2:f3:22:74:47:91:b9:64: 13:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:76:C4:5F:85:24:09:66:95:EC:ED:30:B8:29:2B:EC:0E:18:BA:90 X509v3 Authority Key Identifier: keyid:29:0B:CC:50:A9:A3:3B:A5:65:1E:FD:1A:FE:40:B6:FD:B0:25:56:F0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQvMUKmjO6VlHv0a_kC2_bAlVvA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/KnbEX4UkCWaV7O0wuCkr7A4YupA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/KQvMUKmjO6VlHv0a_kC2_bAlVvA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.144.54.0/23 193.29.224.0/23 194.33.34.0/23 Signature Algorithm: sha256WithRSAEncryption 31:30:74:d1:ea:34:c0:71:4e:13:dd:9c:0a:90:92:31:b7:38: d9:3c:b6:53:55:22:5f:d7:be:0e:4c:9e:80:3b:07:63:7f:91: 71:64:9a:7e:b3:a7:98:f9:16:39:55:d3:9d:a1:e8:60:9f:ee: 87:e8:1f:36:21:bc:a9:b5:86:c5:fe:af:a8:0b:81:a0:89:1b: 58:2b:03:1a:82:8c:ba:ba:32:32:22:4e:16:f0:7b:e7:c4:ec: 06:36:58:33:5c:72:1e:2c:b3:26:b0:d7:0c:16:7a:7a:ac:40: 62:1f:ac:16:cc:01:cb:fe:0a:7c:fe:3d:52:c3:a6:99:cc:ec: d2:ce:94:ad:cc:0d:8f:e4:0f:b9:38:8d:1b:16:d5:54:0b:67: 59:32:a8:a2:9c:13:71:57:a8:b0:7e:84:93:54:7b:40:ac:62: 8a:42:4f:91:c7:ca:64:1f:eb:a5:e4:27:eb:b7:54:7d:c2:a7: cf:27:6f:be:e0:bb:7b:64:20:bf:c6:c4:64:79:77:64:37:38: 71:d1:d1:e6:7b:df:fc:8c:05:3d:e7:55:8d:01:81:ea:4d:29: 90:ee:b3:12:13:de:93:ee:95:0a:ba:da:ff:56:79:5a:57:6e: 8b:06:00:36:22:8c:92:93:67:75:72:ce:ee:39:ac:19:e8:12: 13:6e:d1:bf -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt9yikujUUQPM0bUKWp4KLsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5MGJjYzUwYTlhMzNiYTU2NTFlZmQxYWZlNDBiNmZkYjAy NTU2ZjAwHhcNMjYwMTAyMDgxOTE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYTc2YzQ1Zjg1MjQwOTY2OTVlY2VkMzBiODI5MmJlYzBlMThiYTkwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7HawMOXpunYbig9aSuInK4CIDXa EQJwX2j0ln8n7d6gk56mpzNy64FY13z3n1Bow8u/qh1q43Q7fzewXnuzQl1GxLbw 2xM4LO3pE5A7AbMbc3w+d7j8AJCornzYFiYBfTtjh48pssIUMlrSfpJzfuMkCoUn Kg6Oqo/r8ywYkeSjwuq+JOEmeXkyK5MvRupTZjvKfpUo25raMdPlyOedYFzHnIz+ xk3fY20fg6kmTBgo63R9ElQdM1PgSftxxsEn1l40kluJsUc/P7ZeR5VXw6xOco5c Sh1256nHSJ9Rxhed2nafLIIwRRG/4b2zjQP6Eu3W1nFl4vMidEeRuWQTtwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFCp2xF+FJAlmleztMLgpK+wOGLqQMB8GA1UdIwQY MBaAFCkLzFCpozulZR79Gv5Atv2wJVbwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1F2TVVLbWpPNlZsSHYwYV9rQzJfYkFsVnZBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80YjZlZjQtMzhlZS00YzA2LThjYjYt NzY5ODI0OTNlYTFhLzEvS25iRVg0VWtDV2FWN08wd3VDa3I3QTRZdXBBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYi80YjZlZjQtMzhlZS00YzA2LThjYjYtNzY5ODI0OTNlYTFh LzEvS1F2TVVLbWpPNlZsSHYwYV9rQzJfYkFsVnZBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLZA2AwQB wR3gAwQBwiEiMA0GCSqGSIb3DQEBCwUAA4IBAQAxMHTR6jTAcU4T3ZwKkJIxtzjZ PLZTVSJf174OTJ6AOwdjf5FxZJp+s6eY+RY5VdOdoehgn+6H6B82IbyptYbF/q+o C4GgiRtYKwMagoy6ujIyIk4W8HvnxOwGNlgzXHIeLLMmsNcMFnp6rEBiH6wWzAHL /gp8/j1Sw6aZzOzSzpStzA2P5A+5OI0bFtVUC2dZMqiinBNxV6iwfoSTVHtArGKK Qk+Rx8pkH+ul5Cfrt1R9wqfPJ2++4Lt7ZCC/xsRkeXdkNzhx0dHme9/8jAU951WN AYHqTSmQ7rMSE96T7pUKutr/VnlaV26LBgA2IoySk2d1cs7uOawZ6BITbtG/ -----END CERTIFICATE-----Generated at Tue Jan 20 06:02:46 2026 by rpki-client