This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0de899-22e1-463c-a4dd-c34e90d7f8ea/1/KYWYz37W-oiiVMTE12p7KDhTRJ8.roa File: KYWYz37W-oiiVMTE12p7KDhTRJ8.roa (raw, json) Hash identifier: u5WkIjTwcVuD735fZub81fTbRjzJme3krFppRq6V43o= Subject key identifier: 29:85:98:CF:7E:D6:FA:88:A2:54:C4:C4:D7:6A:7B:28:38:53:44:9F Certificate issuer: /CN=24a55bd68397566895b15ecb97fc1d65c0c879ce Certificate serial: 019B7834BAA24CD1F619FD269C7F31DC0CDA Authority key identifier: 24:A5:5B:D6:83:97:56:68:95:B1:5E:CB:97:FC:1D:65:C0:C8:79:CE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JKVb1oOXVmiVsV7Ll_wdZcDIec4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/0de899-22e1-463c-a4dd-c34e90d7f8ea/1/KYWYz37W-oiiVMTE12p7KDhTRJ8.roa Signing time: Thu 01 Jan 2026 06:18:00 +0000 ROA not before: Thu 01 Jan 2026 06:18:00 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31543 IP address blocks: 185.110.136.0/22 maxlen: 24 2a06:5680::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/0de899-22e1-463c-a4dd-c34e90d7f8ea/1/JKVb1oOXVmiVsV7Ll_wdZcDIec4.crl rsync://rpki.ripe.net/repository/DEFAULT/df/0de899-22e1-463c-a4dd-c34e90d7f8ea/1/JKVb1oOXVmiVsV7Ll_wdZcDIec4.mft rsync://rpki.ripe.net/repository/DEFAULT/JKVb1oOXVmiVsV7Ll_wdZcDIec4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:ba:a2:4c:d1:f6:19:fd:26:9c:7f:31:dc:0c:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=24a55bd68397566895b15ecb97fc1d65c0c879ce Validity Not Before: Jan 1 06:18:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=298598cf7ed6fa88a254c4c4d76a7b283853449f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:40:7d:14:46:63:db:c9:81:c3:0e:68:17:ae: c1:3d:57:c1:9d:91:60:d2:01:c8:66:c2:f4:b5:a5: 73:c8:54:a0:20:35:fb:06:78:d8:a6:ae:32:29:af: 2e:c4:65:14:9a:36:39:1f:74:4c:7e:47:6e:d8:16: f3:81:d0:6b:6d:42:6b:02:f3:5e:95:81:b2:e5:64: f3:11:78:5f:df:d1:db:14:72:74:5d:bb:3e:25:04: b1:e1:61:d4:1d:38:93:f4:0a:1e:d1:23:28:65:02: 45:f3:9a:1a:86:73:76:f9:cb:ab:20:c2:4f:14:d5: 1d:5a:75:cd:1c:ff:7f:b0:6d:6a:c5:46:a7:f6:33: 94:76:a5:58:72:17:81:88:12:77:8f:63:49:a3:0c: 85:31:fe:0f:da:67:7c:0e:7d:66:09:33:a2:bb:0d: a1:15:14:3d:4f:fe:dc:88:12:2e:54:d3:6b:9f:33: 80:17:f8:45:2c:a0:e4:2a:b8:a0:e0:f2:dc:77:04: cf:c5:ab:0b:c3:ca:40:76:11:12:95:df:79:96:4e: f8:b1:05:29:24:61:12:5e:e7:e3:44:ae:3d:a5:35: f8:95:34:fb:0b:6b:a2:60:76:32:d1:ab:50:b7:d0: 65:3d:e3:19:0f:85:a3:6c:55:d7:95:0b:87:56:a2: 4a:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:85:98:CF:7E:D6:FA:88:A2:54:C4:C4:D7:6A:7B:28:38:53:44:9F X509v3 Authority Key Identifier: keyid:24:A5:5B:D6:83:97:56:68:95:B1:5E:CB:97:FC:1D:65:C0:C8:79:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JKVb1oOXVmiVsV7Ll_wdZcDIec4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0de899-22e1-463c-a4dd-c34e90d7f8ea/1/KYWYz37W-oiiVMTE12p7KDhTRJ8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0de899-22e1-463c-a4dd-c34e90d7f8ea/1/JKVb1oOXVmiVsV7Ll_wdZcDIec4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.110.136.0/22 IPv6: 2a06:5680::/29 Signature Algorithm: sha256WithRSAEncryption 84:f9:02:71:33:94:3a:f2:24:ab:cf:ce:58:48:54:6d:86:c4: 11:d5:00:81:25:f7:3e:bf:45:a2:db:47:e7:f2:29:c1:e7:c2: 23:ef:6d:b3:01:e1:1b:2d:28:11:43:13:2e:e3:ce:8d:0c:8e: e5:a4:16:e4:bc:97:5e:34:c3:a1:44:51:83:ec:8c:49:27:8a: 09:80:d2:a4:af:fc:12:84:23:40:79:7b:1d:ca:60:0e:aa:af: 6a:5b:eb:fc:37:65:31:c5:93:66:39:a5:2d:e8:f2:27:1a:56: 71:9b:ac:0c:24:54:a7:84:00:34:d4:ab:5b:f2:5d:99:68:0e: 7e:08:e2:a0:0f:8a:7a:7d:39:61:cb:4d:f8:21:8d:b7:2f:6d: be:40:2e:25:66:2b:c7:cb:1f:85:8f:bc:2d:da:68:66:67:13: c9:c3:04:d4:54:27:24:11:9d:3e:5f:5e:4b:75:bf:cd:1f:42: f8:3c:c5:46:22:65:58:2d:d4:45:c5:c1:98:ff:da:e9:92:70: 6a:84:60:ce:d7:a2:03:71:9d:3a:0b:8b:ed:85:83:a2:d4:64: 6a:7c:0a:15:fa:4e:64:32:78:f1:3f:3f:8a:6b:45:76:ad:e0: a4:7d:45:6a:46:7d:46:e0:6c:72:43:91:fb:a5:44:c5:b7:0b: 5d:7e:36:e1 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt4NLqiTNH2Gf0mnH8x3AzaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI0YTU1YmQ2ODM5NzU2Njg5NWIxNWVjYjk3ZmMxZDY1YzBj ODc5Y2UwHhcNMjYwMTAxMDYxODAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOTg1OThjZjdlZDZmYTg4YTI1NGM0YzRkNzZhN2IyODM4NTM0NDlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9EB9FEZj28mBww5oF67BPVfBnZFg 0gHIZsL0taVzyFSgIDX7BnjYpq4yKa8uxGUUmjY5H3RMfkdu2BbzgdBrbUJrAvNe lYGy5WTzEXhf39HbFHJ0Xbs+JQSx4WHUHTiT9Aoe0SMoZQJF85oahnN2+curIMJP FNUdWnXNHP9/sG1qxUan9jOUdqVYcheBiBJ3j2NJowyFMf4P2md8Dn1mCTOiuw2h FRQ9T/7ciBIuVNNrnzOAF/hFLKDkKrig4PLcdwTPxasLw8pAdhESld95lk74sQUp JGESXufjRK49pTX4lTT7C2uiYHYy0atQt9BlPeMZD4WjbFXXlQuHVqJKOwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFCmFmM9+1vqIolTExNdqeyg4U0SfMB8GA1UdIwQY MBaAFCSlW9aDl1ZolbFey5f8HWXAyHnOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSktWYjFvT1hWbWlWc1Y3TGxfd2RaY0RJZWM0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wZGU4OTktMjJlMS00NjNjLWE0ZGQt YzM0ZTkwZDdmOGVhLzEvS1lXWXozN1ctb2lpVk1URTEycDdLRGhUUko4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi8wZGU4OTktMjJlMS00NjNjLWE0ZGQtYzM0ZTkwZDdmOGVh LzEvSktWYjFvT1hWbWlWc1Y3TGxfd2RaY0RJZWM0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuW6IMA0E AgACMAcDBQMqBlaAMA0GCSqGSIb3DQEBCwUAA4IBAQCE+QJxM5Q68iSrz85YSFRt hsQR1QCBJfc+v0Wi20fn8inB58Ij722zAeEbLSgRQxMu486NDI7lpBbkvJdeNMOh RFGD7IxJJ4oJgNKkr/wShCNAeXsdymAOqq9qW+v8N2UxxZNmOaUt6PInGlZxm6wM JFSnhAA01Ktb8l2ZaA5+COKgD4p6fTlhy034IY23L22+QC4lZivHyx+Fj7wt2mhm ZxPJwwTUVCckEZ0+X15Ldb/NH0L4PMVGImVYLdRFxcGY/9rpknBqhGDO16IDcZ06 C4vthYOi1GRqfAoV+k5kMnjxPz+Ka0V2reCkfUVqRn1G4GxyQ5H7pUTFtwtdfjbh -----END CERTIFICATE-----Generated at Mon Feb 9 21:25:25 2026 by rpki-client