This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/ccf444-a22c-4fcd-bf1a-0f937ccf02e0/1/KNGzhIaCKCO7BqVAGRH0hS28bSE.roa File: KNGzhIaCKCO7BqVAGRH0hS28bSE.roa (raw, json) Hash identifier: p/4zAAWK0QGA2GZKTcppMHA4sXwzCSeZJaQW4PAVpBk= Subject key identifier: 28:D1:B3:84:86:82:28:23:BB:06:A5:40:19:11:F4:85:2D:BC:6D:21 Certificate issuer: /CN=4518b89c7dce2b5edc05581516cfc19d7a3174e8 Certificate serial: 019B76EB39F11B417EA65775E0CD25056C6A Authority key identifier: 45:18:B8:9C:7D:CE:2B:5E:DC:05:58:15:16:CF:C1:9D:7A:31:74:E8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RRi4nH3OK17cBVgVFs_BnXoxdOg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/ccf444-a22c-4fcd-bf1a-0f937ccf02e0/1/KNGzhIaCKCO7BqVAGRH0hS28bSE.roa Signing time: Thu 01 Jan 2026 00:18:05 +0000 ROA not before: Thu 01 Jan 2026 00:18:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60103 IP address blocks: 185.57.152.0/22 maxlen: 22 185.57.153.0/24 maxlen: 24 185.57.154.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/ccf444-a22c-4fcd-bf1a-0f937ccf02e0/1/RRi4nH3OK17cBVgVFs_BnXoxdOg.crl rsync://rpki.ripe.net/repository/DEFAULT/df/ccf444-a22c-4fcd-bf1a-0f937ccf02e0/1/RRi4nH3OK17cBVgVFs_BnXoxdOg.mft rsync://rpki.ripe.net/repository/DEFAULT/RRi4nH3OK17cBVgVFs_BnXoxdOg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:39:f1:1b:41:7e:a6:57:75:e0:cd:25:05:6c:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4518b89c7dce2b5edc05581516cfc19d7a3174e8 Validity Not Before: Jan 1 00:18:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=28d1b38486822823bb06a5401911f4852dbc6d21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:dc:9f:9c:de:2a:6d:6d:f5:39:e7:67:f9:9f: e9:16:e3:6b:5a:43:9e:06:e6:29:3e:cb:ca:2f:c0: 4e:29:32:37:05:b3:77:22:36:f1:a4:dc:0a:d6:ca: 9e:87:91:9b:a0:e7:78:14:56:f8:7c:65:b3:15:ea: d1:bc:c4:a4:cc:75:4e:f4:4f:20:9a:30:40:69:8c: e3:94:21:2a:02:22:40:6b:15:be:f6:ab:7c:93:4f: c0:a1:61:19:1b:9e:c0:79:1f:1a:f2:91:48:db:a0: 62:f6:d0:e4:a5:70:ad:a4:93:3c:69:09:f8:8a:f1: c4:44:9d:1a:f8:d1:90:46:55:4c:57:cb:a9:a3:c2: ff:47:92:e5:37:8c:68:04:53:fc:80:36:b5:5a:60: de:11:2c:02:9b:1f:9e:05:e6:20:fe:1a:79:79:b5: 34:d7:f5:3c:36:84:ec:be:e2:89:fa:7b:18:b2:ac: 48:e6:7f:a1:d5:b3:d9:c7:8b:63:22:3b:46:d5:11: 9e:ab:d2:e0:6e:2c:68:c7:4e:bf:fc:e4:a7:d8:b8: 48:29:84:fc:99:39:99:e2:fb:6b:a1:ae:20:0d:92: 56:aa:80:fc:49:9b:02:f6:e7:6e:d5:95:d9:6b:9f: 99:a4:b0:b4:2d:6e:b6:1b:20:35:7f:7a:97:f9:5d: bf:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:D1:B3:84:86:82:28:23:BB:06:A5:40:19:11:F4:85:2D:BC:6D:21 X509v3 Authority Key Identifier: keyid:45:18:B8:9C:7D:CE:2B:5E:DC:05:58:15:16:CF:C1:9D:7A:31:74:E8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RRi4nH3OK17cBVgVFs_BnXoxdOg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/ccf444-a22c-4fcd-bf1a-0f937ccf02e0/1/KNGzhIaCKCO7BqVAGRH0hS28bSE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/ccf444-a22c-4fcd-bf1a-0f937ccf02e0/1/RRi4nH3OK17cBVgVFs_BnXoxdOg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.57.152.0/22 Signature Algorithm: sha256WithRSAEncryption 5b:cc:40:54:96:19:a9:2e:d0:f3:27:8a:40:bf:c0:ba:53:2c: 8e:e3:af:3b:d5:75:02:7c:6a:08:1f:1d:09:4d:64:34:3f:8e: 79:59:c6:e6:7b:d5:f5:88:c5:ab:ca:7a:2d:f2:50:a4:39:b8: 90:b7:93:4f:40:2e:78:52:55:c8:52:9a:34:af:f3:00:d6:5c: 7c:75:30:6a:14:e3:93:62:69:ae:fd:8d:29:db:0a:91:8f:fa: f0:8d:45:1a:28:31:d2:6f:9c:dd:68:36:1c:f9:ef:a7:30:ed: 37:e6:94:d4:79:1d:7d:24:40:82:c4:4e:ca:e9:68:d7:37:db: eb:de:c4:d7:93:28:9f:b5:fc:b0:f7:a9:cc:0d:b4:7d:e7:7c: 4c:8a:ca:c1:dd:3c:9d:34:75:9e:f6:51:c5:5a:67:8f:87:99: ad:72:3a:6a:67:a2:4f:44:6e:20:29:b4:d3:ab:f7:ca:2d:7e: c2:61:b3:fd:54:2e:a6:86:4f:04:44:77:2e:df:dd:66:a8:b5: 3d:e8:1d:8e:30:a9:a5:7a:89:42:c3:f7:e0:fb:97:03:d8:c6: d6:ab:f1:2f:2c:b3:7a:00:26:9a:7d:b4:4c:7b:ca:ba:45:4f: 9d:b0:50:0d:55:1e:27:2e:06:f8:6a:07:a1:f3:53:65:81:ee: ba:db:ae:01 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt26znxG0F+pld14M0lBWxqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ1MThiODljN2RjZTJiNWVkYzA1NTgxNTE2Y2ZjMTlkN2Ez MTc0ZTgwHhcNMjYwMTAxMDAxODA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOGQxYjM4NDg2ODIyODIzYmIwNmE1NDAxOTExZjQ4NTJkYmM2ZDIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdyfnN4qbW31Oedn+Z/pFuNrWkOe BuYpPsvKL8BOKTI3BbN3IjbxpNwK1sqeh5GboOd4FFb4fGWzFerRvMSkzHVO9E8g mjBAaYzjlCEqAiJAaxW+9qt8k0/AoWEZG57AeR8a8pFI26Bi9tDkpXCtpJM8aQn4 ivHERJ0a+NGQRlVMV8upo8L/R5LlN4xoBFP8gDa1WmDeESwCmx+eBeYg/hp5ebU0 1/U8NoTsvuKJ+nsYsqxI5n+h1bPZx4tjIjtG1RGeq9Lgbixox06//OSn2LhIKYT8 mTmZ4vtroa4gDZJWqoD8SZsC9udu1ZXZa5+ZpLC0LW62GyA1f3qX+V2/9wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCjRs4SGgigjuwalQBkR9IUtvG0hMB8GA1UdIwQY MBaAFEUYuJx9zite3AVYFRbPwZ16MXToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUlJpNG5IM09LMTdjQlZnVkZzX0JuWG94ZE9nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9jY2Y0NDQtYTIyYy00ZmNkLWJmMWEt MGY5MzdjY2YwMmUwLzEvS05HemhJYUNLQ083QnFWQUdSSDBoUzI4YlNFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi9jY2Y0NDQtYTIyYy00ZmNkLWJmMWEtMGY5MzdjY2YwMmUw LzEvUlJpNG5IM09LMTdjQlZnVkZzX0JuWG94ZE9nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTmYMA0G CSqGSIb3DQEBCwUAA4IBAQBbzEBUlhmpLtDzJ4pAv8C6UyyO46871XUCfGoIHx0J TWQ0P455Wcbme9X1iMWrynot8lCkObiQt5NPQC54UlXIUpo0r/MA1lx8dTBqFOOT Ymmu/Y0p2wqRj/rwjUUaKDHSb5zdaDYc+e+nMO035pTUeR19JECCxE7K6WjXN9vr 3sTXkyiftfyw96nMDbR953xMisrB3TydNHWe9lHFWmePh5mtcjpqZ6JPRG4gKbTT q/fKLX7CYbP9VC6mhk8ERHcu391mqLU96B2OMKmleolCw/fg+5cD2MbWq/EvLLN6 ACaafbRMe8q6RU+dsFANVR4nLgb4ageh81Nlge66264B -----END CERTIFICATE-----Generated at Mon Feb 9 19:54:27 2026 by rpki-client