This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/KaCfEz66BVobYaD4JAQbgoR-gKg.roa File: KaCfEz66BVobYaD4JAQbgoR-gKg.roa (raw, json) Hash identifier: y8noCaUxD0ZZ36hzHL6X++bGHmSgDwDhVDPA3PlLSas= Subject key identifier: 29:A0:9F:13:3E:BA:05:5A:1B:61:A0:F8:24:04:1B:82:84:7E:80:A8 Certificate issuer: /CN=0f21b78ce97b0f5fb3d88bf95cfbb08b2fbea8e5 Certificate serial: 019B78A3131F52AD7752C82A4AB838796527 Authority key identifier: 0F:21:B7:8C:E9:7B:0F:5F:B3:D8:8B:F9:5C:FB:B0:8B:2F:BE:A8:E5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DyG3jOl7D1-z2Iv5XPuwiy--qOU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/KaCfEz66BVobYaD4JAQbgoR-gKg.roa Signing time: Thu 01 Jan 2026 08:18:31 +0000 ROA not before: Thu 01 Jan 2026 08:18:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 55002 IP address blocks: 132.68.1.0/24 maxlen: 24 132.68.3.0/24 maxlen: 24 132.68.6.0/24 maxlen: 24 132.68.7.0/24 maxlen: 24 132.68.25.0/24 maxlen: 24 132.68.238.0/24 maxlen: 24 132.68.239.0/24 maxlen: 24 132.68.240.0/24 maxlen: 24 132.69.8.0/24 maxlen: 24 132.69.246.0/24 maxlen: 24 132.69.247.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/DyG3jOl7D1-z2Iv5XPuwiy--qOU.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/DyG3jOl7D1-z2Iv5XPuwiy--qOU.mft rsync://rpki.ripe.net/repository/DEFAULT/DyG3jOl7D1-z2Iv5XPuwiy--qOU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 12:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:13:1f:52:ad:77:52:c8:2a:4a:b8:38:79:65:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0f21b78ce97b0f5fb3d88bf95cfbb08b2fbea8e5 Validity Not Before: Jan 1 08:18:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=29a09f133eba055a1b61a0f824041b82847e80a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:19:87:53:15:10:72:4a:30:17:5e:88:bd:34: 59:80:2a:3b:7d:e2:3f:5e:67:f8:86:cb:42:47:df: 07:69:25:00:8c:d2:fc:83:25:bf:b2:22:38:33:8f: 77:54:fb:bf:74:46:d3:3d:ef:7e:22:d3:39:c7:ee: 81:ba:53:77:50:5e:43:90:74:39:d7:ae:2d:b5:ee: 6e:98:54:68:78:74:eb:c0:d2:ed:fd:d0:50:ec:e1: 84:64:06:ec:3a:c1:be:c0:2d:96:d1:e5:82:4e:06: 3e:47:ba:21:32:10:b4:a7:a2:31:6e:46:0b:b3:c5: d3:54:93:b2:74:bd:3c:73:91:fc:dd:33:81:bf:a1: da:03:a4:24:09:8a:aa:b8:67:c5:ff:84:48:91:ce: c0:bb:75:68:5f:08:ba:1a:fb:66:42:99:c8:ce:19: 0f:f5:ca:b5:44:80:ad:26:cf:56:62:a8:34:d5:db: 5e:91:5c:0f:48:c4:11:1d:ff:5a:c2:4e:ad:08:f9: d7:a1:ba:87:aa:22:5b:c4:ee:3a:1c:9f:5c:6b:26: f8:cb:d8:ba:4b:fb:8f:6a:e7:58:89:da:79:28:c7: e0:25:89:18:01:1c:22:37:88:be:49:7c:86:1c:d9: d5:95:1c:36:38:ed:fb:63:4d:27:b1:ec:fa:1d:dd: 1c:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:A0:9F:13:3E:BA:05:5A:1B:61:A0:F8:24:04:1B:82:84:7E:80:A8 X509v3 Authority Key Identifier: keyid:0F:21:B7:8C:E9:7B:0F:5F:B3:D8:8B:F9:5C:FB:B0:8B:2F:BE:A8:E5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DyG3jOl7D1-z2Iv5XPuwiy--qOU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/KaCfEz66BVobYaD4JAQbgoR-gKg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/DyG3jOl7D1-z2Iv5XPuwiy--qOU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 132.68.1.0/24 132.68.3.0/24 132.68.6.0/23 132.68.25.0/24 132.68.238.0-132.68.240.255 132.69.8.0/24 132.69.246.0/23 Signature Algorithm: sha256WithRSAEncryption 6a:b6:32:cd:9e:36:10:73:b5:ad:f2:49:3e:a7:4d:9e:ab:fa: 68:31:3e:97:56:8d:0b:5d:34:c0:c3:24:9b:85:18:7f:45:d1: 7e:8a:2c:47:24:57:80:24:fa:cd:65:ee:f9:01:6d:2a:a4:8f: 04:fb:51:20:31:78:7c:6d:af:51:f0:c2:7a:dc:c3:bb:c5:bd: fc:f0:12:89:a7:2e:12:42:bb:bc:33:d5:5d:c4:33:c0:34:ff: 52:5f:a5:e4:41:a7:ef:62:40:02:47:3e:3b:d5:58:8a:83:4e: a4:35:d6:b9:5e:bf:b2:9a:26:1f:e4:6c:cd:7a:dc:85:bc:50: b8:8b:05:05:ee:ba:9d:cc:e9:11:cd:13:0c:cc:84:a9:86:34: c4:1e:fa:5c:ed:3c:fd:30:b1:d8:8a:69:6a:17:22:2a:7f:fe: ac:0f:5f:c9:b9:38:c7:7e:58:ed:49:bc:81:73:17:51:37:42: a1:fe:d3:fd:29:ca:60:2d:fa:1d:68:19:c7:91:a4:cb:7d:9d: 12:5d:4b:15:8e:15:02:4f:82:bd:4f:7b:da:53:3c:1f:cd:f2: 9a:54:36:f4:e9:d2:26:fa:27:32:23:25:a9:e5:23:25:90:ee: e6:74:06:cc:9e:63:16:9a:0b:af:60:af:61:89:cd:ad:f6:08: 4d:ab:c8:d6 -----BEGIN CERTIFICATE----- MIIFKTCCBBGgAwIBAgISAZt4oxMfUq13UsgqSrg4eWUnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmMjFiNzhjZTk3YjBmNWZiM2Q4OGJmOTVjZmJiMDhiMmZi ZWE4ZTUwHhcNMjYwMTAxMDgxODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOWEwOWYxMzNlYmEwNTVhMWI2MWEwZjgyNDA0MWI4Mjg0N2U4MGE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2RmHUxUQckowF16IvTRZgCo7feI/ Xmf4hstCR98HaSUAjNL8gyW/siI4M493VPu/dEbTPe9+ItM5x+6BulN3UF5DkHQ5 164tte5umFRoeHTrwNLt/dBQ7OGEZAbsOsG+wC2W0eWCTgY+R7ohMhC0p6IxbkYL s8XTVJOydL08c5H83TOBv6HaA6QkCYqquGfF/4RIkc7Au3VoXwi6GvtmQpnIzhkP 9cq1RICtJs9WYqg01dtekVwPSMQRHf9awk6tCPnXobqHqiJbxO46HJ9cayb4y9i6 S/uPaudYidp5KMfgJYkYARwiN4i+SXyGHNnVlRw2OO37Y00nsez6Hd0cFwIDAQAB o4ICNTCCAjEwHQYDVR0OBBYEFCmgnxM+ugVaG2Gg+CQEG4KEfoCoMB8GA1UdIwQY MBaAFA8ht4zpew9fs9iL+Vz7sIsvvqjlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRHlHM2pPbDdEMS16Mkl2NVhQdXdpeS0tcU9VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8wZjc1OTQtZjA0OC00NzNkLWEzOWEt ZGRiOWU0ZGI5OGM2LzEvS2FDZkV6NjZCVm9iWWFENEpBUWJnb1ItZ0tnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC8wZjc1OTQtZjA0OC00NzNkLWEzOWEtZGRiOWU0ZGI5OGM2 LzEvRHlHM2pPbDdEMS16Mkl2NVhQdXdpeS0tcU9VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAhEQBAwQA hEQDAwQBhEQGAwQAhEQZMAwDBAGERO4DBACERPADBACERQgDBAGERfYwDQYJKoZI hvcNAQELBQADggEBAGq2Ms2eNhBzta3yST6nTZ6r+mgxPpdWjQtdNMDDJJuFGH9F 0X6KLEckV4Ak+s1l7vkBbSqkjwT7USAxeHxtr1Hwwnrcw7vFvfzwEomnLhJCu7wz 1V3EM8A0/1JfpeRBp+9iQAJHPjvVWIqDTqQ11rlev7KaJh/kbM163IW8ULiLBQXu up3M6RHNEwzMhKmGNMQe+lztPP0wsdiKaWoXIip//qwPX8m5OMd+WO1JvIFzF1E3 QqH+0/0pymAt+h1oGceRpMt9nRJdSxWOFQJPgr1Pe9pTPB/N8ppUNvTp0ib6JzIj JanlIyWQ7uZ0BsyeYxaaC69gr2GJza32CE2ryNY= -----END CERTIFICATE-----Generated at Fri Jan 9 17:23:22 2026 by rpki-client