This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/4cb687-87fd-4af0-a36b-607272d737cb/1/KuYHIDTT0pfrZb69d41RvniDU3w.roa File: KuYHIDTT0pfrZb69d41RvniDU3w.roa (raw, json) Hash identifier: pzsXiQ0yFpyoB+XjLaUAL8JPW4YObE6pxPQc+E3xZNQ= Subject key identifier: 2A:E6:07:20:34:D3:D2:97:EB:65:BE:BD:77:8D:51:BE:78:83:53:7C Certificate issuer: /CN=97242dba26ed882b380dabebab3c5f3942006ecc Certificate serial: 019B7E3839D8B023AAFD8504F305F16DF510 Authority key identifier: 97:24:2D:BA:26:ED:88:2B:38:0D:AB:EB:AB:3C:5F:39:42:00:6E:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lyQtuibtiCs4DavrqzxfOUIAbsw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/4cb687-87fd-4af0-a36b-607272d737cb/1/KuYHIDTT0pfrZb69d41RvniDU3w.roa Signing time: Fri 02 Jan 2026 10:19:32 +0000 ROA not before: Fri 02 Jan 2026 10:19:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14618 IP address blocks: 109.68.248.0/24 maxlen: 24 185.68.58.0/24 maxlen: 24 185.68.59.0/24 maxlen: 24 185.255.32.0/23 maxlen: 23 185.255.34.0/24 maxlen: 24 185.255.35.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/4cb687-87fd-4af0-a36b-607272d737cb/1/lyQtuibtiCs4DavrqzxfOUIAbsw.crl rsync://rpki.ripe.net/repository/DEFAULT/f7/4cb687-87fd-4af0-a36b-607272d737cb/1/lyQtuibtiCs4DavrqzxfOUIAbsw.mft rsync://rpki.ripe.net/repository/DEFAULT/lyQtuibtiCs4DavrqzxfOUIAbsw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 12:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:39:d8:b0:23:aa:fd:85:04:f3:05:f1:6d:f5:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=97242dba26ed882b380dabebab3c5f3942006ecc Validity Not Before: Jan 2 10:19:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2ae6072034d3d297eb65bebd778d51be7883537c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:eb:12:64:3c:52:d2:98:8f:71:a1:6b:3f:ae: 1f:18:79:81:f6:06:61:77:5b:af:1a:e3:f2:c5:af: 30:88:9f:25:5a:6e:e2:25:74:49:56:d5:d9:4d:fc: b5:51:8d:75:ed:8a:42:51:71:49:ab:38:17:27:e4: 2b:8f:86:0a:27:b2:45:ce:59:aa:f6:ac:89:36:0d: 38:c7:c4:56:74:0f:1a:72:42:68:a8:f0:bd:3a:5e: 88:27:d8:fe:ec:0e:dd:51:3c:6a:ed:1e:95:3f:98: e6:81:cc:cb:94:01:35:4d:aa:fe:6f:f9:12:1e:4b: dc:4b:08:2e:d8:42:77:f7:0f:15:ca:21:84:ad:7e: 8c:71:d5:54:5c:c8:31:06:a3:d5:5a:2b:c0:57:42: 42:f4:31:4d:67:6a:ab:b2:91:3c:ef:1e:18:55:c8: be:ca:82:8c:b9:ab:70:d0:1d:40:67:c0:39:25:39: 42:e4:95:3a:4e:c5:a9:43:e1:46:6f:84:11:5b:4e: 17:95:61:dd:c8:22:68:5f:e4:47:d1:a0:8c:55:86: b5:62:0d:45:09:5e:1d:fb:f1:4d:1f:42:8c:9f:95: 46:ab:af:0e:f0:f7:a7:0e:60:3c:57:04:4e:bf:fd: 17:cb:d7:33:b5:4c:3a:1a:02:e2:e8:b7:dc:60:7a: e2:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:E6:07:20:34:D3:D2:97:EB:65:BE:BD:77:8D:51:BE:78:83:53:7C X509v3 Authority Key Identifier: keyid:97:24:2D:BA:26:ED:88:2B:38:0D:AB:EB:AB:3C:5F:39:42:00:6E:CC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lyQtuibtiCs4DavrqzxfOUIAbsw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/4cb687-87fd-4af0-a36b-607272d737cb/1/KuYHIDTT0pfrZb69d41RvniDU3w.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/4cb687-87fd-4af0-a36b-607272d737cb/1/lyQtuibtiCs4DavrqzxfOUIAbsw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.68.248.0/24 185.68.58.0/23 185.255.32.0/22 Signature Algorithm: sha256WithRSAEncryption 41:25:d2:0a:73:cb:92:f2:de:61:33:55:25:50:88:fc:6c:02: e5:f9:67:d9:39:b8:02:34:89:6e:e4:f9:ab:a0:d8:a2:d5:88: 6a:3f:bd:e4:83:00:24:a6:47:52:e6:2b:d1:f6:38:75:f1:73: 51:be:78:7d:b7:42:7c:d7:a8:ba:13:d8:f6:02:d6:8f:29:f5: 5a:39:70:44:b3:a0:4e:f8:45:aa:d4:4e:45:9f:48:23:aa:fe: 82:14:13:97:2c:f4:06:72:83:dd:08:85:3d:06:c8:a1:fd:dc: 0c:bb:c8:b7:97:65:d0:56:e1:ac:5a:38:5e:ae:98:f7:bc:92: 40:50:a9:b1:5d:92:5d:08:cd:37:9b:5b:ef:70:9e:5d:2a:62: a9:5a:1b:4c:02:d5:83:08:dc:50:05:4a:35:33:81:af:20:6a: ce:96:4a:99:52:d1:29:cf:ac:ef:46:cb:55:55:20:00:c2:55: c9:82:66:ea:38:8b:29:01:79:24:4a:41:40:98:4e:18:84:3a: 06:8b:a7:2f:ff:e9:d9:03:3d:81:8d:98:66:ae:c5:df:0a:4e: 8a:77:d6:42:ae:33:a5:85:48:b6:6a:45:00:93:f1:63:93:de: 21:63:12:da:b3:4a:fc:15:15:f9:fa:7f:44:65:2f:a0:f4:70: d6:82:de:61 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt+ODnYsCOq/YUE8wXxbfUQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk3MjQyZGJhMjZlZDg4MmIzODBkYWJlYmFiM2M1ZjM5NDIw MDZlY2MwHhcNMjYwMTAyMTAxOTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYWU2MDcyMDM0ZDNkMjk3ZWI2NWJlYmQ3NzhkNTFiZTc4ODM1MzdjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAresSZDxS0piPcaFrP64fGHmB9gZh d1uvGuPyxa8wiJ8lWm7iJXRJVtXZTfy1UY117YpCUXFJqzgXJ+Qrj4YKJ7JFzlmq 9qyJNg04x8RWdA8ackJoqPC9Ol6IJ9j+7A7dUTxq7R6VP5jmgczLlAE1Tar+b/kS HkvcSwgu2EJ39w8VyiGErX6McdVUXMgxBqPVWivAV0JC9DFNZ2qrspE87x4YVci+ yoKMuatw0B1AZ8A5JTlC5JU6TsWpQ+FGb4QRW04XlWHdyCJoX+RH0aCMVYa1Yg1F CV4d+/FNH0KMn5VGq68O8PenDmA8VwROv/0Xy9cztUw6GgLi6LfcYHricwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFCrmByA009KX62W+vXeNUb54g1N8MB8GA1UdIwQY MBaAFJckLbom7YgrOA2r66s8XzlCAG7MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbHlRdHVpYnRpQ3M0RGF2cnF6eGZPVUlBYnN3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy80Y2I2ODctODdmZC00YWYwLWEzNmIt NjA3MjcyZDczN2NiLzEvS3VZSElEVFQwcGZyWmI2OWQ0MVJ2bmlEVTN3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNy80Y2I2ODctODdmZC00YWYwLWEzNmItNjA3MjcyZDczN2Ni LzEvbHlRdHVpYnRpQ3M0RGF2cnF6eGZPVUlBYnN3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbUT4AwQB uUQ6AwQCuf8gMA0GCSqGSIb3DQEBCwUAA4IBAQBBJdIKc8uS8t5hM1UlUIj8bALl +WfZObgCNIlu5PmroNii1YhqP73kgwAkpkdS5ivR9jh18XNRvnh9t0J816i6E9j2 AtaPKfVaOXBEs6BO+EWq1E5Fn0gjqv6CFBOXLPQGcoPdCIU9Bsih/dwMu8i3l2XQ VuGsWjherpj3vJJAUKmxXZJdCM03m1vvcJ5dKmKpWhtMAtWDCNxQBUo1M4GvIGrO lkqZUtEpz6zvRstVVSAAwlXJgmbqOIspAXkkSkFAmE4YhDoGi6cv/+nZAz2BjZhm rsXfCk6Kd9ZCrjOlhUi2akUAk/Fjk94hYxLas0r8FRX5+n9EZS+g9HDWgt5h -----END CERTIFICATE-----Generated at Fri Jan 9 17:06:34 2026 by rpki-client