This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/kfRFlh2dLpW8sNJO1buOQVN72X0.roa File: kfRFlh2dLpW8sNJO1buOQVN72X0.roa (raw, json) Hash identifier: BrZj7l3H0Iralufb5r3WkRR6DSVm0J2UClYS0enarOw= Subject key identifier: 91:F4:45:96:1D:9D:2E:95:BC:B0:D2:4E:D5:BB:8E:41:53:7B:D9:7D Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722 Certificate serial: 019BB150B2BEBD7A4C3813EAAC8D3B45BEAC Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/kfRFlh2dLpW8sNJO1buOQVN72X0.roa Signing time: Mon 12 Jan 2026 08:26:54 +0000 ROA not before: Mon 12 Jan 2026 08:26:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 135402 IP address blocks: 213.145.67.0/24 maxlen: 24 213.145.82.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.mft rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 11:02:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b1:50:b2:be:bd:7a:4c:38:13:ea:ac:8d:3b:45:be:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722 Validity Not Before: Jan 12 08:26:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=91f445961d9d2e95bcb0d24ed5bb8e41537bd97d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:cb:9c:9c:01:50:64:f9:99:4f:1f:50:a0:aa: 4f:f0:94:77:dd:94:7c:0a:f9:83:83:49:e3:97:5c: ca:e7:61:1a:8f:07:46:3e:29:55:c9:5d:25:e7:c2: b9:32:0f:00:92:f4:6f:43:be:14:a4:e7:c2:f7:2d: d9:bc:cf:eb:f3:ac:b8:11:b8:1e:3f:d2:da:8d:91: 96:27:8b:59:f6:47:4e:6e:e8:d2:d3:38:e8:a8:2c: 05:96:cb:d8:15:70:9b:75:6c:48:96:a2:c1:64:8f: 9d:68:fc:1a:df:b6:7e:60:cf:e3:a9:04:6b:5f:e8: f0:df:e7:f8:a3:24:76:d9:23:75:23:4d:52:01:58: d9:ed:24:13:b6:da:87:b3:fb:63:b2:62:c9:af:52: b7:fe:91:24:11:bf:65:b6:8a:81:a2:77:26:2c:0b: 53:5f:3a:5e:10:6b:e9:1b:f9:ff:72:90:27:42:4e: d3:ab:bc:15:15:0c:e4:48:9a:31:3b:83:36:7a:bf: c3:61:2a:88:52:54:84:1d:bc:87:74:17:cb:c5:00: 4a:ce:ac:4c:e7:ec:8c:b2:12:52:67:24:9a:52:34: 89:ff:46:96:aa:37:c1:70:a7:ac:b4:b6:0b:4d:6f: 01:9d:ab:00:de:e3:b7:64:e0:34:b6:98:15:e7:14: 70:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:F4:45:96:1D:9D:2E:95:BC:B0:D2:4E:D5:BB:8E:41:53:7B:D9:7D X509v3 Authority Key Identifier: keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/kfRFlh2dLpW8sNJO1buOQVN72X0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 213.145.67.0/24 213.145.82.0/24 Signature Algorithm: sha256WithRSAEncryption d8:ba:f9:07:ae:1e:f9:00:80:72:e9:79:46:b8:65:06:d0:66: bb:77:2a:0a:73:a5:04:8f:83:aa:87:73:8b:d1:89:3c:f8:36: f9:51:a5:d9:4c:d7:73:2e:41:79:c9:9d:a8:f7:00:05:75:fc: 1a:0e:c3:21:aa:84:78:64:16:63:e5:2d:b4:62:c7:34:46:4f: 42:73:0e:e2:8d:30:d0:20:7d:32:0b:b6:0a:f5:e8:56:50:5a: e4:cd:a5:cd:47:a7:18:45:c6:f3:40:67:93:5a:03:33:ee:79: df:3e:01:89:b8:78:df:e5:d9:98:32:6f:fa:52:48:70:57:c7: ff:19:bb:c9:54:1d:04:3e:00:22:61:a4:1e:f3:f3:0e:f3:83: 85:5f:b5:ff:cf:bc:4a:0e:66:82:cb:5b:5a:6d:17:63:c5:aa: 77:27:9c:cf:76:57:74:7f:8f:24:40:71:03:39:72:f1:93:68: e3:d4:a3:2d:6c:14:49:2d:02:77:88:be:18:e9:54:78:d8:3a: 94:6d:aa:c0:f6:ec:7b:de:74:ef:f2:e6:64:71:00:6f:de:42: 37:d0:14:13:2d:e9:07:25:4b:c2:0d:ae:ef:00:41:dd:96:e7: ea:65:a0:61:4c:1a:ae:33:85:f8:02:a4:e0:82:88:88:e1:28: 2f:df:f0:3f -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZuxULK+vXpMOBPqrI07Rb6sMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx ZDA3MjIwHhcNMjYwMTEyMDgyNjU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MWY0NDU5NjFkOWQyZTk1YmNiMGQyNGVkNWJiOGU0MTUzN2JkOTdkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcucnAFQZPmZTx9QoKpP8JR33ZR8 CvmDg0njl1zK52EajwdGPilVyV0l58K5Mg8AkvRvQ74UpOfC9y3ZvM/r86y4Ebge P9LajZGWJ4tZ9kdObujS0zjoqCwFlsvYFXCbdWxIlqLBZI+daPwa37Z+YM/jqQRr X+jw3+f4oyR22SN1I01SAVjZ7SQTttqHs/tjsmLJr1K3/pEkEb9ltoqBoncmLAtT XzpeEGvpG/n/cpAnQk7Tq7wVFQzkSJoxO4M2er/DYSqIUlSEHbyHdBfLxQBKzqxM 5+yMshJSZySaUjSJ/0aWqjfBcKestLYLTW8BnasA3uO3ZOA0tpgV5xRwoQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFJH0RZYdnS6VvLDSTtW7jkFTe9l9MB8GA1UdIwQY MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt ZDI0MmI2ZjNhOGExLzEva2ZSRmxoMmRMcFc4c05KTzFidU9RVk43MlgwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1ZFDAwQA 1ZFSMA0GCSqGSIb3DQEBCwUAA4IBAQDYuvkHrh75AIBy6XlGuGUG0Ga7dyoKc6UE j4Oqh3OL0Yk8+Db5UaXZTNdzLkF5yZ2o9wAFdfwaDsMhqoR4ZBZj5S20Ysc0Rk9C cw7ijTDQIH0yC7YK9ehWUFrkzaXNR6cYRcbzQGeTWgMz7nnfPgGJuHjf5dmYMm/6 UkhwV8f/GbvJVB0EPgAiYaQe8/MO84OFX7X/z7xKDmaCy1tabRdjxap3J5zPdld0 f48kQHEDOXLxk2jj1KMtbBRJLQJ3iL4Y6VR42DqUbarA9ux73nTv8uZkcQBv3kI3 0BQTLekHJUvCDa7vAEHdlufqZaBhTBquM4X4AqTggoiI4Sgv3/A/ -----END CERTIFICATE-----Generated at Mon Jan 19 20:15:55 2026 by rpki-client