This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/ks2_IkZaAakd1-3jQOWLy85dDy8.roa File: ks2_IkZaAakd1-3jQOWLy85dDy8.roa (raw, json) Hash identifier: mLEy/InkNukmfeS2zm1mvXpvR+u6dmdc0Mw1w4KWFN4= Subject key identifier: 92:CD:BF:22:46:5A:01:A9:1D:D7:ED:E3:40:E5:8B:CB:CE:5D:0F:2F Certificate issuer: /CN=6d069e19e12c104004e8b4b75f8a7789b7e11396 Certificate serial: 019B797DE6796EB2FA1088DE69C88E4CE5FD Authority key identifier: 6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/ks2_IkZaAakd1-3jQOWLy85dDy8.roa Signing time: Thu 01 Jan 2026 12:17:32 +0000 ROA not before: Thu 01 Jan 2026 12:17:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16243 IP address blocks: 144.43.240.0/21 maxlen: 24 144.43.252.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.mft rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 03:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7d:e6:79:6e:b2:fa:10:88:de:69:c8:8e:4c:e5:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6d069e19e12c104004e8b4b75f8a7789b7e11396 Validity Not Before: Jan 1 12:17:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=92cdbf22465a01a91dd7ede340e58bcbce5d0f2f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:1a:eb:2a:5b:36:7f:dc:4b:01:93:96:f7:a0: 47:05:e4:46:5d:e9:80:cf:4a:6d:c1:75:4c:17:66: b6:21:73:18:3a:bd:ed:78:b5:a7:e1:7d:eb:07:90: bb:6a:26:4a:bb:62:f4:fa:c5:08:01:43:3a:99:0a: 6f:54:88:db:5d:1d:29:94:fa:a9:fc:4f:79:0a:62: fc:84:88:43:52:90:f0:48:25:2c:1d:fa:ea:83:28: 4b:6b:b3:2f:44:df:75:d2:20:93:cb:3d:39:96:c2: 80:69:b9:22:23:d3:86:6e:6f:bc:26:f3:91:ea:eb: e1:f1:47:73:7b:5c:d6:c3:f4:02:94:90:85:a2:42: 08:f9:89:dc:8c:20:e8:86:ee:55:4d:58:ee:52:1e: 18:9d:73:32:e5:2a:04:d8:bb:2a:02:5c:26:37:59: d6:ab:57:fa:1c:ab:10:34:a4:94:83:8f:72:a4:d0: b4:b3:a4:d8:0e:c2:69:c5:b3:61:cc:19:17:e1:31: 51:55:3c:96:e8:d9:e3:18:39:5b:32:32:ab:a9:e8: de:7d:81:8f:15:a0:a5:2a:73:a1:95:10:e0:12:e0: 62:e9:df:77:5e:ca:b9:06:93:9a:4e:90:a0:54:05: 05:be:fb:48:ab:c2:c3:b4:aa:35:f1:2c:40:92:cf: a0:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:CD:BF:22:46:5A:01:A9:1D:D7:ED:E3:40:E5:8B:CB:CE:5D:0F:2F X509v3 Authority Key Identifier: keyid:6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/ks2_IkZaAakd1-3jQOWLy85dDy8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 144.43.240.0/21 144.43.252.0/22 Signature Algorithm: sha256WithRSAEncryption bb:7e:b7:3f:99:6d:45:bb:74:df:7d:20:54:4f:d3:f4:39:7c: 56:81:05:5c:97:aa:24:47:cb:b0:b2:cb:7e:69:b1:6d:de:a3: 6e:4c:e5:ea:d7:56:dd:29:f1:dd:9b:72:f9:f9:49:cc:34:be: be:44:60:1e:db:00:e9:8f:74:24:3c:ba:2a:7d:07:c2:0f:8d: 93:76:cc:29:e9:e0:dc:d2:f4:1d:7f:6f:be:28:1e:89:c2:cc: 7e:d7:84:ed:4f:d2:14:93:f2:f1:88:1c:a6:ab:dd:b7:ca:29: e5:10:bd:34:de:e4:e4:dc:30:41:6d:ed:6a:1b:ff:86:dc:8a: 08:9d:28:f0:70:57:af:fa:35:a2:38:14:ff:b6:9b:9e:8c:05: 8b:ff:ff:fe:28:d5:e1:a7:23:3e:1c:8d:28:f3:6a:fb:85:0e: 03:65:8e:82:f3:ea:17:6c:af:cf:1c:29:0e:a0:7d:50:c5:01: 72:44:bd:b6:6e:c1:38:45:2a:15:dc:0a:39:e4:fc:54:c6:e8: f2:71:46:c9:f1:52:fb:af:40:05:e7:df:7c:9d:83:b4:e6:1d: 7c:9f:d4:bd:99:f0:15:94:b5:ff:4f:4b:1d:a8:56:57:c0:95: 48:79:b9:3b:33:f6:c4:45:74:9f:da:eb:5a:6c:97:b7:1a:89: a4:cc:b4:26 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5feZ5brL6EIjeaciOTOX9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkMDY5ZTE5ZTEyYzEwNDAwNGU4YjRiNzVmOGE3Nzg5Yjdl MTEzOTYwHhcNMjYwMTAxMTIxNzMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MmNkYmYyMjQ2NWEwMWE5MWRkN2VkZTM0MGU1OGJjYmNlNWQwZjJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhrrKls2f9xLAZOW96BHBeRGXemA z0ptwXVMF2a2IXMYOr3teLWn4X3rB5C7aiZKu2L0+sUIAUM6mQpvVIjbXR0plPqp /E95CmL8hIhDUpDwSCUsHfrqgyhLa7MvRN910iCTyz05lsKAabkiI9OGbm+8JvOR 6uvh8Udze1zWw/QClJCFokII+YncjCDohu5VTVjuUh4YnXMy5SoE2LsqAlwmN1nW q1f6HKsQNKSUg49ypNC0s6TYDsJpxbNhzBkX4TFRVTyW6NnjGDlbMjKrqejefYGP FaClKnOhlRDgEuBi6d93Xsq5BpOaTpCgVAUFvvtIq8LDtKo18SxAks+gXwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFJLNvyJGWgGpHdft40Dli8vOXQ8vMB8GA1UdIwQY MBaAFG0GnhnhLBBABOi0t1+Kd4m34ROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmIt N2JmZjI5NmM2YjAyLzEva3MyX0lrWmFBYWtkMS0zalFPV0x5ODVkRHk4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmItN2JmZjI5NmM2YjAy LzEvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDkCvwAwQC kCv8MA0GCSqGSIb3DQEBCwUAA4IBAQC7frc/mW1Fu3TffSBUT9P0OXxWgQVcl6ok R8uwsst+abFt3qNuTOXq11bdKfHdm3L5+UnMNL6+RGAe2wDpj3QkPLoqfQfCD42T dswp6eDc0vQdf2++KB6Jwsx+14TtT9IUk/LxiBymq923yinlEL003uTk3DBBbe1q G/+G3IoInSjwcFev+jWiOBT/tpuejAWL///+KNXhpyM+HI0o82r7hQ4DZY6C8+oX bK/PHCkOoH1QxQFyRL22bsE4RSoV3Ao55PxUxujycUbJ8VL7r0AF5998nYO05h18 n9S9mfAVlLX/T0sdqFZXwJVIebk7M/bERXSf2utabJe3GomkzLQm -----END CERTIFICATE-----Generated at Tue Jan 20 11:09:45 2026 by rpki-client