This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/KYGLS0Qw4wHww9TbM80SeQ5DTlE.roa File: KYGLS0Qw4wHww9TbM80SeQ5DTlE.roa (raw, json) Hash identifier: qIwhGCg+cHVwzCdrYqBVQwyUZoAXw2k05ZWhPG5CIHI= Subject key identifier: 29:81:8B:4B:44:30:E3:01:F0:C3:D4:DB:33:CD:12:79:0E:43:4E:51 Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09 Certificate serial: 019B7EA77E1E06E75834EA78DE7434CF4BAF Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/KYGLS0Qw4wHww9TbM80SeQ5DTlE.roa Signing time: Fri 02 Jan 2026 12:21:04 +0000 ROA not before: Fri 02 Jan 2026 12:21:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57580 IP address blocks: 2.63.170.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 00:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:7e:1e:06:e7:58:34:ea:78:de:74:34:cf:4b:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09 Validity Not Before: Jan 2 12:21:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=29818b4b4430e301f0c3d4db33cd12790e434e51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:e2:4b:cb:ff:3d:d6:70:9c:a3:49:aa:53:69: 9f:f6:68:5c:20:bf:5b:8b:18:de:db:54:01:42:11: f5:9c:f8:ff:f3:28:30:5c:f4:36:4d:b7:ea:86:a3: a0:a7:77:4d:4f:ad:b4:93:0b:60:2f:24:45:1c:b6: 62:7a:94:79:7d:e9:f6:a0:3a:2a:50:1b:d4:c1:89: c5:d8:5e:bc:6a:87:e0:1f:6c:e5:29:40:6d:33:36: 86:30:01:4d:98:32:98:76:ce:66:da:64:1a:0b:ea: 6a:b8:9e:fa:c1:59:bd:b6:f9:43:d3:8d:95:a4:83: 08:a7:3e:b2:d8:78:39:96:b5:c1:a8:69:aa:60:69: a0:91:99:f8:ab:a8:21:be:a5:c0:61:e2:19:e3:ab: 72:72:12:75:17:f6:9d:89:96:64:16:27:24:a0:50: bb:9d:0e:7a:dd:ba:48:d1:85:23:a1:22:b0:50:5a: ab:de:24:5e:f3:1c:d9:b7:92:c1:53:1c:05:d8:69: be:68:4b:7e:a4:0a:fc:a3:b3:3b:6b:c4:94:70:25: 3f:a4:22:9c:a7:ee:a8:d4:cd:e5:8c:fd:47:48:51: 7c:92:59:0b:77:db:91:e1:24:00:7b:ed:e4:5d:36: 7a:45:f5:d5:ca:0f:ac:97:ea:66:5d:e0:4e:1b:4e: 94:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:81:8B:4B:44:30:E3:01:F0:C3:D4:DB:33:CD:12:79:0E:43:4E:51 X509v3 Authority Key Identifier: keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/KYGLS0Qw4wHww9TbM80SeQ5DTlE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.63.170.0/24 Signature Algorithm: sha256WithRSAEncryption 0a:6c:9b:be:7b:21:61:b7:27:28:e1:f3:58:8a:89:36:b5:f9: 56:12:1d:46:92:13:71:6a:fb:c2:bf:bc:fa:76:4e:47:02:cf: 7f:ed:68:bd:bf:fd:4c:63:d4:08:54:a4:e5:e3:73:cc:89:c8: 88:74:13:5b:68:57:83:87:94:17:ad:cb:0f:75:df:c5:29:d6: bc:94:38:65:6e:db:74:f7:c8:2e:8f:60:da:74:51:ca:8a:2f: f2:54:a1:2e:f3:df:34:a4:89:46:9a:c8:fb:cc:bc:4f:86:4c: c8:a3:20:fb:c9:d8:23:e1:20:dc:d6:4b:80:46:15:9f:1b:d7: 4c:e6:81:5d:0f:8b:87:d4:1b:fb:d2:16:97:ab:7a:5f:97:9f: 6a:0f:6d:81:dc:d9:70:3b:ac:e7:3d:6b:00:2b:1e:f4:a3:0e: 04:63:0f:54:b3:4e:cc:ff:3c:fc:53:3a:6a:2d:1a:dc:1c:24: 44:e1:36:35:78:be:fc:fd:d5:31:cc:a4:3e:59:af:8e:03:ef: 42:4e:68:87:5f:5b:41:d1:ff:b8:cc:7c:47:45:06:3e:0b:fb: a2:a9:87:dd:bd:0b:4e:3f:79:02:72:10:b1:ab:e1:3d:9c:17: 9c:89:07:ce:6e:54:78:3f:8f:a4:a4:c7:04:27:23:72:5c:95: 52:4f:3c:72 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+p34eBudYNOp43nQ0z0uvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx ZTZjMDkwHhcNMjYwMTAyMTIyMTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOTgxOGI0YjQ0MzBlMzAxZjBjM2Q0ZGIzM2NkMTI3OTBlNDM0ZTUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuJLy/891nCco0mqU2mf9mhcIL9b ixje21QBQhH1nPj/8ygwXPQ2TbfqhqOgp3dNT620kwtgLyRFHLZiepR5fen2oDoq UBvUwYnF2F68aofgH2zlKUBtMzaGMAFNmDKYds5m2mQaC+pquJ76wVm9tvlD042V pIMIpz6y2Hg5lrXBqGmqYGmgkZn4q6ghvqXAYeIZ46tychJ1F/adiZZkFickoFC7 nQ563bpI0YUjoSKwUFqr3iRe8xzZt5LBUxwF2Gm+aEt+pAr8o7M7a8SUcCU/pCKc p+6o1M3ljP1HSFF8klkLd9uR4SQAe+3kXTZ6RfXVyg+sl+pmXeBOG06USwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCmBi0tEMOMB8MPU2zPNEnkOQ05RMB8GA1UdIwQY MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt NWE4NmMyNzU3YzFlLzEvS1lHTFMwUXc0d0h3dzlUYk04MFNlUTVEVGxFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAj+qMA0G CSqGSIb3DQEBCwUAA4IBAQAKbJu+eyFhtyco4fNYiok2tflWEh1GkhNxavvCv7z6 dk5HAs9/7Wi9v/1MY9QIVKTl43PMiciIdBNbaFeDh5QXrcsPdd/FKda8lDhlbtt0 98guj2DadFHKii/yVKEu8980pIlGmsj7zLxPhkzIoyD7ydgj4SDc1kuARhWfG9dM 5oFdD4uH1Bv70haXq3pfl59qD22B3NlwO6znPWsAKx70ow4EYw9Us07M/zz8Uzpq LRrcHCRE4TY1eL78/dUxzKQ+Wa+OA+9CTmiHX1tB0f+4zHxHRQY+C/uiqYfdvQtO P3kCchCxq+E9nBeciQfOblR4P4+kpMcEJyNyXJVSTzxy -----END CERTIFICATE-----Generated at Mon Jan 26 10:14:14 2026 by rpki-client