This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/KBQCvdZ1Fih2U9PEnXZaHYZQKaQ.roa File: KBQCvdZ1Fih2U9PEnXZaHYZQKaQ.roa (raw, json) Hash identifier: aJ2vN0uyC0Hga0lux0w4oAz9DV1ub2HSd8DIya7fmtI= Subject key identifier: 28:14:02:BD:D6:75:16:28:76:53:D3:C4:9D:76:5A:1D:86:50:29:A4 Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2 Certificate serial: 019B7D5CD2CAECDAAF9E47992F28EEF3CA00 Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/KBQCvdZ1Fih2U9PEnXZaHYZQKaQ.roa Signing time: Fri 02 Jan 2026 06:19:53 +0000 ROA not before: Fri 02 Jan 2026 06:19:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199785 IP address blocks: 194.28.224.0/24 maxlen: 24 194.28.225.0/24 maxlen: 24 194.28.226.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:55:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:d2:ca:ec:da:af:9e:47:99:2f:28:ee:f3:ca:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2 Validity Not Before: Jan 2 06:19:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=281402bdd67516287653d3c49d765a1d865029a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:16:e9:e1:0c:da:60:51:65:a2:48:a7:91:fb: 32:88:ec:fb:38:b8:97:07:d7:43:43:9d:9a:ec:8f: 74:6d:f8:31:ae:a3:76:1a:e9:e0:b9:96:e1:3f:af: 7b:6d:ac:24:ce:7d:f9:56:58:09:a0:b3:39:62:d3: 7c:e3:51:e5:0c:13:12:6c:e3:62:a3:97:85:d8:de: 58:59:d9:f8:97:43:7f:ee:60:63:89:28:88:82:a9: 53:95:9e:81:d2:7d:cf:00:d9:c8:22:f3:21:2e:1b: cb:5a:dc:66:31:f1:1f:57:19:1f:2b:71:33:d3:a6: 7d:46:01:5d:80:1a:f3:b5:fe:10:de:db:ff:e7:9a: c8:7b:ca:2e:1a:67:06:4e:6e:fb:3c:19:04:a7:a4: e2:04:2e:3e:b1:32:97:fd:91:c7:db:77:ee:43:23: 37:16:fd:c8:b5:03:15:33:34:3c:b6:b2:c2:62:b5: 23:1a:c0:a0:20:2e:73:91:19:91:e1:ca:db:9d:4f: 03:d6:a1:5e:2a:aa:1a:0b:21:00:52:93:09:9d:92: b0:e5:48:1b:ec:73:c2:5f:89:32:47:e2:13:cb:20: 6a:23:f5:f7:a8:f6:f9:19:46:a7:d3:a2:28:87:b1: 98:64:43:e0:a1:d4:1f:e8:d1:86:f3:27:92:f6:23: b4:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:14:02:BD:D6:75:16:28:76:53:D3:C4:9D:76:5A:1D:86:50:29:A4 X509v3 Authority Key Identifier: keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/KBQCvdZ1Fih2U9PEnXZaHYZQKaQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.28.224.0-194.28.226.255 Signature Algorithm: sha256WithRSAEncryption 75:f0:a4:f0:a6:b4:3f:32:38:da:07:06:8f:f4:81:91:9d:5f: 01:43:c7:f3:cf:16:88:31:06:46:60:a4:d5:86:fb:eb:e2:73: 57:3f:d3:f8:c2:d9:cc:72:21:2f:f6:58:7e:c5:a6:16:7d:79: 3f:4d:f8:ec:db:76:ce:99:0a:e1:7a:29:f2:45:71:4b:bb:c9: 4c:cd:c9:b0:27:88:bd:32:0a:d3:5b:94:98:29:d2:4f:2a:b3: 11:41:5f:b3:20:38:17:fa:c6:a9:f6:60:0e:e8:bb:e7:03:2d: b4:68:72:64:43:27:43:f5:67:7f:f4:89:a9:92:79:4c:44:ca: 86:3d:4e:e1:6b:ce:15:4e:53:91:68:86:fd:a6:c7:78:56:ea: 5b:4f:1b:9b:6b:38:27:dc:1e:04:58:c4:35:85:67:3f:2e:9c: d5:30:ec:81:66:31:6b:3e:86:db:cd:ac:9e:15:3b:2d:b6:b2: 24:c6:57:2f:d2:8c:8d:af:71:2e:9e:01:5c:2b:c7:f4:6f:54: 6d:56:45:cc:b3:45:83:a4:b9:38:28:3a:4a:c3:91:0e:07:50: 23:ee:58:60:5b:3c:d0:ae:2d:a5:80:d9:f1:1c:e1:f8:63:f0: bd:c6:79:db:ed:bf:1f:30:54:26:4c:af:9f:82:96:9c:c0:37: 34:1a:be:5b -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt9XNLK7NqvnkeZLyju88oAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl NWVjZjIwHhcNMjYwMTAyMDYxOTUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyODE0MDJiZGQ2NzUxNjI4NzY1M2QzYzQ5ZDc2NWExZDg2NTAyOWE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hbp4QzaYFFlokinkfsyiOz7OLiX B9dDQ52a7I90bfgxrqN2GunguZbhP697bawkzn35VlgJoLM5YtN841HlDBMSbONi o5eF2N5YWdn4l0N/7mBjiSiIgqlTlZ6B0n3PANnIIvMhLhvLWtxmMfEfVxkfK3Ez 06Z9RgFdgBrztf4Q3tv/55rIe8ouGmcGTm77PBkEp6TiBC4+sTKX/ZHH23fuQyM3 Fv3ItQMVMzQ8trLCYrUjGsCgIC5zkRmR4crbnU8D1qFeKqoaCyEAUpMJnZKw5Ugb 7HPCX4kyR+ITyyBqI/X3qPb5GUan06Ioh7GYZEPgodQf6NGG8yeS9iO0iQIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFCgUAr3WdRYodlPTxJ12Wh2GUCmkMB8GA1UdIwQY MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt MTcxYzM2N2JlNzgyLzEvS0JRQ3ZkWjFGaWgyVTlQRW5YWmFIWVpRS2FRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAXCHOAD BADCHOIwDQYJKoZIhvcNAQELBQADggEBAHXwpPCmtD8yONoHBo/0gZGdXwFDx/PP FogxBkZgpNWG++vic1c/0/jC2cxyIS/2WH7FphZ9eT9N+Ozbds6ZCuF6KfJFcUu7 yUzNybAniL0yCtNblJgp0k8qsxFBX7MgOBf6xqn2YA7ou+cDLbRocmRDJ0P1Z3/0 iamSeUxEyoY9TuFrzhVOU5Fohv2mx3hW6ltPG5trOCfcHgRYxDWFZz8unNUw7IFm MWs+htvNrJ4VOy22siTGVy/SjI2vcS6eAVwrx/RvVG1WRcyzRYOkuTgoOkrDkQ4H UCPuWGBbPNCuLaWA2fEc4fhj8L3Gedvtvx8wVCZMr5+ClpzANzQavls= -----END CERTIFICATE-----Generated at Mon Jan 19 19:57:19 2026 by rpki-client