This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/KiGFzL7XSLHCsk5kOv5EU6GDjHs.roa File: KiGFzL7XSLHCsk5kOv5EU6GDjHs.roa (raw, json) Hash identifier: E2MSykUDl/Q4sWoRqwyjpDX7oQ+5JC9Qa55nDLPQgKc= Subject key identifier: 2A:21:85:CC:BE:D7:48:B1:C2:B2:4E:64:3A:FE:44:53:A1:83:8C:7B Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00 Certificate serial: 019B79EC49E3BA84361E7A1A36DAD42FD683 Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/KiGFzL7XSLHCsk5kOv5EU6GDjHs.roa Signing time: Thu 01 Jan 2026 14:18:07 +0000 ROA not before: Thu 01 Jan 2026 14:18:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207875 IP address blocks: 192.109.248.0/24 maxlen: 24 192.109.250.0/24 maxlen: 24 192.109.253.0/24 maxlen: 24 195.211.160.0/22 maxlen: 22 195.211.161.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.mft rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:49:e3:ba:84:36:1e:7a:1a:36:da:d4:2f:d6:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00 Validity Not Before: Jan 1 14:18:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2a2185ccbed748b1c2b24e643afe4453a1838c7b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:c5:d4:83:2e:de:64:62:29:f1:0d:ff:1d:14: 97:bb:20:93:f2:70:6c:0f:6b:63:6f:31:98:a0:cf: 2e:f1:4a:3e:45:0e:12:80:39:5f:f9:23:08:48:dc: 06:1a:56:30:98:0c:e7:70:90:0c:9a:9f:ce:3b:b7: bd:8f:94:5c:ff:3e:23:5c:39:42:9e:e2:ec:ab:4a: 94:e7:13:e2:20:34:73:a4:c2:48:db:78:ba:6c:de: fe:89:6c:5b:20:fe:ad:5f:17:f8:e9:99:72:e9:5b: 78:14:90:20:fe:94:6f:8a:a1:eb:b1:15:58:ce:b3: 84:1e:e5:27:eb:ee:a1:24:7d:64:ae:51:83:69:53: 64:44:82:5e:7c:94:bc:3e:a8:d0:10:48:5f:10:ec: 70:c1:01:50:96:92:0f:e6:af:51:2a:06:79:52:10: 9c:fa:07:2a:57:74:89:0f:ab:bd:f5:49:6c:4f:5c: 55:a6:27:72:36:2a:02:14:f6:cf:89:59:33:b4:a0: 2f:d5:d5:83:78:58:a8:3d:31:8e:91:dd:f2:78:4e: b9:a9:7d:a5:fc:ce:41:93:8c:88:52:a7:66:9f:49: 6e:74:71:e0:dd:4b:88:6b:2d:13:f2:f8:5d:98:bd: b2:a3:2b:f6:8f:b9:c8:49:f1:e1:63:cc:78:4f:f3: 5e:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:21:85:CC:BE:D7:48:B1:C2:B2:4E:64:3A:FE:44:53:A1:83:8C:7B X509v3 Authority Key Identifier: keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/KiGFzL7XSLHCsk5kOv5EU6GDjHs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.109.248.0/24 192.109.250.0/24 192.109.253.0/24 195.211.160.0/22 Signature Algorithm: sha256WithRSAEncryption 3d:1d:f9:8d:15:1f:2b:0b:9c:24:50:dd:3b:00:08:b7:0e:dd: 19:9b:76:ad:88:0a:2e:58:08:54:e2:91:b8:57:fc:9a:0f:78: eb:52:63:a0:70:84:04:e8:6d:3c:9b:bb:9f:80:ac:8c:79:d0: c9:13:bb:b7:88:99:a9:b1:4c:e4:c6:b0:35:83:15:16:74:cb: 24:a6:88:91:a3:70:6a:d4:82:73:3e:ab:29:94:63:84:96:6d: b1:bf:72:34:59:13:8e:d1:19:be:2c:9f:31:3c:34:43:d5:60: 77:7e:4d:e5:14:34:b7:6e:16:ff:1d:38:d1:16:f8:0e:2a:0d: 8d:bc:d7:1c:ce:fc:e3:b5:81:4d:d1:49:76:92:ae:7e:31:91: dd:6c:ec:88:9f:ff:15:dc:ea:8c:40:1c:02:6d:5a:48:c6:c6: 08:a5:73:4b:2f:dc:36:1b:02:6c:72:9f:b0:a8:f8:9c:f8:95: c3:65:97:9a:3a:ea:38:ba:55:8d:fd:d2:50:a6:d4:1f:1b:f9: 9d:fc:a4:6b:1f:da:6e:50:a9:4f:1a:66:d7:93:f8:a4:40:7a: de:96:9c:10:00:8e:d9:d6:1d:e8:6b:0b:48:94:de:19:d3:0f: cb:93:c3:40:98:8d:88:ef:f4:35:a3:3c:8a:71:3d:6d:4b:10: 3f:34:bc:0f -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt57EnjuoQ2HnoaNtrUL9aDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh ZGZhMDAwHhcNMjYwMTAxMTQxODA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYTIxODVjY2JlZDc0OGIxYzJiMjRlNjQzYWZlNDQ1M2ExODM4YzdiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8XUgy7eZGIp8Q3/HRSXuyCT8nBs D2tjbzGYoM8u8Uo+RQ4SgDlf+SMISNwGGlYwmAzncJAMmp/OO7e9j5Rc/z4jXDlC nuLsq0qU5xPiIDRzpMJI23i6bN7+iWxbIP6tXxf46Zly6Vt4FJAg/pRviqHrsRVY zrOEHuUn6+6hJH1krlGDaVNkRIJefJS8PqjQEEhfEOxwwQFQlpIP5q9RKgZ5UhCc +gcqV3SJD6u99UlsT1xVpidyNioCFPbPiVkztKAv1dWDeFioPTGOkd3yeE65qX2l /M5Bk4yIUqdmn0ludHHg3UuIay0T8vhdmL2yoyv2j7nISfHhY8x4T/NepwIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFCohhcy+10ixwrJOZDr+RFOhg4x7MB8GA1UdIwQY MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt OGRmMzYzMzdlNmJjLzEvS2lHRnpMN1hTTEhDc2s1a092NUVVNkdEakhzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwG34AwQA wG36AwQAwG39AwQCw9OgMA0GCSqGSIb3DQEBCwUAA4IBAQA9HfmNFR8rC5wkUN07 AAi3Dt0Zm3atiAouWAhU4pG4V/yaD3jrUmOgcIQE6G08m7ufgKyMedDJE7u3iJmp sUzkxrA1gxUWdMskpoiRo3Bq1IJzPqsplGOElm2xv3I0WROO0Rm+LJ8xPDRD1WB3 fk3lFDS3bhb/HTjRFvgOKg2NvNcczvzjtYFN0Ul2kq5+MZHdbOyIn/8V3OqMQBwC bVpIxsYIpXNLL9w2GwJscp+wqPic+JXDZZeaOuo4ulWN/dJQptQfG/md/KRrH9pu UKlPGmbXk/ikQHrelpwQAI7Z1h3oawtIlN4Z0w/Lk8NAmI2I7/Q1ozyKcT1tSxA/ NLwP -----END CERTIFICATE-----Generated at Mon Jan 26 09:40:34 2026 by rpki-client