This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/KnpLhbBEufmPsTr4rfzt358Z5NA.roa File: KnpLhbBEufmPsTr4rfzt358Z5NA.roa (raw, json) Hash identifier: spWQWP4oc84BPT4Abbm0x2lE5bf02yTSVRuZE9yCBqk= Subject key identifier: 2A:7A:4B:85:B0:44:B9:F9:8F:B1:3A:F8:AD:FC:ED:DF:9F:19:E4:D0 Certificate issuer: /CN=f9856d674f0e9dbf6012d5b5d3d96b43afd76473 Certificate serial: 019B78A29CB7273FBD0C353E785C4A4A8F48 Authority key identifier: F9:85:6D:67:4F:0E:9D:BF:60:12:D5:B5:D3:D9:6B:43:AF:D7:64:73 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/KnpLhbBEufmPsTr4rfzt358Z5NA.roa Signing time: Thu 01 Jan 2026 08:18:01 +0000 ROA not before: Thu 01 Jan 2026 08:18:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39159 IP address blocks: 81.5.20.0/24 maxlen: 24 212.199.62.0/24 maxlen: 24 213.8.65.0/24 maxlen: 24 213.8.151.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/1-YVtZ08Onb9gEtW109lrQ6_XZHM.crl rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/1-YVtZ08Onb9gEtW109lrQ6_XZHM.mft rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 08:19:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:9c:b7:27:3f:bd:0c:35:3e:78:5c:4a:4a:8f:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f9856d674f0e9dbf6012d5b5d3d96b43afd76473 Validity Not Before: Jan 1 08:18:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2a7a4b85b044b9f98fb13af8adfceddf9f19e4d0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:cd:b7:39:ab:03:17:1c:69:18:aa:2b:92:db: 04:e6:6e:b6:e0:43:2e:2f:48:52:56:bd:58:51:69: a6:7e:8c:c0:d8:b5:f9:ea:5c:85:4f:c7:48:d6:1f: 3f:a2:87:79:cd:07:57:96:b0:bc:e0:73:42:19:f7: 96:39:07:c4:b9:1e:50:38:45:dd:64:12:8a:06:ab: b6:af:bd:9b:08:02:05:99:f9:8a:07:52:2c:02:01: b4:c0:e5:45:86:3b:17:d7:59:83:9b:d2:c7:8a:a5: 3b:1f:37:b4:e0:b1:7f:99:e1:76:df:4a:14:0a:3f: 70:f4:f7:56:5e:88:b6:e2:34:ee:6c:0a:c6:69:30: 69:4f:3f:4d:35:c4:38:5d:be:32:63:cd:a1:04:4c: 6c:65:ad:ad:43:e5:d0:67:90:a4:4a:51:aa:ed:db: b1:7a:d0:1f:84:0e:9e:6f:ea:a5:4e:74:ce:ec:ab: 60:ea:2b:fb:94:87:cd:04:32:47:f5:00:a3:86:4f: 66:52:d3:6e:7e:51:f8:86:c5:1c:6d:b8:78:a0:92: 4c:37:c0:47:53:7d:22:3b:9b:11:b4:42:f9:b7:d1: cf:21:c6:88:6d:c7:cd:68:e4:09:f2:ae:b3:a0:45: 01:c5:05:be:86:0a:c5:a4:36:b2:b2:db:99:16:16: a0:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:7A:4B:85:B0:44:B9:F9:8F:B1:3A:F8:AD:FC:ED:DF:9F:19:E4:D0 X509v3 Authority Key Identifier: keyid:F9:85:6D:67:4F:0E:9D:BF:60:12:D5:B5:D3:D9:6B:43:AF:D7:64:73 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/KnpLhbBEufmPsTr4rfzt358Z5NA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/1-YVtZ08Onb9gEtW109lrQ6_XZHM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.5.20.0/24 212.199.62.0/24 213.8.65.0/24 213.8.151.0/24 Signature Algorithm: sha256WithRSAEncryption 54:cd:25:b1:7f:b3:2a:32:c0:7a:85:2e:2e:2b:b1:44:38:86: 1f:42:23:04:6a:9b:f6:f3:99:be:bb:00:53:34:30:b9:04:a2: d0:5d:18:75:7d:2d:e8:9d:d9:24:d9:6e:02:52:a3:17:ad:8f: 5c:0f:2d:98:ca:bc:64:8b:86:71:06:a1:a9:c9:45:93:5b:de: 14:72:95:2a:01:58:72:9d:78:d5:f4:ea:0e:83:32:1c:88:56: ba:11:31:b6:fa:fb:0c:c4:73:d9:2c:56:af:5d:86:2b:c5:8a: f5:6c:c7:6d:c3:10:b1:2d:d7:1a:4b:54:14:cc:1d:e5:39:5e: db:b3:af:aa:18:e2:ed:95:74:b5:9e:1d:e4:f6:f4:88:54:68: f5:20:ca:d5:98:ed:18:a5:50:db:0d:bc:52:0b:58:50:06:da: 0b:38:77:0f:3e:7c:0e:74:e3:86:0e:21:71:23:e1:50:d8:bf: 5e:3a:df:89:30:b3:00:49:54:e9:4c:8d:62:19:da:89:2e:a0: 02:9f:1f:fe:5f:19:85:f4:17:09:89:da:20:e0:67:8a:f7:8e: aa:9b:76:da:c9:74:ab:ac:3f:27:28:2c:1d:2b:43:ca:38:65: ad:9b:c7:1b:9d:14:a4:aa:0d:85:8c:ac:ae:be:b3:93:a6:2a: 1b:69:bd:fe -----BEGIN CERTIFICATE----- MIIFETCCA/mgAwIBAgISAZt4opy3Jz+9DDU+eFxKSo9IMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY5ODU2ZDY3NGYwZTlkYmY2MDEyZDViNWQzZDk2YjQzYWZk NzY0NzMwHhcNMjYwMTAxMDgxODAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYTdhNGI4NWIwNDRiOWY5OGZiMTNhZjhhZGZjZWRkZjlmMTllNGQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArM23OasDFxxpGKorktsE5m624EMu L0hSVr1YUWmmfozA2LX56lyFT8dI1h8/ood5zQdXlrC84HNCGfeWOQfEuR5QOEXd ZBKKBqu2r72bCAIFmfmKB1IsAgG0wOVFhjsX11mDm9LHiqU7Hze04LF/meF230oU Cj9w9PdWXoi24jTubArGaTBpTz9NNcQ4Xb4yY82hBExsZa2tQ+XQZ5CkSlGq7dux etAfhA6eb+qlTnTO7Ktg6iv7lIfNBDJH9QCjhk9mUtNuflH4hsUcbbh4oJJMN8BH U30iO5sRtEL5t9HPIcaIbcfNaOQJ8q6zoEUBxQW+hgrFpDaystuZFhag3wIDAQAB o4ICHTCCAhkwHQYDVR0OBBYEFCp6S4WwRLn5j7E6+K387d+fGeTQMB8GA1UdIwQY MBaAFPmFbWdPDp2/YBLVtdPZa0Ov12RzMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS1ZVnRaMDhPbmI5Z0V0VzEwOWxyUTZfWFpITS5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEvOWY5NTkwLTdmMGEtNDFiMy1hYzRm LWVmZDE0ZGI5NTdmYi8xL0tucExoYkJFdWZtUHNUcjRyZnp0MzU4WjVOQS5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvMGEvOWY5NTkwLTdmMGEtNDFiMy1hYzRmLWVmZDE0ZGI5NTdm Yi8xLzEtWVZ0WjA4T25iOWdFdFcxMDlsclE2X1haSE0uY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBABRBRQD BADUxz4DBADVCEEDBADVCJcwDQYJKoZIhvcNAQELBQADggEBAFTNJbF/syoywHqF Li4rsUQ4hh9CIwRqm/bzmb67AFM0MLkEotBdGHV9Leid2STZbgJSoxetj1wPLZjK vGSLhnEGoanJRZNb3hRylSoBWHKdeNX06g6DMhyIVroRMbb6+wzEc9ksVq9dhivF ivVsx23DELEt1xpLVBTMHeU5Xtuzr6oY4u2VdLWeHeT29IhUaPUgytWY7RilUNsN vFILWFAG2gs4dw8+fA5044YOIXEj4VDYv14634kwswBJVOlMjWIZ2okuoAKfH/5f GYX0FwmJ2iDgZ4r3jqqbdtrJdKusPycoLB0rQ8o4Za2bxxudFKSqDYWMrK6+s5Om Khtpvf4= -----END CERTIFICATE-----Generated at Thu Jan 1 12:26:58 2026 by rpki-client