This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/f89170-138e-4999-aef7-c440298dfc5c/1/kZ_QLDF4UjP63-RQO5uGQvJwAKg.roa File: kZ_QLDF4UjP63-RQO5uGQvJwAKg.roa (raw, json) Hash identifier: GT17iGmvyx7VuRxULTyyPoqEbSTqD+0/CsQqVCeuwic= Subject key identifier: 91:9F:D0:2C:31:78:52:33:FA:DF:E4:50:3B:9B:86:42:F2:70:00:A8 Certificate issuer: /CN=7cab39c6e0412235efc7877a9f737899313ed15e Certificate serial: 019B7E37B852738CBED64DE39B1DE33E9073 Authority key identifier: 7C:AB:39:C6:E0:41:22:35:EF:C7:87:7A:9F:73:78:99:31:3E:D1:5E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fKs5xuBBIjXvx4d6n3N4mTE-0V4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/f89170-138e-4999-aef7-c440298dfc5c/1/kZ_QLDF4UjP63-RQO5uGQvJwAKg.roa Signing time: Fri 02 Jan 2026 10:18:59 +0000 ROA not before: Fri 02 Jan 2026 10:18:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5619 IP address blocks: 194.242.108.0/24 maxlen: 24 194.242.111.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/f89170-138e-4999-aef7-c440298dfc5c/1/fKs5xuBBIjXvx4d6n3N4mTE-0V4.crl rsync://rpki.ripe.net/repository/DEFAULT/35/f89170-138e-4999-aef7-c440298dfc5c/1/fKs5xuBBIjXvx4d6n3N4mTE-0V4.mft rsync://rpki.ripe.net/repository/DEFAULT/fKs5xuBBIjXvx4d6n3N4mTE-0V4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 07:01:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:b8:52:73:8c:be:d6:4d:e3:9b:1d:e3:3e:90:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7cab39c6e0412235efc7877a9f737899313ed15e Validity Not Before: Jan 2 10:18:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=919fd02c31785233fadfe4503b9b8642f27000a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:a0:ef:ef:c9:51:3a:fe:85:4f:cb:0e:82:70: 22:86:32:41:21:1a:8a:0e:63:12:61:35:30:ab:62: 87:a8:03:e2:07:8b:82:44:75:0a:e1:18:d7:56:7b: a9:65:36:f6:57:37:10:ae:a6:22:44:62:6a:e8:0c: b9:d5:76:f6:27:00:2d:58:97:02:93:a4:d4:2a:3e: 4c:78:97:b4:c2:de:48:33:f5:16:8d:b8:04:2f:d4: e4:7d:a1:4b:35:22:1f:07:6c:8f:77:8a:e9:82:35: 49:00:fa:9f:70:b1:aa:45:d4:27:0a:27:1d:d8:23: 6a:e1:76:73:e2:7d:52:eb:6d:71:9a:4c:01:ed:28: e5:73:87:23:ba:9d:8f:1a:f6:6a:21:5b:90:8d:8a: 45:43:22:35:1f:3e:bb:ea:ea:4b:70:86:56:69:de: f9:40:1c:7a:c2:73:d4:9a:f1:4b:e2:98:c5:f5:ea: 50:3e:5d:d1:42:9a:db:ab:46:b6:ce:46:fb:af:51: f2:8e:22:30:bd:af:cb:d3:28:d5:23:88:38:67:75: 68:41:62:3f:91:13:7a:e2:84:72:2b:aa:e9:a3:c7: 2f:c3:2c:b5:04:e0:89:9d:3f:d9:d0:84:f3:82:43: 30:56:c8:e4:26:69:07:39:eb:9d:2d:f8:a2:d8:12: 56:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:9F:D0:2C:31:78:52:33:FA:DF:E4:50:3B:9B:86:42:F2:70:00:A8 X509v3 Authority Key Identifier: keyid:7C:AB:39:C6:E0:41:22:35:EF:C7:87:7A:9F:73:78:99:31:3E:D1:5E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fKs5xuBBIjXvx4d6n3N4mTE-0V4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f89170-138e-4999-aef7-c440298dfc5c/1/kZ_QLDF4UjP63-RQO5uGQvJwAKg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f89170-138e-4999-aef7-c440298dfc5c/1/fKs5xuBBIjXvx4d6n3N4mTE-0V4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.242.108.0/24 194.242.111.0/24 Signature Algorithm: sha256WithRSAEncryption 5a:f4:a6:5e:d4:bf:c6:67:70:97:51:f3:15:e6:de:6e:90:33: d7:4d:08:0a:cd:07:0d:37:63:1a:50:5c:80:8d:dc:10:0b:d3: fc:b5:52:c2:83:e0:8d:08:10:ae:ec:36:05:cd:aa:a8:9d:cd: 47:c0:d7:fb:0e:19:b7:b7:e3:33:a5:2e:8a:89:d3:38:8e:53: e8:cb:b9:cc:7f:6e:a7:16:5a:46:e3:83:51:96:d6:bb:13:04: a7:3b:2d:9b:58:9d:fa:2b:07:ad:dc:03:cd:b0:b5:5d:8d:02: 39:18:c7:c3:75:65:6b:3b:69:52:df:07:8d:1e:dd:27:19:82: ca:03:08:a1:86:fe:99:84:5c:9a:0c:87:cc:64:b7:9d:91:53: 96:2a:da:db:95:c5:3d:9a:67:43:96:86:6d:eb:ec:47:59:7f: e4:d7:ec:9d:06:93:5e:7a:32:ca:3d:45:29:9c:1f:95:87:34: 1a:72:30:19:d5:ef:1c:3f:b1:94:75:a3:a8:59:d2:57:06:3f: 06:16:27:89:17:b9:ac:ed:2c:d2:40:e4:21:38:cf:33:17:f2: 1c:b7:6e:83:fd:b6:4b:f3:2c:c9:26:8d:45:f3:7e:ec:ed:63: 1f:4b:76:dd:c3:85:fb:2f:62:05:ce:1a:5f:14:99:9b:35:24: e2:37:8a:c6 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+N7hSc4y+1k3jmx3jPpBzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdjYWIzOWM2ZTA0MTIyMzVlZmM3ODc3YTlmNzM3ODk5MzEz ZWQxNWUwHhcNMjYwMTAyMTAxODU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MTlmZDAyYzMxNzg1MjMzZmFkZmU0NTAzYjliODY0MmYyNzAwMGE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6Dv78lROv6FT8sOgnAihjJBIRqK DmMSYTUwq2KHqAPiB4uCRHUK4RjXVnupZTb2VzcQrqYiRGJq6Ay51Xb2JwAtWJcC k6TUKj5MeJe0wt5IM/UWjbgEL9TkfaFLNSIfB2yPd4rpgjVJAPqfcLGqRdQnCicd 2CNq4XZz4n1S621xmkwB7Sjlc4cjup2PGvZqIVuQjYpFQyI1Hz676upLcIZWad75 QBx6wnPUmvFL4pjF9epQPl3RQprbq0a2zkb7r1HyjiIwva/L0yjVI4g4Z3VoQWI/ kRN64oRyK6rpo8cvwyy1BOCJnT/Z0ITzgkMwVsjkJmkHOeudLfii2BJWWQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFJGf0CwxeFIz+t/kUDubhkLycACoMB8GA1UdIwQY MBaAFHyrOcbgQSI178eHep9zeJkxPtFeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZktzNXh1QkJJalh2eDRkNm4zTjRtVEUtMFY0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9mODkxNzAtMTM4ZS00OTk5LWFlZjct YzQ0MDI5OGRmYzVjLzEva1pfUUxERjRValA2My1SUU81dUdRdkp3QUtnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS9mODkxNzAtMTM4ZS00OTk5LWFlZjctYzQ0MDI5OGRmYzVj LzEvZktzNXh1QkJJalh2eDRkNm4zTjRtVEUtMFY0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwvJsAwQA wvJvMA0GCSqGSIb3DQEBCwUAA4IBAQBa9KZe1L/GZ3CXUfMV5t5ukDPXTQgKzQcN N2MaUFyAjdwQC9P8tVLCg+CNCBCu7DYFzaqonc1HwNf7Dhm3t+MzpS6KidM4jlPo y7nMf26nFlpG44NRlta7EwSnOy2bWJ36Kwet3APNsLVdjQI5GMfDdWVrO2lS3weN Ht0nGYLKAwihhv6ZhFyaDIfMZLedkVOWKtrblcU9mmdDloZt6+xHWX/k1+ydBpNe ejLKPUUpnB+VhzQacjAZ1e8cP7GUdaOoWdJXBj8GFieJF7ms7SzSQOQhOM8zF/Ic t26D/bZL8yzJJo1F837s7WMfS3bdw4X7L2IFzhpfFJmbNSTiN4rG -----END CERTIFICATE-----Generated at Wed Jan 7 10:22:11 2026 by rpki-client