This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/KWBldPC1zbc9Q4_rgiTpKrnQM8g.roa File: KWBldPC1zbc9Q4_rgiTpKrnQM8g.roa (raw, json) Hash identifier: cfJIxZAqlGXVKEdOa9dOxVEjB/ihxJ4vbQZr/rRnPdU= Subject key identifier: 29:60:65:74:F0:B5:CD:B7:3D:43:8F:EB:82:24:E9:2A:B9:D0:33:C8 Certificate issuer: /CN=212be0ea71cf437e08efdf3fe798eaf984131c46 Certificate serial: 019B78A281A6DA0049C73B0635D21715C090 Authority key identifier: 21:2B:E0:EA:71:CF:43:7E:08:EF:DF:3F:E7:98:EA:F9:84:13:1C:46 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ISvg6nHPQ34I798_55jq-YQTHEY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/KWBldPC1zbc9Q4_rgiTpKrnQM8g.roa Signing time: Thu 01 Jan 2026 08:17:54 +0000 ROA not before: Thu 01 Jan 2026 08:17:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9063 IP address blocks: 31.220.32.0/22 maxlen: 22 37.230.0.0/19 maxlen: 19 91.184.160.0/19 maxlen: 19 93.186.0.0/20 maxlen: 20 109.75.80.0/20 maxlen: 20 147.93.216.0/21 maxlen: 21 176.126.64.0/23 maxlen: 23 176.126.68.0/23 maxlen: 23 176.126.71.0/24 maxlen: 24 176.126.72.0/23 maxlen: 23 176.126.75.0/24 maxlen: 24 176.126.76.0/24 maxlen: 24 176.126.79.0/24 maxlen: 24 176.126.80.0/23 maxlen: 23 176.126.82.0/24 maxlen: 24 185.35.109.0/24 maxlen: 24 185.35.110.0/23 maxlen: 23 185.161.200.0/23 maxlen: 23 185.166.189.0/24 maxlen: 24 185.166.190.0/23 maxlen: 23 185.168.8.0/24 maxlen: 24 185.168.11.0/24 maxlen: 24 185.186.144.0/23 maxlen: 23 185.194.151.0/24 maxlen: 24 185.203.123.0/24 maxlen: 24 185.222.139.0/24 maxlen: 24 185.231.252.0/22 maxlen: 22 194.35.184.0/23 maxlen: 23 194.35.188.0/23 maxlen: 23 212.82.48.0/20 maxlen: 20 212.88.128.0/19 maxlen: 19 217.24.224.0/20 maxlen: 20 2a02:5a0::/29 maxlen: 29 2a02:5a0::/32 maxlen: 128 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/ISvg6nHPQ34I798_55jq-YQTHEY.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/ISvg6nHPQ34I798_55jq-YQTHEY.mft rsync://rpki.ripe.net/repository/DEFAULT/ISvg6nHPQ34I798_55jq-YQTHEY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 17:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:81:a6:da:00:49:c7:3b:06:35:d2:17:15:c0:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=212be0ea71cf437e08efdf3fe798eaf984131c46 Validity Not Before: Jan 1 08:17:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=29606574f0b5cdb73d438feb8224e92ab9d033c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:1f:9a:46:56:10:1e:2d:34:e6:23:23:e7:bd: 0f:48:7a:06:85:99:ae:ab:19:81:b6:c0:3a:2b:60: 6f:fe:0e:16:0a:1e:07:a5:bc:ea:70:16:42:6d:58: e4:40:9e:0f:92:e2:09:b1:c1:c2:57:1f:bf:30:3a: 53:99:6d:5b:8e:c2:1a:87:65:14:8b:38:41:f2:7c: 51:b0:cb:1f:cc:df:26:3f:3c:0f:d1:72:86:9e:23: 79:e7:ff:f6:51:2e:ed:b5:f3:c3:3c:21:28:32:07: 13:ef:1a:c5:78:b6:83:4e:a3:3d:4d:c7:90:e5:1f: 87:ea:8f:0f:62:41:b3:0e:3d:28:ba:d4:a6:2c:58: fb:4e:bc:52:55:b3:7c:14:20:c3:22:4d:8e:9b:3e: 6a:a7:23:79:bb:ef:94:8b:06:78:b1:0f:17:71:b5: 95:4f:f8:4a:23:b0:22:bb:3c:15:44:07:61:62:b4: 38:91:78:fc:3d:82:f5:2d:7b:00:55:ea:ea:4a:b0: 4a:3d:14:22:4d:50:03:3b:c3:02:c2:75:a2:07:81: e3:bd:09:66:5e:cb:c6:a7:9b:cc:c6:c6:de:8b:58: dc:e2:c7:2e:99:06:ca:4b:57:8e:a0:cf:97:b2:f9: e6:80:11:49:2b:71:35:c3:7a:c1:98:6a:36:68:7c: 2b:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:60:65:74:F0:B5:CD:B7:3D:43:8F:EB:82:24:E9:2A:B9:D0:33:C8 X509v3 Authority Key Identifier: keyid:21:2B:E0:EA:71:CF:43:7E:08:EF:DF:3F:E7:98:EA:F9:84:13:1C:46 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ISvg6nHPQ34I798_55jq-YQTHEY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/KWBldPC1zbc9Q4_rgiTpKrnQM8g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/ISvg6nHPQ34I798_55jq-YQTHEY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.220.32.0/22 37.230.0.0/19 91.184.160.0/19 93.186.0.0/20 109.75.80.0/20 147.93.216.0/21 176.126.64.0/23 176.126.68.0/23 176.126.71.0-176.126.73.255 176.126.75.0-176.126.76.255 176.126.79.0-176.126.82.255 185.35.109.0-185.35.111.255 185.161.200.0/23 185.166.189.0-185.166.191.255 185.168.8.0/24 185.168.11.0/24 185.186.144.0/23 185.194.151.0/24 185.203.123.0/24 185.222.139.0/24 185.231.252.0/22 194.35.184.0/23 194.35.188.0/23 212.82.48.0/20 212.88.128.0/19 217.24.224.0/20 IPv6: 2a02:5a0::/29 Signature Algorithm: sha256WithRSAEncryption 8d:cc:66:15:23:5c:59:e0:1b:9f:86:9b:1b:2d:26:19:71:66: 58:1f:89:90:d1:5c:a8:ba:a9:40:62:0f:76:71:da:80:49:02: 3e:08:1e:f8:6b:4a:17:32:7f:d5:5d:f9:5a:ae:05:7d:7c:54: 02:b3:1d:0f:17:37:2a:8f:62:8b:3e:12:e9:72:76:18:02:e1: b9:dd:b1:99:4a:de:45:83:8d:21:c6:32:ac:1c:c1:ec:de:9e: 18:f1:82:7e:d0:1d:4f:07:87:64:53:a8:2a:52:9f:40:65:69: 3a:30:dc:75:6e:60:45:6e:85:ab:50:e8:78:a7:12:3f:a5:15: 77:21:b2:5a:f8:4c:42:e3:37:a5:f0:07:bc:5b:ba:8d:87:cc: 19:c6:67:21:10:b5:c9:52:4c:f0:ab:55:eb:5f:4f:a3:ea:61: 1b:d5:37:69:f6:3a:25:e2:34:b0:46:7a:4e:ac:45:1e:64:5d: d1:95:a7:41:2e:dc:dd:8b:32:d6:7b:e0:28:53:f2:6d:a6:4e: 45:80:a5:41:e1:0e:2a:9b:fc:f4:e9:64:18:a5:3e:ca:6e:b6: 33:a0:82:ab:f0:ec:f8:b7:6d:bf:5c:1f:91:46:69:6a:83:90: 75:f9:57:b3:a6:43:af:99:b0:83:22:ab:39:c8:24:c9:ad:e8: 59:89:66:46 -----BEGIN CERTIFICATE----- MIIFzzCCBLegAwIBAgISAZt4ooGm2gBJxzsGNdIXFcCQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxMmJlMGVhNzFjZjQzN2UwOGVmZGYzZmU3OThlYWY5ODQx MzFjNDYwHhcNMjYwMTAxMDgxNzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOTYwNjU3NGYwYjVjZGI3M2Q0MzhmZWI4MjI0ZTkyYWI5ZDAzM2M4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuh+aRlYQHi005iMj570PSHoGhZmu qxmBtsA6K2Bv/g4WCh4HpbzqcBZCbVjkQJ4PkuIJscHCVx+/MDpTmW1bjsIah2UU izhB8nxRsMsfzN8mPzwP0XKGniN55//2US7ttfPDPCEoMgcT7xrFeLaDTqM9TceQ 5R+H6o8PYkGzDj0outSmLFj7TrxSVbN8FCDDIk2Omz5qpyN5u++UiwZ4sQ8XcbWV T/hKI7AiuzwVRAdhYrQ4kXj8PYL1LXsAVerqSrBKPRQiTVADO8MCwnWiB4HjvQlm XsvGp5vMxsbei1jc4scumQbKS1eOoM+XsvnmgBFJK3E1w3rBmGo2aHwrXQIDAQAB o4IC2zCCAtcwHQYDVR0OBBYEFClgZXTwtc23PUOP64Ik6Sq50DPIMB8GA1UdIwQY MBaAFCEr4Opxz0N+CO/fP+eY6vmEExxGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVN2ZzZuSFBRMzRJNzk4XzU1anEtWVFUSEVZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8xYmFiZmMtNzllNi00NWRmLThjNDAt NzI1NjhmMDZmZTEwLzEvS1dCbGRQQzF6YmM5UTRfcmdpVHBLcm5RTThnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy8xYmFiZmMtNzllNi00NWRmLThjNDAtNzI1NjhmMDZmZTEw LzEvSVN2ZzZuSFBRMzRJNzk4XzU1anEtWVFUSEVZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHwBggrBgEFBQcBBwEB/wSB4DCB3TCBywQCAAEwgcQDBAIf 3CADBAUl5gADBAVbuKADBARdugADBARtS1ADBAOTXdgDBAGwfkADBAGwfkQwDAME ALB+RwMEAbB+SDAMAwQAsH5LAwQAsH5MMAwDBACwfk8DBACwflIwDAMEALkjbQME BLkjYAMEAbmhyDAMAwQAuaa9AwQGuaaAAwQAuagIAwQAuagLAwQBubqQAwQAucKX AwQAuct7AwQAud6LAwQCuef8AwQBwiO4AwQBwiO8AwQE1FIwAwQF1FiAAwQE2Rjg MA0EAgACMAcDBQMqAgWgMA0GCSqGSIb3DQEBCwUAA4IBAQCNzGYVI1xZ4Bufhpsb LSYZcWZYH4mQ0VyouqlAYg92cdqASQI+CB74a0oXMn/VXflargV9fFQCsx0PFzcq j2KLPhLpcnYYAuG53bGZSt5Fg40hxjKsHMHs3p4Y8YJ+0B1PB4dkU6gqUp9AZWk6 MNx1bmBFboWrUOh4pxI/pRV3IbJa+ExC4zel8Ae8W7qNh8wZxmchELXJUkzwq1Xr X0+j6mEb1Tdp9jol4jSwRnpOrEUeZF3RladBLtzdizLWe+AoU/Jtpk5FgKVB4Q4q m/z06WQYpT7KbrYzoIKr8Oz4t22/XB+RRmlqg5B1+VezpkOvmbCDIqs5yCTJrehZ iWZG -----END CERTIFICATE-----Generated at Thu Jan 1 19:50:34 2026 by rpki-client