This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/822dc4-78e8-4801-b734-f1e55f537c87/1/KYwLTeDRPbWZ7QruokVrRABez8U.roa File: KYwLTeDRPbWZ7QruokVrRABez8U.roa (raw, json) Hash identifier: K9pjcDveVnPL9nHRQKLenhV/fjpAku11BgS2kkrYnJc= Subject key identifier: 29:8C:0B:4D:E0:D1:3D:B5:99:ED:0A:EE:A2:45:6B:44:00:5E:CF:C5 Certificate issuer: /CN=6fdab32dfd6e5bc699e7bf36e818298dc7fbb246 Certificate serial: 019B7D5BAF33251F71A183BECED2B968EABC Authority key identifier: 6F:DA:B3:2D:FD:6E:5B:C6:99:E7:BF:36:E8:18:29:8D:C7:FB:B2:46 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b9qzLf1uW8aZ57826Bgpjcf7skY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/822dc4-78e8-4801-b734-f1e55f537c87/1/KYwLTeDRPbWZ7QruokVrRABez8U.roa Signing time: Fri 02 Jan 2026 06:18:39 +0000 ROA not before: Fri 02 Jan 2026 06:18:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209344 IP address blocks: 185.133.200.0/22 maxlen: 22 185.133.200.0/23 maxlen: 23 185.133.200.0/24 maxlen: 24 185.133.201.0/24 maxlen: 24 185.133.202.0/23 maxlen: 23 185.133.202.0/24 maxlen: 24 185.133.203.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/822dc4-78e8-4801-b734-f1e55f537c87/1/b9qzLf1uW8aZ57826Bgpjcf7skY.crl rsync://rpki.ripe.net/repository/DEFAULT/f4/822dc4-78e8-4801-b734-f1e55f537c87/1/b9qzLf1uW8aZ57826Bgpjcf7skY.mft rsync://rpki.ripe.net/repository/DEFAULT/b9qzLf1uW8aZ57826Bgpjcf7skY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 11:32:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5b:af:33:25:1f:71:a1:83:be:ce:d2:b9:68:ea:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6fdab32dfd6e5bc699e7bf36e818298dc7fbb246 Validity Not Before: Jan 2 06:18:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=298c0b4de0d13db599ed0aeea2456b44005ecfc5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:b6:5b:1c:24:30:cb:be:df:6c:44:c1:57:4d: ba:6e:13:66:34:bd:86:e1:02:12:4e:8f:7d:06:4a: b2:af:e5:89:ea:0a:b3:44:cd:75:19:71:b1:ca:93: 8a:ec:f4:b9:f5:d3:63:3d:67:5c:2b:fe:63:1c:bf: 43:46:53:38:90:ed:95:c0:33:a3:c7:a9:af:a5:88: 25:5d:87:02:f2:70:b5:bb:8a:a5:bd:69:37:3f:9c: 16:63:e6:90:fa:21:c9:ca:cd:9d:ae:9a:8e:42:0f: f4:ee:ef:69:b1:2d:9f:1f:ec:40:f1:2c:03:30:e8: 9f:78:c1:d9:dd:9c:63:14:47:a9:fb:a7:b0:5f:0b: 57:25:8f:d8:74:5f:ab:d1:20:24:fd:cb:c8:9b:b5: 57:f9:65:a4:c8:e5:61:a6:7d:f9:97:15:5d:f2:bf: 5e:c5:a7:23:9d:c0:d1:99:f1:3f:13:22:a9:dd:62: b7:4e:a3:3f:0f:7b:90:47:39:a8:e7:a0:51:20:31: a1:e2:a5:65:c6:46:62:b2:6a:11:f2:58:23:bc:48: 7b:b6:c8:9b:20:e8:2c:b0:f3:99:60:b0:3e:b8:83: 62:85:cb:86:88:5e:14:1b:1c:7a:fc:37:e5:d2:d6: 63:8c:a7:7e:46:82:1b:a3:4b:de:a6:d6:33:5a:d0: 24:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:8C:0B:4D:E0:D1:3D:B5:99:ED:0A:EE:A2:45:6B:44:00:5E:CF:C5 X509v3 Authority Key Identifier: keyid:6F:DA:B3:2D:FD:6E:5B:C6:99:E7:BF:36:E8:18:29:8D:C7:FB:B2:46 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9qzLf1uW8aZ57826Bgpjcf7skY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/822dc4-78e8-4801-b734-f1e55f537c87/1/KYwLTeDRPbWZ7QruokVrRABez8U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/822dc4-78e8-4801-b734-f1e55f537c87/1/b9qzLf1uW8aZ57826Bgpjcf7skY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.133.200.0/22 Signature Algorithm: sha256WithRSAEncryption ab:c8:03:d2:fd:1e:28:69:74:1f:af:72:9f:ae:3f:8c:10:49: d5:52:1c:60:14:76:3d:f6:a5:07:ba:4f:00:cd:e8:d1:01:9a: 1c:a8:55:f9:e9:4f:e2:2e:e4:81:15:cf:0a:f0:31:36:c1:8e: 85:6e:2d:49:10:23:19:a5:f1:73:d9:5b:10:ee:2b:6a:7c:41: bf:e1:b2:0d:4e:29:4b:a9:4a:e4:47:e7:ed:32:93:d7:ff:88: 06:63:41:3f:c5:b0:65:2c:6c:b1:88:c9:0d:e1:fd:23:7c:35: b6:ed:14:1c:40:35:30:b0:4f:3a:21:35:68:54:13:6a:ca:c6: f6:e0:13:23:20:99:0d:66:bb:88:14:79:ae:fc:5d:f7:59:80: 40:71:87:ed:34:a6:48:4f:c7:a1:5f:4e:2f:8f:b9:ce:9f:45: a4:76:b7:9e:04:cd:a5:fa:b1:69:96:12:6a:9a:16:a7:8c:72: af:47:ce:54:18:a2:1a:0c:22:ac:23:fa:91:1a:85:f5:2b:aa: cb:c5:8f:c1:6a:5d:32:a6:6c:80:5f:06:f5:c3:30:6c:27:de: 01:b2:a4:da:65:c8:82:de:21:15:d5:b8:33:11:0d:c1:33:1c: ab:de:0c:51:84:cc:bd:66:ef:00:52:46:0d:ab:e3:4b:7e:5a: 7b:bb:ba:ae -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9W68zJR9xoYO+ztK5aOq8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZmZGFiMzJkZmQ2ZTViYzY5OWU3YmYzNmU4MTgyOThkYzdm YmIyNDYwHhcNMjYwMTAyMDYxODM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOThjMGI0ZGUwZDEzZGI1OTllZDBhZWVhMjQ1NmI0NDAwNWVjZmM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLZbHCQwy77fbETBV026bhNmNL2G 4QISTo99Bkqyr+WJ6gqzRM11GXGxypOK7PS59dNjPWdcK/5jHL9DRlM4kO2VwDOj x6mvpYglXYcC8nC1u4qlvWk3P5wWY+aQ+iHJys2drpqOQg/07u9psS2fH+xA8SwD MOifeMHZ3ZxjFEep+6ewXwtXJY/YdF+r0SAk/cvIm7VX+WWkyOVhpn35lxVd8r9e xacjncDRmfE/EyKp3WK3TqM/D3uQRzmo56BRIDGh4qVlxkZismoR8lgjvEh7tsib IOgssPOZYLA+uINihcuGiF4UGxx6/Dfl0tZjjKd+RoIbo0veptYzWtAkvwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCmMC03g0T21me0K7qJFa0QAXs/FMB8GA1UdIwQY MBaAFG/asy39blvGmee/NugYKY3H+7JGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYjlxekxmMXVXOGFaNTc4MjZCZ3BqY2Y3c2tZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC84MjJkYzQtNzhlOC00ODAxLWI3MzQt ZjFlNTVmNTM3Yzg3LzEvS1l3TFRlRFJQYldaN1FydW9rVnJSQUJlejhVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNC84MjJkYzQtNzhlOC00ODAxLWI3MzQtZjFlNTVmNTM3Yzg3 LzEvYjlxekxmMXVXOGFaNTc4MjZCZ3BqY2Y3c2tZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYXIMA0G CSqGSIb3DQEBCwUAA4IBAQCryAPS/R4oaXQfr3Kfrj+MEEnVUhxgFHY99qUHuk8A zejRAZocqFX56U/iLuSBFc8K8DE2wY6Fbi1JECMZpfFz2VsQ7itqfEG/4bINTilL qUrkR+ftMpPX/4gGY0E/xbBlLGyxiMkN4f0jfDW27RQcQDUwsE86ITVoVBNqysb2 4BMjIJkNZruIFHmu/F33WYBAcYftNKZIT8ehX04vj7nOn0WkdreeBM2l+rFplhJq mhanjHKvR85UGKIaDCKsI/qRGoX1K6rLxY/Bal0ypmyAXwb1wzBsJ94BsqTaZciC 3iEV1bgzEQ3BMxyr3gxRhMy9Zu8AUkYNq+NLflp7u7qu -----END CERTIFICATE-----Generated at Wed Jan 7 14:15:07 2026 by rpki-client