This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/KHZ6X050RQpN8C-zU6JBaEYg3FI.roa File: KHZ6X050RQpN8C-zU6JBaEYg3FI.roa (raw, json) Hash identifier: TDPzA+FjAhUQy2Fbl/oOlKCfde+8XwBa4JB9fFqOvmY= Subject key identifier: 28:76:7A:5F:4E:74:45:0A:4D:F0:2F:B3:53:A2:41:68:46:20:DC:52 Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100 Certificate serial: 019B7F15C3420A84D6BFEBB7B2BE1B944827 Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/KHZ6X050RQpN8C-zU6JBaEYg3FI.roa Signing time: Fri 02 Jan 2026 14:21:31 +0000 ROA not before: Fri 02 Jan 2026 14:21:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60606 IP address blocks: 91.239.200.0/22 maxlen: 23 2001:67c:e94::/48 maxlen: 49 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:c3:42:0a:84:d6:bf:eb:b7:b2:be:1b:94:48:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a27c641b530a7c6ba234022e3327246232367100 Validity Not Before: Jan 2 14:21:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=28767a5f4e74450a4df02fb353a241684620dc52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:e1:67:08:ce:8a:90:ae:a6:10:2e:56:72:72: ce:ea:9e:de:9b:64:83:9f:95:f5:cc:da:4c:55:00: 29:c9:25:8e:32:2c:e9:3b:69:a1:a5:08:1d:02:6e: 04:63:9d:b6:b3:17:c4:fb:5e:61:02:c1:3e:f7:8b: f1:24:fa:b3:74:94:04:cf:9c:a3:8e:99:2d:bf:3b: 63:42:0d:36:4f:5f:f5:85:71:86:03:f7:e0:eb:01: f1:28:e6:98:ca:ce:6e:3e:53:62:8c:b8:8f:7d:f6: 78:44:f3:c5:c7:f1:3c:47:f3:db:b3:62:e3:b0:a0: d0:d3:af:31:68:a7:74:11:d9:92:74:67:38:b1:73: cb:57:6e:04:60:0b:32:eb:23:62:ce:37:4f:7f:b6: ec:52:bb:c6:56:50:cc:96:90:4d:ce:fd:29:b3:74: 92:61:7d:4c:d2:70:be:26:95:99:d3:93:3c:66:c0: 3a:0d:90:cd:98:f6:7f:d8:4d:a1:26:1a:2b:67:98: 62:f0:e0:d1:60:50:85:98:8a:dd:87:ef:1e:57:27: 2e:5e:1e:0a:85:da:c5:be:0e:c0:02:59:ca:0d:94: 68:45:58:c9:fe:0e:9c:1d:ca:ff:1b:3c:f8:11:a2: b2:7e:6f:33:61:45:e2:1b:da:2e:8f:40:77:8a:6a: 9e:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:76:7A:5F:4E:74:45:0A:4D:F0:2F:B3:53:A2:41:68:46:20:DC:52 X509v3 Authority Key Identifier: keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/KHZ6X050RQpN8C-zU6JBaEYg3FI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.239.200.0/22 IPv6: 2001:67c:e94::/48 Signature Algorithm: sha256WithRSAEncryption 18:ff:dc:bc:c1:3f:fa:45:ab:a1:45:bd:b9:af:e0:5f:16:48: 8f:e8:97:71:c2:6d:59:95:8e:fa:57:1b:80:f9:ad:5f:f9:86: 2e:96:2d:ac:a7:e9:86:c8:92:71:c6:32:06:4f:bf:de:79:4a: eb:2b:aa:15:1c:61:c8:4a:17:74:0c:1e:ea:10:21:0a:38:fa: f3:3a:b8:c3:bb:67:dd:45:aa:19:df:8d:23:6f:09:43:f8:22: f2:bd:e4:88:10:17:72:8b:ac:12:23:91:f6:e4:c7:dc:f1:51: 2d:54:47:ff:c9:a0:85:01:78:10:08:08:5e:6b:0f:f4:91:da: 58:e9:9e:16:ec:61:92:56:9c:20:17:e8:c1:c0:59:6f:10:53: 53:ce:dc:d4:e3:5c:2e:c4:08:1c:0c:9f:e5:41:3d:2a:8c:30: 79:b0:0a:b8:d3:d7:28:76:36:47:ab:85:71:07:ad:be:73:a2: 00:5d:17:f9:fc:f6:f1:7d:d8:9c:ad:89:a5:56:64:52:f8:65: 0b:d1:6e:54:1b:6e:ab:3f:99:53:bd:95:a4:d4:cc:ac:d5:03: 31:7c:14:95:4d:7d:bb:bb:5c:11:da:9d:d3:ee:82:c6:2e:81: e6:f9:2a:b0:ea:55:10:5d:ee:38:ed:8f:1e:1e:93:91:80:ef: 7b:7c:d3:7a -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt/FcNCCoTWv+u3sr4blEgnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz NjcxMDAwHhcNMjYwMTAyMTQyMTMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyODc2N2E1ZjRlNzQ0NTBhNGRmMDJmYjM1M2EyNDE2ODQ2MjBkYzUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+FnCM6KkK6mEC5WcnLO6p7em2SD n5X1zNpMVQApySWOMizpO2mhpQgdAm4EY522sxfE+15hAsE+94vxJPqzdJQEz5yj jpktvztjQg02T1/1hXGGA/fg6wHxKOaYys5uPlNijLiPffZ4RPPFx/E8R/Pbs2Lj sKDQ068xaKd0EdmSdGc4sXPLV24EYAsy6yNizjdPf7bsUrvGVlDMlpBNzv0ps3SS YX1M0nC+JpWZ05M8ZsA6DZDNmPZ/2E2hJhorZ5hi8ODRYFCFmIrdh+8eVycuXh4K hdrFvg7AAlnKDZRoRVjJ/g6cHcr/Gzz4EaKyfm8zYUXiG9ouj0B3imqepwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFCh2el9OdEUKTfAvs1OiQWhGINxSMB8GA1UdIwQY MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt MWYxODhmY2NlODU1LzEvS0haNlgwNTBSUXBOOEMtelU2SkJhRVlnM0ZJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1 LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCW+/IMA8E AgACMAkDBwAgAQZ8DpQwDQYJKoZIhvcNAQELBQADggEBABj/3LzBP/pFq6FFvbmv 4F8WSI/ol3HCbVmVjvpXG4D5rV/5hi6WLayn6YbIknHGMgZPv955SusrqhUcYchK F3QMHuoQIQo4+vM6uMO7Z91FqhnfjSNvCUP4IvK95IgQF3KLrBIjkfbkx9zxUS1U R//JoIUBeBAICF5rD/SR2ljpnhbsYZJWnCAX6MHAWW8QU1PO3NTjXC7ECBwMn+VB PSqMMHmwCrjT1yh2NkerhXEHrb5zogBdF/n89vF92JytiaVWZFL4ZQvRblQbbqs/ mVO9laTUzKzVAzF8FJVNfbu7XBHandPugsYugeb5KrDqVRBd7jjtjx4ek5GA73t8 03o= -----END CERTIFICATE-----Generated at Mon Jan 26 10:25:25 2026 by rpki-client