This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/KhqABhPXT2X7p73vPkgSsQm36Gk.roa File: KhqABhPXT2X7p73vPkgSsQm36Gk.roa (raw, json) Hash identifier: LeZfczZ3MsX9q0kF/6+EdD40SVxAWkKQV+xB3R6EE6Q= Subject key identifier: 2A:1A:80:06:13:D7:4F:65:FB:A7:BD:EF:3E:48:12:B1:09:B7:E8:69 Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171 Certificate serial: 019BDF616B18B6BA2532CB57FC19433C0C10 Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/KhqABhPXT2X7p73vPkgSsQm36Gk.roa Signing time: Wed 21 Jan 2026 07:07:42 +0000 ROA not before: Wed 21 Jan 2026 07:07:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205886 IP address blocks: 195.86.149.0/24 maxlen: 24 195.86.150.0/24 maxlen: 24 195.86.151.0/24 maxlen: 24 195.86.152.0/24 maxlen: 24 195.86.153.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 06:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:df:61:6b:18:b6:ba:25:32:cb:57:fc:19:43:3c:0c:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171 Validity Not Before: Jan 21 07:07:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2a1a800613d74f65fba7bdef3e4812b109b7e869 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:06:6e:69:1a:f0:e6:4d:6d:c5:cc:f1:b9:25: bd:40:08:b9:50:0c:cd:b9:3c:19:12:00:cc:c6:88: b9:c0:c5:ab:f7:32:e5:a4:0f:f8:1b:ef:8c:e5:c7: a3:b9:3b:2c:82:91:18:06:dd:c5:ac:8d:73:f7:90: 96:1b:2c:b7:88:b3:b7:2f:70:8c:37:78:7e:a4:ca: 44:16:b8:7a:6a:d7:16:92:53:ea:f2:2d:a0:9d:7a: 95:aa:7d:2d:4a:62:54:2e:4c:83:dc:10:b5:76:ff: 3c:16:58:10:5a:93:3a:2a:1a:40:c9:12:f1:bd:42: 38:b5:d8:a9:b2:fc:3c:65:33:b5:33:ae:ba:29:87: 5f:32:a7:bc:a7:7e:3e:11:8c:bb:8b:f6:17:aa:27: 77:b6:8d:d9:70:6b:ac:56:4c:00:fc:6a:c0:b9:84: c5:3e:ce:32:2e:f1:db:c4:88:f3:23:0a:f4:11:bf: af:e7:0c:9d:16:bd:4f:d1:0c:ca:e8:23:00:e5:77: b1:f7:ed:ee:2e:a4:c0:cb:37:87:c2:b5:29:0b:95: 42:dd:a4:8e:a9:1f:8f:49:1d:34:b5:b3:67:ac:4f: 71:26:94:70:7c:78:50:2d:01:6b:d0:ae:41:7c:00: 47:8b:b3:81:84:37:bf:34:d0:e8:f9:61:ca:69:d7: 2e:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:1A:80:06:13:D7:4F:65:FB:A7:BD:EF:3E:48:12:B1:09:B7:E8:69 X509v3 Authority Key Identifier: keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/KhqABhPXT2X7p73vPkgSsQm36Gk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.86.149.0-195.86.153.255 Signature Algorithm: sha256WithRSAEncryption dd:e6:c8:e4:c5:9a:29:45:53:d3:1e:ab:06:83:90:52:c6:d0: 22:06:40:dd:11:f3:5c:92:7d:d2:7e:6f:83:24:2c:cd:81:35: 7f:11:38:ff:74:2d:35:b0:d7:7b:ab:0b:f8:56:a3:31:8e:0e: 38:9e:a6:87:35:cc:09:c1:66:80:46:eb:92:6f:78:e3:6d:57: fa:fa:29:ac:fd:af:f6:a2:8d:a5:1e:41:a8:e4:27:c8:5d:08: 19:28:8a:f3:32:81:cd:f8:e1:24:20:b5:f1:5b:18:5f:c1:6d: f8:90:a0:df:61:a0:c0:f6:f9:98:82:6a:ab:04:da:61:6b:da: c2:4e:b3:69:bd:f7:9c:8f:ae:ee:38:59:09:89:3f:a8:16:17: 8c:e8:ec:4a:88:bf:65:ed:a3:20:de:e3:e1:e1:3c:ee:0d:f1: c0:ee:35:b8:bb:05:98:d1:3a:e2:a3:ea:a8:30:8e:d8:fb:d2: 12:41:bd:23:d2:67:3c:d4:73:c7:8b:12:e5:4c:d6:e8:0a:44: 74:66:42:73:62:69:a9:7f:07:6a:d5:d3:d6:24:be:2b:4a:fa: 70:f1:82:95:d7:aa:89:3c:a3:6f:cd:bd:ec:66:c2:11:38:47: 32:c7:95:96:c3:58:be:56:53:f5:49:65:6c:f2:7e:77:bd:5e: 6c:da:6b:82 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZvfYWsYtrolMstX/BlDPAwQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0 NmQxNzEwHhcNMjYwMTIxMDcwNzQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYTFhODAwNjEzZDc0ZjY1ZmJhN2JkZWYzZTQ4MTJiMTA5YjdlODY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAZuaRrw5k1txczxuSW9QAi5UAzN uTwZEgDMxoi5wMWr9zLlpA/4G++M5cejuTssgpEYBt3FrI1z95CWGyy3iLO3L3CM N3h+pMpEFrh6atcWklPq8i2gnXqVqn0tSmJULkyD3BC1dv88FlgQWpM6KhpAyRLx vUI4tdipsvw8ZTO1M666KYdfMqe8p34+EYy7i/YXqid3to3ZcGusVkwA/GrAuYTF Ps4yLvHbxIjzIwr0Eb+v5wydFr1P0QzK6CMA5Xex9+3uLqTAyzeHwrUpC5VC3aSO qR+PSR00tbNnrE9xJpRwfHhQLQFr0K5BfABHi7OBhDe/NNDo+WHKadcu9wIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFCoagAYT109l+6e97z5IErEJt+hpMB8GA1UdIwQY MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt MGNmMTA5M2Q0NTQ4LzEvS2hxQUJoUFhUMlg3cDczdlBrZ1NzUW0zNkdrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4 LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADDVpUD BAHDVpgwDQYJKoZIhvcNAQELBQADggEBAN3myOTFmilFU9MeqwaDkFLG0CIGQN0R 81ySfdJ+b4MkLM2BNX8ROP90LTWw13urC/hWozGODjiepoc1zAnBZoBG65JveONt V/r6Kaz9r/aijaUeQajkJ8hdCBkoivMygc344SQgtfFbGF/BbfiQoN9hoMD2+ZiC aqsE2mFr2sJOs2m995yPru44WQmJP6gWF4zo7EqIv2XtoyDe4+HhPO4N8cDuNbi7 BZjROuKj6qgwjtj70hJBvSPSZzzUc8eLEuVM1ugKRHRmQnNiaal/B2rV09YkvitK +nDxgpXXqok8o2/NvexmwhE4RzLHlZbDWL5WU/VJZWzyfne9Xmzaa4I= -----END CERTIFICATE-----Generated at Sun Jan 25 13:04:45 2026 by rpki-client