This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/k0mhPGQOfFKSbIimqGXI_zqMtQ8.roa File: k0mhPGQOfFKSbIimqGXI_zqMtQ8.roa (raw, json) Hash identifier: mnreTeoEAzrzh7XWgy5ivuuHrfqcXDgIfwisD4jZcSc= Subject key identifier: 93:49:A1:3C:64:0E:7C:52:92:6C:88:A6:A8:65:C8:FF:3A:8C:B5:0F Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e Certificate serial: 019B77C69D251D1A1833D575E195B65CF510 Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/k0mhPGQOfFKSbIimqGXI_zqMtQ8.roa Signing time: Thu 01 Jan 2026 04:17:43 +0000 ROA not before: Thu 01 Jan 2026 04:17:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212087 IP address blocks: 84.232.114.0/24 maxlen: 24 84.232.121.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:9d:25:1d:1a:18:33:d5:75:e1:95:b6:5c:f5:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e Validity Not Before: Jan 1 04:17:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9349a13c640e7c52926c88a6a865c8ff3a8cb50f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:ae:2f:b5:7f:d0:d1:88:ac:66:4d:32:e8:db: ed:7c:30:e6:fe:c2:89:7e:33:11:72:71:f6:58:ac: c9:8e:83:f9:6a:a1:b8:c0:0a:25:3d:d9:67:93:1d: a2:27:e0:18:67:74:d2:99:54:e6:ac:be:60:1b:26: 58:c8:d6:a3:0e:62:51:f8:84:9a:e8:5e:24:6a:0c: 58:d2:41:90:32:1c:d6:e7:bd:e4:04:3f:cc:29:18: 11:1b:0f:3d:22:a6:fc:04:ec:a0:09:74:1f:fd:f8: e2:8c:3e:3b:5b:29:0a:1f:c2:86:33:16:31:2c:73: 73:75:ea:05:b9:22:b8:65:a7:d0:5d:2a:ff:61:4b: 27:7c:56:8e:6f:89:29:6f:2f:df:2f:0c:4f:ea:6c: e2:07:41:c3:bd:f0:da:fe:cc:5e:c3:96:3a:08:05: e6:e4:af:5f:43:2e:91:cf:78:d5:0b:47:83:22:99: 13:1a:90:08:54:d9:38:41:f2:05:b0:b6:d8:da:d5: a5:e6:c1:5b:1f:2e:4b:f3:66:90:dd:69:fd:93:94: 2f:d2:64:75:c2:3c:56:7d:49:08:3b:a9:91:81:da: 27:bf:16:c2:17:be:5d:cb:d8:80:d2:2b:56:d4:40: dd:ee:51:60:3d:86:18:39:58:a7:14:28:ad:f2:7f: c4:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:49:A1:3C:64:0E:7C:52:92:6C:88:A6:A8:65:C8:FF:3A:8C:B5:0F X509v3 Authority Key Identifier: keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/k0mhPGQOfFKSbIimqGXI_zqMtQ8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 84.232.114.0/24 84.232.121.0/24 Signature Algorithm: sha256WithRSAEncryption d3:f2:ea:dd:af:66:d2:39:a7:bc:dd:2a:dd:3e:d1:9a:2c:98: d7:e2:36:49:64:44:c4:1b:4a:44:b7:d3:af:14:90:b4:57:55: 2c:67:f6:eb:2f:f5:c0:9c:f7:53:12:d7:4f:42:88:e2:95:ce: 27:a8:d5:4f:1e:b0:7d:02:cc:36:65:08:d1:5a:8b:1b:b1:2b: 42:27:52:70:ab:e9:a8:43:1a:86:81:ca:72:c3:b8:be:c1:88: 7a:c4:2c:e3:ac:d4:38:64:02:b7:11:15:f1:f3:45:44:f0:79: 3d:97:48:c0:9c:fb:6f:75:3c:1c:95:63:b3:46:73:d5:55:55: ec:6b:ca:ce:70:48:a6:a8:4b:0c:01:0d:be:92:60:2a:8f:0c: 4f:35:11:ad:a4:35:a8:6d:ef:82:ee:ea:6f:00:0d:e7:39:8b: b3:02:1a:ef:7e:f6:c7:29:0f:6d:63:66:e3:78:03:12:ea:ea: 85:16:98:d2:dc:d6:89:8e:03:de:8b:cd:a9:1b:17:d9:1f:8c: 82:da:ae:14:a0:c7:9f:26:8a:2b:6f:39:f9:88:7c:59:30:db: d4:f0:fc:95:51:bb:cf:64:f1:90:16:69:64:7f:56:f4:17:4e: d6:74:73:cb:68:3d:74:a7:16:b9:d6:96:bb:72:ba:ce:45:26: 78:eb:0d:a0 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt3xp0lHRoYM9V14ZW2XPUQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy MGI3M2UwHhcNMjYwMTAxMDQxNzQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MzQ5YTEzYzY0MGU3YzUyOTI2Yzg4YTZhODY1YzhmZjNhOGNiNTBmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyq4vtX/Q0YisZk0y6NvtfDDm/sKJ fjMRcnH2WKzJjoP5aqG4wAolPdlnkx2iJ+AYZ3TSmVTmrL5gGyZYyNajDmJR+ISa 6F4kagxY0kGQMhzW573kBD/MKRgRGw89Iqb8BOygCXQf/fjijD47WykKH8KGMxYx LHNzdeoFuSK4ZafQXSr/YUsnfFaOb4kpby/fLwxP6mziB0HDvfDa/sxew5Y6CAXm 5K9fQy6Rz3jVC0eDIpkTGpAIVNk4QfIFsLbY2tWl5sFbHy5L82aQ3Wn9k5Qv0mR1 wjxWfUkIO6mRgdonvxbCF75dy9iA0itW1EDd7lFgPYYYOVinFCit8n/E7QIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFJNJoTxkDnxSkmyIpqhlyP86jLUPMB8GA1UdIwQY MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt Y2YwNmQxOTgzYmExLzEvazBtaFBHUU9mRktTYklpbXFHWElfenFNdFE4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVOhyAwQA VOh5MA0GCSqGSIb3DQEBCwUAA4IBAQDT8urdr2bSOae83SrdPtGaLJjX4jZJZETE G0pEt9OvFJC0V1UsZ/brL/XAnPdTEtdPQojilc4nqNVPHrB9Asw2ZQjRWosbsStC J1Jwq+moQxqGgcpyw7i+wYh6xCzjrNQ4ZAK3ERXx80VE8Hk9l0jAnPtvdTwclWOz RnPVVVXsa8rOcEimqEsMAQ2+kmAqjwxPNRGtpDWobe+C7upvAA3nOYuzAhrvfvbH KQ9tY2bjeAMS6uqFFpjS3NaJjgPei82pGxfZH4yC2q4UoMefJoorbzn5iHxZMNvU 8PyVUbvPZPGQFmlkf1b0F07WdHPLaD10pxa51pa7crrORSZ46w2g -----END CERTIFICATE-----Generated at Sun Jan 25 10:09:50 2026 by rpki-client