This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/kKHhag8OTcKOXKL4tqRHrcy5NDY.roa File: kKHhag8OTcKOXKL4tqRHrcy5NDY.roa (raw, json) Hash identifier: 1hD0boi1MCMets6jW6GCgAElJ8cKDe4YcTao6OTBJnY= Subject key identifier: 90:A1:E1:6A:0F:0E:4D:C2:8E:5C:A2:F8:B6:A4:47:AD:CC:B9:34:36 Certificate issuer: /CN=a0e381b6e76cb9520e8d8f56776eca0fe176cc40 Certificate serial: 019A8C5DEF3D627D758A36C20394BDEAE4DF Authority key identifier: A0:E3:81:B6:E7:6C:B9:52:0E:8D:8F:56:77:6E:CA:0F:E1:76:CC:40 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oOOBtudsuVIOjY9Wd27KD-F2zEA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/kKHhag8OTcKOXKL4tqRHrcy5NDY.roa Signing time: Sun 16 Nov 2025 11:12:37 +0000 ROA not before: Sun 16 Nov 2025 11:12:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 39650 IP address blocks: 185.161.37.0/24 maxlen: 24 185.161.38.0/24 maxlen: 24 185.161.39.0/24 maxlen: 24 185.164.74.0/24 maxlen: 24 185.164.75.0/24 maxlen: 24 185.229.28.0/24 maxlen: 24 185.229.29.0/24 maxlen: 24 185.229.30.0/24 maxlen: 24 185.229.31.0/24 maxlen: 24 2a06:5a40::/29 maxlen: 29 2a0a:d400::/29 maxlen: 29 2a0d:6600::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/oOOBtudsuVIOjY9Wd27KD-F2zEA.crl rsync://rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/oOOBtudsuVIOjY9Wd27KD-F2zEA.mft rsync://rpki.ripe.net/repository/DEFAULT/oOOBtudsuVIOjY9Wd27KD-F2zEA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:8c:5d:ef:3d:62:7d:75:8a:36:c2:03:94:bd:ea:e4:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0e381b6e76cb9520e8d8f56776eca0fe176cc40 Validity Not Before: Nov 16 11:12:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=90a1e16a0f0e4dc28e5ca2f8b6a447adccb93436 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:c6:a6:11:2f:94:6b:a3:82:f0:a0:5d:da:de: 24:9a:78:1e:ad:19:57:62:50:ad:1f:3a:be:31:ea: df:38:7e:64:99:c8:08:2a:ec:d7:f8:37:03:44:2e: 8a:38:d1:a2:11:9b:4c:ea:ed:c4:63:99:7a:e1:6d: 84:59:ec:18:c1:a5:d8:c9:2d:f3:0f:ae:1f:10:d1: 4d:ae:69:6f:2a:10:a6:2a:46:63:c1:48:42:bc:26: df:69:b9:7a:fb:94:fe:d8:3d:37:7b:53:70:b5:3a: d4:12:50:0b:17:3b:63:21:e7:ba:d2:0f:68:29:64: 8c:b2:62:b1:24:68:1c:70:df:c7:fc:09:52:9c:65: af:16:05:a0:72:44:06:a0:0c:b8:3a:b1:5e:96:1a: 83:25:19:37:21:76:83:38:62:d3:1b:e5:8d:60:69: 47:50:d9:f4:dd:9b:82:94:23:16:d6:46:c3:8c:70: 5c:b2:67:59:d3:25:dc:4e:00:b4:4a:df:18:d9:38: 2a:75:5c:97:e0:60:e7:e6:eb:ce:df:70:59:d7:3e: 04:be:51:5a:b0:73:15:92:ec:a1:46:e2:5d:94:9f: b8:58:6d:17:a9:a5:51:3d:a5:10:c8:5d:c8:25:28: 88:bc:60:ec:f3:6b:b2:e5:29:b8:5e:a8:0a:02:f3: 30:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:A1:E1:6A:0F:0E:4D:C2:8E:5C:A2:F8:B6:A4:47:AD:CC:B9:34:36 X509v3 Authority Key Identifier: keyid:A0:E3:81:B6:E7:6C:B9:52:0E:8D:8F:56:77:6E:CA:0F:E1:76:CC:40 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oOOBtudsuVIOjY9Wd27KD-F2zEA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/kKHhag8OTcKOXKL4tqRHrcy5NDY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/oOOBtudsuVIOjY9Wd27KD-F2zEA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.161.37.0-185.161.39.255 185.164.74.0/23 185.229.28.0/22 IPv6: 2a06:5a40::/29 2a0a:d400::/29 2a0d:6600::/29 Signature Algorithm: sha256WithRSAEncryption a0:bf:4a:2d:34:b1:87:b3:75:73:06:d1:93:15:f3:30:47:69: 88:d5:df:fa:e8:24:98:b7:4d:5f:28:e5:eb:87:07:2e:58:92: 9d:75:89:6f:72:a5:58:11:a7:68:8d:b2:96:33:d8:df:b2:4d: e6:fa:4d:0b:7e:ac:20:d6:59:55:9d:ed:5b:08:ff:1f:ca:77: 62:7c:80:45:e7:7a:88:2e:d5:7b:fc:34:35:2e:c9:94:aa:be: 8b:d7:6b:18:bb:f9:6e:88:3e:e8:16:7e:1b:b6:b2:7f:9b:6d: ae:7c:1e:3b:db:2e:1e:03:48:60:60:31:c3:3a:9b:14:ff:51: f6:59:03:41:4b:42:01:e7:96:b8:6b:5e:52:7d:3f:24:e1:5f: 1f:c1:4e:9f:30:e6:76:fd:0a:8b:be:4a:31:90:03:01:3c:37: c2:07:58:ba:27:d2:b5:c1:17:31:2c:41:2c:0f:03:68:45:f7: a8:47:59:6f:37:d8:1c:b7:fe:ab:bf:3d:58:3b:4f:c6:9f:42: f6:1f:16:79:e2:a7:52:d1:99:b6:30:f2:2d:f8:af:c9:55:9b: ff:82:71:ce:fb:cd:fa:90:55:7b:12:8b:e8:33:e4:84:2e:7e: 5e:e3:9e:00:f6:8a:b1:a2:d1:eb:69:f7:eb:2a:1d:23:e5:a5: 36:8d:57:cd -----BEGIN CERTIFICATE----- MIIFLjCCBBagAwIBAgISAZqMXe89Yn11ijbCA5S96uTfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwZTM4MWI2ZTc2Y2I5NTIwZThkOGY1Njc3NmVjYTBmZTE3 NmNjNDAwHhcNMjUxMTE2MTExMjM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MGExZTE2YTBmMGU0ZGMyOGU1Y2EyZjhiNmE0NDdhZGNjYjkzNDM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcamES+Ua6OC8KBd2t4kmngerRlX YlCtHzq+MerfOH5kmcgIKuzX+DcDRC6KONGiEZtM6u3EY5l64W2EWewYwaXYyS3z D64fENFNrmlvKhCmKkZjwUhCvCbfabl6+5T+2D03e1NwtTrUElALFztjIee60g9o KWSMsmKxJGgccN/H/AlSnGWvFgWgckQGoAy4OrFelhqDJRk3IXaDOGLTG+WNYGlH UNn03ZuClCMW1kbDjHBcsmdZ0yXcTgC0St8Y2TgqdVyX4GDn5uvO33BZ1z4EvlFa sHMVkuyhRuJdlJ+4WG0XqaVRPaUQyF3IJSiIvGDs82uy5Sm4XqgKAvMwrQIDAQAB o4ICOjCCAjYwHQYDVR0OBBYEFJCh4WoPDk3Cjlyi+LakR63MuTQ2MB8GA1UdIwQY MBaAFKDjgbbnbLlSDo2PVnduyg/hdsxAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb09PQnR1ZHN1VklPalk5V2QyN0tELUYyekVBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS84ZTZmMDgtMzBmMC00NmRkLWE3YTEt YTljMzg0MTI4ZDQyLzEva0tIaGFnOE9UY0tPWEtMNHRxUkhyY3k1TkRZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OS84ZTZmMDgtMzBmMC00NmRkLWE3YTEtYTljMzg0MTI4ZDQy LzEvb09PQnR1ZHN1VklPalk5V2QyN0tELUYyekVBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAgBAIAATAaMAwDBAC5oSUD BAO5oSADBAG5pEoDBAK55RwwGwQCAAIwFQMFAyoGWkADBQMqCtQAAwUDKg1mADAN BgkqhkiG9w0BAQsFAAOCAQEAoL9KLTSxh7N1cwbRkxXzMEdpiNXf+ugkmLdNXyjl 64cHLliSnXWJb3KlWBGnaI2yljPY37JN5vpNC36sINZZVZ3tWwj/H8p3YnyARed6 iC7Ve/w0NS7JlKq+i9drGLv5bog+6BZ+G7ayf5ttrnweO9suHgNIYGAxwzqbFP9R 9lkDQUtCAeeWuGteUn0/JOFfH8FOnzDmdv0Ki75KMZADATw3wgdYuifStcEXMSxB LA8DaEX3qEdZbzfYHLf+q789WDtPxp9C9h8WeeKnUtGZtjDyLfivyVWb/4JxzvvN +pBVexKL6DPkhC5+XuOeAPaKsaLR62n36yodI+WlNo1XzQ== -----END CERTIFICATE-----Generated at Sat Dec 6 18:48:14 2025 by rpki-client