This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/kHfZyqLMsO0DgxSh0D2YaV-TRjg.roa File: kHfZyqLMsO0DgxSh0D2YaV-TRjg.roa (raw, json) Hash identifier: L2bDEL2vu4RSYnxSxuLkWqFJUO8DkuiEj/xt5Om6PYk= Subject key identifier: 90:77:D9:CA:A2:CC:B0:ED:03:83:14:A1:D0:3D:98:69:5F:93:46:38 Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42 Certificate serial: 019B7F84D899CF09ECB302FB0FFF8A4DC34F Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/kHfZyqLMsO0DgxSh0D2YaV-TRjg.roa Signing time: Fri 02 Jan 2026 16:22:51 +0000 ROA not before: Fri 02 Jan 2026 16:22:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60754 IP address blocks: 93.170.1.0/24 maxlen: 24 95.47.112.0/22 maxlen: 24 146.120.160.0/21 maxlen: 24 146.158.58.0/23 maxlen: 24 146.158.58.0/24 maxlen: 24 146.158.59.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:d8:99:cf:09:ec:b3:02:fb:0f:ff:8a:4d:c3:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42 Validity Not Before: Jan 2 16:22:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9077d9caa2ccb0ed038314a1d03d98695f934638 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:48:dc:84:8a:7a:78:3c:97:35:0e:a0:d0:c0: 19:fa:a6:46:8b:32:44:5b:bf:bd:62:94:51:71:18: 36:2d:31:b2:35:74:fc:65:e3:ed:fd:b8:d9:c8:15: bf:07:36:a7:5e:5f:61:a6:fd:87:b6:45:b1:64:46: ae:85:76:d6:60:cb:57:05:d6:a6:0b:f7:a4:8a:a0: c7:e2:e3:ba:38:a4:b2:68:50:47:af:0e:75:59:66: 54:17:56:49:26:2f:ae:5c:4e:1a:db:f8:a2:5d:2a: 70:c2:8d:06:e8:6c:ba:e6:19:1e:76:16:44:93:82: 40:2b:be:21:90:5e:9c:6d:10:ca:eb:1f:00:9c:c6: 31:bb:e0:13:9d:be:63:d9:bc:57:e8:05:57:a2:f1: 97:c1:d4:96:cc:8f:ea:63:df:5f:12:2b:4a:50:c8: cb:37:47:55:ec:83:72:6d:1c:fd:6a:63:f8:4e:20: 0d:01:67:4f:d4:af:99:a5:f6:4a:10:d1:8c:e7:bd: cf:5c:e6:9c:54:9b:79:6e:28:78:5d:c0:16:d6:4a: b1:84:ce:84:5c:b2:a0:25:08:ab:5c:c8:1e:37:71: 4d:8f:1d:a8:64:79:9b:f5:ea:08:14:a8:8a:ff:68: 0f:b0:0e:dd:73:df:83:ea:48:42:c3:ea:d8:85:fb: 58:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:77:D9:CA:A2:CC:B0:ED:03:83:14:A1:D0:3D:98:69:5F:93:46:38 X509v3 Authority Key Identifier: keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/kHfZyqLMsO0DgxSh0D2YaV-TRjg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 93.170.1.0/24 95.47.112.0/22 146.120.160.0/21 146.158.58.0/23 Signature Algorithm: sha256WithRSAEncryption 86:a8:3b:82:38:b6:18:a0:6a:ca:43:51:68:ea:9f:24:b7:95: 98:f2:8a:0f:7b:3d:a7:a5:a5:73:fc:24:d5:10:a0:d0:1c:a6: 4f:a2:14:d1:e8:7c:97:7a:74:fb:6b:7b:32:b8:a5:44:8c:57: 0f:72:73:fc:24:b4:db:49:88:8c:63:df:e6:70:15:bb:91:27: 65:a3:69:2c:17:60:19:37:aa:c9:e7:ea:51:da:cc:a6:d2:91: 13:66:c2:2a:35:2e:32:be:1a:47:52:63:6c:ff:43:77:38:6c: 0d:1c:64:39:1b:70:a5:8e:df:93:51:7b:71:fb:45:9f:58:c8: 21:94:79:8f:af:1a:e6:61:2b:48:1a:db:93:66:b3:85:3a:76: b6:f8:5d:b8:e6:4a:98:e7:0b:3b:4b:f8:c2:5c:4a:5c:1e:fb: 9a:c4:83:d5:c9:09:98:02:26:18:7b:28:05:76:12:f8:24:54: de:f9:00:c7:a9:ab:b1:4e:70:7e:16:cf:75:fe:90:2d:64:91: ba:ab:d0:46:69:76:e9:7e:cb:ea:63:da:4a:31:57:a4:41:57: 61:1d:92:10:8e:39:2d:ba:64:18:22:e4:4a:0e:cf:77:46:84: 18:6b:7e:23:d7:9e:77:10:5e:a8:ac:70:ce:9a:5e:67:6d:71: ca:c2:c1:21 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt/hNiZzwnsswL7D/+KTcNPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh YWVmNDIwHhcNMjYwMTAyMTYyMjUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MDc3ZDljYWEyY2NiMGVkMDM4MzE0YTFkMDNkOTg2OTVmOTM0NjM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0jchIp6eDyXNQ6g0MAZ+qZGizJE W7+9YpRRcRg2LTGyNXT8ZePt/bjZyBW/BzanXl9hpv2HtkWxZEauhXbWYMtXBdam C/ekiqDH4uO6OKSyaFBHrw51WWZUF1ZJJi+uXE4a2/iiXSpwwo0G6Gy65hkedhZE k4JAK74hkF6cbRDK6x8AnMYxu+ATnb5j2bxX6AVXovGXwdSWzI/qY99fEitKUMjL N0dV7INybRz9amP4TiANAWdP1K+ZpfZKENGM573PXOacVJt5bih4XcAW1kqxhM6E XLKgJQirXMgeN3FNjx2oZHmb9eoIFKiK/2gPsA7dc9+D6khCw+rYhftY4wIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFJB32cqizLDtA4MUodA9mGlfk0Y4MB8GA1UdIwQY MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt MDYyYzY5MzNhYmVkLzEva0hmWnlxTE1zTzBEZ3hTaDBEMllhVi1UUmpnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXaoBAwQC Xy9wAwQDknigAwQBkp46MA0GCSqGSIb3DQEBCwUAA4IBAQCGqDuCOLYYoGrKQ1Fo 6p8kt5WY8ooPez2npaVz/CTVEKDQHKZPohTR6HyXenT7a3syuKVEjFcPcnP8JLTb SYiMY9/mcBW7kSdlo2ksF2AZN6rJ5+pR2sym0pETZsIqNS4yvhpHUmNs/0N3OGwN HGQ5G3Cljt+TUXtx+0WfWMghlHmPrxrmYStIGtuTZrOFOna2+F245kqY5ws7S/jC XEpcHvuaxIPVyQmYAiYYeygFdhL4JFTe+QDHqauxTnB+Fs91/pAtZJG6q9BGaXbp fsvqY9pKMVekQVdhHZIQjjktumQYIuRKDs93RoQYa34j1553EF6orHDOml5nbXHK wsEh -----END CERTIFICATE-----Generated at Sun Jan 25 20:48:59 2026 by rpki-client