This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/KHKpEj2THKj58bA0t2ta3IDNpvE.roa File: KHKpEj2THKj58bA0t2ta3IDNpvE.roa (raw, json) Hash identifier: Pq1zZUJA84ZOxc7RlsG24SrZSENVQ5pv+oFLBtS7LdY= Subject key identifier: 28:72:A9:12:3D:93:1C:A8:F9:F1:B0:34:B7:6B:5A:DC:80:CD:A6:F1 Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2 Certificate serial: 019B7B362D36F6CD5B2820F64389CBBEFBE0 Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/KHKpEj2THKj58bA0t2ta3IDNpvE.roa Signing time: Thu 01 Jan 2026 20:18:26 +0000 ROA not before: Thu 01 Jan 2026 20:18:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 834 IP address blocks: 91.103.120.0/21 maxlen: 24 91.103.120.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.mft rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:2d:36:f6:cd:5b:28:20:f6:43:89:cb:be:fb:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94166b704843d3d9754095c83a91b493828200a2 Validity Not Before: Jan 1 20:18:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2872a9123d931ca8f9f1b034b76b5adc80cda6f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:2f:6d:b0:bc:c8:31:48:4b:86:7a:52:65:27: b2:a1:83:e6:a9:3d:2d:a5:b7:4e:f0:f3:df:3c:2f: a7:ef:a8:93:fd:38:a7:c6:89:87:81:0f:7e:6b:cc: 2a:4c:55:3b:92:49:f5:92:0e:2a:96:cc:1f:f7:89: 02:ef:51:b8:53:5c:42:2e:c2:ff:ab:76:5c:e4:30: 57:19:6d:ae:08:b8:39:3a:f0:3c:02:8b:ad:14:4b: 28:63:9b:b3:3e:10:a1:e1:e5:a9:00:a1:5e:2c:8d: 00:1b:62:dd:4e:ad:b0:4c:1c:62:b6:0a:3c:4a:cc: 54:82:1f:80:e4:75:39:ce:3c:cc:a2:55:28:ea:c9: 73:5f:d9:45:a6:41:87:f3:52:a1:73:45:23:49:ef: c7:3a:4b:cb:4d:a5:75:ee:3a:98:de:e5:84:9e:39: 93:87:d9:c7:7e:59:18:b5:52:4a:5b:92:46:6c:7a: 48:92:09:12:a2:06:37:70:a3:5e:0c:b8:98:ed:e5: cf:0f:dc:11:3a:38:8c:7f:ac:0a:52:c1:29:cd:5a: e4:74:60:20:0d:9b:cb:b4:fb:b1:bf:31:17:28:7f: 20:44:99:b3:0c:0d:61:50:e0:82:17:48:75:1e:6c: 4e:94:ef:f6:3a:c5:a6:e7:85:d3:0a:9d:e6:87:a6: 5b:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:72:A9:12:3D:93:1C:A8:F9:F1:B0:34:B7:6B:5A:DC:80:CD:A6:F1 X509v3 Authority Key Identifier: keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/KHKpEj2THKj58bA0t2ta3IDNpvE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.103.120.0/21 Signature Algorithm: sha256WithRSAEncryption 7f:99:78:2c:1d:09:7f:72:4c:aa:e1:68:ef:43:7e:81:12:dc: 54:7a:82:8c:77:d6:68:07:b2:e5:45:11:34:b3:cd:35:f3:9a: 63:88:5c:79:24:09:f9:61:5f:85:84:b6:1a:e6:0a:df:e5:05: 5b:3d:00:23:21:ed:be:b2:d8:54:13:74:c4:aa:76:9e:18:f2: 6c:c3:9e:cc:cb:3d:80:ea:65:91:08:59:ac:5c:e4:30:46:40: 54:c8:91:47:e3:1c:e0:eb:fa:5b:51:bc:f0:4c:61:3c:a0:91: ab:ea:ce:bf:55:e6:18:a0:e0:59:a4:6f:7f:55:e3:91:87:1d: 6c:e1:88:85:c5:78:05:97:0c:7d:51:34:67:fe:5e:d5:59:80: ae:17:01:fd:79:61:2f:84:f8:a8:c0:73:64:d5:47:d8:35:ed: 5f:a4:f9:4b:2b:e3:3a:f6:75:f3:67:a2:d7:69:8a:b1:c7:b3: f7:cd:9c:b7:e6:55:bc:15:95:a9:17:be:5a:64:49:95:cc:b7: ea:19:eb:8e:22:0f:25:fe:43:30:28:61:41:f8:8f:03:8e:4b: fc:b8:55:66:a5:4e:a1:a8:3f:a5:6f:1a:9d:a5:00:13:a9:f4: 20:a5:be:58:69:ff:ca:50:4e:7d:30:f6:f1:d7:98:18:c6:51: ce:22:6a:ac -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7Ni029s1bKCD2Q4nLvvvgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4 MjAwYTIwHhcNMjYwMTAxMjAxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyODcyYTkxMjNkOTMxY2E4ZjlmMWIwMzRiNzZiNWFkYzgwY2RhNmYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoi9tsLzIMUhLhnpSZSeyoYPmqT0t pbdO8PPfPC+n76iT/TinxomHgQ9+a8wqTFU7kkn1kg4qlswf94kC71G4U1xCLsL/ q3Zc5DBXGW2uCLg5OvA8AoutFEsoY5uzPhCh4eWpAKFeLI0AG2LdTq2wTBxitgo8 SsxUgh+A5HU5zjzMolUo6slzX9lFpkGH81Khc0UjSe/HOkvLTaV17jqY3uWEnjmT h9nHflkYtVJKW5JGbHpIkgkSogY3cKNeDLiY7eXPD9wROjiMf6wKUsEpzVrkdGAg DZvLtPuxvzEXKH8gRJmzDA1hUOCCF0h1HmxOlO/2OsWm54XTCp3mh6ZbHwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFChyqRI9kxyo+fGwNLdrWtyAzabxMB8GA1UdIwQY MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt NGJlMThlZjEyOGI0LzEvS0hLcEVqMlRIS2o1OGJBMHQydGEzSUROcHZFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0 LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDW2d4MA0G CSqGSIb3DQEBCwUAA4IBAQB/mXgsHQl/ckyq4WjvQ36BEtxUeoKMd9ZoB7LlRRE0 s80185pjiFx5JAn5YV+FhLYa5grf5QVbPQAjIe2+sthUE3TEqnaeGPJsw57Myz2A 6mWRCFmsXOQwRkBUyJFH4xzg6/pbUbzwTGE8oJGr6s6/VeYYoOBZpG9/VeORhx1s 4YiFxXgFlwx9UTRn/l7VWYCuFwH9eWEvhPiowHNk1UfYNe1fpPlLK+M69nXzZ6LX aYqxx7P3zZy35lW8FZWpF75aZEmVzLfqGeuOIg8l/kMwKGFB+I8Djkv8uFVmpU6h qD+lbxqdpQATqfQgpb5Yaf/KUE59MPbx15gYxlHOImqs -----END CERTIFICATE-----Generated at Sun Jan 25 22:30:13 2026 by rpki-client