This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/kHyEvJhu_w11Kx9L4McOAF2P03o.roa File: kHyEvJhu_w11Kx9L4McOAF2P03o.roa (raw, json) Hash identifier: jmuEXw0e3wCECNG5mj5zMNmwosrMAavIJYnu60jwGTk= Subject key identifier: 90:7C:84:BC:98:6E:FF:0D:75:2B:1F:4B:E0:C7:0E:00:5D:8F:D3:7A Certificate issuer: /CN=46ba3f80039b9e784cfb24bf2c7ddb24e1900a76 Certificate serial: 019B77C6EBF9304959E37020ED0788C145A2 Authority key identifier: 46:BA:3F:80:03:9B:9E:78:4C:FB:24:BF:2C:7D:DB:24:E1:90:0A:76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/kHyEvJhu_w11Kx9L4McOAF2P03o.roa Signing time: Thu 01 Jan 2026 04:18:03 +0000 ROA not before: Thu 01 Jan 2026 04:18:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211517 IP address blocks: 90.156.245.0/24 maxlen: 24 2a03:720:70::/48 maxlen: 48 2a03:720:1070::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.crl rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.mft rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:eb:f9:30:49:59:e3:70:20:ed:07:88:c1:45:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=46ba3f80039b9e784cfb24bf2c7ddb24e1900a76 Validity Not Before: Jan 1 04:18:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=907c84bc986eff0d752b1f4be0c70e005d8fd37a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:90:f0:69:2e:e6:28:db:aa:20:5d:16:cc:8b: ad:9d:fa:09:5d:c1:11:fa:dc:ab:0e:a3:ba:44:d4: 88:4c:bf:50:f5:29:e0:e2:8c:36:c1:9a:74:31:58: 5a:ea:ff:ef:21:55:17:97:de:24:69:b0:f2:84:44: a2:47:12:8d:3c:c0:10:ac:f0:25:0b:f1:0d:ba:bc: e9:31:aa:25:96:cb:d4:8b:5a:64:5d:d7:6a:67:9d: 54:5e:ab:a3:0a:a8:cc:83:a6:07:39:d9:ce:aa:d4: 0e:9a:0b:f1:f9:16:a3:dd:28:15:41:17:ab:1b:a7: a6:1c:99:95:82:91:97:54:f8:37:5b:eb:f8:23:5a: d8:ff:0e:a1:fa:4d:7f:7e:87:7a:21:0a:36:7a:da: cd:98:1b:5d:04:13:f0:04:1d:58:59:8b:58:7d:c9: 6f:2d:8b:31:c2:f9:45:c0:07:e2:11:f4:36:3a:3e: c6:ca:96:01:14:da:53:95:7c:62:3f:67:6a:00:d6: 34:68:ff:df:a2:2e:8c:05:76:f5:3a:2f:d2:cd:dc: a9:2d:11:be:80:91:b9:e6:67:75:2b:6a:98:be:5f: 4c:3a:90:d9:5d:60:fd:3f:10:70:e5:17:66:23:2b: 56:06:60:61:0c:43:f4:4d:1b:d3:92:f7:4c:9d:62: fd:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:7C:84:BC:98:6E:FF:0D:75:2B:1F:4B:E0:C7:0E:00:5D:8F:D3:7A X509v3 Authority Key Identifier: keyid:46:BA:3F:80:03:9B:9E:78:4C:FB:24:BF:2C:7D:DB:24:E1:90:0A:76 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/kHyEvJhu_w11Kx9L4McOAF2P03o.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 90.156.245.0/24 IPv6: 2a03:720:70::/48 2a03:720:1070::/48 Signature Algorithm: sha256WithRSAEncryption ac:a0:4d:95:c4:75:35:10:e2:00:87:ff:b7:19:7c:c6:ae:67: 6d:65:f6:3e:dd:a4:0b:24:96:7e:d7:ab:72:c8:29:2c:f3:46: 60:6c:86:f3:eb:29:74:0d:d3:f8:4a:67:bb:f8:b7:96:a9:2b: a6:de:cc:cc:97:65:36:d8:16:36:89:99:77:cb:29:1a:10:90: 85:b8:cb:48:06:b5:fb:98:64:50:85:9b:28:a1:52:e2:0f:49: ba:a9:cb:9d:38:4a:59:5a:d5:b7:19:0a:11:05:bb:da:d9:41: 5d:e6:df:38:fe:e3:f4:5f:98:a2:9a:08:fc:6a:b3:8f:67:54: 08:b4:f3:78:ba:9c:63:2b:b0:2b:c0:41:0f:7b:a5:92:79:f8: 11:17:84:d5:88:ed:5d:be:b6:22:92:b1:ab:bc:cd:da:ee:64: be:c9:2e:46:c6:81:17:61:48:61:d8:cb:bd:1b:13:19:60:d0: 29:62:32:09:e5:31:e8:3f:13:e6:42:11:c1:e0:69:3e:d9:8e: 4f:35:1a:f8:d2:c1:8c:8c:99:6c:7f:26:22:14:cd:0f:e5:c1: d9:61:6c:1d:8b:e0:84:90:02:30:1e:8a:da:e7:8d:9c:26:bc: cc:f7:01:01:d6:41:cc:c8:69:7e:f7:66:7e:19:59:df:90:30: da:36:56:32 -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZt3xuv5MElZ43Ag7QeIwUWiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ2YmEzZjgwMDM5YjllNzg0Y2ZiMjRiZjJjN2RkYjI0ZTE5 MDBhNzYwHhcNMjYwMTAxMDQxODAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MDdjODRiYzk4NmVmZjBkNzUyYjFmNGJlMGM3MGUwMDVkOGZkMzdhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5DwaS7mKNuqIF0WzIutnfoJXcER +tyrDqO6RNSITL9Q9Sng4ow2wZp0MVha6v/vIVUXl94kabDyhESiRxKNPMAQrPAl C/ENurzpMaollsvUi1pkXddqZ51UXqujCqjMg6YHOdnOqtQOmgvx+Raj3SgVQRer G6emHJmVgpGXVPg3W+v4I1rY/w6h+k1/fod6IQo2etrNmBtdBBPwBB1YWYtYfclv LYsxwvlFwAfiEfQ2Oj7GypYBFNpTlXxiP2dqANY0aP/foi6MBXb1Oi/SzdypLRG+ gJG55md1K2qYvl9MOpDZXWD9PxBw5RdmIytWBmBhDEP0TRvTkvdMnWL92QIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFJB8hLyYbv8NdSsfS+DHDgBdj9N6MB8GA1UdIwQY MBaAFEa6P4ADm554TPskvyx92yThkAp2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUnJvX2dBT2JubmhNLXlTX0xIM2JKT0dRQ25ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jZmEyYWUtZTUyNC00YmQwLTg3NWIt ODlhY2UzODIyMGZiLzEva0h5RXZKaHVfdzExS3g5TDRNY09BRjJQMDNvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NS9jZmEyYWUtZTUyNC00YmQwLTg3NWItODlhY2UzODIyMGZi LzEvUnJvX2dBT2JubmhNLXlTX0xIM2JKT0dRQ25ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAWpz1MBgE AgACMBIDBwAqAwcgAHADBwAqAwcgEHAwDQYJKoZIhvcNAQELBQADggEBAKygTZXE dTUQ4gCH/7cZfMauZ21l9j7dpAskln7Xq3LIKSzzRmBshvPrKXQN0/hKZ7v4t5ap K6bezMyXZTbYFjaJmXfLKRoQkIW4y0gGtfuYZFCFmyihUuIPSbqpy504Slla1bcZ ChEFu9rZQV3m3zj+4/RfmKKaCPxqs49nVAi083i6nGMrsCvAQQ97pZJ5+BEXhNWI 7V2+tiKSsau8zdruZL7JLkbGgRdhSGHYy70bExlg0CliMgnlMeg/E+ZCEcHgaT7Z jk81GvjSwYyMmWx/JiIUzQ/lwdlhbB2L4ISQAjAeitrnjZwmvMz3AQHWQczIaX73 Zn4ZWd+QMNo2VjI= -----END CERTIFICATE-----Generated at Mon Jan 26 00:13:54 2026 by rpki-client