This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/572a98-3bb7-4276-9d39-dff5a09a82cb/1/KhWNkr5gAw1c6ddmTPeSiEEfFWg.roa File: KhWNkr5gAw1c6ddmTPeSiEEfFWg.roa (raw, json) Hash identifier: BfC/J8Ikas8k6I01UNkrtdj0AZZqj/UTxvhIrki0FuQ= Subject key identifier: 2A:15:8D:92:BE:60:03:0D:5C:E9:D7:66:4C:F7:92:88:41:1F:15:68 Certificate issuer: /CN=2d698baf9ff3eeebe66284889fbf689d4e683c81 Certificate serial: 019B7F8275EDA69506091B0884836D7EA817 Authority key identifier: 2D:69:8B:AF:9F:F3:EE:EB:E6:62:84:88:9F:BF:68:9D:4E:68:3C:81 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LWmLr5_z7uvmYoSIn79onU5oPIE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/572a98-3bb7-4276-9d39-dff5a09a82cb/1/KhWNkr5gAw1c6ddmTPeSiEEfFWg.roa Signing time: Fri 02 Jan 2026 16:20:14 +0000 ROA not before: Fri 02 Jan 2026 16:20:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3209 IP address blocks: 2.200.0.0/13 maxlen: 24 80.226.0.0/16 maxlen: 24 90.186.0.0/16 maxlen: 24 109.40.0.0/14 maxlen: 24 109.44.0.0/15 maxlen: 15 109.46.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/572a98-3bb7-4276-9d39-dff5a09a82cb/1/LWmLr5_z7uvmYoSIn79onU5oPIE.crl rsync://rpki.ripe.net/repository/DEFAULT/a1/572a98-3bb7-4276-9d39-dff5a09a82cb/1/LWmLr5_z7uvmYoSIn79onU5oPIE.mft rsync://rpki.ripe.net/repository/DEFAULT/LWmLr5_z7uvmYoSIn79onU5oPIE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 04:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:82:75:ed:a6:95:06:09:1b:08:84:83:6d:7e:a8:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2d698baf9ff3eeebe66284889fbf689d4e683c81 Validity Not Before: Jan 2 16:20:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2a158d92be60030d5ce9d7664cf79288411f1568 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:72:a8:8e:88:2f:ca:f9:28:36:81:a1:80:50: a7:d8:0d:8a:52:2f:e7:30:07:21:af:e4:e1:e6:8b: 73:c3:e3:87:d1:23:31:3e:49:f9:76:f3:b6:0e:6a: 69:30:d5:6a:b9:aa:a9:4f:13:58:48:30:16:36:fc: 4a:e0:26:01:d6:a6:87:ae:8e:00:b8:8b:33:9e:84: 45:f6:fc:39:4c:0f:72:7f:19:06:c8:9a:0a:3b:5f: 21:d7:32:6e:df:3d:fb:e2:9b:6f:fa:a1:f4:e4:8b: 27:8e:12:4f:d3:d5:53:3c:ec:a7:02:eb:8b:5e:32: 87:23:ae:d4:8b:e1:70:16:a8:ff:ac:50:67:0f:1b: 27:39:6c:97:6c:de:a4:e4:17:60:9e:aa:31:6e:43: 63:3f:12:54:1b:bf:f8:59:10:96:fb:27:bf:50:a5: 85:61:4e:44:87:71:00:64:9e:19:98:03:dc:79:b2: 4d:09:20:9e:f8:ce:af:40:ae:83:14:97:28:d3:61: 6b:ef:17:85:34:40:79:c1:1d:39:c7:0c:58:0c:94: 41:ad:11:b3:58:01:88:41:c7:67:c2:66:ce:1e:27: 78:b8:0c:8b:25:db:0e:63:31:94:9e:11:92:8f:51: d3:59:67:c9:6c:50:c5:e0:e3:7b:02:4b:a0:6a:2d: 76:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:15:8D:92:BE:60:03:0D:5C:E9:D7:66:4C:F7:92:88:41:1F:15:68 X509v3 Authority Key Identifier: keyid:2D:69:8B:AF:9F:F3:EE:EB:E6:62:84:88:9F:BF:68:9D:4E:68:3C:81 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LWmLr5_z7uvmYoSIn79onU5oPIE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/572a98-3bb7-4276-9d39-dff5a09a82cb/1/KhWNkr5gAw1c6ddmTPeSiEEfFWg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/572a98-3bb7-4276-9d39-dff5a09a82cb/1/LWmLr5_z7uvmYoSIn79onU5oPIE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.200.0.0/13 80.226.0.0/16 90.186.0.0/16 109.40.0.0-109.46.255.255 Signature Algorithm: sha256WithRSAEncryption 31:74:18:1d:71:30:bf:bd:1a:07:52:6d:a9:55:6d:04:1b:22: e2:cd:70:11:90:e2:3f:47:7f:9d:36:cc:74:32:22:be:9c:c4: 1e:de:17:28:60:98:b7:e2:10:d5:58:50:ff:75:3d:0f:28:3c: a4:40:78:83:2a:77:5a:b3:6b:70:5e:84:fb:02:6a:9e:5e:69: 15:b0:c5:7f:be:e7:16:8c:a8:6f:89:64:d5:c8:94:27:9b:62: ce:f3:c5:cb:3f:4c:34:b1:65:5d:ef:a8:50:a1:4d:69:75:aa: a9:a2:bd:77:02:38:09:22:68:e9:b0:0c:77:ed:0b:90:d5:ef: bc:21:50:36:e8:18:76:7e:f8:9b:f7:13:d6:89:bb:d2:41:a7: 63:3b:e3:08:ab:07:4c:17:f2:a7:a7:fe:48:48:14:d4:2b:2a: 6c:c6:e5:2e:20:de:4d:3f:65:41:e7:ae:b8:c2:db:80:37:34: 1d:76:a4:2e:5a:bf:12:e9:d6:e7:3a:0a:29:49:01:54:be:f3: 72:2c:d6:4e:82:f3:1f:52:29:07:34:d3:b1:bc:5f:9d:d9:5c: c6:e5:d1:e4:0d:a6:ae:f4:6b:20:04:66:55:3e:34:78:76:43: 27:e3:f3:0d:39:6e:a8:a4:51:c8:e0:47:70:a4:68:b5:c9:de: 54:96:d9:85 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt/gnXtppUGCRsIhINtfqgXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJkNjk4YmFmOWZmM2VlZWJlNjYyODQ4ODlmYmY2ODlkNGU2 ODNjODEwHhcNMjYwMTAyMTYyMDE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYTE1OGQ5MmJlNjAwMzBkNWNlOWQ3NjY0Y2Y3OTI4ODQxMWYxNTY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23KojogvyvkoNoGhgFCn2A2KUi/n MAchr+Th5otzw+OH0SMxPkn5dvO2DmppMNVquaqpTxNYSDAWNvxK4CYB1qaHro4A uIsznoRF9vw5TA9yfxkGyJoKO18h1zJu3z374ptv+qH05IsnjhJP09VTPOynAuuL XjKHI67Ui+FwFqj/rFBnDxsnOWyXbN6k5BdgnqoxbkNjPxJUG7/4WRCW+ye/UKWF YU5Eh3EAZJ4ZmAPcebJNCSCe+M6vQK6DFJco02Fr7xeFNEB5wR05xwxYDJRBrRGz WAGIQcdnwmbOHid4uAyLJdsOYzGUnhGSj1HTWWfJbFDF4ON7Akugai12iQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFCoVjZK+YAMNXOnXZkz3kohBHxVoMB8GA1UdIwQY MBaAFC1pi6+f8+7r5mKEiJ+/aJ1OaDyBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTFdtTHI1X3o3dXZtWW9TSW43OW9uVTVvUElFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS81NzJhOTgtM2JiNy00Mjc2LTlkMzkt ZGZmNWEwOWE4MmNiLzEvS2hXTmtyNWdBdzFjNmRkbVRQZVNpRUVmRldnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMS81NzJhOTgtM2JiNy00Mjc2LTlkMzktZGZmNWEwOWE4MmNi LzEvTFdtTHI1X3o3dXZtWW9TSW43OW9uVTVvUElFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAATAbAwMDAsgDAwBQ 4gMDAFq6MAoDAwNtKAMDAG0uMA0GCSqGSIb3DQEBCwUAA4IBAQAxdBgdcTC/vRoH Um2pVW0EGyLizXARkOI/R3+dNsx0MiK+nMQe3hcoYJi34hDVWFD/dT0PKDykQHiD Kndas2twXoT7AmqeXmkVsMV/vucWjKhviWTVyJQnm2LO88XLP0w0sWVd76hQoU1p daqpor13AjgJImjpsAx37QuQ1e+8IVA26Bh2fvib9xPWibvSQadjO+MIqwdMF/Kn p/5ISBTUKypsxuUuIN5NP2VB5664wtuANzQddqQuWr8S6dbnOgopSQFUvvNyLNZO gvMfUikHNNOxvF+d2VzG5dHkDaau9GsgBGZVPjR4dkMn4/MNOW6opFHI4EdwpGi1 yd5UltmF -----END CERTIFICATE-----Generated at Sun Jan 25 15:11:30 2026 by rpki-client