This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/kYomwgwgoZnzTPVysQNazqNWru4.roa File: kYomwgwgoZnzTPVysQNazqNWru4.roa (raw, json) Hash identifier: a8qStzCScuhW+GpcE66uW3uxlVrGr2eCKCFuE123Zik= Subject key identifier: 91:8A:26:C2:0C:20:A1:99:F3:4C:F5:72:B1:03:5A:CE:A3:56:AE:EE Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1 Certificate serial: 019B7F15B7B2EB9983A963BA633237D769B4 Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/kYomwgwgoZnzTPVysQNazqNWru4.roa Signing time: Fri 02 Jan 2026 14:21:28 +0000 ROA not before: Fri 02 Jan 2026 14:21:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29612 IP address blocks: 213.99.54.0/23 maxlen: 23 213.99.54.0/24 maxlen: 24 213.99.55.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.mft rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:b7:b2:eb:99:83:a9:63:ba:63:32:37:d7:69:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1 Validity Not Before: Jan 2 14:21:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=918a26c20c20a199f34cf572b1035acea356aeee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:c9:6d:b5:fd:bb:c8:37:9b:f1:06:c9:a9:1f: 13:82:b7:43:84:38:ea:52:8e:13:91:6a:bd:ef:f3: 83:6e:33:50:e9:4b:47:bd:bf:24:bd:3e:c9:f7:04: 54:9b:11:7e:28:fc:e8:f6:c1:f5:35:09:cb:aa:92: 34:9e:01:5f:7d:cb:8c:7e:5a:7e:cc:b5:c6:d2:6f: 75:af:c9:ac:f3:39:f1:3c:ee:52:a6:ef:e1:3b:ba: 0b:57:0c:57:c0:35:a4:9d:cb:de:fb:e2:97:94:57: 72:4a:bb:57:28:52:cf:c8:70:13:0c:8c:92:5e:05: b7:4d:d2:20:7b:4d:46:d6:3a:52:3c:6b:81:06:dd: c3:77:d5:24:c3:b9:5a:6f:98:5d:57:4f:ac:05:45: be:f7:65:33:97:f5:fa:a9:1d:b4:39:91:d0:4f:4d: a5:bb:da:e4:1a:e5:80:d0:a7:cb:f3:59:e8:d9:da: b0:e1:25:99:4a:39:ad:09:b5:2c:26:cf:fd:04:e1: ba:8c:fc:b9:f8:09:74:ac:c8:6c:d8:51:80:c2:5c: 5e:38:d1:64:59:42:5e:34:57:dc:39:6b:13:5e:62: 7f:a7:b8:e6:1d:c6:c8:7c:1b:59:15:8f:1b:0c:19: 60:b3:1a:b5:20:ed:4a:47:cc:37:05:09:7c:3f:0f: af:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:8A:26:C2:0C:20:A1:99:F3:4C:F5:72:B1:03:5A:CE:A3:56:AE:EE X509v3 Authority Key Identifier: keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/kYomwgwgoZnzTPVysQNazqNWru4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 213.99.54.0/23 Signature Algorithm: sha256WithRSAEncryption 29:40:20:84:e2:1f:14:af:09:b0:55:cd:f1:0d:b8:24:c8:30: cf:f9:72:85:dc:da:b8:3d:35:78:b8:32:53:97:4c:6d:7b:a4: 84:d6:bb:7a:ec:43:e2:e9:95:74:dc:e4:20:f2:9c:fd:e0:b8: 8b:de:57:31:35:f1:fc:04:8c:86:b0:a2:d9:6f:33:fc:10:8e: 81:b5:64:78:60:1b:e1:c0:eb:84:d3:49:08:b5:da:ef:0c:8b: 95:d9:c3:c9:57:03:64:ab:e8:ad:42:b8:3a:d4:dd:ae:0d:cd: b5:4d:46:d4:34:02:35:48:63:5e:7d:6a:3f:d1:23:67:88:b1: d7:35:c6:b4:83:3f:44:b8:73:f4:6b:3f:2d:1b:fc:53:29:b7: f5:b3:f1:f4:3f:b9:ce:3b:77:4c:81:52:90:15:ed:ad:d4:81: f8:ee:83:e6:a3:4a:57:59:62:5d:3a:47:06:8e:d0:bd:fe:b5: 0e:57:8d:d7:23:17:1e:5f:56:ec:1d:61:bb:ad:c2:6b:d3:5e: 80:96:dd:91:f4:91:4a:28:48:d5:90:09:ca:e1:ae:67:9f:94: a1:28:5c:18:90:b5:8a:67:77:3e:9e:9b:92:02:b5:24:b9:45: e0:5e:58:6f:1b:15:78:5f:6b:a8:a5:df:1e:56:dd:8b:68:07: 63:5e:d4:5c -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/Fbey65mDqWO6YzI312m0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5 NjdkYTEwHhcNMjYwMTAyMTQyMTI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MThhMjZjMjBjMjBhMTk5ZjM0Y2Y1NzJiMTAzNWFjZWEzNTZhZWVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8lttf27yDeb8QbJqR8TgrdDhDjq Uo4TkWq97/ODbjNQ6UtHvb8kvT7J9wRUmxF+KPzo9sH1NQnLqpI0ngFffcuMflp+ zLXG0m91r8ms8znxPO5Spu/hO7oLVwxXwDWkncve++KXlFdySrtXKFLPyHATDIyS XgW3TdIge01G1jpSPGuBBt3Dd9Ukw7lab5hdV0+sBUW+92Uzl/X6qR20OZHQT02l u9rkGuWA0KfL81no2dqw4SWZSjmtCbUsJs/9BOG6jPy5+Al0rMhs2FGAwlxeONFk WUJeNFfcOWsTXmJ/p7jmHcbIfBtZFY8bDBlgsxq1IO1KR8w3BQl8Pw+vrQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJGKJsIMIKGZ80z1crEDWs6jVq7uMB8GA1UdIwQY MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt NGJhMmY4ZjFmODNiLzEva1lvbXdnd2dvWm56VFBWeXNRTmF6cU5XcnU0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1WM2MA0G CSqGSIb3DQEBCwUAA4IBAQApQCCE4h8UrwmwVc3xDbgkyDDP+XKF3Nq4PTV4uDJT l0xte6SE1rt67EPi6ZV03OQg8pz94LiL3lcxNfH8BIyGsKLZbzP8EI6BtWR4YBvh wOuE00kItdrvDIuV2cPJVwNkq+itQrg61N2uDc21TUbUNAI1SGNefWo/0SNniLHX Nca0gz9EuHP0az8tG/xTKbf1s/H0P7nOO3dMgVKQFe2t1IH47oPmo0pXWWJdOkcG jtC9/rUOV43XIxceX1bsHWG7rcJr016Alt2R9JFKKEjVkAnK4a5nn5ShKFwYkLWK Z3c+npuSArUkuUXgXlhvGxV4X2uopd8eVt2LaAdjXtRc -----END CERTIFICATE-----Generated at Sun Jan 25 19:37:04 2026 by rpki-client