This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/0e2744-f646-4429-a25a-ff68517770e4/1/KhqVcbwDUSR4NHPm-J5lwrBud5g.roa File: KhqVcbwDUSR4NHPm-J5lwrBud5g.roa (raw, json) Hash identifier: djDhoCZbOba7CVJ2YJ+LsNJC5VkS0WRPZcPHomF3kNc= Subject key identifier: 2A:1A:95:71:BC:03:51:24:78:34:73:E6:F8:9E:65:C2:B0:6E:77:98 Certificate issuer: /CN=07afdcd5e97ac1c102479c954d5f922b126cbc14 Certificate serial: 019B7FF2995E76A02790EA7ECCBB3DA3214E Authority key identifier: 07:AF:DC:D5:E9:7A:C1:C1:02:47:9C:95:4D:5F:92:2B:12:6C:BC:14 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B6_c1el6wcECR5yVTV-SKxJsvBQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/0e2744-f646-4429-a25a-ff68517770e4/1/KhqVcbwDUSR4NHPm-J5lwrBud5g.roa Signing time: Fri 02 Jan 2026 18:22:43 +0000 ROA not before: Fri 02 Jan 2026 18:22:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42337 IP address blocks: 77.237.64.0/19 maxlen: 19 77.237.65.0/24 maxlen: 24 77.237.68.0/24 maxlen: 24 77.237.69.0/24 maxlen: 24 77.237.70.0/24 maxlen: 24 77.237.72.0/24 maxlen: 24 77.237.74.0/24 maxlen: 24 77.237.75.0/24 maxlen: 24 77.237.76.0/24 maxlen: 24 77.237.77.0/24 maxlen: 24 77.237.78.0/23 maxlen: 23 77.237.78.0/24 maxlen: 24 77.237.80.0/20 maxlen: 20 77.237.80.0/24 maxlen: 24 77.237.81.0/24 maxlen: 24 77.237.82.0/24 maxlen: 24 77.237.83.0/24 maxlen: 24 77.237.84.0/23 maxlen: 24 77.237.84.0/24 maxlen: 24 77.237.85.0/24 maxlen: 24 77.237.87.0/24 maxlen: 24 77.237.88.0/24 maxlen: 24 77.237.89.0/24 maxlen: 24 77.237.91.0/24 maxlen: 24 77.237.94.0/24 maxlen: 24 77.237.95.0/24 maxlen: 24 92.242.192.0/19 maxlen: 19 92.242.192.0/23 maxlen: 23 92.242.192.0/24 maxlen: 24 92.242.193.0/24 maxlen: 24 92.242.194.0/24 maxlen: 24 92.242.195.0/24 maxlen: 24 92.242.198.0/24 maxlen: 24 92.242.200.0/21 maxlen: 21 92.242.201.0/24 maxlen: 24 92.242.202.0/23 maxlen: 23 92.242.202.0/24 maxlen: 24 92.242.203.0/24 maxlen: 24 92.242.204.0/24 maxlen: 24 92.242.205.0/24 maxlen: 24 92.242.206.0/24 maxlen: 24 92.242.207.0/24 maxlen: 24 92.242.208.0/20 maxlen: 20 92.242.208.0/24 maxlen: 24 92.242.210.0/23 maxlen: 23 92.242.210.0/24 maxlen: 24 92.242.211.0/24 maxlen: 24 92.242.212.0/22 maxlen: 22 92.242.214.0/24 maxlen: 24 92.242.215.0/24 maxlen: 24 92.242.220.0/24 maxlen: 24 92.242.223.0/24 maxlen: 24 185.14.160.0/22 maxlen: 22 185.14.160.0/24 maxlen: 24 185.14.163.0/24 maxlen: 24 185.225.240.0/24 maxlen: 24 185.225.241.0/24 maxlen: 24 185.225.242.0/23 maxlen: 23 185.225.242.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/0e2744-f646-4429-a25a-ff68517770e4/1/B6_c1el6wcECR5yVTV-SKxJsvBQ.crl rsync://rpki.ripe.net/repository/DEFAULT/f3/0e2744-f646-4429-a25a-ff68517770e4/1/B6_c1el6wcECR5yVTV-SKxJsvBQ.mft rsync://rpki.ripe.net/repository/DEFAULT/B6_c1el6wcECR5yVTV-SKxJsvBQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:99:5e:76:a0:27:90:ea:7e:cc:bb:3d:a3:21:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=07afdcd5e97ac1c102479c954d5f922b126cbc14 Validity Not Before: Jan 2 18:22:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2a1a9571bc035124783473e6f89e65c2b06e7798 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:52:21:22:bf:82:88:cf:c6:1a:31:82:a1:4e: 36:4d:25:e1:17:5d:9f:3c:b2:a4:af:7d:f2:9c:ef: 8f:17:86:e9:af:87:33:84:3a:2a:dd:6f:46:d6:3a: 0e:cd:18:0c:01:59:23:ff:68:ae:50:e7:23:50:17: 5c:fa:da:77:aa:c2:7e:00:70:d1:a9:5d:db:cf:37: f6:b8:d6:24:d3:99:bd:66:d4:ce:21:4f:db:81:9e: 74:c9:ab:5f:20:4e:c0:98:89:ec:e4:f2:38:35:0f: d9:82:4b:2c:b6:f7:ea:2f:bb:07:8c:5f:b6:0a:25: 1b:f9:e8:4d:f5:10:b4:95:10:e3:1a:2b:cb:15:8b: 11:af:91:a4:28:69:d5:a1:b3:6e:4c:d3:cc:3a:10: f8:f6:fa:03:ee:4e:ae:1a:b7:c1:d7:f3:fe:93:1e: 7d:ee:18:8e:29:a9:8d:45:66:35:6e:08:45:2b:af: df:b3:c5:2f:a5:96:57:2f:77:bf:75:34:fa:04:e8: fb:b9:1d:b7:4f:4d:33:8c:2e:f1:1b:c8:e6:16:84: 32:1d:c3:7e:61:ae:87:67:c5:6f:5b:f0:a0:da:ec: 78:1a:ea:a6:fb:59:3e:8c:cf:77:64:0d:a0:69:c9: ea:c2:6a:97:36:bf:df:7a:4a:49:77:d2:e2:d0:00: 34:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:1A:95:71:BC:03:51:24:78:34:73:E6:F8:9E:65:C2:B0:6E:77:98 X509v3 Authority Key Identifier: keyid:07:AF:DC:D5:E9:7A:C1:C1:02:47:9C:95:4D:5F:92:2B:12:6C:BC:14 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B6_c1el6wcECR5yVTV-SKxJsvBQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0e2744-f646-4429-a25a-ff68517770e4/1/KhqVcbwDUSR4NHPm-J5lwrBud5g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0e2744-f646-4429-a25a-ff68517770e4/1/B6_c1el6wcECR5yVTV-SKxJsvBQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.237.64.0/19 92.242.192.0/19 185.14.160.0/22 185.225.240.0/22 Signature Algorithm: sha256WithRSAEncryption 5d:f0:66:72:cc:8a:4a:67:b4:d3:da:9f:65:08:5a:c1:93:73: 5e:ae:c0:fc:86:38:1a:fe:26:46:dc:5f:1a:63:bf:b3:bb:65: 46:0d:8e:e0:ea:34:3d:15:30:f9:dc:e9:71:80:4d:c7:5b:6f: d6:76:0b:b3:aa:69:68:5f:c8:f1:6d:4f:18:18:93:b5:f9:0e: 49:a1:47:49:03:1d:41:90:6c:a2:05:25:f3:8a:98:89:3f:ba: ee:93:3c:e1:f6:0e:c9:f7:00:f3:0d:97:5f:63:02:7f:99:15: db:c4:4a:c1:3d:ad:90:58:96:fe:29:22:5b:ad:83:4d:d8:ce: d9:2e:c0:d0:cf:3e:03:1e:1a:e7:b1:75:17:a2:7a:3f:9e:96: 75:bf:ff:06:78:74:91:f6:34:e3:49:ac:63:9f:03:2f:10:88: 58:9e:b2:15:44:b5:4e:51:1f:23:b4:b0:74:54:a2:ea:3f:7e: 17:09:94:75:22:a3:03:22:29:1f:a7:99:db:4d:70:57:fd:15: 19:03:df:65:63:fd:6f:27:0e:8a:6d:f9:72:39:a6:78:bd:5a: f3:ca:cf:fb:2a:50:75:a6:a0:78:da:ac:32:8e:f7:90:73:e4: 06:e2:86:30:38:dd:d3:2c:e6:15:f1:98:7d:3a:d7:4f:a2:92: 16:f1:60:51 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt/8pledqAnkOp+zLs9oyFOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA3YWZkY2Q1ZTk3YWMxYzEwMjQ3OWM5NTRkNWY5MjJiMTI2 Y2JjMTQwHhcNMjYwMTAyMTgyMjQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYTFhOTU3MWJjMDM1MTI0NzgzNDczZTZmODllNjVjMmIwNmU3Nzk4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1FIhIr+CiM/GGjGCoU42TSXhF12f PLKkr33ynO+PF4bpr4czhDoq3W9G1joOzRgMAVkj/2iuUOcjUBdc+tp3qsJ+AHDR qV3bzzf2uNYk05m9ZtTOIU/bgZ50yatfIE7AmIns5PI4NQ/ZgksstvfqL7sHjF+2 CiUb+ehN9RC0lRDjGivLFYsRr5GkKGnVobNuTNPMOhD49voD7k6uGrfB1/P+kx59 7hiOKamNRWY1bghFK6/fs8UvpZZXL3e/dTT6BOj7uR23T00zjC7xG8jmFoQyHcN+ Ya6HZ8VvW/Cg2ux4Guqm+1k+jM93ZA2gacnqwmqXNr/fekpJd9Li0AA03wIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFCoalXG8A1EkeDRz5vieZcKwbneYMB8GA1UdIwQY MBaAFAev3NXpesHBAkeclU1fkisSbLwUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQjZfYzFlbDZ3Y0VDUjV5VlRWLVNLeEpzdkJRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8wZTI3NDQtZjY0Ni00NDI5LWEyNWEt ZmY2ODUxNzc3MGU0LzEvS2hxVmNid0RVU1I0TkhQbS1KNWx3ckJ1ZDVnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMy8wZTI3NDQtZjY0Ni00NDI5LWEyNWEtZmY2ODUxNzc3MGU0 LzEvQjZfYzFlbDZ3Y0VDUjV5VlRWLVNLeEpzdkJRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFTe1AAwQF XPLAAwQCuQ6gAwQCueHwMA0GCSqGSIb3DQEBCwUAA4IBAQBd8GZyzIpKZ7TT2p9l CFrBk3NersD8hjga/iZG3F8aY7+zu2VGDY7g6jQ9FTD53OlxgE3HW2/Wdguzqmlo X8jxbU8YGJO1+Q5JoUdJAx1BkGyiBSXzipiJP7rukzzh9g7J9wDzDZdfYwJ/mRXb xErBPa2QWJb+KSJbrYNN2M7ZLsDQzz4DHhrnsXUXono/npZ1v/8GeHSR9jTjSaxj nwMvEIhYnrIVRLVOUR8jtLB0VKLqP34XCZR1IqMDIikfp5nbTXBX/RUZA99lY/1v Jw6KbflyOaZ4vVrzys/7KlB1pqB42qwyjveQc+QG4oYwON3TLOYV8Zh9OtdPopIW 8WBR -----END CERTIFICATE-----Generated at Sun Jan 25 20:49:05 2026 by rpki-client