This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/KhePy2KSChqSTO56xjFNB88Adhw.roa File: KhePy2KSChqSTO56xjFNB88Adhw.roa (raw, json) Hash identifier: jSbx1Mp1yMnht16w7llcf9K2ZLPdIRkxkGJ6/eCHfII= Subject key identifier: 2A:17:8F:CB:62:92:0A:1A:92:4C:EE:7A:C6:31:4D:07:CF:00:76:1C Certificate issuer: /CN=86cb742a03bc9c85507217a25204dfff82fccdf9 Certificate serial: 019B7EA4CCB876EDA17E0C03F3443E168702 Authority key identifier: 86:CB:74:2A:03:BC:9C:85:50:72:17:A2:52:04:DF:FF:82:FC:CD:F9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/KhePy2KSChqSTO56xjFNB88Adhw.roa Signing time: Fri 02 Jan 2026 12:18:08 +0000 ROA not before: Fri 02 Jan 2026 12:18:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 135330 IP address blocks: 31.192.233.0/24 maxlen: 24 2a0a:eec0:8::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/hst0KgO8nIVQcheiUgTf_4L8zfk.crl rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/hst0KgO8nIVQcheiUgTf_4L8zfk.mft rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a4:cc:b8:76:ed:a1:7e:0c:03:f3:44:3e:16:87:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=86cb742a03bc9c85507217a25204dfff82fccdf9 Validity Not Before: Jan 2 12:18:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2a178fcb62920a1a924cee7ac6314d07cf00761c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:bb:e8:b6:20:e6:34:dc:62:e7:0a:a6:9c:01: 5f:8b:7a:9b:3f:ff:50:cb:c9:f0:09:ff:66:ec:f5: 88:df:ab:13:95:61:ee:6d:57:06:d8:86:7a:54:38: ef:e6:85:5a:c7:39:8f:1f:02:62:c0:82:7f:7e:04: 41:3a:f7:b2:31:a5:d6:86:0d:ea:3f:37:46:c1:b6: 0d:da:06:14:14:d0:df:d7:36:6c:58:04:67:50:bd: df:bb:8f:8f:29:cc:a6:22:5a:f6:ea:5f:03:40:4a: 6e:34:54:08:07:07:1b:fa:89:5a:37:ba:e0:79:4c: 58:85:e8:8d:90:75:92:b6:f6:6d:dd:14:1a:81:b2: 87:52:66:89:92:ac:16:d1:9b:3c:e2:96:a9:08:7b: 64:37:f9:26:c2:a3:d3:1a:71:21:c9:7a:a6:15:c4: ab:bc:7a:fb:bb:7f:14:1d:6c:a9:9c:86:78:ce:2f: df:d7:84:5d:c5:e8:d1:1e:06:d1:14:57:20:08:db: 46:3b:eb:1f:eb:54:c3:25:43:3a:37:2a:64:ce:fd: aa:9d:91:ce:40:b7:7e:bb:c5:c0:bb:ab:27:4b:3e: 9d:1b:eb:57:c3:ee:7d:fb:e3:7c:ea:db:32:93:2f: a7:f2:fc:dd:3d:d5:b3:27:26:50:eb:ed:fc:d8:ca: 55:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:17:8F:CB:62:92:0A:1A:92:4C:EE:7A:C6:31:4D:07:CF:00:76:1C X509v3 Authority Key Identifier: keyid:86:CB:74:2A:03:BC:9C:85:50:72:17:A2:52:04:DF:FF:82:FC:CD:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/KhePy2KSChqSTO56xjFNB88Adhw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/hst0KgO8nIVQcheiUgTf_4L8zfk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.192.233.0/24 IPv6: 2a0a:eec0:8::/48 Signature Algorithm: sha256WithRSAEncryption ce:00:14:39:b0:91:ee:0b:eb:dd:b7:9b:10:19:0b:e3:c5:57: 3f:b5:75:a4:36:39:d6:54:1b:4a:79:3b:16:4d:19:86:98:25: 42:2b:35:ec:54:64:42:58:0c:7e:66:c6:b5:27:fe:8a:d9:39: ce:66:af:c7:d2:27:ff:ac:a8:90:d4:8b:c1:cd:fd:9e:33:a3: 26:ad:af:a9:dc:47:38:88:64:07:dd:6b:e1:95:96:ba:97:e7: b1:d6:21:40:72:85:85:de:3a:82:03:cf:29:7a:02:7c:7f:81: 61:ee:ce:ca:82:49:f8:53:92:ec:3e:17:3d:d6:fb:37:83:2f: a8:3e:25:94:f3:19:ee:93:e1:c5:d9:43:10:0c:d1:7c:65:24: 26:bf:1a:c7:ad:66:7a:1d:0c:01:e3:46:c7:30:bf:f5:ef:46: c0:9b:27:6d:a9:67:f6:97:28:3c:56:1d:58:fa:30:96:99:10: 98:fa:36:67:62:35:dc:cc:eb:96:f3:2f:61:6f:0d:0f:80:d2: 6c:33:80:d1:1c:4d:5e:b4:08:96:33:b7:17:3f:e6:23:4f:87: 74:1e:03:be:af:79:7d:3f:25:e0:59:0f:66:8e:5b:b3:be:a2: e4:ca:44:d7:e7:e6:ad:33:24:3c:ca:bd:50:84:60:aa:ce:6e: e8:96:02:c2 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt+pMy4du2hfgwD80Q+FocCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2Y2I3NDJhMDNiYzljODU1MDcyMTdhMjUyMDRkZmZmODJm Y2NkZjkwHhcNMjYwMTAyMTIxODA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYTE3OGZjYjYyOTIwYTFhOTI0Y2VlN2FjNjMxNGQwN2NmMDA3NjFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurvotiDmNNxi5wqmnAFfi3qbP/9Q y8nwCf9m7PWI36sTlWHubVcG2IZ6VDjv5oVaxzmPHwJiwIJ/fgRBOveyMaXWhg3q PzdGwbYN2gYUFNDf1zZsWARnUL3fu4+PKcymIlr26l8DQEpuNFQIBwcb+olaN7rg eUxYheiNkHWStvZt3RQagbKHUmaJkqwW0Zs84papCHtkN/kmwqPTGnEhyXqmFcSr vHr7u38UHWypnIZ4zi/f14RdxejRHgbRFFcgCNtGO+sf61TDJUM6Nypkzv2qnZHO QLd+u8XAu6snSz6dG+tXw+59++N86tsyky+n8vzdPdWzJyZQ6+382MpVkwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFCoXj8tikgoakkzuesYxTQfPAHYcMB8GA1UdIwQY MBaAFIbLdCoDvJyFUHIXolIE3/+C/M35MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaHN0MEtnTzhuSVZRY2hlaVVnVGZfNEw4emZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS83NjdhZTUtYjlhMi00OTkzLTgxYTgt MDVmMThmYzIxMmE3LzEvS2hlUHkyS1NDaHFTVE81NnhqRk5CODhBZGh3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOS83NjdhZTUtYjlhMi00OTkzLTgxYTgtMDVmMThmYzIxMmE3 LzEvaHN0MEtnTzhuSVZRY2hlaVVnVGZfNEw4emZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAH8DpMA8E AgACMAkDBwAqCu7AAAgwDQYJKoZIhvcNAQELBQADggEBAM4AFDmwke4L6923mxAZ C+PFVz+1daQ2OdZUG0p5OxZNGYaYJUIrNexUZEJYDH5mxrUn/orZOc5mr8fSJ/+s qJDUi8HN/Z4zoyatr6ncRziIZAfda+GVlrqX57HWIUByhYXeOoIDzyl6Anx/gWHu zsqCSfhTkuw+Fz3W+zeDL6g+JZTzGe6T4cXZQxAM0XxlJCa/GsetZnodDAHjRscw v/XvRsCbJ22pZ/aXKDxWHVj6MJaZEJj6NmdiNdzM65bzL2FvDQ+A0mwzgNEcTV60 CJYztxc/5iNPh3QeA76veX0/JeBZD2aOW7O+ouTKRNfn5q0zJDzKvVCEYKrObuiW AsI= -----END CERTIFICATE-----Generated at Sun Jan 25 17:20:08 2026 by rpki-client