This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KBhnj0Ir_tho5EXJLNZwzjxlWxg.roa File: KBhnj0Ir_tho5EXJLNZwzjxlWxg.roa (raw, json) Hash identifier: F3KKuv5uNRlPHbCmeexUlCFDdLfaULlUoq5XSs8OPKI= Subject key identifier: 28:18:67:8F:42:2B:FE:D8:68:E4:45:C9:2C:D6:70:CE:3C:65:5B:18 Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7 Certificate serial: 019B7F8568BB9C6B1F273B387CC09F812478 Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KBhnj0Ir_tho5EXJLNZwzjxlWxg.roa Signing time: Fri 02 Jan 2026 16:23:28 +0000 ROA not before: Fri 02 Jan 2026 16:23:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207713 IP address blocks: 194.87.31.0/24 maxlen: 24 194.87.45.0/24 maxlen: 24 194.87.71.0/24 maxlen: 24 194.87.216.0/24 maxlen: 24 194.87.218.0/24 maxlen: 24 195.133.88.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 17:17:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:68:bb:9c:6b:1f:27:3b:38:7c:c0:9f:81:24:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7 Validity Not Before: Jan 2 16:23:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2818678f422bfed868e445c92cd670ce3c655b18 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:f6:01:57:54:f4:a2:59:e8:3f:94:d0:fa:d7: ee:52:a3:65:b8:b9:08:7e:56:09:b0:4f:b0:7a:c6: d2:13:e9:39:a8:71:a7:14:ff:cc:48:96:59:9a:e8: 22:89:75:e6:f3:eb:33:4f:00:13:11:2f:b9:a9:94: 87:91:1e:b6:52:a8:8d:86:d2:3e:11:70:a5:47:51: 19:51:f0:7f:cc:e7:4e:bc:87:8d:34:23:22:a9:cc: 83:b3:1f:42:fb:62:14:8e:5a:3c:1a:a7:3d:d1:af: a9:64:cc:c6:ef:69:d6:e2:df:f3:c9:2f:d4:dd:27: 09:24:ad:fe:18:b0:39:b9:97:cd:f1:f5:79:51:6d: c5:e2:41:c5:14:75:b6:35:b2:7e:d3:dd:8e:77:83: e3:a6:86:c1:98:62:16:11:ef:8d:8b:49:10:c8:1e: 32:93:ca:eb:d3:2f:3b:4a:42:fc:da:14:f5:f6:10: 20:25:c2:b0:e6:ba:30:87:6c:9c:ae:03:79:be:ce: 74:f9:25:b0:79:6e:81:aa:3c:fe:85:45:00:99:57: 50:72:ca:58:12:5d:8d:1e:1e:5b:de:44:5b:05:ac: dd:ea:e0:18:68:8c:67:57:3a:d5:2c:de:33:01:35: ae:92:a9:32:53:93:d7:cd:30:e7:17:fc:b6:62:99: 6d:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:18:67:8F:42:2B:FE:D8:68:E4:45:C9:2C:D6:70:CE:3C:65:5B:18 X509v3 Authority Key Identifier: keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KBhnj0Ir_tho5EXJLNZwzjxlWxg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.87.31.0/24 194.87.45.0/24 194.87.71.0/24 194.87.216.0/24 194.87.218.0/24 195.133.88.0/24 Signature Algorithm: sha256WithRSAEncryption 83:a9:02:05:a5:d0:42:7b:bc:27:72:18:d3:9c:65:e7:64:1f: 5e:4d:1a:ae:db:c9:cf:2c:0e:f7:29:11:64:28:91:29:64:40: ff:b6:ed:7a:98:ca:18:1e:eb:80:04:c7:20:6f:6f:2c:85:3b: 68:0c:69:9e:d8:c3:3e:e3:11:57:29:eb:73:69:79:6c:74:15: 23:19:49:74:da:00:72:6a:cf:8c:d8:9a:af:aa:04:e6:f5:63: c1:d6:90:e1:14:93:1f:e8:3e:9f:2b:b6:87:fa:00:cc:f0:c1: 14:62:1d:2d:52:f8:7f:6e:4f:8a:6e:c3:99:61:1b:bf:87:9f: ba:ae:7f:c0:4f:c6:10:ff:51:cb:6a:ca:75:63:17:01:db:bf: d6:57:37:62:ae:bb:0e:cf:97:90:f8:e1:44:10:ee:c3:c7:cb: c1:30:26:ff:61:e6:52:cd:59:b0:dc:9b:e8:7a:3a:29:aa:ff: a6:81:9e:c3:b8:5c:84:40:48:5b:ba:7f:39:5c:ff:f6:c9:67: db:e2:c4:ca:32:22:eb:a7:42:4e:01:a6:52:4e:c4:d0:a9:4c: f7:b1:0b:bf:99:0b:9d:62:3b:a2:b3:0c:87:0b:27:08:d9:86: 98:4c:b2:f7:8a:29:58:6f:b4:bc:af:52:64:fe:69:b7:07:85: 0b:d6:7f:3b -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt/hWi7nGsfJzs4fMCfgSR4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw ZTFhYzcwHhcNMjYwMTAyMTYyMzI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyODE4Njc4ZjQyMmJmZWQ4NjhlNDQ1YzkyY2Q2NzBjZTNjNjU1YjE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfYBV1T0olnoP5TQ+tfuUqNluLkI flYJsE+wesbSE+k5qHGnFP/MSJZZmugiiXXm8+szTwATES+5qZSHkR62UqiNhtI+ EXClR1EZUfB/zOdOvIeNNCMiqcyDsx9C+2IUjlo8Gqc90a+pZMzG72nW4t/zyS/U 3ScJJK3+GLA5uZfN8fV5UW3F4kHFFHW2NbJ+092Od4PjpobBmGIWEe+Ni0kQyB4y k8rr0y87SkL82hT19hAgJcKw5rowh2ycrgN5vs50+SWweW6Bqjz+hUUAmVdQcspY El2NHh5b3kRbBazd6uAYaIxnVzrVLN4zATWukqkyU5PXzTDnF/y2YplthwIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFCgYZ49CK/7YaORFySzWcM48ZVsYMB8GA1UdIwQY MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt NWE0MjQyOGYxMTQzLzEvS0JobmowSXJfdGhvNUVYSkxOWnd6anhsV3hnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwlcfAwQA wlctAwQAwldHAwQAwlfYAwQAwlfaAwQAw4VYMA0GCSqGSIb3DQEBCwUAA4IBAQCD qQIFpdBCe7wnchjTnGXnZB9eTRqu28nPLA73KRFkKJEpZED/tu16mMoYHuuABMcg b28shTtoDGme2MM+4xFXKetzaXlsdBUjGUl02gByas+M2JqvqgTm9WPB1pDhFJMf 6D6fK7aH+gDM8MEUYh0tUvh/bk+KbsOZYRu/h5+6rn/AT8YQ/1HLasp1YxcB27/W VzdirrsOz5eQ+OFEEO7Dx8vBMCb/YeZSzVmw3Jvoejopqv+mgZ7DuFyEQEhbun85 XP/2yWfb4sTKMiLrp0JOAaZSTsTQqUz3sQu/mQudYjuiswyHCycI2YaYTLL3iilY b7S8r1Jk/mm3B4UL1n87 -----END CERTIFICATE-----Generated at Sat Jan 10 03:16:11 2026 by rpki-client