This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/KhNAuu9WG3GkTH41UJrmcPoQTKU.roa File: KhNAuu9WG3GkTH41UJrmcPoQTKU.roa (raw, json) Hash identifier: 5FQOjZlkYsl9aIgk2X36N7TFLs6f8Qww5PJgGnmSZ6M= Subject key identifier: 2A:13:40:BA:EF:56:1B:71:A4:4C:7E:35:50:9A:E6:70:FA:10:4C:A5 Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec Certificate serial: 019B797ED7C80AD3E03B65825C97EEAF805A Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/KhNAuu9WG3GkTH41UJrmcPoQTKU.roa Signing time: Thu 01 Jan 2026 12:18:34 +0000 ROA not before: Thu 01 Jan 2026 12:18:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203723 IP address blocks: 212.36.18.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:d7:c8:0a:d3:e0:3b:65:82:5c:97:ee:af:80:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec Validity Not Before: Jan 1 12:18:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2a1340baef561b71a44c7e35509ae670fa104ca5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:d9:d4:ba:ad:85:66:d1:88:43:7e:85:5e:8e: 71:d1:01:e3:a0:e8:85:28:55:62:45:5b:0d:a0:45: d6:35:02:25:3b:42:03:82:82:36:7d:eb:f2:0a:a9: da:92:bb:e7:09:9f:0b:57:ec:37:51:33:25:b9:69: a0:a8:63:f4:48:f2:68:2b:d6:e6:eb:88:1d:9c:f1: 84:8d:e7:9e:8f:fb:86:48:30:ff:73:c5:d9:67:48: 1e:42:21:13:47:8e:21:a4:ab:6e:4f:c3:70:45:e5: 58:2a:81:72:c4:dc:0a:8f:c8:67:5f:ab:d2:f4:a4: 6b:4c:3f:71:be:bd:ca:bc:dd:f4:fb:5d:c8:30:28: f1:e4:f7:fa:c4:d4:b0:03:2e:be:43:72:55:70:ac: 80:76:45:22:38:84:2d:4e:87:32:c1:50:d8:88:01: 96:7e:4a:62:a6:9c:ba:38:63:19:de:f7:de:a7:d8: a8:a8:2c:53:ac:c5:4c:48:c3:19:28:f1:48:8b:4c: cf:64:b3:2b:41:46:96:5d:6c:61:5c:06:24:56:ad: ec:2d:08:aa:ab:eb:11:01:c2:82:e1:8e:e9:be:45: 59:33:14:a6:48:15:0b:cf:e0:c2:97:fd:65:3e:ef: 11:3c:58:46:1f:c7:7c:21:03:68:99:63:18:d8:8d: ba:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:13:40:BA:EF:56:1B:71:A4:4C:7E:35:50:9A:E6:70:FA:10:4C:A5 X509v3 Authority Key Identifier: keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/KhNAuu9WG3GkTH41UJrmcPoQTKU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 212.36.18.0/24 Signature Algorithm: sha256WithRSAEncryption 7e:19:45:df:e9:02:16:2f:f9:02:55:cc:89:d5:c3:8d:8d:6a: 14:6e:17:13:f8:ba:ff:3d:14:62:44:16:e1:f2:1a:4b:bf:70: f2:f6:82:7b:a7:06:0e:71:7b:91:3d:64:61:6d:07:bd:01:23: 1d:a1:91:a2:46:f4:a1:74:f5:ee:08:dd:bd:10:1d:11:73:22: b3:7a:36:82:1a:06:e5:55:1c:20:e8:b3:80:23:f3:36:b6:db: 8a:a8:8d:b9:b1:5c:93:5b:52:b9:24:1a:9d:9f:08:0e:6a:db: 30:7c:4e:61:ac:03:aa:4d:6b:f2:a8:81:4e:5b:fa:f8:43:b8: 28:9c:5f:7e:0e:71:72:c0:9b:b3:76:7d:e6:f5:7a:c5:4f:3c: 39:1a:b5:49:12:b9:0a:c5:32:c6:12:45:20:7a:22:3f:00:49: 74:46:92:10:e5:13:f1:e7:7b:1c:42:de:ef:63:88:af:f6:80: da:e8:8d:07:05:f6:61:d6:f9:e5:ee:7c:4c:08:17:db:c9:eb: bd:2b:9a:40:4b:82:3d:49:fd:00:01:74:17:12:62:7b:cf:46: 57:c5:ef:83:24:61:79:d2:6d:c5:59:4f:c1:20:ee:97:97:7c: ae:8c:5a:33:88:18:ca:07:e9:de:d6:33:99:42:63:9a:8f:16: 60:44:44:8d -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt5ftfICtPgO2WCXJfur4BaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj ZDgyZWMwHhcNMjYwMTAxMTIxODM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYTEzNDBiYWVmNTYxYjcxYTQ0YzdlMzU1MDlhZTY3MGZhMTA0Y2E1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9nUuq2FZtGIQ36FXo5x0QHjoOiF KFViRVsNoEXWNQIlO0IDgoI2fevyCqnakrvnCZ8LV+w3UTMluWmgqGP0SPJoK9bm 64gdnPGEjeeej/uGSDD/c8XZZ0geQiETR44hpKtuT8NwReVYKoFyxNwKj8hnX6vS 9KRrTD9xvr3KvN30+13IMCjx5Pf6xNSwAy6+Q3JVcKyAdkUiOIQtTocywVDYiAGW fkpippy6OGMZ3vfep9ioqCxTrMVMSMMZKPFIi0zPZLMrQUaWXWxhXAYkVq3sLQiq q+sRAcKC4Y7pvkVZMxSmSBULz+DCl/1lPu8RPFhGH8d8IQNomWMY2I26awIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCoTQLrvVhtxpEx+NVCa5nD6EEylMB8GA1UdIwQY MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt N2ZiYmFlNmY5NDM3LzEvS2hOQXV1OVdHM0drVEg0MVVKcm1jUG9RVEtVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3 LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1CQSMA0G CSqGSIb3DQEBCwUAA4IBAQB+GUXf6QIWL/kCVcyJ1cONjWoUbhcT+Lr/PRRiRBbh 8hpLv3Dy9oJ7pwYOcXuRPWRhbQe9ASMdoZGiRvShdPXuCN29EB0RcyKzejaCGgbl VRwg6LOAI/M2ttuKqI25sVyTW1K5JBqdnwgOatswfE5hrAOqTWvyqIFOW/r4Q7go nF9+DnFywJuzdn3m9XrFTzw5GrVJErkKxTLGEkUgeiI/AEl0RpIQ5RPx53scQt7v Y4iv9oDa6I0HBfZh1vnl7nxMCBfbyeu9K5pAS4I9Sf0AAXQXEmJ7z0ZXxe+DJGF5 0m3FWU/BIO6Xl3yujFoziBjKB+ne1jOZQmOajxZgRESN -----END CERTIFICATE-----Generated at Mon Jan 26 17:24:29 2026 by rpki-client