This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/KhJgMsf4MlVqjTxkDuQ9Ni25cwU.roa File: KhJgMsf4MlVqjTxkDuQ9Ni25cwU.roa (raw, json) Hash identifier: N7b1KGX3pLxR+FHyz4EyWAub2m3A959wM0aSSosSFf4= Subject key identifier: 2A:12:60:32:C7:F8:32:55:6A:8D:3C:64:0E:E4:3D:36:2D:B9:73:05 Certificate issuer: /CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1 Certificate serial: 019B7AC957FE0347DCA48BC03990210ECA05 Authority key identifier: D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/KhJgMsf4MlVqjTxkDuQ9Ni25cwU.roa Signing time: Thu 01 Jan 2026 18:19:34 +0000 ROA not before: Thu 01 Jan 2026 18:19:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 46475 IP address blocks: 45.81.253.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.crl rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.mft rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 11:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c9:57:fe:03:47:dc:a4:8b:c0:39:90:21:0e:ca:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1 Validity Not Before: Jan 1 18:19:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2a126032c7f832556a8d3c640ee43d362db97305 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:ad:5c:a5:b4:b9:e8:2a:a8:3e:f9:65:7e:2e: 4f:e0:11:be:75:92:80:d7:a9:0e:c7:53:15:60:38: d2:84:f6:fe:ea:b6:e5:92:51:c6:a7:44:38:62:91: c2:ee:b7:3c:2d:55:82:c1:4a:8b:71:b9:86:ca:bd: 88:69:0f:d2:53:72:43:ee:19:da:37:01:6d:26:00: 03:92:74:eb:8a:bd:0f:b7:e5:98:d3:cd:4b:de:22: 77:ef:ba:8c:24:02:0f:da:b7:93:4b:08:1e:df:22: cd:a7:32:cb:4c:cc:7d:74:8a:cd:3c:99:72:8c:63: 86:00:eb:f9:ee:f9:cc:a2:75:9b:20:f0:0b:af:97: 4b:1b:f4:ce:fa:49:cc:76:0d:b9:17:55:63:0c:98: 1f:db:a9:c3:8b:8f:03:28:9c:7b:cc:53:8f:b8:1b: 46:97:c5:88:d6:5e:e9:13:02:d9:74:c5:d4:3e:c8: 2c:19:f8:2d:f8:c6:1c:8c:9c:4a:8d:58:63:c2:74: d1:6f:96:e3:a4:06:1d:36:3c:0d:c8:18:9a:8d:79: e3:79:84:1c:43:15:1b:77:7f:82:d5:1f:05:46:68: 89:05:39:4a:54:04:71:e4:40:61:d4:ec:80:3e:43: 57:e7:68:61:25:44:a8:d5:16:d9:f4:38:1a:97:16: 65:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:12:60:32:C7:F8:32:55:6A:8D:3C:64:0E:E4:3D:36:2D:B9:73:05 X509v3 Authority Key Identifier: keyid:D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/KhJgMsf4MlVqjTxkDuQ9Ni25cwU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.81.253.0/24 Signature Algorithm: sha256WithRSAEncryption ab:4f:34:7e:c3:e7:2f:67:f0:90:20:9e:9d:6c:a5:60:b0:89: ef:37:30:a0:ac:08:63:0e:7a:c9:59:87:ad:51:c0:6f:06:8a: 5f:e7:3a:45:e2:e7:48:a7:7d:db:61:96:ba:e1:98:13:39:78: 21:5c:cf:cb:27:59:ce:e7:65:cd:8e:d1:0e:c6:c8:ae:93:98: f0:53:f1:21:1d:a9:7d:17:f6:80:3c:20:de:fe:4a:f6:79:ae: 53:21:6b:3e:fa:a7:c7:f0:fd:eb:72:de:39:70:8a:9d:e5:48: d7:0f:8a:36:4f:06:e7:8d:f6:ce:0f:aa:4d:c2:25:bf:39:49: 69:1b:52:9a:39:f9:5a:ee:5e:cf:20:c7:93:b0:cd:af:d1:bb: d5:ee:c1:8b:b8:11:74:53:b1:10:68:8a:d1:f3:33:4c:90:3b: 2a:ac:cc:c5:8e:07:98:3f:0b:c4:59:59:48:bc:b9:64:87:9d: f6:b0:f5:d5:4a:0d:81:ef:5a:f6:f2:d9:91:de:41:e3:58:dd: c3:f7:5d:6f:ac:1d:d5:6c:33:65:86:e4:4a:5c:5a:bc:17:60: 67:f8:de:e4:e6:1b:92:0c:2b:3a:91:22:81:60:b9:10:8e:d8: 72:a3:47:ee:e1:ff:5e:03:3f:5e:14:e1:6b:44:1c:78:38:fe: 70:e9:3d:53 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6yVf+A0fcpIvAOZAhDsoFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ1ZTY3MzNmYTIzOWM1ZmIwYzQzOGM4MmY3YzIzMGY1NWQ0 NzhjYjEwHhcNMjYwMTAxMTgxOTM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYTEyNjAzMmM3ZjgzMjU1NmE4ZDNjNjQwZWU0M2QzNjJkYjk3MzA1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtK1cpbS56CqoPvllfi5P4BG+dZKA 16kOx1MVYDjShPb+6rblklHGp0Q4YpHC7rc8LVWCwUqLcbmGyr2IaQ/SU3JD7hna NwFtJgADknTrir0Pt+WY081L3iJ377qMJAIP2reTSwge3yLNpzLLTMx9dIrNPJly jGOGAOv57vnMonWbIPALr5dLG/TO+knMdg25F1VjDJgf26nDi48DKJx7zFOPuBtG l8WI1l7pEwLZdMXUPsgsGfgt+MYcjJxKjVhjwnTRb5bjpAYdNjwNyBiajXnjeYQc QxUbd3+C1R8FRmiJBTlKVARx5EBh1OyAPkNX52hhJUSo1RbZ9DgalxZl+QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCoSYDLH+DJVao08ZA7kPTYtuXMFMB8GA1UdIwQY MBaAFNXmcz+iOcX7DEOMgvfCMPVdR4yxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQt YTM4YjY3OTVmYjI0LzEvS2hKZ01zZjRNbFZxalR4a0R1UTlOaTI1Y3dVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQtYTM4YjY3OTVmYjI0 LzEvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVH9MA0G CSqGSIb3DQEBCwUAA4IBAQCrTzR+w+cvZ/CQIJ6dbKVgsInvNzCgrAhjDnrJWYet UcBvBopf5zpF4udIp33bYZa64ZgTOXghXM/LJ1nO52XNjtEOxsiuk5jwU/EhHal9 F/aAPCDe/kr2ea5TIWs++qfH8P3rct45cIqd5UjXD4o2TwbnjfbOD6pNwiW/OUlp G1KaOfla7l7PIMeTsM2v0bvV7sGLuBF0U7EQaIrR8zNMkDsqrMzFjgeYPwvEWVlI vLlkh532sPXVSg2B71r28tmR3kHjWN3D911vrB3VbDNlhuRKXFq8F2Bn+N7k5huS DCs6kSKBYLkQjthyo0fu4f9eAz9eFOFrRBx4OP5w6T1T -----END CERTIFICATE-----Generated at Wed Jan 21 17:33:57 2026 by rpki-client