This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/8e8227-cd20-4db8-a40e-6a3dfb47f8c4/1/Kh2ibrrlvAJA0BPytF3vpct5nG8.roa File: Kh2ibrrlvAJA0BPytF3vpct5nG8.roa (raw, json) Hash identifier: 9S+B5OPrOVNMPF41i1ZV7e9GhndsXm9HajUBATSWGss= Subject key identifier: 2A:1D:A2:6E:BA:E5:BC:02:40:D0:13:F2:B4:5D:EF:A5:CB:79:9C:6F Certificate issuer: /CN=13c9fd37c7431ce6aa3c93a6952c67f0f0c9846e Certificate serial: 019B7CED08B2B84155FE17205C787BF27AF0 Authority key identifier: 13:C9:FD:37:C7:43:1C:E6:AA:3C:93:A6:95:2C:67:F0:F0:C9:84:6E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E8n9N8dDHOaqPJOmlSxn8PDJhG4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/8e8227-cd20-4db8-a40e-6a3dfb47f8c4/1/Kh2ibrrlvAJA0BPytF3vpct5nG8.roa Signing time: Fri 02 Jan 2026 04:17:47 +0000 ROA not before: Fri 02 Jan 2026 04:17:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12835 IP address blocks: 37.128.136.0/21 maxlen: 24 46.226.200.0/21 maxlen: 24 77.72.192.0/21 maxlen: 24 109.205.104.0/21 maxlen: 24 185.38.252.0/22 maxlen: 24 194.105.48.0/21 maxlen: 24 2a00:10c8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/8e8227-cd20-4db8-a40e-6a3dfb47f8c4/1/E8n9N8dDHOaqPJOmlSxn8PDJhG4.crl rsync://rpki.ripe.net/repository/DEFAULT/30/8e8227-cd20-4db8-a40e-6a3dfb47f8c4/1/E8n9N8dDHOaqPJOmlSxn8PDJhG4.mft rsync://rpki.ripe.net/repository/DEFAULT/E8n9N8dDHOaqPJOmlSxn8PDJhG4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:08:b2:b8:41:55:fe:17:20:5c:78:7b:f2:7a:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=13c9fd37c7431ce6aa3c93a6952c67f0f0c9846e Validity Not Before: Jan 2 04:17:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2a1da26ebae5bc0240d013f2b45defa5cb799c6f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:8c:0b:2f:0f:43:9f:97:05:f0:be:04:47:69: 88:16:cb:1a:cd:f5:54:ee:20:c1:79:5a:04:2a:09: f3:57:13:7a:e5:5e:4e:5c:60:ab:82:b7:cd:25:da: 15:9b:75:a7:df:8b:32:cb:b9:63:70:28:23:14:60: b3:9b:a8:a1:0d:a2:d5:7e:5f:f4:7e:9b:87:30:87: 77:65:d1:5f:ad:7c:82:07:ce:67:c2:e5:b6:39:20: 8c:13:e2:ff:9e:3a:6e:83:89:e2:44:c5:f9:c5:ab: a0:ee:d4:9d:b1:25:32:9f:28:61:1b:45:ff:34:a2: 4b:9e:3e:de:1e:29:d1:be:73:09:95:c4:8e:82:ab: 45:47:81:d4:2d:e9:16:e3:14:a6:05:f1:37:72:50: f1:c1:21:d5:a0:11:b7:1f:f9:2f:ee:f1:c2:cb:f4: dc:9e:2b:10:ff:34:0f:cb:51:da:c5:e8:3b:6d:36: 38:91:0b:bc:b5:be:fe:31:9d:72:d0:01:34:63:e0: c9:b8:b0:07:39:5a:57:69:b4:7b:73:6d:df:ea:49: 43:13:c6:73:19:e7:cf:20:eb:ec:6b:e9:61:6c:a6: 34:65:a3:f6:9a:0f:9d:7b:63:de:c7:d3:69:bb:e2: 4c:df:d1:9c:53:e2:25:d8:3b:97:9b:92:41:88:df: 81:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:1D:A2:6E:BA:E5:BC:02:40:D0:13:F2:B4:5D:EF:A5:CB:79:9C:6F X509v3 Authority Key Identifier: keyid:13:C9:FD:37:C7:43:1C:E6:AA:3C:93:A6:95:2C:67:F0:F0:C9:84:6E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E8n9N8dDHOaqPJOmlSxn8PDJhG4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8e8227-cd20-4db8-a40e-6a3dfb47f8c4/1/Kh2ibrrlvAJA0BPytF3vpct5nG8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8e8227-cd20-4db8-a40e-6a3dfb47f8c4/1/E8n9N8dDHOaqPJOmlSxn8PDJhG4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.128.136.0/21 46.226.200.0/21 77.72.192.0/21 109.205.104.0/21 185.38.252.0/22 194.105.48.0/21 IPv6: 2a00:10c8::/32 Signature Algorithm: sha256WithRSAEncryption b1:7c:7c:c8:a7:ee:f9:5c:68:39:47:6a:5f:61:2f:ae:ee:c2: 5e:71:59:a4:07:60:1e:36:94:e7:40:85:7f:22:c2:c1:07:12: 10:77:7f:30:84:ca:00:0b:e4:9d:9a:68:dd:19:8d:b0:3a:19: ea:c4:b8:c1:e8:ab:62:5b:c5:0d:d3:e3:d8:66:83:35:89:59: eb:b0:53:7c:2e:98:ac:bc:6f:2c:a9:04:ae:b9:5a:63:58:3d: 7a:1f:35:a6:8f:04:fa:fb:56:93:cd:5f:9c:62:55:2e:be:ae: 93:ec:51:8c:e2:40:69:89:57:ed:ac:23:9b:f5:94:3e:32:7f: 4e:9f:ed:a6:80:12:d7:e0:a9:1e:9f:cd:e6:dc:74:4e:db:85: 78:09:fa:85:fe:5e:63:41:03:e0:ad:22:3e:09:ee:60:ac:b9: 69:4a:a4:f5:f4:18:37:a6:1a:8e:21:48:cb:0d:e4:4d:cd:bc: 7a:b8:18:66:76:12:9f:48:60:52:bc:8a:26:8f:08:d8:03:5a: 91:3a:10:ea:7c:74:6b:07:ee:89:86:b2:59:ea:dd:44:2e:f1: 38:3b:3b:31:14:9c:d4:6e:ea:b5:23:25:ab:31:06:1f:32:6f: 44:21:d3:21:17:c4:a6:0d:8b:f9:b4:bb:94:d6:8d:9c:16:46: 8a:d2:82:08 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgISAZt87QiyuEFV/hcgXHh78nrwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEzYzlmZDM3Yzc0MzFjZTZhYTNjOTNhNjk1MmM2N2YwZjBj OTg0NmUwHhcNMjYwMTAyMDQxNzQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYTFkYTI2ZWJhZTViYzAyNDBkMDEzZjJiNDVkZWZhNWNiNzk5YzZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYwLLw9Dn5cF8L4ER2mIFssazfVU 7iDBeVoEKgnzVxN65V5OXGCrgrfNJdoVm3Wn34syy7ljcCgjFGCzm6ihDaLVfl/0 fpuHMId3ZdFfrXyCB85nwuW2OSCME+L/njpug4niRMX5xaug7tSdsSUynyhhG0X/ NKJLnj7eHinRvnMJlcSOgqtFR4HULekW4xSmBfE3clDxwSHVoBG3H/kv7vHCy/Tc nisQ/zQPy1Haxeg7bTY4kQu8tb7+MZ1y0AE0Y+DJuLAHOVpXabR7c23f6klDE8Zz GefPIOvsa+lhbKY0ZaP2mg+de2Pex9Npu+JM39GcU+Il2DuXm5JBiN+BjQIDAQAB o4ICNjCCAjIwHQYDVR0OBBYEFCodom665bwCQNAT8rRd76XLeZxvMB8GA1UdIwQY MBaAFBPJ/TfHQxzmqjyTppUsZ/DwyYRuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRThuOU44ZERIT2FxUEpPbWxTeG44UERKaEc0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC84ZTgyMjctY2QyMC00ZGI4LWE0MGUt NmEzZGZiNDdmOGM0LzEvS2gyaWJycmx2QUpBMEJQeXRGM3ZwY3Q1bkc4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMC84ZTgyMjctY2QyMC00ZGI4LWE0MGUtNmEzZGZiNDdmOGM0 LzEvRThuOU44ZERIT2FxUEpPbWxTeG44UERKaEc0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDJYCIAwQD LuLIAwQDTUjAAwQDbc1oAwQCuSb8AwQDwmkwMA0EAgACMAcDBQAqABDIMA0GCSqG SIb3DQEBCwUAA4IBAQCxfHzIp+75XGg5R2pfYS+u7sJecVmkB2AeNpTnQIV/IsLB BxIQd38whMoAC+SdmmjdGY2wOhnqxLjB6KtiW8UN0+PYZoM1iVnrsFN8LpisvG8s qQSuuVpjWD16HzWmjwT6+1aTzV+cYlUuvq6T7FGM4kBpiVftrCOb9ZQ+Mn9On+2m gBLX4Kken83m3HRO24V4CfqF/l5jQQPgrSI+Ce5grLlpSqT19Bg3phqOIUjLDeRN zbx6uBhmdhKfSGBSvIomjwjYA1qROhDqfHRrB+6JhrJZ6t1ELvE4OzsxFJzUbuq1 IyWrMQYfMm9EIdMhF8SmDYv5tLuU1o2cFkaK0oII -----END CERTIFICATE-----Generated at Mon Feb 9 20:59:40 2026 by rpki-client