This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/khIatClzzDAzsXKofHk3CzFjNwQ.roa File: khIatClzzDAzsXKofHk3CzFjNwQ.roa (raw, json) Hash identifier: VqTvtGjsJjhyzOsm3Z+fa0f8w1YFBA58VD7S9gC+DFg= Subject key identifier: 92:12:1A:B4:29:73:CC:30:33:B1:72:A8:7C:79:37:0B:31:63:37:04 Certificate issuer: /CN=ba9d30e6035be8b8386061f271481c707e04ce2b Certificate serial: 019B76EB844903734F80CD5E6293F7AFE5F8 Authority key identifier: BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/khIatClzzDAzsXKofHk3CzFjNwQ.roa Signing time: Thu 01 Jan 2026 00:18:24 +0000 ROA not before: Thu 01 Jan 2026 00:18:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50889 IP address blocks: 85.29.14.0/24 maxlen: 24 85.29.18.0/24 maxlen: 24 85.29.33.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/up0w5gNb6Lg4YGHycUgccH4Ezis.crl rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/up0w5gNb6Lg4YGHycUgccH4Ezis.mft rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 18:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:84:49:03:73:4f:80:cd:5e:62:93:f7:af:e5:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ba9d30e6035be8b8386061f271481c707e04ce2b Validity Not Before: Jan 1 00:18:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=92121ab42973cc3033b172a87c79370b31633704 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:9c:a6:fb:e8:26:f7:fc:90:65:11:2b:ba:3e: d0:a6:5d:42:7b:74:a3:45:1f:61:a4:59:b2:b0:67: b6:5b:06:cd:11:d7:47:f2:72:8d:ff:8f:52:1c:c4: ee:d9:68:5f:a8:d8:ce:c6:88:52:54:b0:c5:07:43: bc:b9:9d:c1:ff:c4:c5:65:4d:e0:5d:0d:d0:90:42: 87:12:3c:34:3e:77:55:c1:65:76:26:b6:3c:10:8c: 7b:5e:c6:ab:ad:4b:f9:60:80:d5:24:cd:9f:cf:3d: 30:6a:c0:cf:b6:0b:d1:1f:21:81:3f:a8:10:8f:44: ea:3d:71:65:e1:a0:1c:f8:c6:0c:57:a0:81:b3:8f: 24:5b:fc:9b:12:51:f8:d2:ca:97:a6:21:73:1d:8a: a9:1b:92:17:70:08:f3:e9:89:e6:a4:64:21:b4:5f: 7b:5d:82:d1:a0:b7:e9:35:13:bd:9c:ae:7a:20:80: dc:a8:3a:8c:5a:5f:9b:49:73:88:59:20:0c:2d:2f: 14:a3:77:84:4f:f9:a0:3d:31:e6:c1:e1:36:33:94: e3:13:e1:2b:00:cc:97:85:6e:90:f2:d8:c3:ec:44: 4b:9e:84:e5:98:e2:db:65:96:27:d6:97:9e:82:f2: cd:e7:55:3a:f6:ee:c6:96:a2:06:ad:99:8e:a4:d7: 0e:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:12:1A:B4:29:73:CC:30:33:B1:72:A8:7C:79:37:0B:31:63:37:04 X509v3 Authority Key Identifier: keyid:BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/khIatClzzDAzsXKofHk3CzFjNwQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/up0w5gNb6Lg4YGHycUgccH4Ezis.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.29.14.0/24 85.29.18.0/24 85.29.33.0/24 Signature Algorithm: sha256WithRSAEncryption 9c:c9:1f:53:b3:47:87:17:e2:c4:e6:20:eb:a2:6f:8e:32:d2: ef:24:2c:73:04:51:4a:6e:a0:58:5a:ad:df:f5:ce:14:5f:33: 45:14:03:99:04:e2:d4:54:22:f7:48:8b:46:98:ef:ba:90:76: f2:ea:d7:f7:59:29:eb:8d:8a:b8:50:02:a6:0f:51:3e:51:59: dc:3b:e8:7f:32:4f:04:c9:be:bb:5f:55:28:5c:05:a2:1a:3e: 4e:b2:07:ce:56:7a:e0:57:e5:8b:c7:c0:b4:42:26:d5:95:9e: 6b:81:b0:53:25:4b:ed:a9:1c:12:a5:64:24:6b:71:a3:79:c6: 7d:cf:aa:b9:27:e5:a6:87:9e:7b:02:bc:43:d0:ef:3e:2d:12: d7:93:88:57:ba:63:5a:01:69:1f:f2:e3:82:37:23:b5:aa:74: 71:1a:51:09:e3:69:53:52:48:c7:a6:95:fe:fa:44:73:93:b0: 23:c6:7b:7e:3a:38:f3:59:fe:12:d7:ef:d5:d1:d8:61:c9:38: 1b:53:e9:db:2e:c5:d9:ed:ae:6a:70:2c:d1:c7:4d:81:06:f3: d2:50:50:ee:b1:bc:95:2a:de:7c:57:78:ee:d5:57:68:14:a7: c2:fe:85:07:f0:dc:55:b3:b7:c1:4e:14:c4:8d:b5:0f:a9:00: fa:2d:73:d2 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt264RJA3NPgM1eYpP3r+X4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhOWQzMGU2MDM1YmU4YjgzODYwNjFmMjcxNDgxYzcwN2Uw NGNlMmIwHhcNMjYwMTAxMDAxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MjEyMWFiNDI5NzNjYzMwMzNiMTcyYTg3Yzc5MzcwYjMxNjMzNzA0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJym++gm9/yQZREruj7Qpl1Ce3Sj RR9hpFmysGe2WwbNEddH8nKN/49SHMTu2WhfqNjOxohSVLDFB0O8uZ3B/8TFZU3g XQ3QkEKHEjw0PndVwWV2JrY8EIx7XsarrUv5YIDVJM2fzz0wasDPtgvRHyGBP6gQ j0TqPXFl4aAc+MYMV6CBs48kW/ybElH40sqXpiFzHYqpG5IXcAjz6YnmpGQhtF97 XYLRoLfpNRO9nK56IIDcqDqMWl+bSXOIWSAMLS8Uo3eET/mgPTHmweE2M5TjE+Er AMyXhW6Q8tjD7ERLnoTlmOLbZZYn1peegvLN51U69u7GlqIGrZmOpNcOuwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFJISGrQpc8wwM7FyqHx5NwsxYzcEMB8GA1UdIwQY MBaAFLqdMOYDW+i4OGBh8nFIHHB+BM4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgt NWQ1ODRmYmM1ZDI3LzEva2hJYXRDbHp6REF6c1hLb2ZIazNDekZqTndRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgtNWQ1ODRmYmM1ZDI3 LzEvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVR0OAwQA VR0SAwQAVR0hMA0GCSqGSIb3DQEBCwUAA4IBAQCcyR9Ts0eHF+LE5iDrom+OMtLv JCxzBFFKbqBYWq3f9c4UXzNFFAOZBOLUVCL3SItGmO+6kHby6tf3WSnrjYq4UAKm D1E+UVncO+h/Mk8Eyb67X1UoXAWiGj5OsgfOVnrgV+WLx8C0QibVlZ5rgbBTJUvt qRwSpWQka3GjecZ9z6q5J+Wmh557ArxD0O8+LRLXk4hXumNaAWkf8uOCNyO1qnRx GlEJ42lTUkjHppX++kRzk7Ajxnt+OjjzWf4S1+/V0dhhyTgbU+nbLsXZ7a5qcCzR x02BBvPSUFDusbyVKt58V3ju1VdoFKfC/oUH8NxVs7fBThTEjbUPqQD6LXPS -----END CERTIFICATE-----Generated at Mon Jan 26 03:27:12 2026 by rpki-client