This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/KH8LENjvb_hDAkYd5Y9VqmLvZbA.roa File: KH8LENjvb_hDAkYd5Y9VqmLvZbA.roa (raw, json) Hash identifier: 6ro3aWnqmxCVVCKjzbOp7B4bK8vKFAr7qEV9bOj4954= Subject key identifier: 28:7F:0B:10:D8:EF:6F:F8:43:02:46:1D:E5:8F:55:AA:62:EF:65:B0 Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc Certificate serial: 019B7B3614FCA005CDB6B4A3F0F91D366E25 Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/KH8LENjvb_hDAkYd5Y9VqmLvZbA.roa Signing time: Thu 01 Jan 2026 20:18:20 +0000 ROA not before: Thu 01 Jan 2026 20:18:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 328867 IP address blocks: 45.158.254.0/24 maxlen: 24 85.92.112.0/24 maxlen: 24 185.243.7.0/24 maxlen: 24 185.245.0.0/24 maxlen: 24 194.62.214.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.mft rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:14:fc:a0:05:cd:b6:b4:a3:f0:f9:1d:36:6e:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc Validity Not Before: Jan 1 20:18:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=287f0b10d8ef6ff84302461de58f55aa62ef65b0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:f7:a4:7f:f7:1b:9d:de:c0:40:60:d6:57:df: ad:62:a7:29:ba:39:e2:b0:ef:c4:20:69:16:f5:dc: 4a:64:19:09:75:b1:88:c4:c5:83:09:37:94:f0:a4: 8f:81:e6:cb:f9:86:95:c4:fe:7f:b0:ad:49:99:ea: f7:8b:9a:5b:7b:6c:1f:c1:4f:8f:00:65:c2:a2:03: 3e:35:74:a5:d4:96:19:e8:cf:90:7f:b4:1d:04:ac: af:e2:2f:10:0e:19:18:65:f3:7d:d3:4f:28:2e:f1: 39:17:41:f4:8f:4a:1c:b0:a6:5c:a6:77:43:e7:43: 20:25:e0:2b:cd:f9:0a:43:9a:c0:93:f6:f8:8b:c9: 56:d3:23:37:24:e9:a5:f8:55:f4:22:5a:91:dc:3c: ea:1e:f1:30:60:c4:97:be:c5:91:7b:06:1f:bd:28: 10:4e:68:52:9f:5a:14:32:10:08:7e:3e:73:11:f0: e3:df:2e:30:70:07:e8:f5:3b:6b:7f:32:d2:d6:00: 51:71:8c:77:3d:81:33:e7:26:56:a6:01:95:e4:1d: 38:20:af:ff:5a:fa:f4:0e:c4:99:05:69:0f:cd:39: b0:e1:86:34:9f:0b:e5:2b:9a:77:da:c1:89:12:fa: 24:5b:00:4a:a0:5e:a5:56:29:e7:97:12:9d:63:f8: 85:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:7F:0B:10:D8:EF:6F:F8:43:02:46:1D:E5:8F:55:AA:62:EF:65:B0 X509v3 Authority Key Identifier: keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/KH8LENjvb_hDAkYd5Y9VqmLvZbA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.158.254.0/24 85.92.112.0/24 185.243.7.0/24 185.245.0.0/24 194.62.214.0/24 Signature Algorithm: sha256WithRSAEncryption 7d:f3:5a:a5:ab:18:2f:ea:bd:4d:82:da:c0:8e:bd:57:8a:ae: 0f:54:f1:26:cd:db:7e:39:41:e3:46:98:99:63:e0:7e:91:f0: 62:c3:64:21:ae:7c:be:5d:da:8b:f0:3c:88:d0:7f:15:6c:ba: 84:12:f4:61:08:3e:36:cd:30:20:de:2b:3c:ed:6f:75:b9:b9: d3:09:73:d3:36:c8:97:da:83:6c:9f:ba:43:8e:37:b1:b3:cb: ef:98:1f:03:33:50:95:d0:35:33:67:31:ef:5f:70:96:6a:37: 1c:24:98:69:44:6a:ce:df:b5:66:38:8b:25:57:04:c0:1f:52: 2a:10:42:2b:d6:7a:14:04:1a:e7:48:2b:2c:20:36:3a:e0:17: b8:e3:e4:f7:51:4d:23:46:87:21:2f:b3:ff:60:bb:fc:d4:40: 32:ed:64:3a:b8:9c:77:ee:d6:a2:a8:55:01:e7:e7:3b:ab:57: d2:ce:2e:41:99:33:f8:7d:a7:fe:43:79:35:1b:f9:07:d6:32: ac:00:56:2a:17:74:40:3d:ee:ac:3d:90:79:ec:0c:c2:e8:f2: e8:e5:83:a4:e3:11:9a:5e:08:8a:ac:a2:04:ac:51:b0:06:cb: a9:87:18:08:35:22:7b:f6:5d:6e:73:15:45:2a:c3:f4:27:d0: 4e:3a:b8:6d -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt7NhT8oAXNtrSj8PkdNm4lMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2 YzhkY2MwHhcNMjYwMTAxMjAxODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyODdmMGIxMGQ4ZWY2ZmY4NDMwMjQ2MWRlNThmNTVhYTYyZWY2NWIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPekf/cbnd7AQGDWV9+tYqcpujni sO/EIGkW9dxKZBkJdbGIxMWDCTeU8KSPgebL+YaVxP5/sK1Jmer3i5pbe2wfwU+P AGXCogM+NXSl1JYZ6M+Qf7QdBKyv4i8QDhkYZfN9008oLvE5F0H0j0ocsKZcpndD 50MgJeArzfkKQ5rAk/b4i8lW0yM3JOml+FX0IlqR3DzqHvEwYMSXvsWRewYfvSgQ TmhSn1oUMhAIfj5zEfDj3y4wcAfo9TtrfzLS1gBRcYx3PYEz5yZWpgGV5B04IK// Wvr0DsSZBWkPzTmw4YY0nwvlK5p32sGJEvokWwBKoF6lVinnlxKdY/iFnwIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFCh/CxDY72/4QwJGHeWPVapi72WwMB8GA1UdIwQY MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt OTE4YWM2NDYyNjc5LzEvS0g4TEVOanZiX2hEQWtZZDVZOVZxbUx2WmJBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5 LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALZ7+AwQA VVxwAwQAufMHAwQAufUAAwQAwj7WMA0GCSqGSIb3DQEBCwUAA4IBAQB981qlqxgv 6r1NgtrAjr1Xiq4PVPEmzdt+OUHjRpiZY+B+kfBiw2Qhrny+XdqL8DyI0H8VbLqE EvRhCD42zTAg3is87W91ubnTCXPTNsiX2oNsn7pDjjexs8vvmB8DM1CV0DUzZzHv X3CWajccJJhpRGrO37VmOIslVwTAH1IqEEIr1noUBBrnSCssIDY64Be44+T3UU0j RochL7P/YLv81EAy7WQ6uJx37taiqFUB5+c7q1fSzi5BmTP4faf+Q3k1G/kH1jKs AFYqF3RAPe6sPZB57AzC6PLo5YOk4xGaXgiKrKIErFGwBsuphxgINSJ79l1ucxVF KsP0J9BOOrht -----END CERTIFICATE-----Generated at Wed Jan 21 09:22:08 2026 by rpki-client