This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/3e6762-0989-48ef-a8d2-db484cce7293/1/kmHpE0nIsqnNjXBHZzn8ghlLUAY.roa File: kmHpE0nIsqnNjXBHZzn8ghlLUAY.roa (raw, json) Hash identifier: vHtrQdMnfFyM3Hed/jGaAR/NyxOc2xl8ZPzUXZL4Gvc= Subject key identifier: 92:61:E9:13:49:C8:B2:A9:CD:8D:70:47:67:39:FC:82:19:4B:50:06 Certificate issuer: /CN=c8f9baab1a13df30eff0fcd780c4bbc54bc3e6d5 Certificate serial: 019B7DCB49BB770D5F5E7D0E14B7EEF7C56D Authority key identifier: C8:F9:BA:AB:1A:13:DF:30:EF:F0:FC:D7:80:C4:BB:C5:4B:C3:E6:D5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yPm6qxoT3zDv8PzXgMS7xUvD5tU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/3e6762-0989-48ef-a8d2-db484cce7293/1/kmHpE0nIsqnNjXBHZzn8ghlLUAY.roa Signing time: Fri 02 Jan 2026 08:20:33 +0000 ROA not before: Fri 02 Jan 2026 08:20:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16019 IP address blocks: 185.189.4.0/22 maxlen: 22 2a0b:d780::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/3e6762-0989-48ef-a8d2-db484cce7293/1/yPm6qxoT3zDv8PzXgMS7xUvD5tU.crl rsync://rpki.ripe.net/repository/DEFAULT/4b/3e6762-0989-48ef-a8d2-db484cce7293/1/yPm6qxoT3zDv8PzXgMS7xUvD5tU.mft rsync://rpki.ripe.net/repository/DEFAULT/yPm6qxoT3zDv8PzXgMS7xUvD5tU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 08:01:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:49:bb:77:0d:5f:5e:7d:0e:14:b7:ee:f7:c5:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c8f9baab1a13df30eff0fcd780c4bbc54bc3e6d5 Validity Not Before: Jan 2 08:20:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9261e91349c8b2a9cd8d70476739fc82194b5006 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:02:ba:ff:df:14:20:51:bf:ae:7a:41:2e:bc: 74:95:f3:12:58:4d:3e:c0:ec:56:93:1d:b3:ec:4b: 08:cb:16:14:52:7a:b6:7b:33:88:ba:c7:8a:8e:cc: 8b:f4:a6:42:0c:f4:57:ca:65:5b:99:66:a7:fa:12: a7:93:d2:1a:6e:ca:c2:7f:e3:ba:5f:56:7a:64:ef: 85:3c:9f:95:02:c5:c1:f5:25:24:1b:98:35:ec:e5: 4a:99:04:5a:8c:12:1c:86:a1:e2:e2:d5:18:47:56: 7d:fe:4f:58:68:23:a4:ef:25:5d:58:3b:43:8b:22: c3:6a:86:36:49:42:8a:ae:9c:71:d5:3e:16:14:b0: de:29:fd:b8:ae:ed:50:ee:ca:98:7f:c4:8b:91:31: b2:46:1c:f2:46:33:83:e9:5e:e7:c3:70:4c:16:c2: ec:e4:a3:87:eb:22:0c:e5:88:f4:1f:20:47:c3:8a: ef:ed:c0:3b:16:88:88:01:84:50:c9:57:b0:18:9a: ec:6e:0e:1e:32:0c:41:d8:f5:d6:ba:d8:52:1f:23: 8e:ca:ff:5b:b8:34:ec:a6:32:6a:52:d7:f7:bd:c7: 7a:f3:23:75:da:cd:ae:96:8e:67:5d:3a:71:43:c7: 13:d3:0f:fa:84:bf:6e:17:ec:4c:82:4e:5a:90:f6: 87:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:61:E9:13:49:C8:B2:A9:CD:8D:70:47:67:39:FC:82:19:4B:50:06 X509v3 Authority Key Identifier: keyid:C8:F9:BA:AB:1A:13:DF:30:EF:F0:FC:D7:80:C4:BB:C5:4B:C3:E6:D5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yPm6qxoT3zDv8PzXgMS7xUvD5tU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/3e6762-0989-48ef-a8d2-db484cce7293/1/kmHpE0nIsqnNjXBHZzn8ghlLUAY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/3e6762-0989-48ef-a8d2-db484cce7293/1/yPm6qxoT3zDv8PzXgMS7xUvD5tU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.189.4.0/22 IPv6: 2a0b:d780::/29 Signature Algorithm: sha256WithRSAEncryption 5e:74:cd:30:7b:a0:85:e3:77:57:66:8a:ed:d3:09:d4:8a:da: 4e:de:41:47:06:13:b2:7f:af:03:a3:22:17:43:86:80:7d:c6: 94:81:4a:10:7f:55:77:d8:0b:9f:4a:68:52:45:b9:0e:4e:80: 1e:21:1d:f0:61:40:ed:da:bc:0d:b1:d7:ff:f2:06:ad:30:9b: 39:95:e7:80:a2:e9:72:92:ca:2d:6c:ea:72:d4:42:2d:95:5d: 4a:b7:a6:e2:dd:7f:73:ed:cf:66:54:f2:4d:dd:8f:29:0f:e7: 82:2f:44:27:03:72:2c:23:b7:27:08:dc:2a:20:2f:ce:79:47: be:4f:3b:c4:79:33:d8:8f:a7:6c:1a:75:70:23:c0:15:e9:30: 2c:4c:14:16:e1:f5:6e:8e:de:db:98:f3:1d:78:69:51:60:33: 8d:3f:64:51:70:9b:3f:a9:ae:58:e7:b0:e9:f9:36:7e:df:04: a0:db:4d:c1:78:99:42:7c:16:b3:24:7a:e4:2e:ec:e1:03:72: cd:f2:3e:fa:d1:bb:90:64:38:39:b5:f7:47:db:19:c5:53:c0: 5b:9b:76:c2:8b:c5:b7:2c:80:b6:b6:a8:82:2c:5a:bd:0a:67: 46:33:fe:0d:a3:ce:f0:37:21:7a:06:20:62:5f:bb:d1:47:b1: 04:fd:ab:91 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt9y0m7dw1fXn0OFLfu98VtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4ZjliYWFiMWExM2RmMzBlZmYwZmNkNzgwYzRiYmM1NGJj M2U2ZDUwHhcNMjYwMTAyMDgyMDMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MjYxZTkxMzQ5YzhiMmE5Y2Q4ZDcwNDc2NzM5ZmM4MjE5NGI1MDA2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAK6/98UIFG/rnpBLrx0lfMSWE0+ wOxWkx2z7EsIyxYUUnq2ezOIuseKjsyL9KZCDPRXymVbmWan+hKnk9IabsrCf+O6 X1Z6ZO+FPJ+VAsXB9SUkG5g17OVKmQRajBIchqHi4tUYR1Z9/k9YaCOk7yVdWDtD iyLDaoY2SUKKrpxx1T4WFLDeKf24ru1Q7sqYf8SLkTGyRhzyRjOD6V7nw3BMFsLs 5KOH6yIM5Yj0HyBHw4rv7cA7FoiIAYRQyVewGJrsbg4eMgxB2PXWuthSHyOOyv9b uDTspjJqUtf3vcd68yN12s2ulo5nXTpxQ8cT0w/6hL9uF+xMgk5akPaHZQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFJJh6RNJyLKpzY1wR2c5/IIZS1AGMB8GA1UdIwQY MBaAFMj5uqsaE98w7/D814DEu8VLw+bVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveVBtNnF4b1QzekR2OFB6WGdNUzd4VXZENXRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8zZTY3NjItMDk4OS00OGVmLWE4ZDIt ZGI0ODRjY2U3MjkzLzEva21IcEUwbklzcW5OalhCSFp6bjhnaGxMVUFZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yi8zZTY3NjItMDk4OS00OGVmLWE4ZDItZGI0ODRjY2U3Mjkz LzEveVBtNnF4b1QzekR2OFB6WGdNUzd4VXZENXRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCub0EMA0E AgACMAcDBQMqC9eAMA0GCSqGSIb3DQEBCwUAA4IBAQBedM0we6CF43dXZort0wnU itpO3kFHBhOyf68DoyIXQ4aAfcaUgUoQf1V32AufSmhSRbkOToAeIR3wYUDt2rwN sdf/8gatMJs5leeAoulyksotbOpy1EItlV1Kt6bi3X9z7c9mVPJN3Y8pD+eCL0Qn A3IsI7cnCNwqIC/OeUe+TzvEeTPYj6dsGnVwI8AV6TAsTBQW4fVujt7bmPMdeGlR YDONP2RRcJs/qa5Y57Dp+TZ+3wSg203BeJlCfBazJHrkLuzhA3LN8j760buQZDg5 tfdH2xnFU8Bbm3bCi8W3LIC2tqiCLFq9CmdGM/4No87wNyF6BiBiX7vRR7EE/auR -----END CERTIFICATE-----Generated at Mon Jan 26 13:44:26 2026 by rpki-client