This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/kh30KvylNHx5L2vYGK36_zRkWbs.roa File: kh30KvylNHx5L2vYGK36_zRkWbs.roa (raw, json) Hash identifier: ruT9Z0PTwEt0f+MnWu+6fvsLihP67BQHf56kXhj/oMw= Subject key identifier: 92:1D:F4:2A:FC:A5:34:7C:79:2F:6B:D8:18:AD:FA:FF:34:64:59:BB Certificate issuer: /CN=5ae8c78f161397ae1dbd0ac322584f62fb740097 Certificate serial: 019B77C7614189A1923C2DD45A2385CF44C2 Authority key identifier: 5A:E8:C7:8F:16:13:97:AE:1D:BD:0A:C3:22:58:4F:62:FB:74:00:97 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WujHjxYTl64dvQrDIlhPYvt0AJc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/kh30KvylNHx5L2vYGK36_zRkWbs.roa Signing time: Thu 01 Jan 2026 04:18:33 +0000 ROA not before: Thu 01 Jan 2026 04:18:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39432 IP address blocks: 62.220.149.0/24 maxlen: 24 62.220.150.0/24 maxlen: 24 2001:789::/32 maxlen: 32 2001:789::/48 maxlen: 48 2001:78a::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/WujHjxYTl64dvQrDIlhPYvt0AJc.crl rsync://rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/WujHjxYTl64dvQrDIlhPYvt0AJc.mft rsync://rpki.ripe.net/repository/DEFAULT/WujHjxYTl64dvQrDIlhPYvt0AJc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 03 Feb 2026 15:35:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:61:41:89:a1:92:3c:2d:d4:5a:23:85:cf:44:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5ae8c78f161397ae1dbd0ac322584f62fb740097 Validity Not Before: Jan 1 04:18:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=921df42afca5347c792f6bd818adfaff346459bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:98:71:51:ca:a9:fe:51:e5:66:b3:58:5c:a8: 6a:a6:3a:b0:8c:74:76:fb:d7:1f:16:2a:68:a6:be: 67:7f:df:17:2b:84:10:37:9d:aa:36:ef:d0:39:5a: 8d:16:be:2c:16:6d:9f:10:bd:03:11:24:e1:fb:01: 7e:11:3a:3e:2e:a1:1c:c8:88:0a:95:11:0d:5c:8d: 23:e3:d0:25:f8:05:6e:aa:cf:37:58:0a:2b:47:66: ad:ab:9f:a4:9e:ad:b4:34:f0:d8:8e:1a:46:69:0c: e9:c0:27:2b:34:c5:76:67:fb:5b:66:6a:77:44:c4: 75:96:85:45:56:67:88:a1:19:df:a5:f9:3a:5b:0c: 9c:9b:4c:41:fe:61:45:47:f9:bc:3b:ef:c0:3d:09: be:dc:7a:06:9c:b4:2a:cd:c1:dc:11:23:6d:bf:fd: a7:b3:8a:5a:31:2c:1b:e9:9a:63:04:fe:7e:f0:9e: a9:14:53:af:66:2f:24:b6:e0:e8:c0:f1:5c:f4:61: de:82:52:04:a3:19:50:b5:12:1b:af:57:70:96:34: 32:63:ff:ae:1e:dc:b1:0c:c3:d5:26:44:05:31:0d: d8:1c:33:c8:d6:95:fd:f8:fe:13:16:5a:3a:df:e7: cf:28:64:e6:5d:4c:87:b8:9f:dd:bc:8f:0b:a5:66: cb:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:1D:F4:2A:FC:A5:34:7C:79:2F:6B:D8:18:AD:FA:FF:34:64:59:BB X509v3 Authority Key Identifier: keyid:5A:E8:C7:8F:16:13:97:AE:1D:BD:0A:C3:22:58:4F:62:FB:74:00:97 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WujHjxYTl64dvQrDIlhPYvt0AJc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/kh30KvylNHx5L2vYGK36_zRkWbs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/WujHjxYTl64dvQrDIlhPYvt0AJc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 62.220.149.0-62.220.150.255 IPv6: 2001:789::-2001:78a:ff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 81:ed:3f:c9:d1:31:37:66:10:3d:9c:b1:06:89:a9:a3:7d:c3: 3b:42:f6:9b:c4:3e:4a:66:4b:83:f2:e7:3f:86:4b:16:59:71: 0c:b3:13:12:35:eb:ee:72:0c:09:10:12:bf:f8:de:4a:5a:87: 30:28:c3:e2:d1:0b:33:49:6b:68:0e:e0:fc:25:ee:3b:83:9b: f0:29:ab:fe:48:01:70:9c:11:ac:11:5f:1a:46:ee:06:8a:36: ab:e8:d1:57:de:57:f1:ff:31:3f:7d:ca:37:c6:c4:c4:88:47: 4e:0d:7c:8b:8c:63:2c:9b:24:84:af:58:68:7d:77:a4:3c:e3: 20:ae:37:85:14:29:be:14:a9:06:7f:f3:f4:de:e2:24:91:98: ef:e5:6d:92:9e:d7:f8:af:25:45:b1:dc:2b:29:f3:af:50:63: a0:24:71:a4:38:e6:cf:7e:49:9b:f7:6f:55:c9:66:a6:14:53: f1:63:20:14:cd:c5:53:96:ae:f0:d2:bd:c1:d2:15:4e:f7:9c: 35:45:7d:84:20:b6:fc:1c:ad:6d:25:d4:7b:2d:57:49:ab:d1: a8:34:b2:78:dc:e9:72:62:31:ad:93:b5:03:62:e7:41:10:74: eb:43:76:83:a7:ef:85:6e:0d:b2:ba:04:57:08:a3:06:95:ce: a5:c1:58:91 -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt3x2FBiaGSPC3UWiOFz0TCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVhZThjNzhmMTYxMzk3YWUxZGJkMGFjMzIyNTg0ZjYyZmI3 NDAwOTcwHhcNMjYwMTAxMDQxODMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MjFkZjQyYWZjYTUzNDdjNzkyZjZiZDgxOGFkZmFmZjM0NjQ1OWJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5hxUcqp/lHlZrNYXKhqpjqwjHR2 +9cfFipopr5nf98XK4QQN52qNu/QOVqNFr4sFm2fEL0DESTh+wF+ETo+LqEcyIgK lRENXI0j49Al+AVuqs83WAorR2atq5+knq20NPDYjhpGaQzpwCcrNMV2Z/tbZmp3 RMR1loVFVmeIoRnfpfk6Wwycm0xB/mFFR/m8O+/APQm+3HoGnLQqzcHcESNtv/2n s4paMSwb6ZpjBP5+8J6pFFOvZi8ktuDowPFc9GHeglIEoxlQtRIbr1dwljQyY/+u HtyxDMPVJkQFMQ3YHDPI1pX9+P4TFlo63+fPKGTmXUyHuJ/dvI8LpWbLJwIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFJId9Cr8pTR8eS9r2Bit+v80ZFm7MB8GA1UdIwQY MBaAFFrox48WE5euHb0KwyJYT2L7dACXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV3VqSGp4WVRsNjRkdlFyRElsaFBZdnQwQUpjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni80ZDI3YmItZjg1Yy00YmZkLWIxYzMt NDdiY2QzOWMzZDg2LzEva2gzMEt2eWxOSHg1TDJ2WUdLMzZfelJrV2JzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ni80ZDI3YmItZjg1Yy00YmZkLWIxYzMtNDdiY2QzOWMzZDg2 LzEvV3VqSGp4WVRsNjRkdlFyRElsaFBZdnQwQUpjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAUBAIAATAOMAwDBAA+3JUD BAA+3JYwFwQCAAIwETAPAwUAIAEHiQMGACABB4oAMA0GCSqGSIb3DQEBCwUAA4IB AQCB7T/J0TE3ZhA9nLEGiamjfcM7QvabxD5KZkuD8uc/hksWWXEMsxMSNevucgwJ EBK/+N5KWocwKMPi0QszSWtoDuD8Je47g5vwKav+SAFwnBGsEV8aRu4Gijar6NFX 3lfx/zE/fco3xsTEiEdODXyLjGMsmySEr1hofXekPOMgrjeFFCm+FKkGf/P03uIk kZjv5W2Sntf4ryVFsdwrKfOvUGOgJHGkOObPfkmb929VyWamFFPxYyAUzcVTlq7w 0r3B0hVO95w1RX2EILb8HK1tJdR7LVdJq9GoNLJ43OlyYjGtk7UDYudBEHTrQ3aD p++Fbg2yugRXCKMGlc6lwViR -----END CERTIFICATE-----Generated at Tue Feb 3 00:04:50 2026 by rpki-client