This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/KeBHh_EXoo6vxPcJVgCWPFy_Qck.roa File: KeBHh_EXoo6vxPcJVgCWPFy_Qck.roa (raw, json) Hash identifier: Lb6JJsVM1wJrwKLdOhRrqdN+kt/BOWmpYchxNlLSv+A= Subject key identifier: 29:E0:47:87:F1:17:A2:8E:AF:C4:F7:09:56:00:96:3C:5C:BF:41:C9 Certificate issuer: /CN=a4cb50e78a3a31e3375cf2aab865e845ff2e99c1 Certificate serial: 019B7A5B3FBCBCB3AB70EC30FF1A13CC5868 Authority key identifier: A4:CB:50:E7:8A:3A:31:E3:37:5C:F2:AA:B8:65:E8:45:FF:2E:99:C1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pMtQ54o6MeM3XPKquGXoRf8umcE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/KeBHh_EXoo6vxPcJVgCWPFy_Qck.roa Signing time: Thu 01 Jan 2026 16:19:18 +0000 ROA not before: Thu 01 Jan 2026 16:19:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16035 IP address blocks: 185.152.156.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/pMtQ54o6MeM3XPKquGXoRf8umcE.crl rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/pMtQ54o6MeM3XPKquGXoRf8umcE.mft rsync://rpki.ripe.net/repository/DEFAULT/pMtQ54o6MeM3XPKquGXoRf8umcE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:3f:bc:bc:b3:ab:70:ec:30:ff:1a:13:cc:58:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a4cb50e78a3a31e3375cf2aab865e845ff2e99c1 Validity Not Before: Jan 1 16:19:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=29e04787f117a28eafc4f7095600963c5cbf41c9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:ff:ac:37:9a:16:3b:e7:b3:32:cc:ac:a7:4d: c9:96:ac:c8:68:93:04:c1:6e:76:19:16:2f:5e:e6: e0:f2:5a:f4:f2:b6:ad:84:ef:41:02:1d:44:55:87: 5a:3c:d9:1f:ab:c3:d2:1b:90:c1:e8:c6:11:cc:7e: 80:8c:87:bd:b6:e9:6d:42:91:fb:29:36:bf:f7:17: 4d:14:e7:d8:3d:bf:4a:fc:4f:b5:2d:26:01:4b:b4: 63:cc:57:d6:24:6e:9b:1a:a8:74:31:4f:16:ad:ce: a0:db:0a:8b:93:99:6a:3f:40:14:5a:bb:a5:d8:01: 8d:55:2f:ab:ea:b6:d7:19:27:39:98:69:75:cd:4d: 25:01:a4:2d:b1:90:a3:d8:ef:95:0a:b8:f2:ca:88: 69:d3:1c:4a:86:3d:62:99:a8:7f:e0:cd:bc:56:5b: 81:81:41:72:4b:94:48:1a:17:26:72:2c:67:3b:9b: 68:31:f0:a2:19:b0:d1:9c:a9:f8:d8:6c:67:ae:4a: f4:98:69:ff:1e:ec:71:fd:74:13:9f:60:b0:df:53: d1:f3:97:2c:d9:6b:e1:eb:6a:00:d8:0b:02:91:62: 31:00:54:3a:3d:9b:fa:ca:fe:6e:0d:d9:26:37:7c: 92:59:e0:2b:a5:6b:ea:45:67:58:00:dc:e3:c9:14: 17:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:E0:47:87:F1:17:A2:8E:AF:C4:F7:09:56:00:96:3C:5C:BF:41:C9 X509v3 Authority Key Identifier: keyid:A4:CB:50:E7:8A:3A:31:E3:37:5C:F2:AA:B8:65:E8:45:FF:2E:99:C1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pMtQ54o6MeM3XPKquGXoRf8umcE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/KeBHh_EXoo6vxPcJVgCWPFy_Qck.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/pMtQ54o6MeM3XPKquGXoRf8umcE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.152.156.0/22 Signature Algorithm: sha256WithRSAEncryption 6c:47:09:e7:98:8a:dd:00:78:d8:ac:af:5a:b3:25:55:9e:e4: 38:51:db:7e:86:62:fd:08:92:4f:3b:37:06:94:5b:c8:93:b3: f3:1f:83:99:4a:a7:18:1e:ac:46:b8:23:5e:9c:6d:67:42:78: a7:aa:67:03:6d:12:cc:78:53:2d:af:4e:59:ac:55:29:1d:1a: 10:ba:b1:a7:05:5a:8a:89:c7:e9:3c:1f:6d:1e:ac:1c:cc:6d: 94:15:11:f4:23:09:5f:89:4d:e0:27:12:01:e5:33:6a:60:60: 8d:e1:47:3f:20:2a:38:c8:40:c2:ad:03:74:c3:d3:85:83:df: 80:f5:e4:99:ce:97:e0:68:78:cc:a2:83:6d:21:58:e9:21:ee: c5:40:99:03:3b:a1:bf:2c:ac:0e:e6:78:35:48:2d:24:1f:35: 98:6b:67:30:4b:7f:f1:72:09:9e:18:6e:5d:55:27:40:a4:2e: 55:ce:3f:c4:ee:c4:2a:93:6e:97:df:3c:cf:ee:a4:fe:73:41: fa:91:a5:73:ef:f7:05:db:00:a3:51:b5:ff:8a:65:05:24:10: 36:4a:b7:0c:dd:27:29:56:5d:96:41:21:23:51:31:0d:80:63: 9b:12:30:dc:b2:37:7b:3e:3f:53:b3:72:98:79:d0:0f:0b:e3: ee:7b:44:c6 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6Wz+8vLOrcOww/xoTzFhoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE0Y2I1MGU3OGEzYTMxZTMzNzVjZjJhYWI4NjVlODQ1ZmYy ZTk5YzEwHhcNMjYwMTAxMTYxOTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOWUwNDc4N2YxMTdhMjhlYWZjNGY3MDk1NjAwOTYzYzVjYmY0MWM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2P+sN5oWO+ezMsysp03JlqzIaJME wW52GRYvXubg8lr08rathO9BAh1EVYdaPNkfq8PSG5DB6MYRzH6AjIe9tultQpH7 KTa/9xdNFOfYPb9K/E+1LSYBS7RjzFfWJG6bGqh0MU8Wrc6g2wqLk5lqP0AUWrul 2AGNVS+r6rbXGSc5mGl1zU0lAaQtsZCj2O+VCrjyyohp0xxKhj1imah/4M28VluB gUFyS5RIGhcmcixnO5toMfCiGbDRnKn42Gxnrkr0mGn/Huxx/XQTn2Cw31PR85cs 2Wvh62oA2AsCkWIxAFQ6PZv6yv5uDdkmN3ySWeArpWvqRWdYANzjyRQXyQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCngR4fxF6KOr8T3CVYAljxcv0HJMB8GA1UdIwQY MBaAFKTLUOeKOjHjN1zyqrhl6EX/LpnBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcE10UTU0bzZNZU0zWFBLcXVHWG9SZjh1bWNFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9iMWYyZTAtOGE2MC00YzhhLTkwZGMt NGJlNzk0ZDY0MDZkLzEvS2VCSGhfRVhvbzZ2eFBjSlZnQ1dQRnlfUWNrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny9iMWYyZTAtOGE2MC00YzhhLTkwZGMtNGJlNzk0ZDY0MDZk LzEvcE10UTU0bzZNZU0zWFBLcXVHWG9SZjh1bWNFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZicMA0G CSqGSIb3DQEBCwUAA4IBAQBsRwnnmIrdAHjYrK9asyVVnuQ4Udt+hmL9CJJPOzcG lFvIk7PzH4OZSqcYHqxGuCNenG1nQninqmcDbRLMeFMtr05ZrFUpHRoQurGnBVqK icfpPB9tHqwczG2UFRH0IwlfiU3gJxIB5TNqYGCN4Uc/ICo4yEDCrQN0w9OFg9+A 9eSZzpfgaHjMooNtIVjpIe7FQJkDO6G/LKwO5ng1SC0kHzWYa2cwS3/xcgmeGG5d VSdApC5Vzj/E7sQqk26X3zzP7qT+c0H6kaVz7/cF2wCjUbX/imUFJBA2SrcM3Scp Vl2WQSEjUTENgGObEjDcsjd7Pj9Ts3KYedAPC+Pue0TG -----END CERTIFICATE-----Generated at Tue Jan 27 11:30:27 2026 by rpki-client