This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/KEj1umoqTxNrx5PpgqyOSSXuaWg.roa File: KEj1umoqTxNrx5PpgqyOSSXuaWg.roa (raw, json) Hash identifier: PQPQWIbykChBOFhOb0vBAUZvmo6kAJfySSlZP/JovH0= Subject key identifier: 28:48:F5:BA:6A:2A:4F:13:6B:C7:93:E9:82:AC:8E:49:25:EE:69:68 Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9 Certificate serial: 019B7F846A99F1105B7850FE8E9C28803E01 Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/KEj1umoqTxNrx5PpgqyOSSXuaWg.roa Signing time: Fri 02 Jan 2026 16:22:23 +0000 ROA not before: Fri 02 Jan 2026 16:22:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 61418 IP address blocks: 85.153.172.0/24 maxlen: 24 85.153.181.0/24 maxlen: 24 85.153.185.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.mft rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 07:01:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:6a:99:f1:10:5b:78:50:fe:8e:9c:28:80:3e:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9 Validity Not Before: Jan 2 16:22:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2848f5ba6a2a4f136bc793e982ac8e4925ee6968 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:2c:0f:62:5e:a5:e5:64:7c:4d:37:1a:38:95: d3:23:47:e1:9f:41:70:7d:72:91:76:f2:01:86:b8: 23:75:21:ea:b8:e9:fd:f7:f5:e1:ab:a9:18:62:7d: 9a:31:d3:0d:4d:d2:1a:43:a5:1f:ca:0c:a3:bb:47: 5a:67:49:9d:7b:98:0e:ac:4e:58:06:02:60:e9:d8: 68:02:42:e9:7e:69:96:5e:01:f8:b3:ce:89:f7:2e: 89:b8:b6:18:dc:da:20:99:e6:92:3e:a5:70:ec:dc: 20:be:bf:a4:62:6d:59:0f:fe:16:b6:1a:66:29:f8: 09:8a:17:24:fd:fe:69:52:ae:9a:2f:7d:1e:c5:47: 51:64:7d:08:c8:20:e4:a1:4d:d7:0a:c3:b7:e0:df: 2e:3f:c5:79:c3:e7:74:bc:3e:7e:46:9e:35:30:4d: 57:93:e6:82:6b:ea:2a:c8:fd:b4:0c:d2:80:71:bc: a4:cb:3e:16:a6:09:03:52:6c:85:2e:08:71:d1:4f: fd:e6:ae:44:62:07:39:78:ca:62:c6:1f:67:d1:c3: 51:51:45:f6:dd:dd:14:52:71:37:b0:d9:60:6f:6e: 9e:e5:21:9c:32:25:7c:f7:11:dd:d0:80:6a:cb:25: c5:80:34:9c:91:e5:4f:61:bb:48:6b:2f:9a:dd:93: d1:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:48:F5:BA:6A:2A:4F:13:6B:C7:93:E9:82:AC:8E:49:25:EE:69:68 X509v3 Authority Key Identifier: keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/KEj1umoqTxNrx5PpgqyOSSXuaWg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.153.172.0/24 85.153.181.0/24 85.153.185.0/24 Signature Algorithm: sha256WithRSAEncryption 5c:c2:4b:4e:dc:dc:10:7e:7b:36:f4:75:e5:13:61:5d:43:96: 01:99:b9:b3:7b:69:d5:97:5c:12:f8:f1:af:29:12:cc:8d:46: 86:15:26:c7:f5:23:15:c1:8f:5b:86:eb:7e:20:06:10:36:3d: 60:e0:43:41:52:20:88:a1:04:90:57:e6:c7:cd:2a:ad:b2:aa: ef:ee:0e:e4:11:58:ac:bf:1c:a4:be:d4:dc:73:71:92:8a:10: 78:dd:23:f1:0e:2f:39:e4:2d:74:0f:1a:09:27:5d:e7:ea:65: 25:f8:59:64:ae:bf:50:4c:6c:24:2b:56:b6:82:c1:1b:ba:c6: 28:e5:5a:95:ce:5d:07:02:a7:ac:9c:ae:6c:84:1e:55:de:77: 9f:3a:2d:be:52:95:3d:13:cb:37:75:cb:66:7b:8b:df:82:d3: ff:56:b7:9d:cb:52:65:29:6d:91:d0:56:c6:54:4c:cb:a1:81: dc:55:26:1e:0e:82:d5:2d:72:aa:0c:3a:3f:ec:58:ae:d6:ac: 39:9b:8f:20:31:9b:c5:7e:0a:c4:a1:d4:5d:67:79:d9:b8:22: 10:cf:28:fa:82:4f:db:90:dd:df:d2:02:4f:86:a7:ab:a3:d3: fb:58:7a:08:a9:95:99:6a:6a:e0:9b:d6:af:1d:e9:81:8c:66: a3:2c:93:c3 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt/hGqZ8RBbeFD+jpwogD4BMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm YmQzZTkwHhcNMjYwMTAyMTYyMjIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyODQ4ZjViYTZhMmE0ZjEzNmJjNzkzZTk4MmFjOGU0OTI1ZWU2OTY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCwPYl6l5WR8TTcaOJXTI0fhn0Fw fXKRdvIBhrgjdSHquOn99/Xhq6kYYn2aMdMNTdIaQ6Ufygyju0daZ0mde5gOrE5Y BgJg6dhoAkLpfmmWXgH4s86J9y6JuLYY3NogmeaSPqVw7Nwgvr+kYm1ZD/4Wthpm KfgJihck/f5pUq6aL30exUdRZH0IyCDkoU3XCsO34N8uP8V5w+d0vD5+Rp41ME1X k+aCa+oqyP20DNKAcbykyz4WpgkDUmyFLghx0U/95q5EYgc5eMpixh9n0cNRUUX2 3d0UUnE3sNlgb26e5SGcMiV89xHd0IBqyyXFgDSckeVPYbtIay+a3ZPRWwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFChI9bpqKk8Ta8eT6YKsjkkl7mloMB8GA1UdIwQY MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt ZjJiZTlmNmM2NjRjLzEvS0VqMXVtb3FUeE5yeDVQcGdxeU9TU1h1YVdnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVZmsAwQA VZm1AwQAVZm5MA0GCSqGSIb3DQEBCwUAA4IBAQBcwktO3NwQfns29HXlE2FdQ5YB mbmze2nVl1wS+PGvKRLMjUaGFSbH9SMVwY9bhut+IAYQNj1g4ENBUiCIoQSQV+bH zSqtsqrv7g7kEVisvxykvtTcc3GSihB43SPxDi855C10DxoJJ13n6mUl+Flkrr9Q TGwkK1a2gsEbusYo5VqVzl0HAqesnK5shB5V3nefOi2+UpU9E8s3dctme4vfgtP/ Vredy1JlKW2R0FbGVEzLoYHcVSYeDoLVLXKqDDo/7Fiu1qw5m48gMZvFfgrEodRd Z3nZuCIQzyj6gk/bkN3f0gJPhqero9P7WHoIqZWZamrgm9avHemBjGajLJPD -----END CERTIFICATE-----Generated at Mon Jan 26 11:34:30 2026 by rpki-client