This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/K91RTvXJuqLAIU6RXLzYdC-SK4U.roa File: K91RTvXJuqLAIU6RXLzYdC-SK4U.roa (raw, json) Hash identifier: RkF9tkpfurRB5mQOlzCCIGZiiedUq+X3WzFo9IR2HbI= Subject key identifier: 2B:DD:51:4E:F5:C9:BA:A2:C0:21:4E:91:5C:BC:D8:74:2F:92:2B:85 Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0 Certificate serial: 019B7DCB4EE9A81E661452221B7F65804649 Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/K91RTvXJuqLAIU6RXLzYdC-SK4U.roa Signing time: Fri 02 Jan 2026 08:20:34 +0000 ROA not before: Fri 02 Jan 2026 08:20:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 137409 IP address blocks: 151.240.43.0/24 maxlen: 24 151.240.44.0/24 maxlen: 24 151.240.46.0/24 maxlen: 24 151.240.47.0/24 maxlen: 24 151.240.48.0/24 maxlen: 24 151.240.49.0/24 maxlen: 24 151.240.50.0/24 maxlen: 24 151.240.51.0/24 maxlen: 24 151.240.52.0/24 maxlen: 24 151.240.53.0/24 maxlen: 24 151.240.54.0/24 maxlen: 24 151.240.55.0/24 maxlen: 24 151.240.56.0/24 maxlen: 24 151.240.57.0/24 maxlen: 24 151.240.58.0/24 maxlen: 24 151.240.59.0/24 maxlen: 24 151.240.62.0/24 maxlen: 24 151.240.63.0/24 maxlen: 24 151.240.64.0/24 maxlen: 24 151.240.65.0/24 maxlen: 24 151.240.66.0/24 maxlen: 24 151.240.67.0/24 maxlen: 24 151.240.91.0/24 maxlen: 24 151.240.92.0/24 maxlen: 24 151.240.93.0/24 maxlen: 24 151.240.94.0/24 maxlen: 24 151.240.95.0/24 maxlen: 24 151.240.101.0/24 maxlen: 24 151.240.102.0/24 maxlen: 24 151.240.103.0/24 maxlen: 24 151.240.104.0/24 maxlen: 24 151.240.105.0/24 maxlen: 24 151.240.106.0/24 maxlen: 24 151.240.107.0/24 maxlen: 24 151.240.108.0/24 maxlen: 24 151.240.109.0/24 maxlen: 24 151.240.111.0/24 maxlen: 24 151.244.58.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 18 Jan 2026 21:00:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:4e:e9:a8:1e:66:14:52:22:1b:7f:65:80:46:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0 Validity Not Before: Jan 2 08:20:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2bdd514ef5c9baa2c0214e915cbcd8742f922b85 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:d5:fe:20:46:11:e2:18:e4:91:32:98:35:84: 0a:3a:c3:a3:a6:99:38:31:e5:a3:42:c2:0a:eb:9f: 93:50:28:1b:96:0d:f0:fe:4b:2f:62:82:75:fa:66: 71:8d:65:7b:68:df:4f:e8:95:49:2e:86:3c:22:bc: 73:40:0e:16:9d:e0:20:03:51:6f:e5:37:03:43:3f: 07:f2:56:05:86:9e:df:06:ba:79:bc:e8:3f:e1:f6: df:d4:1c:a5:65:c5:52:4f:22:cb:93:04:ed:79:fd: 2a:a8:8f:1d:b1:7e:f5:1b:e9:9b:9f:5e:8c:de:6e: c4:ab:90:57:9a:c0:e4:f0:c9:1b:07:49:a9:c3:07: 6f:16:9f:13:65:b7:2d:6a:5b:f7:b8:f3:ce:07:7b: 95:df:1d:04:0a:61:7a:5a:4d:a7:d6:69:46:ef:d8: dc:d5:62:7f:dd:09:b5:bb:ed:fc:6c:f1:3f:55:fa: e1:b7:ab:ff:8a:30:86:c8:fe:51:b8:db:b3:ee:d2: 4e:c2:62:12:fd:56:b4:08:3e:ac:9d:a2:96:16:fe: e9:0d:6f:65:92:ad:50:da:4d:27:cb:12:8d:63:cd: 12:76:ec:0e:ea:c7:12:42:e1:f3:9b:52:6a:58:ce: ef:c8:21:bb:4b:2c:2e:2c:74:7b:5b:7c:d0:72:28: 15:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:DD:51:4E:F5:C9:BA:A2:C0:21:4E:91:5C:BC:D8:74:2F:92:2B:85 X509v3 Authority Key Identifier: keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/K91RTvXJuqLAIU6RXLzYdC-SK4U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 151.240.43.0-151.240.44.255 151.240.46.0-151.240.59.255 151.240.62.0-151.240.67.255 151.240.91.0-151.240.95.255 151.240.101.0-151.240.109.255 151.240.111.0/24 151.244.58.0/24 Signature Algorithm: sha256WithRSAEncryption 41:f4:74:d4:b7:90:dc:cd:f4:66:d4:fd:5a:a8:b8:d5:c9:93: 77:66:e5:c6:60:95:9a:f4:4c:b7:b5:9a:30:2b:a6:4a:35:ca: df:ba:e0:7d:d6:21:84:de:26:5a:e6:7c:14:73:b0:28:2f:98: 18:8f:5d:a2:02:b4:55:48:d1:b3:cc:ba:b8:a9:d3:60:af:68: a8:99:47:85:ec:88:de:8d:88:1c:c4:96:cd:a2:8b:89:7d:74: 8f:3d:c2:78:21:03:89:ac:a0:e0:a2:28:a4:09:fb:9e:24:56: 63:eb:27:94:51:c8:2a:9c:31:ec:c1:15:9a:4e:6d:20:2a:f2: 01:57:ca:ac:0f:4f:95:35:aa:84:f9:d3:e3:6e:56:3e:ea:a0: de:1a:ed:0e:85:13:1c:04:43:b6:db:37:69:86:f1:7f:4e:bb: b8:06:5b:9c:53:bf:63:dc:8a:fe:70:e7:ef:55:95:51:e8:75: ad:67:9b:92:30:94:bd:11:a2:5c:ba:60:7b:0d:c4:15:b2:b5: ad:97:6c:95:c3:e8:a0:dc:a8:b8:5b:ec:68:a4:30:fa:b5:4d: e0:a0:f5:ab:d2:a2:f5:6c:c7:81:14:fb:43:8e:ad:7d:5e:46: 38:64:6c:00:b9:fa:a1:02:17:3a:26:0c:42:cd:01:3a:2f:3c: 0b:04:b4:34 -----BEGIN CERTIFICATE----- MIIFSTCCBDGgAwIBAgISAZt9y07pqB5mFFIiG39lgEZJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh NWE0YzAwHhcNMjYwMTAyMDgyMDM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYmRkNTE0ZWY1YzliYWEyYzAyMTRlOTE1Y2JjZDg3NDJmOTIyYjg1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNX+IEYR4hjkkTKYNYQKOsOjppk4 MeWjQsIK65+TUCgblg3w/ksvYoJ1+mZxjWV7aN9P6JVJLoY8IrxzQA4WneAgA1Fv 5TcDQz8H8lYFhp7fBrp5vOg/4fbf1BylZcVSTyLLkwTtef0qqI8dsX71G+mbn16M 3m7Eq5BXmsDk8MkbB0mpwwdvFp8TZbctalv3uPPOB3uV3x0ECmF6Wk2n1mlG79jc 1WJ/3Qm1u+38bPE/Vfrht6v/ijCGyP5RuNuz7tJOwmIS/Va0CD6snaKWFv7pDW9l kq1Q2k0nyxKNY80SduwO6scSQuHzm1JqWM7vyCG7SywuLHR7W3zQcigV7QIDAQAB o4ICVTCCAlEwHQYDVR0OBBYEFCvdUU71ybqiwCFOkVy82HQvkiuFMB8GA1UdIwQY MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt MTdiOWRlMTQxMjUyLzEvSzkxUlR2WEp1cUxBSVU2UlhMellkQy1TSzRVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSMAwDBACX8CsD BACX8CwwDAMEAZfwLgMEApfwODAMAwQBl/A+AwQCl/BAMAwDBACX8FsDBAWX8EAw DAMEAJfwZQMEAZfwbAMEAJfwbwMEAJf0OjANBgkqhkiG9w0BAQsFAAOCAQEAQfR0 1LeQ3M30ZtT9Wqi41cmTd2blxmCVmvRMt7WaMCumSjXK37rgfdYhhN4mWuZ8FHOw KC+YGI9dogK0VUjRs8y6uKnTYK9oqJlHheyI3o2IHMSWzaKLiX10jz3CeCEDiayg 4KIopAn7niRWY+snlFHIKpwx7MEVmk5tICryAVfKrA9PlTWqhPnT425WPuqg3hrt DoUTHARDtts3aYbxf067uAZbnFO/Y9yK/nDn71WVUeh1rWebkjCUvRGiXLpgew3E FbK1rZdslcPooNyouFvsaKQw+rVN4KD1q9Ki9WzHgRT7Q46tfV5GOGRsALn6oQIX OiYMQs0BOi88CwS0NA== -----END CERTIFICATE-----Generated at Sun Jan 18 06:31:28 2026 by rpki-client