This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/KhO94NLVmWuXMsiCxf4jrKbJ5Po.roa File: KhO94NLVmWuXMsiCxf4jrKbJ5Po.roa (raw, json) Hash identifier: qEss2pgdXS0c4u8wwfxj/bMSNCRROZUmP3NoiQOGa5M= Subject key identifier: 2A:13:BD:E0:D2:D5:99:6B:97:32:C8:82:C5:FE:23:AC:A6:C9:E4:FA Certificate issuer: /CN=857a2c74af5a44d9aae47a0b89425fa4f7fc7c19 Certificate serial: 019B7C801AD3AE63B7DBF9DA132DF6E3219F Authority key identifier: 85:7A:2C:74:AF:5A:44:D9:AA:E4:7A:0B:89:42:5F:A4:F7:FC:7C:19 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hXosdK9aRNmq5HoLiUJfpPf8fBk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/KhO94NLVmWuXMsiCxf4jrKbJ5Po.roa Signing time: Fri 02 Jan 2026 02:18:48 +0000 ROA not before: Fri 02 Jan 2026 02:18:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43281 IP address blocks: 37.77.168.0/22 maxlen: 24 37.77.172.0/24 maxlen: 24 77.247.200.0/21 maxlen: 24 2a03:9d80::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/hXosdK9aRNmq5HoLiUJfpPf8fBk.crl rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/hXosdK9aRNmq5HoLiUJfpPf8fBk.mft rsync://rpki.ripe.net/repository/DEFAULT/hXosdK9aRNmq5HoLiUJfpPf8fBk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 17:00:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:1a:d3:ae:63:b7:db:f9:da:13:2d:f6:e3:21:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=857a2c74af5a44d9aae47a0b89425fa4f7fc7c19 Validity Not Before: Jan 2 02:18:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2a13bde0d2d5996b9732c882c5fe23aca6c9e4fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:66:01:aa:0d:e1:fc:e4:8c:64:5e:b7:71:ef: 17:ac:a9:2a:97:bd:5a:72:68:36:fb:13:89:4b:25: 41:30:8c:0f:ef:21:c5:6f:44:bd:e1:92:e6:d5:a5: b6:e2:a5:87:61:64:56:7f:70:3f:8e:87:5f:4a:7e: 27:e2:dd:24:51:ca:cd:15:6c:09:98:df:16:4f:89: 19:ef:da:b2:89:cb:f8:00:16:c2:c3:2d:50:0b:1d: ba:e0:4e:c7:0b:bb:f0:13:9c:20:ea:de:6d:5c:5a: 78:ab:ef:13:e8:45:ee:18:09:b8:38:1f:e9:38:21: 56:d8:16:16:d0:8e:71:ab:ed:52:ef:93:3b:85:49: fd:3e:a6:7b:2b:cb:7b:e0:aa:ae:9d:be:bc:79:f3: 07:33:11:27:79:77:ff:67:26:35:75:07:d0:51:f7: f7:cc:63:c0:33:c5:07:b0:3a:3a:df:1d:9c:ac:82: 1c:a5:06:d1:18:7e:6d:5f:2c:11:8d:33:93:69:9d: 9c:48:df:b9:60:b4:1e:4c:9b:11:9a:3b:12:55:3a: 8a:03:98:b8:fa:29:30:c8:28:cd:e9:43:40:91:b5: 07:90:f3:c6:ed:6f:15:56:ef:cc:6e:fb:cd:f9:cf: 47:46:f1:4a:ee:23:a0:d4:0e:a1:64:d8:30:e7:d9: 32:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:13:BD:E0:D2:D5:99:6B:97:32:C8:82:C5:FE:23:AC:A6:C9:E4:FA X509v3 Authority Key Identifier: keyid:85:7A:2C:74:AF:5A:44:D9:AA:E4:7A:0B:89:42:5F:A4:F7:FC:7C:19 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hXosdK9aRNmq5HoLiUJfpPf8fBk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/KhO94NLVmWuXMsiCxf4jrKbJ5Po.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/hXosdK9aRNmq5HoLiUJfpPf8fBk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.77.168.0-37.77.172.255 77.247.200.0/21 IPv6: 2a03:9d80::/32 Signature Algorithm: sha256WithRSAEncryption 70:ca:65:5f:47:d2:43:b9:78:7b:f7:cc:ba:96:bc:d2:60:03: 90:9f:70:fb:fc:bc:bf:2b:6f:c5:c6:85:66:93:57:1c:db:b8: 62:ac:09:64:41:29:22:70:2f:a2:2f:c9:a0:6b:74:2b:dd:c2: 6a:a5:9c:74:ef:1b:58:5a:6a:f8:b6:9b:92:a3:56:1c:65:e6: 7e:87:4d:60:9c:e6:56:6d:03:90:4f:e8:8a:c0:0c:ca:d2:2c: c3:89:cc:4c:de:38:ab:a5:da:25:d2:12:e9:b7:96:67:f5:c5: f1:89:77:5f:08:f2:a1:1e:65:3f:da:cf:eb:d5:89:5f:8f:73: 7d:a3:5d:25:12:8b:97:78:d1:e1:ff:0f:87:71:da:ff:33:a5: c9:31:c0:e2:51:5d:b9:84:46:30:58:9d:b1:67:18:ee:56:72: 27:4f:78:ea:d7:12:28:6a:fc:b3:cc:cc:e6:64:42:a2:41:0d: ae:0c:a0:da:77:9f:05:ac:d6:b1:98:24:62:a9:7d:a6:ad:92: 5a:27:a5:67:cc:81:ad:4b:bf:ae:0f:e1:36:2f:5c:68:78:bd: aa:83:b1:e0:9e:eb:7a:f2:c3:a5:20:cc:8b:b7:cd:e5:1a:70: 5b:a0:90:bf:d5:57:88:4f:0f:a6:46:c3:eb:91:31:fd:d6:09: 7c:0f:5a:82 -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt8gBrTrmO32/naEy324yGfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1N2EyYzc0YWY1YTQ0ZDlhYWU0N2EwYjg5NDI1ZmE0Zjdm YzdjMTkwHhcNMjYwMTAyMDIxODQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYTEzYmRlMGQyZDU5OTZiOTczMmM4ODJjNWZlMjNhY2E2YzllNGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2YBqg3h/OSMZF63ce8XrKkql71a cmg2+xOJSyVBMIwP7yHFb0S94ZLm1aW24qWHYWRWf3A/jodfSn4n4t0kUcrNFWwJ mN8WT4kZ79qyicv4ABbCwy1QCx264E7HC7vwE5wg6t5tXFp4q+8T6EXuGAm4OB/p OCFW2BYW0I5xq+1S75M7hUn9PqZ7K8t74Kqunb68efMHMxEneXf/ZyY1dQfQUff3 zGPAM8UHsDo63x2crIIcpQbRGH5tXywRjTOTaZ2cSN+5YLQeTJsRmjsSVTqKA5i4 +ikwyCjN6UNAkbUHkPPG7W8VVu/MbvvN+c9HRvFK7iOg1A6hZNgw59kyhwIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFCoTveDS1ZlrlzLIgsX+I6ymyeT6MB8GA1UdIwQY MBaAFIV6LHSvWkTZquR6C4lCX6T3/HwZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFhvc2RLOWFSTm1xNUhvTGlVSmZwUGY4ZkJrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8wYTlhMzMtOTlkYy00YjkyLThjZWQt ODM2YWM5N2MwMWJiLzEvS2hPOTROTFZtV3VYTXNpQ3hmNGpyS2JKNVBvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85My8wYTlhMzMtOTlkYy00YjkyLThjZWQtODM2YWM5N2MwMWJi LzEvaFhvc2RLOWFSTm1xNUhvTGlVSmZwUGY4ZkJrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAMlTagD BAAlTawDBANN98gwDQQCAAIwBwMFACoDnYAwDQYJKoZIhvcNAQELBQADggEBAHDK ZV9H0kO5eHv3zLqWvNJgA5CfcPv8vL8rb8XGhWaTVxzbuGKsCWRBKSJwL6IvyaBr dCvdwmqlnHTvG1haavi2m5KjVhxl5n6HTWCc5lZtA5BP6IrADMrSLMOJzEzeOKul 2iXSEum3lmf1xfGJd18I8qEeZT/az+vViV+Pc32jXSUSi5d40eH/D4dx2v8zpckx wOJRXbmERjBYnbFnGO5WcidPeOrXEihq/LPMzOZkQqJBDa4MoNp3nwWs1rGYJGKp faatklonpWfMga1Lv64P4TYvXGh4vaqDseCe63ryw6UgzIu3zeUacFugkL/VV4hP D6ZGw+uRMf3WCXwPWoI= -----END CERTIFICATE-----Generated at Tue Feb 10 02:22:40 2026 by rpki-client