This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/52d0fe-cc6e-41d9-9643-c5d360fcdf0e/1/Kh2cfJTXoBgXnb5cU5bkPsfJ3G8.roa File: Kh2cfJTXoBgXnb5cU5bkPsfJ3G8.roa (raw, json) Hash identifier: OIPaE117G5MhGem++zxKuvBio3gr+RNCi90er+bU030= Subject key identifier: 2A:1D:9C:7C:94:D7:A0:18:17:9D:BE:5C:53:96:E4:3E:C7:C9:DC:6F Certificate issuer: /CN=a7f66522f403d8c994a484682870799417ce1e81 Certificate serial: 019B7CED266ED4F99232C6747D016E46003A Authority key identifier: A7:F6:65:22:F4:03:D8:C9:94:A4:84:68:28:70:79:94:17:CE:1E:81 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_ZlIvQD2MmUpIRoKHB5lBfOHoE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/52d0fe-cc6e-41d9-9643-c5d360fcdf0e/1/Kh2cfJTXoBgXnb5cU5bkPsfJ3G8.roa Signing time: Fri 02 Jan 2026 04:17:55 +0000 ROA not before: Fri 02 Jan 2026 04:17:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60815 IP address blocks: 185.89.88.0/23 maxlen: 23 185.89.88.0/24 maxlen: 24 185.89.89.0/24 maxlen: 24 185.89.90.0/23 maxlen: 23 185.89.90.0/24 maxlen: 24 185.89.91.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/52d0fe-cc6e-41d9-9643-c5d360fcdf0e/1/p_ZlIvQD2MmUpIRoKHB5lBfOHoE.crl rsync://rpki.ripe.net/repository/DEFAULT/c9/52d0fe-cc6e-41d9-9643-c5d360fcdf0e/1/p_ZlIvQD2MmUpIRoKHB5lBfOHoE.mft rsync://rpki.ripe.net/repository/DEFAULT/p_ZlIvQD2MmUpIRoKHB5lBfOHoE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:26:6e:d4:f9:92:32:c6:74:7d:01:6e:46:00:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a7f66522f403d8c994a484682870799417ce1e81 Validity Not Before: Jan 2 04:17:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2a1d9c7c94d7a018179dbe5c5396e43ec7c9dc6f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:ca:91:e5:b5:52:e1:6c:fd:08:67:f1:cd:f0: 2b:e1:29:cc:1c:70:24:6d:c2:4f:54:33:c9:61:34: f2:2c:8b:79:6b:86:b4:11:5b:c5:20:f9:dd:34:07: 09:0c:df:78:eb:1b:b7:53:e7:72:aa:92:eb:db:cd: 6a:66:96:2c:26:3f:09:52:24:9c:50:cd:c2:31:9a: 65:96:c0:d7:5e:8c:0d:b6:68:1c:5c:96:1a:65:92: 6d:c5:e5:d2:69:84:09:0b:7f:73:cb:a3:e0:86:44: b6:38:dc:4b:25:f6:f0:23:22:52:f2:4d:29:c1:e9: 4a:e9:c0:19:93:09:c2:5a:e8:4d:49:b9:7c:8c:21: 06:88:c9:e9:a1:cd:1a:ce:0a:a1:f6:63:45:d1:85: c3:5e:55:3b:fc:bf:93:c4:7d:31:98:d8:3a:e0:46: f9:03:4a:e8:e7:9c:ce:5d:f2:03:a6:e2:22:ac:41: 87:6d:0f:c5:4d:ec:2a:ab:04:52:fe:60:b3:54:2c: ca:29:1e:ce:39:c9:b0:57:34:0e:0a:59:7e:84:a5: 43:0b:30:3b:06:6a:67:bb:55:cb:89:0f:1c:b3:34: 43:2a:b3:67:68:b8:40:96:f0:52:32:7a:90:84:ca: d9:31:4f:23:3b:4b:39:0e:f4:70:c0:91:12:26:1b: 20:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:1D:9C:7C:94:D7:A0:18:17:9D:BE:5C:53:96:E4:3E:C7:C9:DC:6F X509v3 Authority Key Identifier: keyid:A7:F6:65:22:F4:03:D8:C9:94:A4:84:68:28:70:79:94:17:CE:1E:81 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_ZlIvQD2MmUpIRoKHB5lBfOHoE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/52d0fe-cc6e-41d9-9643-c5d360fcdf0e/1/Kh2cfJTXoBgXnb5cU5bkPsfJ3G8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/52d0fe-cc6e-41d9-9643-c5d360fcdf0e/1/p_ZlIvQD2MmUpIRoKHB5lBfOHoE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.89.88.0/22 Signature Algorithm: sha256WithRSAEncryption 6f:4f:20:12:df:a5:56:60:36:99:48:43:2a:09:03:bc:29:82: f2:8a:bd:60:62:5d:97:d5:dc:c8:2e:db:f0:58:10:cd:ed:77: 3c:ff:75:24:02:68:0e:a7:2d:d5:97:6e:60:a5:32:1b:f6:c6: 1f:9e:5f:32:fb:47:f9:f9:4c:2d:1d:99:d9:a2:77:88:a9:b5: 8f:40:e0:ab:2b:ec:fa:13:dc:60:dd:1f:3f:c0:8a:be:49:40: 28:14:97:bd:b6:f6:15:2c:61:ef:18:e5:a4:c5:7c:9f:89:53: 4d:78:c7:d3:80:e1:bf:24:32:98:cc:93:3a:30:f6:21:12:4a: 35:47:7c:59:c0:2c:b6:04:f6:9b:cf:18:e5:c2:2f:4e:69:16: d6:8c:a4:ce:db:9b:a0:95:3a:bd:b5:ae:f3:52:63:92:5c:43: 72:28:80:63:02:37:cf:f5:42:b8:24:61:06:37:43:f1:bb:2b: 4e:a2:ed:71:fd:5d:c5:9e:b2:fe:ce:48:e1:22:e0:bb:18:ce: 87:4f:2d:99:cb:92:f1:f0:3f:04:a4:3f:60:d0:be:09:8a:ea: db:31:b4:3c:56:ca:78:b6:84:e7:39:e3:34:6d:87:6e:56:2d: 6d:85:84:87:71:c1:3e:a3:12:83:c3:af:b0:33:29:4e:fe:7e: 12:65:fb:77 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt87SZu1PmSMsZ0fQFuRgA6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE3ZjY2NTIyZjQwM2Q4Yzk5NGE0ODQ2ODI4NzA3OTk0MTdj ZTFlODEwHhcNMjYwMTAyMDQxNzU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYTFkOWM3Yzk0ZDdhMDE4MTc5ZGJlNWM1Mzk2ZTQzZWM3YzlkYzZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcqR5bVS4Wz9CGfxzfAr4SnMHHAk bcJPVDPJYTTyLIt5a4a0EVvFIPndNAcJDN946xu3U+dyqpLr281qZpYsJj8JUiSc UM3CMZpllsDXXowNtmgcXJYaZZJtxeXSaYQJC39zy6PghkS2ONxLJfbwIyJS8k0p welK6cAZkwnCWuhNSbl8jCEGiMnpoc0azgqh9mNF0YXDXlU7/L+TxH0xmNg64Eb5 A0ro55zOXfIDpuIirEGHbQ/FTewqqwRS/mCzVCzKKR7OOcmwVzQOCll+hKVDCzA7 Bmpnu1XLiQ8cszRDKrNnaLhAlvBSMnqQhMrZMU8jO0s5DvRwwJESJhsg0wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCodnHyU16AYF52+XFOW5D7HydxvMB8GA1UdIwQY MBaAFKf2ZSL0A9jJlKSEaChweZQXzh6BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcF9abEl2UUQyTW1VcElSb0tIQjVsQmZPSG9FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81MmQwZmUtY2M2ZS00MWQ5LTk2NDMt YzVkMzYwZmNkZjBlLzEvS2gyY2ZKVFhvQmdYbmI1Y1U1YmtQc2ZKM0c4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOS81MmQwZmUtY2M2ZS00MWQ5LTk2NDMtYzVkMzYwZmNkZjBl LzEvcF9abEl2UUQyTW1VcElSb0tIQjVsQmZPSG9FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVlYMA0G CSqGSIb3DQEBCwUAA4IBAQBvTyAS36VWYDaZSEMqCQO8KYLyir1gYl2X1dzILtvw WBDN7Xc8/3UkAmgOpy3Vl25gpTIb9sYfnl8y+0f5+UwtHZnZoneIqbWPQOCrK+z6 E9xg3R8/wIq+SUAoFJe9tvYVLGHvGOWkxXyfiVNNeMfTgOG/JDKYzJM6MPYhEko1 R3xZwCy2BPabzxjlwi9OaRbWjKTO25uglTq9ta7zUmOSXENyKIBjAjfP9UK4JGEG N0PxuytOou1x/V3FnrL+zkjhIuC7GM6HTy2Zy5Lx8D8EpD9g0L4JiurbMbQ8Vsp4 toTnOeM0bYduVi1thYSHccE+oxKDw6+wMylO/n4SZft3 -----END CERTIFICATE-----Generated at Mon Feb 9 22:59:42 2026 by rpki-client