This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/Kh4bW6-_s3_aiIv78ENw1EtU9qw.roa File: Kh4bW6-_s3_aiIv78ENw1EtU9qw.roa (raw, json) Hash identifier: LByHcl5paKi4+lGJdAvzPijsfuoC7StCNhGpNyc/Ie4= Subject key identifier: 2A:1E:1B:5B:AF:BF:B3:7F:DA:88:8B:FB:F0:43:70:D4:4B:54:F6:AC Certificate issuer: /CN=29f6a300bf7d40b7f8d6181c5b8a7dbc71b7d123 Certificate serial: 019B7BA3442A801405925BF658BAE794EC6F Authority key identifier: 29:F6:A3:00:BF:7D:40:B7:F8:D6:18:1C:5B:8A:7D:BC:71:B7:D1:23 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KfajAL99QLf41hgcW4p9vHG30SM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/Kh4bW6-_s3_aiIv78ENw1EtU9qw.roa Signing time: Thu 01 Jan 2026 22:17:35 +0000 ROA not before: Thu 01 Jan 2026 22:17:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 11300 IP address blocks: 213.187.128.0/22 maxlen: 24 213.187.128.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/KfajAL99QLf41hgcW4p9vHG30SM.crl rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/KfajAL99QLf41hgcW4p9vHG30SM.mft rsync://rpki.ripe.net/repository/DEFAULT/KfajAL99QLf41hgcW4p9vHG30SM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 31 Jan 2026 09:01:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:44:2a:80:14:05:92:5b:f6:58:ba:e7:94:ec:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29f6a300bf7d40b7f8d6181c5b8a7dbc71b7d123 Validity Not Before: Jan 1 22:17:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2a1e1b5bafbfb37fda888bfbf04370d44b54f6ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:df:36:59:5a:af:c2:f3:e3:b6:2b:9a:01:67: 27:44:1f:17:9b:23:62:86:f7:14:3b:1f:88:94:c7: b3:cd:0e:fd:7a:e2:f0:c5:ff:c4:5c:ca:9f:74:77: 9a:c6:ed:5c:3f:46:8d:3c:58:65:0a:2a:ab:35:ed: f8:d5:45:87:1e:ff:1b:0c:0b:62:aa:83:15:f9:6f: f2:99:13:91:7a:25:10:13:b9:c9:6a:06:8c:19:dc: ef:b6:19:15:ed:12:80:53:f8:70:c9:62:7c:7c:f4: c1:d8:7f:2d:e1:c8:c7:70:f7:c0:af:f1:7c:b9:7f: c4:73:9d:0d:65:c5:1b:e3:57:cb:4f:95:9e:4c:44: bf:60:59:90:f2:a9:0d:53:5a:09:37:4a:a6:43:eb: 26:28:23:36:8a:57:aa:b2:23:8e:f9:44:e6:eb:73: b7:07:82:34:11:55:ef:2d:30:2d:a9:3b:8d:65:8d: 7a:0b:9f:7b:9c:81:42:37:19:dc:ba:e8:02:c2:42: fb:fb:8b:41:f6:14:66:5b:53:47:b6:61:51:48:7d: d1:ad:85:29:d1:06:5a:4f:81:4e:df:41:7c:8d:be: e4:ab:11:4f:2a:87:4f:19:92:b3:46:a9:f3:52:06: 16:55:0b:39:1d:17:d9:b1:d1:87:68:5c:bd:e4:4d: 08:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:1E:1B:5B:AF:BF:B3:7F:DA:88:8B:FB:F0:43:70:D4:4B:54:F6:AC X509v3 Authority Key Identifier: keyid:29:F6:A3:00:BF:7D:40:B7:F8:D6:18:1C:5B:8A:7D:BC:71:B7:D1:23 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfajAL99QLf41hgcW4p9vHG30SM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/Kh4bW6-_s3_aiIv78ENw1EtU9qw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/KfajAL99QLf41hgcW4p9vHG30SM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 213.187.128.0/22 Signature Algorithm: sha256WithRSAEncryption 8f:b6:78:25:d6:c6:42:66:cd:c1:af:f3:2e:50:18:34:bb:5c: 34:f9:e6:39:39:0a:09:f9:b5:5b:f9:c2:66:d6:1e:86:56:60: 38:44:2c:b2:b2:56:ee:d4:8b:f2:08:e0:e5:da:06:0a:18:04: 13:01:08:aa:9d:e9:bc:65:43:e1:46:2b:01:fb:b1:db:58:41: 02:34:a9:81:cc:1d:b9:06:ca:13:92:90:8a:cb:8b:bb:37:04: 1c:69:d2:76:4c:57:7e:fc:e2:11:dc:56:83:19:e6:56:b8:70: 08:2f:f4:29:7e:de:0a:07:45:7d:39:60:f6:ea:ba:31:4e:38: 6d:56:35:c8:05:d2:97:7a:81:5c:e1:a7:c5:d2:15:d8:1e:4e: 7b:18:16:5a:63:6d:e2:70:f2:eb:c7:92:b3:df:78:10:b1:5b: 81:97:2b:7a:19:bc:40:3a:46:31:54:02:8b:f9:9b:b4:c6:72: 60:a8:2a:51:b0:2f:f3:3f:17:66:82:25:e6:17:3c:75:d6:f9: 2f:9f:98:75:5a:05:77:e2:d8:d8:eb:51:3b:e8:45:7f:67:18: bd:af:67:06:ee:9d:9e:7b:a2:5e:95:02:d3:4a:4b:bb:b4:82: 90:6f:5b:35:5b:7d:c4:04:65:0b:61:a5:99:88:0e:1b:65:82: 55:4c:3b:6a -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7o0QqgBQFklv2WLrnlOxvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5ZjZhMzAwYmY3ZDQwYjdmOGQ2MTgxYzViOGE3ZGJjNzFi N2QxMjMwHhcNMjYwMTAxMjIxNzM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYTFlMWI1YmFmYmZiMzdmZGE4ODhiZmJmMDQzNzBkNDRiNTRmNmFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvd82WVqvwvPjtiuaAWcnRB8XmyNi hvcUOx+IlMezzQ79euLwxf/EXMqfdHeaxu1cP0aNPFhlCiqrNe341UWHHv8bDAti qoMV+W/ymROReiUQE7nJagaMGdzvthkV7RKAU/hwyWJ8fPTB2H8t4cjHcPfAr/F8 uX/Ec50NZcUb41fLT5WeTES/YFmQ8qkNU1oJN0qmQ+smKCM2ileqsiOO+UTm63O3 B4I0EVXvLTAtqTuNZY16C597nIFCNxncuugCwkL7+4tB9hRmW1NHtmFRSH3RrYUp 0QZaT4FO30F8jb7kqxFPKodPGZKzRqnzUgYWVQs5HRfZsdGHaFy95E0IzQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCoeG1uvv7N/2oiL+/BDcNRLVPasMB8GA1UdIwQY MBaAFCn2owC/fUC3+NYYHFuKfbxxt9EjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2ZhakFMOTlRTGY0MWhnY1c0cDl2SEczMFNNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hYWY0OWMtODNkZC00NmFhLThjZTct Yjg0YzQxM2RmYWE0LzEvS2g0Ylc2LV9zM19haUl2NzhFTncxRXRVOXF3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYS9hYWY0OWMtODNkZC00NmFhLThjZTctYjg0YzQxM2RmYWE0 LzEvS2ZhakFMOTlRTGY0MWhnY1c0cDl2SEczMFNNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1buAMA0G CSqGSIb3DQEBCwUAA4IBAQCPtngl1sZCZs3Br/MuUBg0u1w0+eY5OQoJ+bVb+cJm 1h6GVmA4RCyyslbu1IvyCODl2gYKGAQTAQiqnem8ZUPhRisB+7HbWEECNKmBzB25 BsoTkpCKy4u7NwQcadJ2TFd+/OIR3FaDGeZWuHAIL/Qpft4KB0V9OWD26roxTjht VjXIBdKXeoFc4afF0hXYHk57GBZaY23icPLrx5Kz33gQsVuBlyt6GbxAOkYxVAKL +Zu0xnJgqCpRsC/zPxdmgiXmFzx11vkvn5h1WgV34tjY61E76EV/Zxi9r2cG7p2e e6JelQLTSku7tIKQb1s1W33EBGULYaWZiA4bZYJVTDtq -----END CERTIFICATE-----Generated at Fri Jan 30 18:25:39 2026 by rpki-client