This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/4d5551-0330-43ea-80f1-bb433ba476f2/1/heO1dPv16lNqNoaUzHYmWrwdcrs.roa File: heO1dPv16lNqNoaUzHYmWrwdcrs.roa (raw, json) Hash identifier: Pmdo0ju6M8iagRWSreMlT5nEuBLF3DYNOFUHFOJkLRw= Subject key identifier: 85:E3:B5:74:FB:F5:EA:53:6A:36:86:94:CC:76:26:5A:BC:1D:72:BB Certificate issuer: /CN=4044fa54400bc6cfc30cb8311a819d5bda421a72 Certificate serial: 019B7AC84820948CD462B5295DE9B7871C5B Authority key identifier: 40:44:FA:54:40:0B:C6:CF:C3:0C:B8:31:1A:81:9D:5B:DA:42:1A:72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QET6VEALxs_DDLgxGoGdW9pCGnI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/4d5551-0330-43ea-80f1-bb433ba476f2/1/heO1dPv16lNqNoaUzHYmWrwdcrs.roa Signing time: Thu 01 Jan 2026 18:18:24 +0000 ROA not before: Thu 01 Jan 2026 18:18:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60627 IP address blocks: 185.113.56.0/22 maxlen: 22 185.124.112.0/22 maxlen: 22 185.140.56.0/22 maxlen: 22 185.143.204.0/22 maxlen: 22 185.145.8.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/4d5551-0330-43ea-80f1-bb433ba476f2/1/QET6VEALxs_DDLgxGoGdW9pCGnI.crl rsync://rpki.ripe.net/repository/DEFAULT/5f/4d5551-0330-43ea-80f1-bb433ba476f2/1/QET6VEALxs_DDLgxGoGdW9pCGnI.mft rsync://rpki.ripe.net/repository/DEFAULT/QET6VEALxs_DDLgxGoGdW9pCGnI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:48:20:94:8c:d4:62:b5:29:5d:e9:b7:87:1c:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4044fa54400bc6cfc30cb8311a819d5bda421a72 Validity Not Before: Jan 1 18:18:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=85e3b574fbf5ea536a368694cc76265abc1d72bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:e2:a8:dc:8b:8f:4c:00:ba:67:29:9b:b6:ce: 7b:0d:88:90:ad:1e:b0:ff:e6:06:a4:f7:54:af:98: 75:8b:3b:89:d3:4f:c7:26:66:4b:ad:ce:a5:2d:81: 51:0d:c1:45:39:fd:10:95:82:50:c2:d8:13:01:38: 6f:56:27:63:f7:be:5a:1d:4e:2a:ea:06:21:7d:6d: cc:37:ef:f0:3f:a7:d1:02:43:21:b8:73:3a:35:63: cf:a0:f9:ab:03:d0:9b:7c:69:68:1e:b9:0f:a2:6b: bc:a0:bd:57:12:47:a7:31:35:69:07:b7:4d:45:e4: 1e:8b:eb:8d:ab:56:3e:69:e7:3e:48:60:a3:34:67: 34:0d:7f:41:1b:c3:4f:f2:51:2a:fb:4c:30:24:ff: 56:8f:2f:02:cc:67:0e:34:7f:79:65:5c:24:5d:f5: 43:a8:f2:41:e5:af:e0:43:e0:34:bf:c2:ce:e0:e3: 6b:a2:bf:72:09:e5:4f:1d:5d:e9:2b:63:a9:fa:37: fb:20:ca:82:1b:f9:d4:fc:ea:41:a6:f6:37:0b:bb: f2:e3:9d:13:39:51:64:a0:60:4e:d5:b7:99:a8:6e: 29:b8:27:14:83:23:17:9a:6d:f7:2d:e4:d9:df:aa: 37:d8:08:13:88:76:42:d7:49:40:f9:15:1c:00:84: e7:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:E3:B5:74:FB:F5:EA:53:6A:36:86:94:CC:76:26:5A:BC:1D:72:BB X509v3 Authority Key Identifier: keyid:40:44:FA:54:40:0B:C6:CF:C3:0C:B8:31:1A:81:9D:5B:DA:42:1A:72 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QET6VEALxs_DDLgxGoGdW9pCGnI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/4d5551-0330-43ea-80f1-bb433ba476f2/1/heO1dPv16lNqNoaUzHYmWrwdcrs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/4d5551-0330-43ea-80f1-bb433ba476f2/1/QET6VEALxs_DDLgxGoGdW9pCGnI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.113.56.0/22 185.124.112.0/22 185.140.56.0/22 185.143.204.0/22 185.145.8.0/22 Signature Algorithm: sha256WithRSAEncryption 6b:73:44:a2:1d:17:62:85:f2:05:5c:7d:19:7b:40:d0:b2:e3: 52:ed:cd:f0:03:50:53:70:04:84:27:b7:6d:a6:b2:02:50:fa: 44:05:43:79:44:48:3c:e7:2b:ed:d6:5f:f4:a9:82:00:86:4f: 19:5d:40:4c:d2:c0:a6:ea:e1:6f:aa:70:31:4a:f3:11:88:9b: 49:5b:49:4f:80:ed:fb:c1:33:5b:51:8e:24:38:6f:f2:d2:ac: a1:a1:16:50:8b:65:8e:43:fb:c2:96:eb:f5:ef:b6:16:15:39: 19:f1:ad:42:20:33:c2:bf:06:f6:bb:01:75:96:61:92:87:0e: dd:42:04:cd:f5:3e:48:9e:e5:7e:6d:6a:52:4c:38:6d:50:60: 78:5a:0d:53:95:d3:57:a4:b0:62:fc:22:5d:b5:b1:0f:5e:f6: 14:6b:d2:ce:8a:1e:0d:dc:92:cc:28:b1:65:dd:b9:65:62:3a: b0:39:8c:28:b1:35:84:88:bf:f4:dd:b3:fe:df:fc:68:f4:fc: b1:e9:66:00:85:91:4e:98:14:d1:57:3d:24:1b:b8:15:0e:b6: 39:69:21:cd:04:bb:bd:d6:5a:fa:eb:3a:af:c2:6e:6b:da:b6: f5:d2:10:8c:ea:f3:79:2c:eb:d7:9d:6f:12:14:83:fe:92:f7: 63:29:74:7b -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt6yEgglIzUYrUpXem3hxxbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwNDRmYTU0NDAwYmM2Y2ZjMzBjYjgzMTFhODE5ZDViZGE0 MjFhNzIwHhcNMjYwMTAxMTgxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NWUzYjU3NGZiZjVlYTUzNmEzNjg2OTRjYzc2MjY1YWJjMWQ3MmJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneKo3IuPTAC6Zymbts57DYiQrR6w /+YGpPdUr5h1izuJ00/HJmZLrc6lLYFRDcFFOf0QlYJQwtgTAThvVidj975aHU4q 6gYhfW3MN+/wP6fRAkMhuHM6NWPPoPmrA9CbfGloHrkPomu8oL1XEkenMTVpB7dN ReQei+uNq1Y+aec+SGCjNGc0DX9BG8NP8lEq+0wwJP9Wjy8CzGcONH95ZVwkXfVD qPJB5a/gQ+A0v8LO4ONror9yCeVPHV3pK2Op+jf7IMqCG/nU/OpBpvY3C7vy450T OVFkoGBO1beZqG4puCcUgyMXmm33LeTZ36o32AgTiHZC10lA+RUcAITntQIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFIXjtXT79epTajaGlMx2Jlq8HXK7MB8GA1UdIwQY MBaAFEBE+lRAC8bPwwy4MRqBnVvaQhpyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUVUNlZFQUx4c19ERExneEdvR2RXOXBDR25JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi80ZDU1NTEtMDMzMC00M2VhLTgwZjEt YmI0MzNiYTQ3NmYyLzEvaGVPMWRQdjE2bE5xTm9hVXpIWW1XcndkY3JzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Zi80ZDU1NTEtMDMzMC00M2VhLTgwZjEtYmI0MzNiYTQ3NmYy LzEvUUVUNlZFQUx4c19ERExneEdvR2RXOXBDR25JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCuXE4AwQC uXxwAwQCuYw4AwQCuY/MAwQCuZEIMA0GCSqGSIb3DQEBCwUAA4IBAQBrc0SiHRdi hfIFXH0Ze0DQsuNS7c3wA1BTcASEJ7dtprICUPpEBUN5REg85yvt1l/0qYIAhk8Z XUBM0sCm6uFvqnAxSvMRiJtJW0lPgO37wTNbUY4kOG/y0qyhoRZQi2WOQ/vCluv1 77YWFTkZ8a1CIDPCvwb2uwF1lmGShw7dQgTN9T5InuV+bWpSTDhtUGB4Wg1TldNX pLBi/CJdtbEPXvYUa9LOih4N3JLMKLFl3bllYjqwOYwosTWEiL/03bP+3/xo9Pyx 6WYAhZFOmBTRVz0kG7gVDrY5aSHNBLu91lr66zqvwm5r2rb10hCM6vN5LOvXnW8S FIP+kvdjKXR7 -----END CERTIFICATE-----Generated at Mon Jan 26 02:31:54 2026 by rpki-client