This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/hKhfIT1bLSm9T1vRZ8lUIQhwPL8.roa File: hKhfIT1bLSm9T1vRZ8lUIQhwPL8.roa (raw, json) Hash identifier: JsVZUZY2jRp86Nc98FbhjEFX6YIVkAW1DmOfJdOukK0= Subject key identifier: 84:A8:5F:21:3D:5B:2D:29:BD:4F:5B:D1:67:C9:54:21:08:70:3C:BF Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478 Certificate serial: 019BF0A827B004C5939A38DE6A0BEB2497E1 Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/hKhfIT1bLSm9T1vRZ8lUIQhwPL8.roa Signing time: Sat 24 Jan 2026 15:38:30 +0000 ROA not before: Sat 24 Jan 2026 15:38:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205899 IP address blocks: 46.249.110.0/24 maxlen: 24 185.215.247.0/24 maxlen: 24 185.231.173.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f0:a8:27:b0:04:c5:93:9a:38:de:6a:0b:eb:24:97:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478 Validity Not Before: Jan 24 15:38:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=84a85f213d5b2d29bd4f5bd167c9542108703cbf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:a9:24:55:9b:04:e7:15:ad:fb:5f:1a:0e:3f: 66:29:82:49:92:de:04:46:35:dc:3b:91:ea:b6:34: 79:da:c5:6b:64:c8:5d:a9:80:bb:98:41:cf:05:9a: eb:1d:9c:bc:e8:9f:07:c9:ee:ec:90:f5:c5:a6:76: 10:3b:d1:d1:09:70:62:fe:a1:7e:1f:a2:5a:2b:2d: 8f:11:ae:1d:64:75:d9:50:53:b3:78:94:73:d6:19: 0b:70:78:7d:51:d9:35:f6:22:b5:ae:19:ac:c2:49: 99:db:7f:73:fc:42:8a:da:55:05:4d:dc:37:77:27: 1d:a1:7f:ad:43:08:f0:53:ab:3a:86:1e:74:51:a7: 0e:60:7c:3a:19:df:61:18:52:bd:97:f4:88:35:1c: 3b:d6:6e:6c:4e:d9:26:27:f8:61:8d:28:1a:c2:a9: 82:9c:1e:ca:a7:21:40:96:cb:74:92:af:2c:3f:1d: b1:90:81:c8:46:e1:c2:4a:0b:a8:a5:2e:65:99:74: 07:72:53:ae:ed:e1:30:c3:ea:f9:f5:77:4a:54:74: fe:d3:52:07:d0:d2:14:63:2b:e9:f1:c3:fd:64:d9: d6:a8:ae:27:c7:70:57:67:61:52:66:b0:21:60:d7: d2:89:b7:6b:19:fc:ab:c4:a3:ec:87:f4:0c:bb:35: 6c:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:A8:5F:21:3D:5B:2D:29:BD:4F:5B:D1:67:C9:54:21:08:70:3C:BF X509v3 Authority Key Identifier: keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/hKhfIT1bLSm9T1vRZ8lUIQhwPL8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.249.110.0/24 185.215.247.0/24 185.231.173.0/24 Signature Algorithm: sha256WithRSAEncryption 3c:48:27:05:53:2f:56:e5:33:5e:65:1e:66:d9:71:44:a6:7b: cd:77:75:4b:9f:9e:33:72:1a:c5:e1:ba:8e:d8:be:00:0d:76: 9e:27:93:c6:d6:c2:c3:65:28:d6:66:56:15:3c:54:d8:0f:f7: c8:ad:8b:c1:a2:15:17:15:10:fe:d3:62:d2:c5:56:fd:84:6c: 24:de:d1:b3:5f:e3:17:ec:f0:c6:8a:ee:3c:0f:5b:0e:ef:02: e8:20:64:7a:4b:79:40:e6:40:e7:fb:3f:5b:c3:57:96:30:53: ac:4b:3b:75:ed:2c:64:97:49:87:9e:55:da:21:d9:3a:f0:46: e6:d0:0e:65:53:bb:00:33:a7:0f:00:02:a5:e5:32:af:da:87: 31:80:23:d2:55:07:7e:4d:6e:e4:23:6b:0c:f4:22:cd:45:d8: 5a:e9:ab:de:87:1a:7e:b1:06:50:78:f9:bc:66:8e:a3:69:96: f8:68:06:f2:fe:5b:b6:84:66:51:50:6d:d5:cd:fc:50:0b:1f: 84:5c:8f:c2:4e:b1:c8:7a:be:95:c4:65:95:9d:f0:ee:96:0c: 54:be:b6:f5:84:7e:22:d2:34:ee:45:a0:c6:2d:d9:a3:4c:de: 65:e2:dc:70:af:c7:70:87:aa:5a:20:25:aa:7f:dc:19:f8:ef: 51:7b:8f:f5 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZvwqCewBMWTmjjeagvrJJfhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2 NWE0NzgwHhcNMjYwMTI0MTUzODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NGE4NWYyMTNkNWIyZDI5YmQ0ZjViZDE2N2M5NTQyMTA4NzAzY2JmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKkkVZsE5xWt+18aDj9mKYJJkt4E RjXcO5HqtjR52sVrZMhdqYC7mEHPBZrrHZy86J8Hye7skPXFpnYQO9HRCXBi/qF+ H6JaKy2PEa4dZHXZUFOzeJRz1hkLcHh9Udk19iK1rhmswkmZ239z/EKK2lUFTdw3 dycdoX+tQwjwU6s6hh50UacOYHw6Gd9hGFK9l/SINRw71m5sTtkmJ/hhjSgawqmC nB7KpyFAlst0kq8sPx2xkIHIRuHCSguopS5lmXQHclOu7eEww+r59XdKVHT+01IH 0NIUYyvp8cP9ZNnWqK4nx3BXZ2FSZrAhYNfSibdrGfyrxKPsh/QMuzVsBwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFISoXyE9Wy0pvU9b0WfJVCEIcDy/MB8GA1UdIwQY MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt ZmUwNjU5MTc2YTU2LzEvaEtoZklUMWJMU205VDF2Ulo4bFVJUWh3UEw4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2 LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALvluAwQA udf3AwQAueetMA0GCSqGSIb3DQEBCwUAA4IBAQA8SCcFUy9W5TNeZR5m2XFEpnvN d3VLn54zchrF4bqO2L4ADXaeJ5PG1sLDZSjWZlYVPFTYD/fIrYvBohUXFRD+02LS xVb9hGwk3tGzX+MX7PDGiu48D1sO7wLoIGR6S3lA5kDn+z9bw1eWMFOsSzt17Sxk l0mHnlXaIdk68Ebm0A5lU7sAM6cPAAKl5TKv2ocxgCPSVQd+TW7kI2sM9CLNRdha 6avehxp+sQZQePm8Zo6jaZb4aAby/lu2hGZRUG3VzfxQCx+EXI/CTrHIer6VxGWV nfDulgxUvrb1hH4i0jTuRaDGLdmjTN5l4txwr8dwh6paICWqf9wZ+O9Re4/1 -----END CERTIFICATE-----Generated at Sun Jan 25 11:58:27 2026 by rpki-client