This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/bcae7d-9daa-4fc1-807b-7f6dea38e7aa/1/CWHHJeYwgvu_DkfFEA9PpyyrrFU.roa File: CWHHJeYwgvu_DkfFEA9PpyyrrFU.roa (raw, json) Hash identifier: oofrp1EIh2uZ/w767SyVcjsAPCoRcbFcavREaGG+ayc= Subject key identifier: 09:61:C7:25:E6:30:82:FB:BF:0E:47:C5:10:0F:4F:A7:2C:AB:AC:55 Certificate issuer: /CN=7a43253a368fc6475853971ba9235be0233d8b7c Certificate serial: 019B76EB2877826FCAA9DEB1FA20CED16DFC Authority key identifier: 7A:43:25:3A:36:8F:C6:47:58:53:97:1B:A9:23:5B:E0:23:3D:8B:7C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ekMlOjaPxkdYU5cbqSNb4CM9i3w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/bcae7d-9daa-4fc1-807b-7f6dea38e7aa/1/CWHHJeYwgvu_DkfFEA9PpyyrrFU.roa Signing time: Thu 01 Jan 2026 00:18:01 +0000 ROA not before: Thu 01 Jan 2026 00:18:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198682 IP address blocks: 185.249.32.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/bcae7d-9daa-4fc1-807b-7f6dea38e7aa/1/ekMlOjaPxkdYU5cbqSNb4CM9i3w.crl rsync://rpki.ripe.net/repository/DEFAULT/8d/bcae7d-9daa-4fc1-807b-7f6dea38e7aa/1/ekMlOjaPxkdYU5cbqSNb4CM9i3w.mft rsync://rpki.ripe.net/repository/DEFAULT/ekMlOjaPxkdYU5cbqSNb4CM9i3w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:28:77:82:6f:ca:a9:de:b1:fa:20:ce:d1:6d:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7a43253a368fc6475853971ba9235be0233d8b7c Validity Not Before: Jan 1 00:18:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0961c725e63082fbbf0e47c5100f4fa72cabac55 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:ad:2b:45:7c:17:9f:26:3e:50:bc:52:54:41: 48:20:5f:60:0c:96:8c:17:f1:45:30:b8:89:48:47: cc:3c:2f:a1:ca:62:98:39:9f:32:30:44:27:af:c8: be:df:19:39:3f:4c:00:c7:8d:bb:35:14:58:03:6a: 4e:e6:1a:cf:73:d6:49:8f:55:fc:a7:f6:99:21:41: 82:e0:b5:aa:4e:a4:a1:b1:20:9a:2d:e3:bb:c0:12: 1c:d4:fc:87:6c:30:b2:16:86:0f:48:1c:27:04:8a: bd:32:82:90:c0:93:a2:df:09:a7:65:48:33:bb:02: 86:7a:17:cb:57:dc:78:59:af:a0:64:ff:e9:27:eb: c0:c3:93:aa:96:5e:80:5b:9a:b4:4c:d5:fb:aa:d0: cb:3d:72:94:e8:d7:65:02:bb:f8:a7:bc:be:57:e9: a5:f2:45:54:74:fb:03:5c:96:a5:0a:fb:ff:e3:d5: 38:29:f3:b5:54:49:1a:71:c5:20:15:24:63:0b:d1: 2a:4d:3a:c6:87:5c:78:2e:c2:dc:3d:94:78:5b:36: 5a:2b:6e:50:6e:f0:3a:1a:14:b0:28:4c:d3:b9:cc: 05:85:46:5e:15:9b:c2:51:be:7e:a3:92:5a:d4:8a: ed:58:3e:94:71:37:65:35:5e:49:5f:90:37:4a:69: f1:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:61:C7:25:E6:30:82:FB:BF:0E:47:C5:10:0F:4F:A7:2C:AB:AC:55 X509v3 Authority Key Identifier: keyid:7A:43:25:3A:36:8F:C6:47:58:53:97:1B:A9:23:5B:E0:23:3D:8B:7C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ekMlOjaPxkdYU5cbqSNb4CM9i3w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/bcae7d-9daa-4fc1-807b-7f6dea38e7aa/1/CWHHJeYwgvu_DkfFEA9PpyyrrFU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/bcae7d-9daa-4fc1-807b-7f6dea38e7aa/1/ekMlOjaPxkdYU5cbqSNb4CM9i3w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.249.32.0/22 Signature Algorithm: sha256WithRSAEncryption 38:fd:69:85:5b:2a:07:99:75:d5:d1:b9:e2:38:3b:bd:b6:ec: a1:40:05:55:d0:c4:9e:3f:6c:1a:e7:4c:48:d1:13:b3:ab:54: 9c:09:ac:8c:16:8e:d7:96:2e:4f:ae:d1:26:c3:5c:0e:07:5a: 1c:8a:d8:8b:bc:e6:0c:c7:d6:72:8a:a0:45:a7:d3:4f:a4:09: 45:ea:6a:1b:ac:55:26:65:a0:bb:5b:4f:5f:6b:f7:29:19:9f: a8:18:6d:c5:46:c8:df:e0:6f:94:56:9e:42:e6:46:57:60:c2: 9f:8f:2a:13:df:6f:cd:84:36:8d:f9:ab:f2:31:b9:d2:09:a6: 30:5d:ed:cb:d7:7e:79:44:5a:7c:d0:3a:2d:3d:37:70:87:f9: ee:af:93:2d:98:a3:81:53:fe:1b:4d:55:53:7c:de:e4:8a:11: b5:cc:d9:63:c2:6f:e1:f0:19:f6:e5:2b:86:b3:ff:94:f5:f8: 84:3f:e3:ff:cc:9c:78:d6:a5:f0:d4:44:69:56:60:27:9b:4d: 25:97:48:86:d9:dc:67:4d:8d:d2:34:9b:22:f3:9c:7f:62:1d: 31:00:ae:6a:17:7d:bb:fb:9b:08:c5:04:af:32:1e:54:9d:65: 98:13:9b:1f:0b:76:64:e2:de:64:4c:b3:24:b3:96:c2:4c:f8: 0c:6d:ae:32 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt26yh3gm/Kqd6x+iDO0W38MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdhNDMyNTNhMzY4ZmM2NDc1ODUzOTcxYmE5MjM1YmUwMjMz ZDhiN2MwHhcNMjYwMTAxMDAxODAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOTYxYzcyNWU2MzA4MmZiYmYwZTQ3YzUxMDBmNGZhNzJjYWJhYzU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA160rRXwXnyY+ULxSVEFIIF9gDJaM F/FFMLiJSEfMPC+hymKYOZ8yMEQnr8i+3xk5P0wAx427NRRYA2pO5hrPc9ZJj1X8 p/aZIUGC4LWqTqShsSCaLeO7wBIc1PyHbDCyFoYPSBwnBIq9MoKQwJOi3wmnZUgz uwKGehfLV9x4Wa+gZP/pJ+vAw5Oqll6AW5q0TNX7qtDLPXKU6NdlArv4p7y+V+ml 8kVUdPsDXJalCvv/49U4KfO1VEkaccUgFSRjC9EqTTrGh1x4LsLcPZR4WzZaK25Q bvA6GhSwKEzTucwFhUZeFZvCUb5+o5Ja1IrtWD6UcTdlNV5JX5A3SmnxMQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFAlhxyXmMIL7vw5HxRAPT6csq6xVMB8GA1UdIwQY MBaAFHpDJTo2j8ZHWFOXG6kjW+AjPYt8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZWtNbE9qYVB4a2RZVTVjYnFTTmI0Q005aTN3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9iY2FlN2QtOWRhYS00ZmMxLTgwN2It N2Y2ZGVhMzhlN2FhLzEvQ1dISEplWXdndnVfRGtmRkVBOVBweXlyckZVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZC9iY2FlN2QtOWRhYS00ZmMxLTgwN2ItN2Y2ZGVhMzhlN2Fh LzEvZWtNbE9qYVB4a2RZVTVjYnFTTmI0Q005aTN3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufkgMA0G CSqGSIb3DQEBCwUAA4IBAQA4/WmFWyoHmXXV0bniODu9tuyhQAVV0MSeP2wa50xI 0ROzq1ScCayMFo7Xli5PrtEmw1wOB1ocitiLvOYMx9ZyiqBFp9NPpAlF6mobrFUm ZaC7W09fa/cpGZ+oGG3FRsjf4G+UVp5C5kZXYMKfjyoT32/NhDaN+avyMbnSCaYw Xe3L1355RFp80DotPTdwh/nur5MtmKOBU/4bTVVTfN7kihG1zNljwm/h8Bn25SuG s/+U9fiEP+P/zJx41qXw1ERpVmAnm00ll0iG2dxnTY3SNJsi85x/Yh0xAK5qF327 +5sIxQSvMh5UnWWYE5sfC3Zk4t5kTLMks5bCTPgMba4y -----END CERTIFICATE-----Generated at Sun Jan 25 16:09:45 2026 by rpki-client