This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/hf2tUKoMhw8WDED_AN-v6f1qkZQ.roa File: hf2tUKoMhw8WDED_AN-v6f1qkZQ.roa (raw, json) Hash identifier: d3wXcLDNlCq8YksJf8KYY1HAUgrO4FjfqtmhHQ5Opbo= Subject key identifier: 85:FD:AD:50:AA:0C:87:0F:16:0C:40:FF:00:DF:AF:E9:FD:6A:91:94 Certificate issuer: /CN=4776afb74fad5baf0a6180b49510d8b8497df8d3 Certificate serial: 019B7BA5200AADF4A14746A67473913283B7 Authority key identifier: 47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/hf2tUKoMhw8WDED_AN-v6f1qkZQ.roa Signing time: Thu 01 Jan 2026 22:19:37 +0000 ROA not before: Thu 01 Jan 2026 22:19:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201303 IP address blocks: 212.18.249.0/24 maxlen: 24 2a04:2b00:13ff::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.crl rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.mft rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:20:0a:ad:f4:a1:47:46:a6:74:73:91:32:83:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4776afb74fad5baf0a6180b49510d8b8497df8d3 Validity Not Before: Jan 1 22:19:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=85fdad50aa0c870f160c40ff00dfafe9fd6a9194 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:1f:8a:91:a8:95:9e:ab:66:7a:e5:cd:a3:ae: 23:5d:e3:4e:94:f2:d4:64:88:6a:1f:3d:00:31:fb: 00:8d:56:7c:23:57:2a:3c:be:cb:48:4f:e8:7b:a7: c7:d7:63:74:8b:21:15:a5:58:ef:6b:3c:b0:98:b7: 38:d4:37:15:0a:01:ad:50:62:8e:39:99:d6:f4:ed: 31:6f:fd:7c:20:65:52:5b:ad:8c:be:c0:cf:2f:61: 1f:db:2e:2d:8c:ff:6a:c3:32:87:85:d3:2c:8f:b8: e2:17:b0:cf:7f:ce:06:b7:5f:31:d7:88:e5:51:76: 12:f4:8e:96:1d:45:b7:fe:8f:6e:1c:e0:89:02:c0: b1:9d:8e:96:b2:aa:ec:bb:b4:77:38:14:ae:85:66: 30:66:c0:5b:d8:da:81:4b:c0:ba:b9:d0:3c:a4:74: f5:a5:00:11:a4:70:3d:bb:47:53:7c:a2:8b:f1:d8: 88:9b:12:f9:6b:29:5a:38:db:a5:54:04:88:02:f2: ac:21:59:39:d7:37:df:be:fd:77:2c:dc:f0:e3:33: 41:93:4a:fd:31:ac:47:31:1c:86:4b:31:0b:3b:25: 42:20:7a:c4:b6:ab:05:7c:16:ed:01:dd:fa:3e:e9: ed:b0:0a:fb:06:8f:50:12:96:24:8b:8e:3f:b5:95: 97:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:FD:AD:50:AA:0C:87:0F:16:0C:40:FF:00:DF:AF:E9:FD:6A:91:94 X509v3 Authority Key Identifier: keyid:47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/hf2tUKoMhw8WDED_AN-v6f1qkZQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 212.18.249.0/24 IPv6: 2a04:2b00:13ff::/48 Signature Algorithm: sha256WithRSAEncryption 92:0d:dd:b5:8e:95:f8:e3:6e:14:f0:ce:23:3b:06:c3:cf:8e: fa:36:66:38:7b:fd:0b:19:f3:2c:de:16:87:7d:52:75:ee:08: 22:40:d6:c6:56:5b:c1:83:4e:d6:dc:38:32:cf:68:5a:99:96: e4:96:a9:0c:08:1c:96:1e:07:16:1a:b0:49:56:21:b6:6e:5e: 6b:f8:97:5b:48:2f:51:cf:e7:65:f3:3c:25:55:bf:cf:59:3e: d4:71:b5:75:d4:d4:ae:0b:99:b6:9f:c8:26:56:11:b7:c8:d8: 5c:59:a6:46:2d:e6:af:eb:ca:96:18:1c:dc:61:b5:79:7c:d5: 89:6c:88:43:6e:20:1a:4d:44:73:7e:44:83:85:84:11:1d:24: 91:8f:7e:f6:9c:fe:25:2c:f8:af:e3:db:71:89:3a:89:4b:02: a7:de:87:37:87:bc:de:b2:2a:71:67:94:12:56:b6:f7:45:2a: 8a:8a:09:0e:e2:f8:c1:1f:a2:b2:27:d1:6d:71:bd:18:6e:ba: ed:8f:89:9d:a5:80:04:42:6d:bd:44:b2:71:d4:38:01:55:e8: e7:bb:0e:ad:bf:30:6b:58:c2:f4:7f:2d:a5:1f:e4:30:a5:f8: 39:5e:21:08:fc:cc:83:f0:06:8d:66:9f:66:32:a4:3a:25:58: 35:af:9c:6a -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt7pSAKrfShR0amdHORMoO3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ3NzZhZmI3NGZhZDViYWYwYTYxODBiNDk1MTBkOGI4NDk3 ZGY4ZDMwHhcNMjYwMTAxMjIxOTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NWZkYWQ1MGFhMGM4NzBmMTYwYzQwZmYwMGRmYWZlOWZkNmE5MTk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0h+KkaiVnqtmeuXNo64jXeNOlPLU ZIhqHz0AMfsAjVZ8I1cqPL7LSE/oe6fH12N0iyEVpVjvazywmLc41DcVCgGtUGKO OZnW9O0xb/18IGVSW62MvsDPL2Ef2y4tjP9qwzKHhdMsj7jiF7DPf84Gt18x14jl UXYS9I6WHUW3/o9uHOCJAsCxnY6Wsqrsu7R3OBSuhWYwZsBb2NqBS8C6udA8pHT1 pQARpHA9u0dTfKKL8diImxL5aylaONulVASIAvKsIVk51zffvv13LNzw4zNBk0r9 MaxHMRyGSzELOyVCIHrEtqsFfBbtAd36PuntsAr7Bo9QEpYki44/tZWXzwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFIX9rVCqDIcPFgxA/wDfr+n9apGUMB8GA1UdIwQY MBaAFEd2r7dPrVuvCmGAtJUQ2LhJffjTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUjNhdnQwLXRXNjhLWVlDMGxSRFl1RWw5LU5NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9mNzFjYzItYjcxZC00NjY4LTg2NjEt MDUzOGU5NWYzZjEyLzEvaGYydFVLb01odzhXREVEX0FOLXY2ZjFxa1pRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85NC9mNzFjYzItYjcxZC00NjY4LTg2NjEtMDUzOGU5NWYzZjEy LzEvUjNhdnQwLXRXNjhLWVlDMGxSRFl1RWw5LU5NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA1BL5MA8E AgACMAkDBwAqBCsAE/8wDQYJKoZIhvcNAQELBQADggEBAJIN3bWOlfjjbhTwziM7 BsPPjvo2Zjh7/QsZ8yzeFod9UnXuCCJA1sZWW8GDTtbcODLPaFqZluSWqQwIHJYe BxYasElWIbZuXmv4l1tIL1HP52XzPCVVv89ZPtRxtXXU1K4LmbafyCZWEbfI2FxZ pkYt5q/rypYYHNxhtXl81YlsiENuIBpNRHN+RIOFhBEdJJGPfvac/iUs+K/j23GJ OolLAqfehzeHvN6yKnFnlBJWtvdFKoqKCQ7i+MEforIn0W1xvRhuuu2PiZ2lgARC bb1EsnHUOAFV6Oe7Dq2/MGtYwvR/LaUf5DCl+DleIQj8zIPwBo1mn2YypDolWDWv nGo= -----END CERTIFICATE-----Generated at Mon Jan 26 21:18:19 2026 by rpki-client