This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0b8373-0c2c-4b06-bf69-afbf4ecf2b50/1/HEmaONS-4AyfdKSuhqxZ1eXPDvA.roa File: HEmaONS-4AyfdKSuhqxZ1eXPDvA.roa (raw, json) Hash identifier: Zph0f22jUL4/wY1fTUmGHlz5Uf3hM9c2kdfEksVr4m0= Subject key identifier: 1C:49:9A:38:D4:BE:E0:0C:9F:74:A4:AE:86:AC:59:D5:E5:CF:0E:F0 Certificate issuer: /CN=c161578ce0ff37f06c26362ea2c6357b98633b70 Certificate serial: 019B7F83E0914280152CFAA774F38AD9A927 Authority key identifier: C1:61:57:8C:E0:FF:37:F0:6C:26:36:2E:A2:C6:35:7B:98:63:3B:70 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wWFXjOD_N_BsJjYuosY1e5hjO3A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0b8373-0c2c-4b06-bf69-afbf4ecf2b50/1/HEmaONS-4AyfdKSuhqxZ1eXPDvA.roa Signing time: Fri 02 Jan 2026 16:21:47 +0000 ROA not before: Fri 02 Jan 2026 16:21:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204667 IP address blocks: 45.148.84.0/22 maxlen: 24 92.246.64.0/22 maxlen: 24 185.243.164.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/0b8373-0c2c-4b06-bf69-afbf4ecf2b50/1/wWFXjOD_N_BsJjYuosY1e5hjO3A.crl rsync://rpki.ripe.net/repository/DEFAULT/40/0b8373-0c2c-4b06-bf69-afbf4ecf2b50/1/wWFXjOD_N_BsJjYuosY1e5hjO3A.mft rsync://rpki.ripe.net/repository/DEFAULT/wWFXjOD_N_BsJjYuosY1e5hjO3A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:e0:91:42:80:15:2c:fa:a7:74:f3:8a:d9:a9:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c161578ce0ff37f06c26362ea2c6357b98633b70 Validity Not Before: Jan 2 16:21:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1c499a38d4bee00c9f74a4ae86ac59d5e5cf0ef0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:80:e5:f7:9e:f0:40:af:d2:f4:b1:45:ad:fd: f5:33:1a:b0:55:e7:d4:a7:a9:63:4e:29:0a:dd:2b: 55:fe:63:6f:e8:21:13:ac:db:5b:1e:da:62:1c:fd: 6f:0e:9f:f1:a2:ae:c3:92:bf:ee:10:dc:99:e6:da: 52:98:ca:70:7a:ea:ae:49:5d:2d:6c:1c:0f:06:ae: dc:61:75:ff:38:ce:b9:e0:98:09:95:81:22:ea:e2: 2e:1c:02:2c:d8:97:16:1c:d1:4d:63:16:c1:9a:32: 67:61:99:37:05:0d:69:d2:a7:88:35:61:c6:a6:de: 69:e3:7d:e8:da:f5:eb:bd:8a:64:bb:ce:1d:cf:91: 38:0f:3b:ff:70:07:a9:d3:1e:eb:0a:fa:81:27:fe: 1e:87:05:b9:30:34:2d:d9:fd:55:13:39:c6:b3:55: 54:93:18:4c:b8:b6:53:40:5d:93:64:54:ef:1a:19: 2c:53:3c:32:06:0f:fd:52:16:1e:ea:4c:32:67:91: e3:c6:96:e9:11:8c:14:90:8b:87:41:47:be:6b:4d: 37:4e:24:b6:55:53:17:92:7d:72:cb:35:50:48:96: 6f:f1:ca:46:45:11:40:f0:f9:ff:a9:a7:a3:77:c6: 45:c0:d1:0d:17:8e:60:22:96:a2:f1:32:7b:86:51: 14:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:49:9A:38:D4:BE:E0:0C:9F:74:A4:AE:86:AC:59:D5:E5:CF:0E:F0 X509v3 Authority Key Identifier: keyid:C1:61:57:8C:E0:FF:37:F0:6C:26:36:2E:A2:C6:35:7B:98:63:3B:70 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wWFXjOD_N_BsJjYuosY1e5hjO3A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0b8373-0c2c-4b06-bf69-afbf4ecf2b50/1/HEmaONS-4AyfdKSuhqxZ1eXPDvA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0b8373-0c2c-4b06-bf69-afbf4ecf2b50/1/wWFXjOD_N_BsJjYuosY1e5hjO3A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.148.84.0/22 92.246.64.0/22 185.243.164.0/22 Signature Algorithm: sha256WithRSAEncryption 15:8d:78:1e:22:0a:8f:96:6c:40:47:ef:54:0c:32:d4:cd:de: 57:7f:db:a6:7c:bb:3f:db:51:68:0e:42:35:72:02:dd:b4:1e: 50:46:44:08:0c:fa:4e:fc:61:55:f7:3c:8d:ef:63:3c:8c:cd: 74:06:ab:70:9f:eb:e4:e4:ea:d2:75:44:3a:e0:25:63:2c:36: e5:82:ef:b9:54:8c:f8:fa:95:2d:8a:bc:a2:3f:69:b0:fe:5b: cf:08:1a:3f:c3:b4:81:61:05:8e:1f:c9:1e:d0:2d:57:6e:b6: 76:26:74:c9:01:96:cd:ca:a4:7a:89:31:bc:6e:51:00:9d:35: 22:81:a4:e8:40:64:05:98:6a:6a:62:18:96:eb:23:1b:d4:20: a2:bb:a3:d5:23:66:a3:a1:6f:65:ec:d2:50:c9:77:71:de:31: 2e:b3:18:e2:53:00:a7:59:de:8e:9b:a4:c7:0a:34:3b:4d:fb: 20:f6:2d:dc:ec:b9:e6:36:6d:80:b1:65:0d:52:d2:87:04:51: d4:d2:22:1c:b3:bb:05:f9:00:49:78:cd:00:f2:b7:34:a0:66: bc:2b:f2:63:2f:69:93:50:b9:90:c0:84:38:c0:33:c0:4c:93: 43:8a:4b:cd:ea:fb:01:77:85:6c:12:38:bf:68:9c:fc:02:f4: 31:a8:33:8e -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt/g+CRQoAVLPqndPOK2aknMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGMxNjE1NzhjZTBmZjM3ZjA2YzI2MzYyZWEyYzYzNTdiOTg2 MzNiNzAwHhcNMjYwMTAyMTYyMTQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxYzQ5OWEzOGQ0YmVlMDBjOWY3NGE0YWU4NmFjNTlkNWU1Y2YwZWYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0IDl957wQK/S9LFFrf31MxqwVefU p6ljTikK3StV/mNv6CETrNtbHtpiHP1vDp/xoq7Dkr/uENyZ5tpSmMpweuquSV0t bBwPBq7cYXX/OM654JgJlYEi6uIuHAIs2JcWHNFNYxbBmjJnYZk3BQ1p0qeINWHG pt5p433o2vXrvYpku84dz5E4Dzv/cAep0x7rCvqBJ/4ehwW5MDQt2f1VEznGs1VU kxhMuLZTQF2TZFTvGhksUzwyBg/9UhYe6kwyZ5HjxpbpEYwUkIuHQUe+a003TiS2 VVMXkn1yyzVQSJZv8cpGRRFA8Pn/qaejd8ZFwNENF45gIpai8TJ7hlEUcwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFBxJmjjUvuAMn3SkroasWdXlzw7wMB8GA1UdIwQY MBaAFMFhV4zg/zfwbCY2LqLGNXuYYztwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvd1dGWGpPRF9OX0JzSmpZdW9zWTFlNWhqTzNBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wYjgzNzMtMGMyYy00YjA2LWJmNjkt YWZiZjRlY2YyYjUwLzEvSEVtYU9OUy00QXlmZEtTdWhxeFoxZVhQRHZBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC8wYjgzNzMtMGMyYy00YjA2LWJmNjktYWZiZjRlY2YyYjUw LzEvd1dGWGpPRF9OX0JzSmpZdW9zWTFlNWhqTzNBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZRUAwQC XPZAAwQCufOkMA0GCSqGSIb3DQEBCwUAA4IBAQAVjXgeIgqPlmxAR+9UDDLUzd5X f9umfLs/21FoDkI1cgLdtB5QRkQIDPpO/GFV9zyN72M8jM10Bqtwn+vk5OrSdUQ6 4CVjLDblgu+5VIz4+pUtiryiP2mw/lvPCBo/w7SBYQWOH8ke0C1XbrZ2JnTJAZbN yqR6iTG8blEAnTUigaToQGQFmGpqYhiW6yMb1CCiu6PVI2ajoW9l7NJQyXdx3jEu sxjiUwCnWd6Om6THCjQ7Tfsg9i3c7LnmNm2AsWUNUtKHBFHU0iIcs7sF+QBJeM0A 8rc0oGa8K/JjL2mTULmQwIQ4wDPATJNDikvN6vsBd4VsEji/aJz8AvQxqDOO -----END CERTIFICATE-----Generated at Tue Feb 10 02:28:28 2026 by rpki-client