This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/hegEslKsgUN8EfSljeWho5LH9AA.roa File: hegEslKsgUN8EfSljeWho5LH9AA.roa (raw, json) Hash identifier: 7FUVQSpJvZtjHYpEYQtMbItOT8EfPhZLjylSV3d45Mk= Subject key identifier: 85:E8:04:B2:52:AC:81:43:7C:11:F4:A5:8D:E5:A1:A3:92:C7:F4:00 Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec Certificate serial: 019B7A5AB6C73372CD7BA1DD7318730076C8 Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/hegEslKsgUN8EfSljeWho5LH9AA.roa Signing time: Thu 01 Jan 2026 16:18:43 +0000 ROA not before: Thu 01 Jan 2026 16:18:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207252 IP address blocks: 37.114.36.0/24 maxlen: 24 37.114.39.0/24 maxlen: 24 37.114.40.0/24 maxlen: 24 37.114.58.0/24 maxlen: 24 43.251.160.0/24 maxlen: 24 43.251.161.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.mft rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:02:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:b6:c7:33:72:cd:7b:a1:dd:73:18:73:00:76:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec Validity Not Before: Jan 1 16:18:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=85e804b252ac81437c11f4a58de5a1a392c7f400 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:c9:a0:69:27:41:5b:b4:98:b8:36:45:64:38: ef:bd:a8:c7:67:5f:ce:74:f0:b5:cc:b9:1a:bf:67: ca:4e:1e:d6:17:16:05:8b:6f:82:8f:51:88:5b:c9: 0f:53:21:de:19:c4:df:11:5d:cd:4c:66:2c:5e:b3: 71:5d:e3:1b:07:cf:68:8a:ed:a4:2d:05:78:c5:3e: 2d:00:97:be:ff:1a:f1:62:b1:45:ae:86:95:13:f2: ab:dc:d3:2e:a0:9d:fb:ed:26:94:ac:15:30:54:67: f6:bf:f5:71:a0:61:11:1a:96:0f:9e:b2:3f:9d:85: 3d:2a:10:40:81:9f:17:54:f1:3f:d8:68:17:03:71: 84:f8:3b:29:49:6a:a7:a5:cc:66:6f:eb:50:3d:cc: 12:db:5a:4b:63:8d:89:d7:77:e8:ee:1b:6e:ee:8f: 31:62:e8:ec:ab:fc:8d:8b:8d:56:6d:6d:7d:c9:e0: a9:40:6c:77:b3:40:f6:71:62:94:5f:a7:a6:bb:0a: 32:e9:50:e3:8e:a2:43:b0:da:74:a0:e4:f1:9f:e9: 7a:7e:09:d0:b7:6d:4a:8f:63:ca:15:56:e1:86:36: 0c:b1:b6:cb:a1:07:74:4d:61:48:15:da:ac:2f:dc: 93:d5:5f:f7:5b:f1:70:e3:af:06:65:7d:53:fb:2e: be:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:E8:04:B2:52:AC:81:43:7C:11:F4:A5:8D:E5:A1:A3:92:C7:F4:00 X509v3 Authority Key Identifier: keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/hegEslKsgUN8EfSljeWho5LH9AA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.114.36.0/24 37.114.39.0-37.114.40.255 37.114.58.0/24 43.251.160.0/23 Signature Algorithm: sha256WithRSAEncryption 61:e7:cd:dd:69:79:6e:c9:3a:46:64:0d:34:fd:37:be:9c:ab: 50:7e:ed:d4:3c:61:e0:fa:89:2c:cb:f4:f7:56:7c:ab:42:c2: 5f:0b:1e:a4:ac:62:45:61:13:e8:56:11:67:c3:aa:fa:56:9f: 36:c6:89:77:e0:59:e7:f0:f6:67:fa:f5:4a:5d:ae:44:73:07: 42:b1:01:40:d9:47:8a:0c:9b:55:ae:56:e1:5c:d0:b0:bf:96: e4:ed:12:57:51:a3:df:e8:06:cf:bf:02:a1:3c:52:88:40:2b: 1f:18:39:fc:7d:1a:c1:e1:a8:bb:3b:bf:f6:0f:65:8d:e2:d6: 06:a0:85:30:61:ce:a2:fd:e3:99:45:bf:0a:01:f9:ce:ea:07: b6:76:27:4d:34:cc:ce:e4:07:87:23:7e:e8:83:2b:4e:93:63: 24:45:15:6f:09:e3:26:4d:75:21:89:5e:98:92:b4:c6:86:9e: de:7d:c9:6c:c1:36:b2:cc:91:7c:f6:d1:ad:68:84:44:47:4b: 9f:52:6d:4a:2c:1a:9f:ae:1b:ba:34:23:41:f4:86:b8:05:2d: 97:69:0e:5e:62:db:3c:57:3b:c1:28:49:1a:04:94:d5:01:78: 2f:7f:0b:75:21:09:a9:fb:cb:55:b0:46:0d:a7:d7:96:22:a1: f5:92:54:08 -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZt6WrbHM3LNe6HdcxhzAHbIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj YmU3ZWMwHhcNMjYwMTAxMTYxODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NWU4MDRiMjUyYWM4MTQzN2MxMWY0YTU4ZGU1YTFhMzkyYzdmNDAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5MmgaSdBW7SYuDZFZDjvvajHZ1/O dPC1zLkav2fKTh7WFxYFi2+Cj1GIW8kPUyHeGcTfEV3NTGYsXrNxXeMbB89oiu2k LQV4xT4tAJe+/xrxYrFFroaVE/Kr3NMuoJ377SaUrBUwVGf2v/VxoGERGpYPnrI/ nYU9KhBAgZ8XVPE/2GgXA3GE+DspSWqnpcxmb+tQPcwS21pLY42J13fo7htu7o8x Yujsq/yNi41WbW19yeCpQGx3s0D2cWKUX6emuwoy6VDjjqJDsNp0oOTxn+l6fgnQ t21Kj2PKFVbhhjYMsbbLoQd0TWFIFdqsL9yT1V/3W/Fw468GZX1T+y6+3wIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFIXoBLJSrIFDfBH0pY3loaOSx/QAMB8GA1UdIwQY MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt MWI3Y2JiMDhkNzNmLzEvaGVnRXNsS3NnVU44RWZTbGplV2hvNUxIOUFBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAJXIkMAwD BAAlcicDBAAlcigDBAAlcjoDBAEr+6AwDQYJKoZIhvcNAQELBQADggEBAGHnzd1p eW7JOkZkDTT9N76cq1B+7dQ8YeD6iSzL9PdWfKtCwl8LHqSsYkVhE+hWEWfDqvpW nzbGiXfgWefw9mf69UpdrkRzB0KxAUDZR4oMm1WuVuFc0LC/luTtEldRo9/oBs+/ AqE8UohAKx8YOfx9GsHhqLs7v/YPZY3i1gaghTBhzqL945lFvwoB+c7qB7Z2J000 zM7kB4cjfuiDK06TYyRFFW8J4yZNdSGJXpiStMaGnt59yWzBNrLMkXz20a1ohERH S59SbUosGp+uG7o0I0H0hrgFLZdpDl5i2zxXO8EoSRoElNUBeC9/C3UhCan7y1Ww Rg2n15YiofWSVAg= -----END CERTIFICATE-----Generated at Mon Jan 19 23:20:31 2026 by rpki-client