This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/b49f81-8536-4a67-899f-d5e63856d55d/1/Hj67j6_r_LN0ZjHifiVHCQLOtBI.roa File: Hj67j6_r_LN0ZjHifiVHCQLOtBI.roa (raw, json) Hash identifier: fDsmb4ofN0jQCDB6v5YaSdvL9yBsZrzWGWfWx7hXpeE= Subject key identifier: 1E:3E:BB:8F:AF:EB:FC:B3:74:66:31:E2:7E:25:47:09:02:CE:B4:12 Certificate issuer: /CN=c285a1474e38627e301a551be34efa4582a5cf39 Certificate serial: 019B7EA4D12905ACA8CE621898D0EEEE6B13 Authority key identifier: C2:85:A1:47:4E:38:62:7E:30:1A:55:1B:E3:4E:FA:45:82:A5:CF:39 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/woWhR044Yn4wGlUb4076RYKlzzk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/b49f81-8536-4a67-899f-d5e63856d55d/1/Hj67j6_r_LN0ZjHifiVHCQLOtBI.roa Signing time: Fri 02 Jan 2026 12:18:09 +0000 ROA not before: Fri 02 Jan 2026 12:18:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201822 IP address blocks: 81.173.42.0/24 maxlen: 24 185.62.160.0/23 maxlen: 23 2a03:521::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/b49f81-8536-4a67-899f-d5e63856d55d/1/woWhR044Yn4wGlUb4076RYKlzzk.crl rsync://rpki.ripe.net/repository/DEFAULT/8b/b49f81-8536-4a67-899f-d5e63856d55d/1/woWhR044Yn4wGlUb4076RYKlzzk.mft rsync://rpki.ripe.net/repository/DEFAULT/woWhR044Yn4wGlUb4076RYKlzzk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a4:d1:29:05:ac:a8:ce:62:18:98:d0:ee:ee:6b:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c285a1474e38627e301a551be34efa4582a5cf39 Validity Not Before: Jan 2 12:18:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1e3ebb8fafebfcb3746631e27e25470902ceb412 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:a6:63:b1:06:ee:b9:7a:a2:7f:82:01:d0:ab: 8a:1c:74:a2:d5:ff:d3:32:e4:09:59:9a:f8:e9:ec: da:a9:02:1d:98:1e:5a:08:64:ea:cd:c1:29:a6:a5: cd:1f:09:40:ab:2e:1f:e4:9f:a7:91:08:04:aa:ec: 0b:60:81:6b:cf:05:5e:a8:28:a0:dc:39:6c:e9:28: 5c:f9:bb:d1:a6:63:72:8e:72:80:db:96:6d:e8:dc: a0:c4:a4:de:a2:08:8c:0d:c9:fa:92:9c:d3:c6:76: 72:2a:0a:46:bd:c6:0c:eb:5e:30:4a:91:17:1d:60: 20:6e:d3:05:48:e5:b2:e4:2d:91:b9:ad:0d:6a:cd: 84:b4:82:f1:30:bf:39:5a:d8:5b:51:7b:24:db:8d: a0:6e:5a:6c:1c:2f:5c:95:74:08:f8:ef:52:94:c3: dc:ec:37:b2:43:0d:d5:8b:25:31:c4:75:b8:f5:1d: 0a:58:24:74:3c:8f:87:5b:04:b4:b1:36:d3:02:d3: a9:d1:72:62:63:ab:90:62:c2:3e:90:e8:ec:db:45: 92:aa:ca:c8:e1:61:17:ed:e8:86:36:b6:28:35:bf: c8:58:08:5b:eb:2e:95:90:22:44:f2:25:68:df:11: 8b:8c:70:20:57:26:c8:c7:1d:da:b0:07:a1:72:e4: ac:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:3E:BB:8F:AF:EB:FC:B3:74:66:31:E2:7E:25:47:09:02:CE:B4:12 X509v3 Authority Key Identifier: keyid:C2:85:A1:47:4E:38:62:7E:30:1A:55:1B:E3:4E:FA:45:82:A5:CF:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/woWhR044Yn4wGlUb4076RYKlzzk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/b49f81-8536-4a67-899f-d5e63856d55d/1/Hj67j6_r_LN0ZjHifiVHCQLOtBI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/b49f81-8536-4a67-899f-d5e63856d55d/1/woWhR044Yn4wGlUb4076RYKlzzk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.173.42.0/24 185.62.160.0/23 IPv6: 2a03:521::/32 Signature Algorithm: sha256WithRSAEncryption 24:66:77:a3:54:3e:a9:d7:b2:04:e7:e9:2f:b3:df:51:36:bd: f5:80:0d:d3:04:d9:60:1f:9a:71:9b:83:9d:5d:0f:9d:0f:8e: 4d:f8:ef:1f:e0:3f:51:9d:9b:88:4d:63:3b:5c:e2:e2:4c:88: 94:7c:f1:b8:be:89:26:90:14:8f:14:01:b7:a7:ed:cb:0d:7a: 6f:9c:25:ab:6a:17:33:73:52:db:48:86:91:22:ab:6d:8b:c1: b8:2e:55:06:82:1c:27:eb:31:6e:79:66:0b:fd:07:b1:8c:4b: df:d7:b6:35:2a:3f:5a:c3:b0:f5:e7:df:4f:0f:97:13:45:24: db:f6:5a:42:7e:01:e4:ee:f0:8c:d9:9b:09:d9:fc:5f:a0:ae: 61:d8:06:07:12:3e:15:8d:cf:d7:de:9f:97:06:a3:e1:73:1a: f8:29:76:d8:04:65:b0:bd:5b:4e:cb:ec:68:e8:fe:15:76:d1: ad:ea:5d:d3:be:ef:cd:b7:7b:b1:27:ae:6e:1b:d8:a9:37:39: 18:91:b3:cc:4f:2d:9c:72:30:44:c4:f3:d0:ed:85:7a:d6:16: eb:02:bc:fe:3b:10:a2:43:01:11:47:a2:38:96:81:d6:74:e4: 03:ec:72:f0:9f:8a:19:32:bd:74:64:99:86:3b:c8:7b:56:1b: 4e:93:77:d5 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt+pNEpBayozmIYmNDu7msTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGMyODVhMTQ3NGUzODYyN2UzMDFhNTUxYmUzNGVmYTQ1ODJh NWNmMzkwHhcNMjYwMTAyMTIxODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZTNlYmI4ZmFmZWJmY2IzNzQ2NjMxZTI3ZTI1NDcwOTAyY2ViNDEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqZjsQbuuXqif4IB0KuKHHSi1f/T MuQJWZr46ezaqQIdmB5aCGTqzcEppqXNHwlAqy4f5J+nkQgEquwLYIFrzwVeqCig 3Dls6Shc+bvRpmNyjnKA25Zt6NygxKTeogiMDcn6kpzTxnZyKgpGvcYM614wSpEX HWAgbtMFSOWy5C2Rua0Nas2EtILxML85WthbUXsk242gblpsHC9clXQI+O9SlMPc 7DeyQw3ViyUxxHW49R0KWCR0PI+HWwS0sTbTAtOp0XJiY6uQYsI+kOjs20WSqsrI 4WEX7eiGNrYoNb/IWAhb6y6VkCJE8iVo3xGLjHAgVybIxx3asAehcuSsxQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFB4+u4+v6/yzdGYx4n4lRwkCzrQSMB8GA1UdIwQY MBaAFMKFoUdOOGJ+MBpVG+NO+kWCpc85MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvd29XaFIwNDRZbjR3R2xVYjQwNzZSWUtsenprLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9iNDlmODEtODUzNi00YTY3LTg5OWYt ZDVlNjM4NTZkNTVkLzEvSGo2N2o2X3JfTE4wWmpIaWZpVkhDUUxPdEJJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yi9iNDlmODEtODUzNi00YTY3LTg5OWYtZDVlNjM4NTZkNTVk LzEvd29XaFIwNDRZbjR3R2xVYjQwNzZSWUtsenprLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAUa0qAwQB uT6gMA0EAgACMAcDBQAqAwUhMA0GCSqGSIb3DQEBCwUAA4IBAQAkZnejVD6p17IE 5+kvs99RNr31gA3TBNlgH5pxm4OdXQ+dD45N+O8f4D9RnZuITWM7XOLiTIiUfPG4 vokmkBSPFAG3p+3LDXpvnCWrahczc1LbSIaRIqtti8G4LlUGghwn6zFueWYL/Qex jEvf17Y1Kj9aw7D1599PD5cTRSTb9lpCfgHk7vCM2ZsJ2fxfoK5h2AYHEj4Vjc/X 3p+XBqPhcxr4KXbYBGWwvVtOy+xo6P4VdtGt6l3Tvu/Nt3uxJ65uG9ipNzkYkbPM Ty2ccjBExPPQ7YV61hbrArz+OxCiQwERR6I4loHWdOQD7HLwn4oZMr10ZJmGO8h7 VhtOk3fV -----END CERTIFICATE-----Generated at Mon Feb 9 20:59:59 2026 by rpki-client