This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/014f47-628b-4fb8-b344-a409e22a243e/1/hulhdN0Qn-peYoW5Is6weOEdrhI.roa File: hulhdN0Qn-peYoW5Is6weOEdrhI.roa (raw, json) Hash identifier: s79WL7wCJTobjZ+5yZurGdhzF/MfqEzBAkYlfeNPrEU= Subject key identifier: 86:E9:61:74:DD:10:9F:EA:5E:62:85:B9:22:CE:B0:78:E1:1D:AE:12 Certificate issuer: /CN=70a76929cbe21cedd94c012ba58bb0b6f129722e Certificate serial: 019B7FF2587EFAEC9739FD78D21FF54B7EDC Authority key identifier: 70:A7:69:29:CB:E2:1C:ED:D9:4C:01:2B:A5:8B:B0:B6:F1:29:72:2E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cKdpKcviHO3ZTAErpYuwtvEpci4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/014f47-628b-4fb8-b344-a409e22a243e/1/hulhdN0Qn-peYoW5Is6weOEdrhI.roa Signing time: Fri 02 Jan 2026 18:22:27 +0000 ROA not before: Fri 02 Jan 2026 18:22:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60785 IP address blocks: 185.25.224.0/22 maxlen: 22 185.25.224.0/24 maxlen: 24 185.25.225.0/24 maxlen: 24 185.25.227.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/014f47-628b-4fb8-b344-a409e22a243e/1/cKdpKcviHO3ZTAErpYuwtvEpci4.crl rsync://rpki.ripe.net/repository/DEFAULT/c0/014f47-628b-4fb8-b344-a409e22a243e/1/cKdpKcviHO3ZTAErpYuwtvEpci4.mft rsync://rpki.ripe.net/repository/DEFAULT/cKdpKcviHO3ZTAErpYuwtvEpci4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 03 Feb 2026 12:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:58:7e:fa:ec:97:39:fd:78:d2:1f:f5:4b:7e:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=70a76929cbe21cedd94c012ba58bb0b6f129722e Validity Not Before: Jan 2 18:22:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=86e96174dd109fea5e6285b922ceb078e11dae12 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:79:1b:77:ba:29:3e:3a:7e:8a:ce:6d:e4:93: 1f:66:d1:fb:00:ce:50:27:76:c2:d3:02:5c:4d:18: 11:99:4e:72:f9:64:e2:ab:8b:95:17:74:09:8c:ea: 63:a5:4d:f3:23:39:a5:25:d0:73:5f:ee:a1:b6:d7: 6f:e5:44:1a:d7:75:35:72:bf:1e:5f:43:b1:30:18: 9f:24:7b:38:46:b6:48:48:39:2a:6e:b3:7a:68:5e: 8a:c3:d0:69:32:0c:92:31:fc:c7:b5:70:9c:df:47: 59:12:c5:30:62:10:84:47:9a:80:c7:5c:9d:c3:60: 5b:da:d7:0c:bb:76:04:16:aa:b3:24:29:f0:2e:7a: aa:d3:21:5e:bc:cf:65:db:6a:b5:bf:2e:80:0c:a4: 76:e6:48:94:b9:a8:36:de:a1:df:bb:42:6a:ec:7c: 39:16:0b:bd:1b:9d:b2:25:bd:90:e9:ed:4f:32:d9: 97:f9:54:cd:e5:e0:50:03:7c:77:98:fd:43:9d:7b: af:f6:15:b7:76:05:70:93:7c:e2:25:78:84:5c:f1: 2b:5b:99:99:a3:8f:80:57:fc:d4:68:c2:6c:71:89: a7:cc:b2:79:d1:66:53:f6:57:64:16:78:f4:86:38: fd:02:6d:23:c3:ed:5a:ff:e4:fd:d3:31:15:ae:b4: c0:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:E9:61:74:DD:10:9F:EA:5E:62:85:B9:22:CE:B0:78:E1:1D:AE:12 X509v3 Authority Key Identifier: keyid:70:A7:69:29:CB:E2:1C:ED:D9:4C:01:2B:A5:8B:B0:B6:F1:29:72:2E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cKdpKcviHO3ZTAErpYuwtvEpci4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/014f47-628b-4fb8-b344-a409e22a243e/1/hulhdN0Qn-peYoW5Is6weOEdrhI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/014f47-628b-4fb8-b344-a409e22a243e/1/cKdpKcviHO3ZTAErpYuwtvEpci4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.25.224.0/22 Signature Algorithm: sha256WithRSAEncryption 40:c7:a3:e7:d0:32:54:a3:c5:e0:02:91:60:61:09:c0:aa:31: 4d:82:9d:73:ac:70:ef:0b:ec:9a:18:66:a2:53:88:7f:76:b7: 1d:7f:14:53:03:b5:cd:af:22:3b:b4:c2:a2:ff:90:b0:52:a9: 53:2c:0a:77:2d:ac:f9:b2:14:4f:b3:29:3b:73:33:02:bd:bd: cc:e8:e7:97:4b:25:94:aa:36:b5:dd:1c:8e:ca:cc:69:98:87: cd:85:a3:0b:59:52:e0:a8:0c:97:73:16:09:2d:14:27:b0:af: a6:6e:a4:e5:db:00:db:ff:4d:97:9d:d2:2c:12:41:92:4f:f3: 12:0e:b5:d3:1f:38:54:92:ca:7c:89:7d:82:e4:3c:4a:24:f1: 77:49:fa:94:ec:ed:2c:23:9c:4f:4e:39:e0:b6:e5:23:f3:ee: 6a:e9:df:e6:f3:22:0a:89:ca:ce:c8:cd:73:7d:9b:97:67:50: 24:20:fb:a3:df:5d:da:b1:6a:de:29:11:5b:05:e9:58:6f:d4: 3e:82:00:bf:8e:21:50:02:6e:eb:67:b7:3e:7c:81:1a:39:91: ce:29:1f:5b:ca:32:f8:4a:c6:c3:95:f9:bc:aa:e8:3b:91:3b: 85:57:56:ca:e0:ff:f4:81:50:0e:53:b1:ae:c8:b1:6e:51:e5: 4d:c2:71:7f -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/8lh++uyXOf140h/1S37cMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwYTc2OTI5Y2JlMjFjZWRkOTRjMDEyYmE1OGJiMGI2ZjEy OTcyMmUwHhcNMjYwMTAyMTgyMjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NmU5NjE3NGRkMTA5ZmVhNWU2Mjg1YjkyMmNlYjA3OGUxMWRhZTEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA43kbd7opPjp+is5t5JMfZtH7AM5Q J3bC0wJcTRgRmU5y+WTiq4uVF3QJjOpjpU3zIzmlJdBzX+6httdv5UQa13U1cr8e X0OxMBifJHs4RrZISDkqbrN6aF6Kw9BpMgySMfzHtXCc30dZEsUwYhCER5qAx1yd w2Bb2tcMu3YEFqqzJCnwLnqq0yFevM9l22q1vy6ADKR25kiUuag23qHfu0Jq7Hw5 Fgu9G52yJb2Q6e1PMtmX+VTN5eBQA3x3mP1DnXuv9hW3dgVwk3ziJXiEXPErW5mZ o4+AV/zUaMJscYmnzLJ50WZT9ldkFnj0hjj9Am0jw+1a/+T90zEVrrTAhwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFIbpYXTdEJ/qXmKFuSLOsHjhHa4SMB8GA1UdIwQY MBaAFHCnaSnL4hzt2UwBK6WLsLbxKXIuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY0tkcEtjdmlITzNaVEFFcnBZdXd0dkVwY2k0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8wMTRmNDctNjI4Yi00ZmI4LWIzNDQt YTQwOWUyMmEyNDNlLzEvaHVsaGROMFFuLXBlWW9XNUlzNndlT0VkcmhJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMC8wMTRmNDctNjI4Yi00ZmI4LWIzNDQtYTQwOWUyMmEyNDNl LzEvY0tkcEtjdmlITzNaVEFFcnBZdXd0dkVwY2k0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRngMA0G CSqGSIb3DQEBCwUAA4IBAQBAx6Pn0DJUo8XgApFgYQnAqjFNgp1zrHDvC+yaGGai U4h/drcdfxRTA7XNryI7tMKi/5CwUqlTLAp3Laz5shRPsyk7czMCvb3M6OeXSyWU qja13RyOysxpmIfNhaMLWVLgqAyXcxYJLRQnsK+mbqTl2wDb/02XndIsEkGST/MS DrXTHzhUksp8iX2C5DxKJPF3SfqU7O0sI5xPTjngtuUj8+5q6d/m8yIKicrOyM1z fZuXZ1AkIPuj313asWreKRFbBelYb9Q+ggC/jiFQAm7rZ7c+fIEaOZHOKR9byjL4 SsbDlfm8qug7kTuFV1bK4P/0gVAOU7GuyLFuUeVNwnF/ -----END CERTIFICATE-----Generated at Mon Feb 2 21:00:43 2026 by rpki-client