This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/649aeb-78dd-422f-89c6-5538dc0bb099/1/0HZFumgyvQaDDTRTrqWFDMHfuo8.roa File: 0HZFumgyvQaDDTRTrqWFDMHfuo8.roa (raw, json) Hash identifier: 99s+y069IP+8cLI0Fct7Tuh7Nr9yOVSbyI/w/nS1ohM= Subject key identifier: D0:76:45:BA:68:32:BD:06:83:0D:34:53:AE:A5:85:0C:C1:DF:BA:8F Certificate issuer: /CN=edc22138c0af81c5cbf43a4f8ddd7c8de13c7230 Certificate serial: 019B7B3677F3DB6FCF283C5EB3022E0D3294 Authority key identifier: ED:C2:21:38:C0:AF:81:C5:CB:F4:3A:4F:8D:DD:7C:8D:E1:3C:72:30 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7cIhOMCvgcXL9DpPjd18jeE8cjA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/649aeb-78dd-422f-89c6-5538dc0bb099/1/0HZFumgyvQaDDTRTrqWFDMHfuo8.roa Signing time: Thu 01 Jan 2026 20:18:45 +0000 ROA not before: Thu 01 Jan 2026 20:18:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20704 IP address blocks: 81.92.240.0/22 maxlen: 24 217.196.64.0/19 maxlen: 20 2001:1408::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/649aeb-78dd-422f-89c6-5538dc0bb099/1/7cIhOMCvgcXL9DpPjd18jeE8cjA.crl rsync://rpki.ripe.net/repository/DEFAULT/da/649aeb-78dd-422f-89c6-5538dc0bb099/1/7cIhOMCvgcXL9DpPjd18jeE8cjA.mft rsync://rpki.ripe.net/repository/DEFAULT/7cIhOMCvgcXL9DpPjd18jeE8cjA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:77:f3:db:6f:cf:28:3c:5e:b3:02:2e:0d:32:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=edc22138c0af81c5cbf43a4f8ddd7c8de13c7230 Validity Not Before: Jan 1 20:18:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d07645ba6832bd06830d3453aea5850cc1dfba8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:51:2f:67:69:47:a7:da:06:ab:35:00:b8:86: 60:e8:b2:30:e7:df:43:66:e1:fd:44:82:10:85:a4: ad:c6:f6:f1:27:e3:5c:43:06:51:01:1f:5f:97:7a: 50:5f:d9:d0:46:d2:9d:8f:2a:9b:bd:c9:41:59:06: b7:fe:91:98:ca:c8:2e:b0:bb:e2:6e:0e:34:5c:00: 3b:94:08:d5:c9:98:1d:12:99:c8:d5:a6:47:ce:1c: 37:10:e7:58:c1:8e:25:51:a1:82:c8:96:09:b9:f2: 50:d8:8f:63:41:14:8b:84:e9:59:63:81:7c:cc:17: 5f:04:08:bb:b4:a7:aa:7e:5d:09:64:cb:63:88:7e: 69:5b:0f:95:2f:ee:86:32:9d:5f:58:66:12:95:5f: bc:37:7f:c9:d3:2d:1d:38:2b:c2:22:df:cf:ec:aa: 3a:f7:ed:f2:0a:93:36:4f:85:83:0b:4c:82:03:47: 3c:92:9c:39:7b:89:6e:b1:4e:11:e3:82:7e:9f:f0: ba:ae:7a:f4:36:b1:9d:50:60:c7:52:95:aa:43:35: fa:f5:96:7b:c7:5d:2e:0d:16:24:48:dd:a7:1f:6d: 27:ba:17:28:c0:0d:12:42:f4:7a:34:c4:39:ba:62: e4:f2:35:17:3e:0a:9f:46:35:91:f2:a4:08:8b:16: 5f:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:76:45:BA:68:32:BD:06:83:0D:34:53:AE:A5:85:0C:C1:DF:BA:8F X509v3 Authority Key Identifier: keyid:ED:C2:21:38:C0:AF:81:C5:CB:F4:3A:4F:8D:DD:7C:8D:E1:3C:72:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7cIhOMCvgcXL9DpPjd18jeE8cjA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/649aeb-78dd-422f-89c6-5538dc0bb099/1/0HZFumgyvQaDDTRTrqWFDMHfuo8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/649aeb-78dd-422f-89c6-5538dc0bb099/1/7cIhOMCvgcXL9DpPjd18jeE8cjA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.92.240.0/22 217.196.64.0/19 IPv6: 2001:1408::/32 Signature Algorithm: sha256WithRSAEncryption 12:c4:bc:fd:9e:95:32:04:c1:80:fc:6d:89:77:1c:77:f4:8c: 9e:00:19:ab:b9:93:d0:ea:14:f8:5d:ea:27:d7:26:d4:6d:f6: 35:b7:0d:74:d2:1c:c8:ab:67:3c:2e:cb:55:02:ec:bf:65:a4: 3e:c7:0a:a9:dd:05:c4:b3:b4:8c:6c:b2:11:2a:42:32:7b:d0: f8:48:72:78:c0:6e:bf:80:6e:22:ab:c2:8f:07:a8:1b:b4:d6: 30:0f:37:54:31:1c:e8:6d:e4:4b:69:d8:6f:0f:46:6f:a7:18: 2a:2f:50:1a:a7:9e:25:95:44:4a:4c:c6:69:16:ed:8a:1b:d3: 40:94:85:ff:9a:18:8f:c8:16:67:71:a4:74:db:fb:e4:21:74: 0a:89:99:82:01:49:b3:d4:55:1e:ec:00:3d:34:68:50:9d:a3: f8:b2:4f:76:e3:dc:56:34:b8:75:51:6f:99:06:7d:08:84:13: ca:0a:b7:f5:b6:81:13:48:28:f8:f1:f4:88:27:26:de:be:0f: 40:65:46:47:c4:cd:f1:22:4f:45:b9:2a:7a:f8:68:55:be:d7: 44:62:c4:47:fc:bb:a5:3d:d7:dd:56:c2:31:e8:e3:37:ad:de: 69:8d:ac:81:12:94:60:d8:03:69:e4:b1:64:fc:a3:ed:cb:ee: 3b:88:3d:c8 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt7Nnfz22/PKDxeswIuDTKUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVkYzIyMTM4YzBhZjgxYzVjYmY0M2E0ZjhkZGQ3YzhkZTEz YzcyMzAwHhcNMjYwMTAxMjAxODQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMDc2NDViYTY4MzJiZDA2ODMwZDM0NTNhZWE1ODUwY2MxZGZiYThmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVEvZ2lHp9oGqzUAuIZg6LIw599D ZuH9RIIQhaStxvbxJ+NcQwZRAR9fl3pQX9nQRtKdjyqbvclBWQa3/pGYysgusLvi bg40XAA7lAjVyZgdEpnI1aZHzhw3EOdYwY4lUaGCyJYJufJQ2I9jQRSLhOlZY4F8 zBdfBAi7tKeqfl0JZMtjiH5pWw+VL+6GMp1fWGYSlV+8N3/J0y0dOCvCIt/P7Ko6 9+3yCpM2T4WDC0yCA0c8kpw5e4lusU4R44J+n/C6rnr0NrGdUGDHUpWqQzX69ZZ7 x10uDRYkSN2nH20nuhcowA0SQvR6NMQ5umLk8jUXPgqfRjWR8qQIixZfNQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFNB2RbpoMr0Ggw00U66lhQzB37qPMB8GA1UdIwQY MBaAFO3CITjAr4HFy/Q6T43dfI3hPHIwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvN2NJaE9NQ3ZnY1hMOURwUGpkMThqZUU4Y2pBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82NDlhZWItNzhkZC00MjJmLTg5YzYt NTUzOGRjMGJiMDk5LzEvMEhaRnVtZ3l2UWFERFRSVHJxV0ZETUhmdW84LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS82NDlhZWItNzhkZC00MjJmLTg5YzYtNTUzOGRjMGJiMDk5 LzEvN2NJaE9NQ3ZnY1hMOURwUGpkMThqZUU4Y2pBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCUVzwAwQF 2cRAMA0EAgACMAcDBQAgARQIMA0GCSqGSIb3DQEBCwUAA4IBAQASxLz9npUyBMGA /G2Jdxx39IyeABmruZPQ6hT4Xeon1ybUbfY1tw100hzIq2c8LstVAuy/ZaQ+xwqp 3QXEs7SMbLIRKkIye9D4SHJ4wG6/gG4iq8KPB6gbtNYwDzdUMRzobeRLadhvD0Zv pxgqL1Aap54llURKTMZpFu2KG9NAlIX/mhiPyBZncaR02/vkIXQKiZmCAUmz1FUe 7AA9NGhQnaP4sk9249xWNLh1UW+ZBn0IhBPKCrf1toETSCj48fSIJybevg9AZUZH xM3xIk9FuSp6+GhVvtdEYsRH/LulPdfdVsIx6OM3rd5pjayBEpRg2ANp5LFk/KPt y+47iD3I -----END CERTIFICATE-----Generated at Tue Feb 10 01:44:23 2026 by rpki-client