This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/ON6C2pvS6hmVRwsJ-yG2Z7HX0DI.roa File: ON6C2pvS6hmVRwsJ-yG2Z7HX0DI.roa (raw, json) Hash identifier: YV3NqE7L/oJrKr8cF/9+f6WfstcaqO76lbKU8IZ6YVc= Subject key identifier: 38:DE:82:DA:9B:D2:EA:19:95:47:0B:09:FB:21:B6:67:B1:D7:D0:32 Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da Certificate serial: 019B7E37D05D99119C17A935D518B3E1457C Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/ON6C2pvS6hmVRwsJ-yG2Z7HX0DI.roa Signing time: Fri 02 Jan 2026 10:19:05 +0000 ROA not before: Fri 02 Jan 2026 10:19:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 396356 IP address blocks: 14.102.53.0/24 maxlen: 24 158.173.219.0/24 maxlen: 24 212.32.68.0/24 maxlen: 24 212.32.69.0/24 maxlen: 24 212.32.72.0/24 maxlen: 24 213.254.161.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 24 Jan 2026 00:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:d0:5d:99:11:9c:17:a9:35:d5:18:b3:e1:45:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da Validity Not Before: Jan 2 10:19:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=38de82da9bd2ea1995470b09fb21b667b1d7d032 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:73:23:f5:43:78:01:45:74:29:5c:8e:19:16: 87:5d:72:02:81:b8:c6:29:80:a2:91:0c:06:37:0a: fa:af:26:bd:e5:a2:74:54:b5:b4:0d:9f:1f:79:a4: 0a:89:dd:27:84:20:fc:cd:d3:96:15:a5:85:18:89: 28:bc:20:6e:e2:98:e6:09:59:92:6a:d2:a1:99:b3: a3:8f:7f:d5:eb:17:72:11:d6:10:01:b9:cb:1b:d3: b2:e9:33:66:94:63:4c:45:9c:35:60:bf:76:c3:71: bd:87:d7:2e:6e:fa:04:11:9f:a0:6d:65:a9:1b:03: 81:b2:e2:3a:fc:cd:c0:52:90:df:ca:d8:be:d2:3e: 8a:54:5c:6a:d1:36:8d:29:57:67:47:35:cf:bf:ac: 87:4a:2f:0c:9b:10:bb:6c:82:3b:8f:98:cf:e9:9a: a6:2a:35:f6:4b:5d:7e:53:11:c7:4f:e5:dc:2a:3b: 25:29:48:a8:b1:0b:55:e8:5c:76:e1:e6:64:fa:16: f0:2c:6d:dc:1b:10:89:fe:8a:21:0f:c3:1a:5d:4c: eb:ce:12:ef:de:40:1f:5f:2b:9a:4c:7b:b7:ae:38: 7e:30:87:45:ed:d2:0e:8f:06:71:60:8c:bd:a6:13: 67:e7:ab:16:d5:72:68:82:15:cd:0e:f6:82:79:45: 53:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:DE:82:DA:9B:D2:EA:19:95:47:0B:09:FB:21:B6:67:B1:D7:D0:32 X509v3 Authority Key Identifier: keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/ON6C2pvS6hmVRwsJ-yG2Z7HX0DI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 14.102.53.0/24 158.173.219.0/24 212.32.68.0/23 212.32.72.0/24 213.254.161.0/24 Signature Algorithm: sha256WithRSAEncryption 15:d0:0d:52:dc:dc:fb:5b:f6:b6:bb:db:1b:c1:fe:da:8e:d9: ef:53:d2:2c:01:ef:6c:f9:43:b0:03:b8:ae:b2:e6:4f:e0:c5: 9a:08:df:14:7d:ae:e3:56:5d:80:d3:57:5a:19:e8:6a:e2:47: 70:8b:fe:a2:b4:b3:b9:3b:ed:d7:07:80:f1:f8:02:13:6e:bf: 7f:c1:f5:81:e6:a4:a3:8e:03:6e:f9:96:80:1a:de:a9:ba:c0: 8a:94:99:58:01:d2:2d:27:27:fc:07:36:d5:13:f0:ac:9a:49: b1:c3:da:24:b8:21:0b:5e:e0:7b:0d:aa:c9:4c:b4:3a:6e:de: 56:2c:9d:ce:ee:8d:a6:e5:76:1d:e5:53:de:4c:90:ed:01:d3: b8:76:33:63:e3:6e:f4:b7:13:44:7d:14:a5:5c:3d:a6:ba:b7: 84:b8:f2:6a:63:e5:4b:3f:5f:73:d6:b1:f3:2d:53:ce:97:4c: 2f:c6:fc:b9:5a:46:2f:c9:31:07:b4:49:61:71:3d:94:e3:76: 24:f1:22:5a:aa:f2:49:41:93:eb:f4:6d:d6:a2:bd:ed:eb:0a: dd:08:ff:ac:4e:ff:fd:d9:e9:81:05:cf:e9:37:d8:44:90:3a: 5e:02:c1:f6:d2:f4:0d:d8:0c:2a:71:92:b7:27:68:9c:35:eb: e2:da:4e:14 -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt+N9BdmRGcF6k11Riz4UV8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5 NTkyZGEwHhcNMjYwMTAyMTAxOTA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzOGRlODJkYTliZDJlYTE5OTU0NzBiMDlmYjIxYjY2N2IxZDdkMDMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3Mj9UN4AUV0KVyOGRaHXXICgbjG KYCikQwGNwr6rya95aJ0VLW0DZ8feaQKid0nhCD8zdOWFaWFGIkovCBu4pjmCVmS atKhmbOjj3/V6xdyEdYQAbnLG9Oy6TNmlGNMRZw1YL92w3G9h9cubvoEEZ+gbWWp GwOBsuI6/M3AUpDfyti+0j6KVFxq0TaNKVdnRzXPv6yHSi8MmxC7bII7j5jP6Zqm KjX2S11+UxHHT+XcKjslKUiosQtV6Fx24eZk+hbwLG3cGxCJ/oohD8MaXUzrzhLv 3kAfXyuaTHu3rjh+MIdF7dIOjwZxYIy9phNn56sW1XJoghXNDvaCeUVT8QIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFDjegtqb0uoZlUcLCfshtmex19AyMB8GA1UdIwQY MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt ZjVmYjcxYjlhNTFmLzEvT042QzJwdlM2aG1WUndzSi15RzJaN0hYMERJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQADmY1AwQA nq3bAwQB1CBEAwQA1CBIAwQA1f6hMA0GCSqGSIb3DQEBCwUAA4IBAQAV0A1S3Nz7 W/a2u9sbwf7ajtnvU9IsAe9s+UOwA7iusuZP4MWaCN8Ufa7jVl2A01daGehq4kdw i/6itLO5O+3XB4Dx+AITbr9/wfWB5qSjjgNu+ZaAGt6pusCKlJlYAdItJyf8BzbV E/Csmkmxw9okuCELXuB7DarJTLQ6bt5WLJ3O7o2m5XYd5VPeTJDtAdO4djNj4270 txNEfRSlXD2mureEuPJqY+VLP19z1rHzLVPOl0wvxvy5WkYvyTEHtElhcT2U43Yk 8SJaqvJJQZPr9G3Wor3t6wrdCP+sTv/92emBBc/pN9hEkDpeAsH20vQN2AwqcZK3 J2icNevi2k4U -----END CERTIFICATE-----Generated at Fri Jan 23 04:39:06 2026 by rpki-client