This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Oki9n97zm2yM16Q_ET5I8zlwpNM.roa File: Oki9n97zm2yM16Q_ET5I8zlwpNM.roa (raw, json) Hash identifier: r1JrY2PFzd/IVvO9oesY6ZFkonODifHIYW+VBhV3uFQ= Subject key identifier: 3A:48:BD:9F:DE:F3:9B:6C:8C:D7:A4:3F:11:3E:48:F3:39:70:A4:D3 Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7 Certificate serial: 019A9D3E4ED9FFF7B6D21653632A01085437 Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Oki9n97zm2yM16Q_ET5I8zlwpNM.roa Signing time: Wed 19 Nov 2025 17:51:37 +0000 ROA not before: Wed 19 Nov 2025 17:51:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 0 IP address blocks: 193.124.4.0/24 maxlen: 24 193.124.7.0/24 maxlen: 24 194.58.155.0/24 maxlen: 24 194.58.223.0/24 maxlen: 24 194.87.52.0/24 maxlen: 24 194.87.53.0/24 maxlen: 24 194.87.54.0/24 maxlen: 24 194.87.59.0/24 maxlen: 24 194.87.75.0/24 maxlen: 24 194.87.119.0/24 maxlen: 24 194.87.136.0/24 maxlen: 24 194.87.169.0/24 maxlen: 24 194.87.179.0/24 maxlen: 24 194.87.193.0/24 maxlen: 24 194.87.194.0/24 maxlen: 24 194.87.195.0/24 maxlen: 24 194.87.228.0/24 maxlen: 24 194.135.24.0/24 maxlen: 24 195.133.24.0/23 maxlen: 23 195.133.29.0/24 maxlen: 24 195.133.40.0/23 maxlen: 23 195.133.50.0/23 maxlen: 23 195.133.92.0/23 maxlen: 23 212.192.241.0/24 maxlen: 24 212.192.249.0/24 maxlen: 24 212.193.0.0/24 maxlen: 24 212.193.26.0/23 maxlen: 23 2a01:57c0::/29 maxlen: 29 2a0c:ff40::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 23 Nov 2025 12:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:9d:3e:4e:d9:ff:f7:b6:d2:16:53:63:2a:01:08:54:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7 Validity Not Before: Nov 19 17:51:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=3a48bd9fdef39b6c8cd7a43f113e48f33970a4d3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:7f:8a:6f:ed:88:c6:df:a3:1d:b3:5d:a0:81: 76:59:8b:c7:80:cd:e2:77:5b:2f:35:4f:3d:1b:b5: cf:61:90:6d:40:51:ef:76:be:2b:f7:6f:60:c5:6d: 13:d4:09:01:1d:cb:e0:31:ea:c9:61:09:54:17:7a: 7a:db:cc:71:0a:a3:09:dd:dc:3d:fa:67:ac:3b:d8: ae:ea:ac:62:a4:22:c1:87:5b:4b:1c:93:ed:b8:32: c7:49:f1:55:1e:8d:d9:d1:11:2e:47:4c:7f:71:ed: b6:46:b8:53:52:af:4b:a3:b2:0e:98:5c:87:11:29: 3b:6f:3e:ae:08:4f:73:24:c0:f9:14:3a:7f:be:ae: 49:b4:d8:d5:0e:3e:30:8c:62:4f:5f:de:7a:d0:c6: ad:7a:19:f8:8f:15:9e:a1:a1:8f:82:5f:4b:0b:c4: 3a:48:1f:30:f8:b7:a2:f1:da:7f:19:55:5b:ae:87: 23:30:05:9d:6b:71:e4:9b:f5:2e:12:d9:5c:64:a3: 21:49:39:af:47:c0:0c:01:db:a1:c5:c4:bf:4a:c8: c0:19:53:db:80:90:cb:45:22:b5:5f:ea:07:81:a1: 1d:a7:07:a6:f7:eb:27:13:d7:f3:0b:f1:1e:8a:aa: 39:27:b2:0a:66:6f:75:b3:3d:95:b1:00:cb:ed:95: 00:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:48:BD:9F:DE:F3:9B:6C:8C:D7:A4:3F:11:3E:48:F3:39:70:A4:D3 X509v3 Authority Key Identifier: keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Oki9n97zm2yM16Q_ET5I8zlwpNM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.124.4.0/24 193.124.7.0/24 194.58.155.0/24 194.58.223.0/24 194.87.52.0-194.87.54.255 194.87.59.0/24 194.87.75.0/24 194.87.119.0/24 194.87.136.0/24 194.87.169.0/24 194.87.179.0/24 194.87.193.0-194.87.195.255 194.87.228.0/24 194.135.24.0/24 195.133.24.0/23 195.133.29.0/24 195.133.40.0/23 195.133.50.0/23 195.133.92.0/23 212.192.241.0/24 212.192.249.0/24 212.193.0.0/24 212.193.26.0/23 IPv6: 2a01:57c0::/29 2a0c:ff40::/29 Signature Algorithm: sha256WithRSAEncryption 3d:8f:63:86:89:ec:c3:21:10:ab:c0:a7:7f:16:72:67:fb:ee: 71:ac:6c:2d:05:22:ae:5c:03:54:cb:96:08:ac:5b:de:93:a0: 66:69:c6:dd:eb:c1:4c:51:89:69:8d:eb:c8:b0:36:33:c1:79: bd:1c:18:df:c0:4a:58:41:98:6f:39:1b:47:c6:48:58:5c:b0: 9d:12:17:47:23:9b:a2:57:79:04:5b:c9:57:d3:53:7e:b8:fc: 09:96:5a:6d:e3:dd:f4:a3:eb:87:a7:b1:45:5f:f0:ea:9e:2b: 8e:84:72:8f:dc:e0:2b:9e:9b:16:2e:43:2d:aa:aa:cf:25:01: 7a:a2:4a:98:bd:73:3b:bd:60:6c:14:4d:de:34:b6:54:02:65: d8:68:d9:0c:1d:40:be:f7:df:f4:26:d5:5c:69:5d:09:62:f1: ff:dd:41:ba:8b:c8:ca:e0:4f:70:dd:b6:21:08:b4:6d:b6:a5: 8e:d4:ef:54:a7:a7:34:92:52:4f:29:ea:5c:a5:0f:3d:97:17: b7:e6:40:02:19:75:35:68:81:21:19:a5:4a:c0:4b:90:72:68: 00:e5:03:e1:a5:57:fa:7d:23:b3:a8:30:50:99:0b:dc:25:92: 03:42:6b:ef:d2:54:18:10:c0:f6:08:7f:3c:7f:05:93:ba:70: d7:f5:6a:30 -----BEGIN CERTIFICATE----- MIIFrDCCBJSgAwIBAgISAZqdPk7Z//e20hZTYyoBCFQ3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw ZTFhYzcwHhcNMjUxMTE5MTc1MTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYTQ4YmQ5ZmRlZjM5YjZjOGNkN2E0M2YxMTNlNDhmMzM5NzBhNGQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoH+Kb+2Ixt+jHbNdoIF2WYvHgM3i d1svNU89G7XPYZBtQFHvdr4r929gxW0T1AkBHcvgMerJYQlUF3p628xxCqMJ3dw9 +mesO9iu6qxipCLBh1tLHJPtuDLHSfFVHo3Z0REuR0x/ce22RrhTUq9Lo7IOmFyH ESk7bz6uCE9zJMD5FDp/vq5JtNjVDj4wjGJPX9560Matehn4jxWeoaGPgl9LC8Q6 SB8w+Lei8dp/GVVbrocjMAWda3Hkm/UuEtlcZKMhSTmvR8AMAduhxcS/SsjAGVPb gJDLRSK1X+oHgaEdpwem9+snE9fzC/Eeiqo5J7IKZm91sz2VsQDL7ZUA1wIDAQAB o4ICuDCCArQwHQYDVR0OBBYEFDpIvZ/e85tsjNekPxE+SPM5cKTTMB8GA1UdIwQY MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt NWE0MjQyOGYxMTQzLzEvT2tpOW45N3ptMnlNMTZRX0VUNUk4emx3cE5NLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBoQQCAAEwgZoDBADB fAQDBADBfAcDBADCOpsDBADCOt8wDAMEAsJXNAMEAMJXNgMEAMJXOwMEAMJXSwME AMJXdwMEAMJXiAMEAMJXqQMEAMJXszAMAwQAwlfBAwQCwlfAAwQAwlfkAwQAwocY AwQBw4UYAwQAw4UdAwQBw4UoAwQBw4UyAwQBw4VcAwQA1MDxAwQA1MD5AwQA1MEA AwQB1MEaMBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOCAQEA PY9jhonswyEQq8CnfxZyZ/vucaxsLQUirlwDVMuWCKxb3pOgZmnG3evBTFGJaY3r yLA2M8F5vRwY38BKWEGYbzkbR8ZIWFywnRIXRyObold5BFvJV9NTfrj8CZZabePd 9KPrh6exRV/w6p4rjoRyj9zgK56bFi5DLaqqzyUBeqJKmL1zO71gbBRN3jS2VAJl 2GjZDB1Avvff9CbVXGldCWLx/91BuovIyuBPcN22IQi0bbaljtTvVKenNJJSTynq XKUPPZcXt+ZAAhl1NWiBIRmlSsBLkHJoAOUD4aVX+n0js6gwUJkL3CWSA0Jr79JU GBDA9gh/PH8Fk7pw1/VqMA== -----END CERTIFICATE-----Generated at Sat Nov 22 21:37:00 2025 by rpki-client