This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OFHBzcZLXcADGOkPXs7QCiW1SjI.roa File: OFHBzcZLXcADGOkPXs7QCiW1SjI.roa (raw, json) Hash identifier: yPWZf7/IFeAQ15pCmx+gBSFk9/Q35EaryWjtkT+ZynQ= Subject key identifier: 38:51:C1:CD:C6:4B:5D:C0:03:18:E9:0F:5E:CE:D0:0A:25:B5:4A:32 Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d Certificate serial: 019B78A2DD8029061449686215B1AD532363 Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OFHBzcZLXcADGOkPXs7QCiW1SjI.roa Signing time: Thu 01 Jan 2026 08:18:17 +0000 ROA not before: Thu 01 Jan 2026 08:18:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14618 IP address blocks: 2.59.252.0/24 maxlen: 24 185.216.70.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 02:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:dd:80:29:06:14:49:68:62:15:b1:ad:53:23:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d Validity Not Before: Jan 1 08:18:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3851c1cdc64b5dc00318e90f5eced00a25b54a32 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:a1:3c:fb:bc:d0:18:7f:04:ea:e9:e6:4c:a0: fe:7f:3a:a8:36:4f:34:51:48:27:e7:65:ea:9e:4b: 22:2b:79:d7:5f:80:5a:5d:2b:68:50:8c:ca:59:fb: 5b:96:14:99:39:6f:c9:42:7c:68:25:eb:0a:62:91: f1:10:4c:ae:b9:e0:e1:7a:f2:f2:ac:f8:8e:cf:28: 5c:04:c1:7c:d7:11:10:9e:0c:ad:a2:d5:f9:65:60: d6:14:a8:89:d0:40:db:c9:15:e2:bd:84:20:77:8e: f4:3d:ad:31:00:a6:fa:d7:76:d2:39:e0:48:b1:ac: 77:68:1a:a0:e9:6a:99:73:73:19:8b:1c:f8:1f:46: 1c:e7:76:bc:0c:28:5c:2e:a8:01:50:1d:4f:10:63: dc:6d:0e:6a:71:fa:01:8c:be:0b:c7:13:14:0d:98: c7:df:51:30:83:60:b0:c1:c7:9a:d2:55:a3:3e:a2: 44:47:31:7b:dd:10:47:44:b3:d4:03:91:cc:81:57: 7c:14:50:80:06:c2:5c:4d:cf:14:f5:de:fc:6b:7e: 73:8f:15:6e:69:dd:21:09:77:98:80:f3:b7:74:d0: 98:89:89:c6:9b:4b:f5:fe:4b:bc:7e:2d:e9:72:3f: 84:c2:eb:e6:38:6d:9f:c2:fc:ea:9f:fa:92:17:75: 3f:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:51:C1:CD:C6:4B:5D:C0:03:18:E9:0F:5E:CE:D0:0A:25:B5:4A:32 X509v3 Authority Key Identifier: keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OFHBzcZLXcADGOkPXs7QCiW1SjI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.59.252.0/24 185.216.70.0/24 Signature Algorithm: sha256WithRSAEncryption 93:bd:d6:99:fd:42:85:25:76:39:80:b9:1b:43:10:1d:5e:31: 98:f7:f7:c4:43:43:20:4f:24:4c:9e:a3:75:52:76:1d:30:50: 67:2e:65:5a:f6:db:b2:3e:cb:f9:c4:c1:6f:be:0b:c4:6e:0e: 27:fc:54:89:fb:aa:bc:7e:d0:97:38:10:27:b7:9d:88:d1:3d: d8:33:72:0e:3a:1b:6d:9a:d8:56:00:48:a1:41:c8:3d:2e:9e: 90:31:03:6a:1a:14:3f:7b:c5:28:ea:c1:a9:2c:7c:90:8a:8a: 92:94:01:b6:85:2d:61:0b:04:41:6b:ad:34:ff:fc:6a:38:84: a4:e2:31:a1:0c:7f:03:3f:e4:4c:d5:0d:05:28:b8:79:46:40: 9a:31:03:c2:43:6c:9b:2d:ba:a2:b2:b4:68:6c:2f:a5:2c:23: 63:56:dd:8f:04:40:12:16:e0:a4:ad:75:5c:08:57:8a:fc:94: 83:39:d1:72:b7:5d:80:55:e7:b6:ff:a5:9c:29:cb:6f:e7:a7: 0f:f0:e0:72:13:d1:92:96:9a:d9:3b:bd:b4:a9:04:18:a7:49: 4d:76:18:41:51:14:e2:92:be:05:8a:e5:47:4e:5b:14:c8:39: 6f:0d:2b:8b:56:1c:02:8f:8d:5d:d0:90:49:b3:fe:81:c9:c2: 6e:77:88:80 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt4ot2AKQYUSWhiFbGtUyNjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3 NzVlOWQwHhcNMjYwMTAxMDgxODE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzODUxYzFjZGM2NGI1ZGMwMDMxOGU5MGY1ZWNlZDAwYTI1YjU0YTMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6E8+7zQGH8E6unmTKD+fzqoNk80 UUgn52XqnksiK3nXX4BaXStoUIzKWftblhSZOW/JQnxoJesKYpHxEEyuueDhevLy rPiOzyhcBMF81xEQngytotX5ZWDWFKiJ0EDbyRXivYQgd470Pa0xAKb613bSOeBI sax3aBqg6WqZc3MZixz4H0Yc53a8DChcLqgBUB1PEGPcbQ5qcfoBjL4LxxMUDZjH 31Ewg2Cwwcea0lWjPqJERzF73RBHRLPUA5HMgVd8FFCABsJcTc8U9d78a35zjxVu ad0hCXeYgPO3dNCYiYnGm0v1/ku8fi3pcj+EwuvmOG2fwvzqn/qSF3U/qQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFDhRwc3GS13AAxjpD17O0AoltUoyMB8GA1UdIwQY MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct Y2QzY2E1OTc1NzEyLzEvT0ZIQnpjWkxYY0FER09rUFhzN1FDaVcxU2pJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjv8AwQA udhGMA0GCSqGSIb3DQEBCwUAA4IBAQCTvdaZ/UKFJXY5gLkbQxAdXjGY9/fEQ0Mg TyRMnqN1UnYdMFBnLmVa9tuyPsv5xMFvvgvEbg4n/FSJ+6q8ftCXOBAnt52I0T3Y M3IOOhttmthWAEihQcg9Lp6QMQNqGhQ/e8Uo6sGpLHyQioqSlAG2hS1hCwRBa600 //xqOISk4jGhDH8DP+RM1Q0FKLh5RkCaMQPCQ2ybLbqisrRobC+lLCNjVt2PBEAS FuCkrXVcCFeK/JSDOdFyt12AVee2/6WcKctv56cP8OByE9GSlprZO720qQQYp0lN dhhBURTikr4FiuVHTlsUyDlvDSuLVhwCj41d0JBJs/6BycJud4iA -----END CERTIFICATE-----Generated at Fri Jan 2 12:04:26 2026 by rpki-client