This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/oBQjnG6Zj6o_8VxMtUsGatV5hV4.roa File: oBQjnG6Zj6o_8VxMtUsGatV5hV4.roa (raw, json) Hash identifier: 7dA7xujM9AdU+gFa8obBWyqzT2p9RQ/v2ZO8GDKs3tU= Subject key identifier: A0:14:23:9C:6E:99:8F:AA:3F:F1:5C:4C:B5:4B:06:6A:D5:79:85:5E Certificate issuer: /CN=0bf543e23e29fb03748d0939726f30fe9affa19e Certificate serial: 019B77597452BAF460F34355921691E303C4 Authority key identifier: 0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/oBQjnG6Zj6o_8VxMtUsGatV5hV4.roa Signing time: Thu 01 Jan 2026 02:18:29 +0000 ROA not before: Thu 01 Jan 2026 02:18:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48481 IP address blocks: 217.64.152.0/22 maxlen: 22 217.64.152.0/23 maxlen: 23 217.64.154.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.mft rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 05:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:74:52:ba:f4:60:f3:43:55:92:16:91:e3:03:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0bf543e23e29fb03748d0939726f30fe9affa19e Validity Not Before: Jan 1 02:18:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a014239c6e998faa3ff15c4cb54b066ad579855e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:53:77:00:cf:43:02:14:8d:62:3b:09:e4:24: 4c:37:7c:fd:71:39:57:a1:7a:d7:fb:eb:dd:d5:c0: 48:a9:96:cc:70:14:d9:7d:bb:f2:e6:d2:9c:11:4f: 19:1b:40:42:67:be:f6:d5:42:8e:25:dd:31:7b:81: 79:8e:97:f0:af:01:eb:7c:7d:f5:53:0d:10:ce:d8: c1:ad:60:4a:e3:9d:1d:7f:8a:a3:83:40:f6:5e:87: 99:f0:5c:a1:f2:7a:f8:0d:c3:e4:72:c8:27:33:cc: c0:3c:11:b9:45:f8:ef:9b:8f:f8:49:d7:94:2d:57: 6b:a4:54:70:e5:07:aa:13:5a:fc:70:13:d3:01:90: 83:d1:aa:e2:28:55:d5:07:81:28:5d:8e:4e:87:8e: 34:3e:e5:7d:77:1a:1f:aa:49:4d:fe:1b:9c:62:a7: 11:9f:08:eb:7c:fa:6d:7d:40:c7:d4:8a:5b:51:5f: 40:44:9a:6c:00:7e:66:fd:12:2a:2d:e8:f4:12:10: 3a:35:72:18:9a:a3:5c:39:a7:5a:cf:ea:6a:9a:20: 74:f2:61:c7:dc:0c:35:23:a2:b2:5a:28:62:f3:35: 44:47:22:70:f3:41:35:7a:4f:b8:13:7e:9b:0b:79: ab:8e:84:ec:19:77:b5:50:26:97:3e:ef:2e:8f:f5: 0b:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:14:23:9C:6E:99:8F:AA:3F:F1:5C:4C:B5:4B:06:6A:D5:79:85:5E X509v3 Authority Key Identifier: keyid:0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/oBQjnG6Zj6o_8VxMtUsGatV5hV4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.64.152.0/22 Signature Algorithm: sha256WithRSAEncryption 9c:d4:de:6f:b9:71:49:71:19:eb:5c:11:31:49:2f:dd:23:ae: ba:9c:ef:44:6b:a5:8a:d0:53:60:30:e8:6c:1d:ff:68:c1:9c: 9a:81:63:29:3d:9f:d2:36:08:e1:d3:57:bf:5f:61:7d:62:b6: 31:23:1e:76:04:d4:df:e9:2a:e8:e8:d2:3c:82:ac:84:3d:5d: 7a:0f:01:e1:8b:4e:46:ac:d9:1e:62:3d:1e:9c:01:74:58:d1: e5:78:d8:83:f5:0f:f0:3b:40:89:97:fa:b0:99:e4:78:0d:29: 38:1d:4b:cd:3d:82:a7:1a:e2:22:3d:33:bc:16:49:d7:d0:b6: 64:45:bb:15:86:5c:03:b3:24:09:14:f1:75:ea:81:a9:b4:29: 33:06:09:aa:1d:4c:04:60:8b:f9:86:99:6d:75:5c:f7:46:66: de:fe:cf:38:81:00:7f:d1:88:2e:7c:0f:41:b2:e9:68:d7:cf: 46:cb:7c:40:78:13:ae:bb:75:10:50:16:a3:f3:22:63:46:57: 17:f7:d0:0e:09:90:61:00:13:cc:ea:a7:e2:36:d3:90:39:b6: 6c:73:53:50:a4:48:ef:7c:29:db:6c:b7:d7:33:e5:53:9f:da: 10:a9:d9:73:45:07:42:5d:a3:ed:2f:1d:b8:0d:56:31:0b:23: 7c:ea:e3:52 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3WXRSuvRg80NVkhaR4wPEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBiZjU0M2UyM2UyOWZiMDM3NDhkMDkzOTcyNmYzMGZlOWFm ZmExOWUwHhcNMjYwMTAxMDIxODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMDE0MjM5YzZlOTk4ZmFhM2ZmMTVjNGNiNTRiMDY2YWQ1Nzk4NTVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1lN3AM9DAhSNYjsJ5CRMN3z9cTlX oXrX++vd1cBIqZbMcBTZfbvy5tKcEU8ZG0BCZ7721UKOJd0xe4F5jpfwrwHrfH31 Uw0QztjBrWBK450df4qjg0D2XoeZ8Fyh8nr4DcPkcsgnM8zAPBG5Rfjvm4/4SdeU LVdrpFRw5QeqE1r8cBPTAZCD0ariKFXVB4EoXY5Oh440PuV9dxofqklN/hucYqcR nwjrfPptfUDH1IpbUV9ARJpsAH5m/RIqLej0EhA6NXIYmqNcOadaz+pqmiB08mHH 3Aw1I6KyWihi8zVERyJw80E1ek+4E36bC3mrjoTsGXe1UCaXPu8uj/ULyQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFKAUI5xumY+qP/FcTLVLBmrVeYVeMB8GA1UdIwQY MBaAFAv1Q+I+KfsDdI0JOXJvMP6a/6GeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMt YTM1ZmM0MzhkNGNhLzEvb0JRam5HNlpqNm9fOFZ4TXRVc0dhdFY1aFY0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMtYTM1ZmM0MzhkNGNh LzEvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2UCYMA0G CSqGSIb3DQEBCwUAA4IBAQCc1N5vuXFJcRnrXBExSS/dI666nO9Ea6WK0FNgMOhs Hf9owZyagWMpPZ/SNgjh01e/X2F9YrYxIx52BNTf6Sro6NI8gqyEPV16DwHhi05G rNkeYj0enAF0WNHleNiD9Q/wO0CJl/qwmeR4DSk4HUvNPYKnGuIiPTO8FknX0LZk RbsVhlwDsyQJFPF16oGptCkzBgmqHUwEYIv5hpltdVz3Rmbe/s84gQB/0YgufA9B sulo189Gy3xAeBOuu3UQUBaj8yJjRlcX99AOCZBhABPM6qfiNtOQObZsc1NQpEjv fCnbbLfXM+VTn9oQqdlzRQdCXaPtLx24DVYxCyN86uNS -----END CERTIFICATE-----Generated at Mon Jan 26 12:32:27 2026 by rpki-client