This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/c32b9d-8c7c-4441-bdb1-6a68251f1387/1/Opai9dg9_aPXefCDg-UcShG8DsQ.roa File: Opai9dg9_aPXefCDg-UcShG8DsQ.roa (raw, json) Hash identifier: PwYEnlWaHMXct2KSlyUDXvXKQcsU2VZDyx8dPTPY47I= Subject key identifier: 3A:96:A2:F5:D8:3D:FD:A3:D7:79:F0:83:83:E5:1C:4A:11:BC:0E:C4 Certificate issuer: /CN=57c5a76f28b71ea8dbf999abaab7a659839ac182 Certificate serial: 019B7C1362646CE64B095BB86766886F5F24 Authority key identifier: 57:C5:A7:6F:28:B7:1E:A8:DB:F9:99:AB:AA:B7:A6:59:83:9A:C1:82 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8Wnbyi3Hqjb-ZmrqremWYOawYI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/c32b9d-8c7c-4441-bdb1-6a68251f1387/1/Opai9dg9_aPXefCDg-UcShG8DsQ.roa Signing time: Fri 02 Jan 2026 00:20:03 +0000 ROA not before: Fri 02 Jan 2026 00:20:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29186 IP address blocks: 91.220.174.0/24 maxlen: 24 193.104.16.0/24 maxlen: 24 195.85.219.0/24 maxlen: 24 195.230.96.0/24 maxlen: 24 2001:678:abc::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/c32b9d-8c7c-4441-bdb1-6a68251f1387/1/V8Wnbyi3Hqjb-ZmrqremWYOawYI.crl rsync://rpki.ripe.net/repository/DEFAULT/05/c32b9d-8c7c-4441-bdb1-6a68251f1387/1/V8Wnbyi3Hqjb-ZmrqremWYOawYI.mft rsync://rpki.ripe.net/repository/DEFAULT/V8Wnbyi3Hqjb-ZmrqremWYOawYI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:62:64:6c:e6:4b:09:5b:b8:67:66:88:6f:5f:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=57c5a76f28b71ea8dbf999abaab7a659839ac182 Validity Not Before: Jan 2 00:20:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3a96a2f5d83dfda3d779f08383e51c4a11bc0ec4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:43:fb:4a:35:d9:ea:ad:31:52:8e:48:3a:12: e9:fd:25:2d:10:04:f4:e3:1b:a8:67:9b:fa:3f:46: 7b:f6:6b:9a:97:26:17:f9:04:df:b8:67:82:d1:e7: 70:62:8a:1a:77:c4:36:55:76:1c:47:1b:a8:50:b2: 9a:db:89:82:fe:80:85:8f:d6:31:e6:c8:4d:0b:d2: 38:e1:31:e3:09:0b:f0:28:7a:af:33:32:02:74:32: a0:00:a1:fb:c7:1f:84:cf:5e:16:3b:ba:4c:a0:90: da:50:4b:b1:3e:7f:42:8d:13:78:de:63:24:5d:5e: 28:c9:70:ae:b4:28:f1:23:38:f4:e2:32:6f:b2:1f: f5:fa:d5:8a:4d:84:70:e3:30:0b:17:34:cd:f0:8c: 83:55:7d:b4:05:70:8c:97:2c:82:07:e9:c5:04:de: c3:d7:98:b7:9c:14:8f:4e:d6:c0:a7:9e:33:3b:6e: 4c:f9:d4:45:17:4f:2f:83:72:64:63:0e:4d:3c:52: 30:27:cd:13:61:25:b9:2a:39:0c:68:7c:1c:c9:50: 6b:f6:aa:24:4d:d6:4c:03:1e:e5:ac:3d:2d:7c:78: 58:52:a7:42:dd:39:97:bf:fd:82:a4:4a:b1:5d:f2: a3:58:ae:b4:d6:01:b8:b4:fd:6c:6c:88:44:e6:bf: 7c:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:96:A2:F5:D8:3D:FD:A3:D7:79:F0:83:83:E5:1C:4A:11:BC:0E:C4 X509v3 Authority Key Identifier: keyid:57:C5:A7:6F:28:B7:1E:A8:DB:F9:99:AB:AA:B7:A6:59:83:9A:C1:82 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8Wnbyi3Hqjb-ZmrqremWYOawYI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c32b9d-8c7c-4441-bdb1-6a68251f1387/1/Opai9dg9_aPXefCDg-UcShG8DsQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c32b9d-8c7c-4441-bdb1-6a68251f1387/1/V8Wnbyi3Hqjb-ZmrqremWYOawYI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.220.174.0/24 193.104.16.0/24 195.85.219.0/24 195.230.96.0/24 IPv6: 2001:678:abc::/48 Signature Algorithm: sha256WithRSAEncryption 0b:b0:05:41:98:69:9a:00:77:3e:99:9b:f6:26:78:7d:ac:a3: dc:48:0b:8d:71:2b:f5:cd:c4:00:c4:08:c5:36:2d:85:49:a4: 05:02:bb:d2:00:c0:ab:c5:6c:e5:b8:22:e4:3a:ed:f9:6f:cc: a4:9c:2b:4e:84:29:98:95:b4:ea:e8:22:cb:73:41:43:df:27: 00:d7:fa:e2:74:9e:6e:5f:b7:7d:16:04:72:8d:a1:42:75:a8: 46:9a:a3:c1:75:e5:6c:e3:89:7f:06:17:8e:f6:74:8e:f9:57: 83:84:55:2a:0b:c1:43:da:00:fd:34:0f:c2:12:09:39:19:48: 2d:cc:82:96:33:a2:7c:e3:19:00:eb:db:d9:09:cc:5f:d2:f6: 84:7b:13:ca:bb:67:96:29:9e:9b:fa:8d:02:98:10:43:8d:c2: 9f:21:7d:c3:82:a3:00:eb:aa:15:ac:56:48:67:3c:3c:12:f8: ca:27:43:10:1e:cf:e0:f8:59:2d:e2:a2:75:ee:5b:6a:1f:90: 99:7e:89:9a:c3:86:0a:21:fc:fc:f0:30:46:ab:03:e8:ab:7b: 70:b1:24:33:45:ba:f5:fc:4d:b2:c4:8f:5b:44:6d:00:b8:c4: 2b:a5:4c:ef:52:05:0d:96:3d:cd:02:6a:95:99:ff:90:88:c2: 1b:ad:49:b9 -----BEGIN CERTIFICATE----- MIIFIDCCBAigAwIBAgISAZt8E2JkbOZLCVu4Z2aIb18kMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU3YzVhNzZmMjhiNzFlYThkYmY5OTlhYmFhYjdhNjU5ODM5 YWMxODIwHhcNMjYwMTAyMDAyMDAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYTk2YTJmNWQ4M2RmZGEzZDc3OWYwODM4M2U1MWM0YTExYmMwZWM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kP7SjXZ6q0xUo5IOhLp/SUtEAT0 4xuoZ5v6P0Z79mualyYX+QTfuGeC0edwYooad8Q2VXYcRxuoULKa24mC/oCFj9Yx 5shNC9I44THjCQvwKHqvMzICdDKgAKH7xx+Ez14WO7pMoJDaUEuxPn9CjRN43mMk XV4oyXCutCjxIzj04jJvsh/1+tWKTYRw4zALFzTN8IyDVX20BXCMlyyCB+nFBN7D 15i3nBSPTtbAp54zO25M+dRFF08vg3JkYw5NPFIwJ80TYSW5KjkMaHwcyVBr9qok TdZMAx7lrD0tfHhYUqdC3TmXv/2CpEqxXfKjWK601gG4tP1sbIhE5r98KwIDAQAB o4ICLDCCAigwHQYDVR0OBBYEFDqWovXYPf2j13nwg4PlHEoRvA7EMB8GA1UdIwQY MBaAFFfFp28otx6o2/mZq6q3plmDmsGCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVjhXbmJ5aTNIcWpiLVptcnFyZW1XWU9hd1lJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9jMzJiOWQtOGM3Yy00NDQxLWJkYjEt NmE2ODI1MWYxMzg3LzEvT3BhaTlkZzlfYVBYZWZDRGctVWNTaEc4RHNRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS9jMzJiOWQtOGM3Yy00NDQxLWJkYjEtNmE2ODI1MWYxMzg3 LzEvVjhXbmJ5aTNIcWpiLVptcnFyZW1XWU9hd1lJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAW9yuAwQA wWgQAwQAw1XbAwQAw+ZgMA8EAgACMAkDBwAgAQZ4CrwwDQYJKoZIhvcNAQELBQAD ggEBAAuwBUGYaZoAdz6Zm/YmeH2so9xIC41xK/XNxADECMU2LYVJpAUCu9IAwKvF bOW4IuQ67flvzKScK06EKZiVtOroIstzQUPfJwDX+uJ0nm5ft30WBHKNoUJ1qEaa o8F15WzjiX8GF472dI75V4OEVSoLwUPaAP00D8ISCTkZSC3MgpYzonzjGQDr29kJ zF/S9oR7E8q7Z5Ypnpv6jQKYEEONwp8hfcOCowDrqhWsVkhnPDwS+MonQxAez+D4 WS3ionXuW2ofkJl+iZrDhgoh/PzwMEarA+ire3CxJDNFuvX8TbLEj1tEbQC4xCul TO9SBQ2WPc0CapWZ/5CIwhutSbk= -----END CERTIFICATE-----Generated at Mon Feb 9 18:22:24 2026 by rpki-client