This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/44b7bb-2605-425b-b341-14605db543d0/1/o7-btfh1I6OULBYVzfVu8_XzE8o.roa File: o7-btfh1I6OULBYVzfVu8_XzE8o.roa (raw, json) Hash identifier: CirfY9g/PTwiRwcav7zVDik3hwZOaK4g3NLJCOiIgh8= Subject key identifier: A3:BF:9B:B5:F8:75:23:A3:94:2C:16:15:CD:F5:6E:F3:F5:F3:13:CA Certificate issuer: /CN=ca926f963511893fa4d9fbd5e64e0f8a43837e40 Certificate serial: 019B7758E11E0A5E50F753B0C8C5CB7A3482 Authority key identifier: CA:92:6F:96:35:11:89:3F:A4:D9:FB:D5:E6:4E:0F:8A:43:83:7E:40 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypJvljURiT-k2fvV5k4PikODfkA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/44b7bb-2605-425b-b341-14605db543d0/1/o7-btfh1I6OULBYVzfVu8_XzE8o.roa Signing time: Thu 01 Jan 2026 02:17:52 +0000 ROA not before: Thu 01 Jan 2026 02:17:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 217.149.108.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/44b7bb-2605-425b-b341-14605db543d0/1/ypJvljURiT-k2fvV5k4PikODfkA.crl rsync://rpki.ripe.net/repository/DEFAULT/07/44b7bb-2605-425b-b341-14605db543d0/1/ypJvljURiT-k2fvV5k4PikODfkA.mft rsync://rpki.ripe.net/repository/DEFAULT/ypJvljURiT-k2fvV5k4PikODfkA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:e1:1e:0a:5e:50:f7:53:b0:c8:c5:cb:7a:34:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca926f963511893fa4d9fbd5e64e0f8a43837e40 Validity Not Before: Jan 1 02:17:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a3bf9bb5f87523a3942c1615cdf56ef3f5f313ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:3f:21:66:ae:2a:96:cb:5d:fe:12:6a:c8:29: a6:ab:0f:ca:75:f9:66:3e:7a:7e:9b:b9:da:b5:de: b4:28:a8:06:be:e4:40:c0:35:03:83:e8:95:3a:56: f3:f1:95:9f:06:05:ab:f5:95:6d:4d:47:4f:52:27: c9:d7:53:4e:c3:e8:d4:e0:a8:0e:e5:48:69:91:75: e4:87:a7:cc:f2:cf:6a:a2:04:5b:57:02:bf:4a:6a: e9:ba:50:6a:34:46:6a:c5:26:cc:17:74:74:19:ff: 44:eb:ce:cf:a3:25:c8:9d:ed:b4:fa:fa:cc:4a:ec: ba:8b:b1:36:8e:df:77:99:59:16:1f:f6:d3:be:02: 40:9a:4d:e2:0d:6f:5b:b6:c8:b2:7f:e8:d0:83:74: 16:5d:76:b6:0c:e5:ed:98:36:03:0b:4a:1c:54:2c: e3:4b:c1:db:a2:0f:49:a8:69:72:e4:47:5a:33:8b: 68:bf:18:38:74:94:7f:c8:2e:66:fb:6c:42:2a:9b: 5f:80:13:74:d2:dc:dc:ed:bb:4a:4e:95:c2:ec:50: 52:c7:cd:78:80:73:12:f7:98:30:fd:bc:34:d8:d5: 31:70:7c:52:c7:45:ab:2a:79:e5:ba:26:34:2c:50: 36:1c:d0:ea:f6:df:2c:7a:c5:36:96:1b:1f:79:2d: 1f:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:BF:9B:B5:F8:75:23:A3:94:2C:16:15:CD:F5:6E:F3:F5:F3:13:CA X509v3 Authority Key Identifier: keyid:CA:92:6F:96:35:11:89:3F:A4:D9:FB:D5:E6:4E:0F:8A:43:83:7E:40 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypJvljURiT-k2fvV5k4PikODfkA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/44b7bb-2605-425b-b341-14605db543d0/1/o7-btfh1I6OULBYVzfVu8_XzE8o.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/07/44b7bb-2605-425b-b341-14605db543d0/1/ypJvljURiT-k2fvV5k4PikODfkA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.149.108.0/24 Signature Algorithm: sha256WithRSAEncryption 8c:03:94:cc:22:a5:99:c3:d3:3e:63:4d:4f:c4:c4:0e:6a:7e: ca:a2:b2:4c:e5:65:cc:a2:30:43:8b:da:d7:9a:88:8a:de:7a: 15:ba:8b:f2:48:51:10:88:3e:b0:9a:53:4b:ce:72:27:bc:51: 1c:d8:fb:d0:d2:4b:23:25:70:2f:50:97:63:e1:50:52:a0:6b: df:26:0c:62:aa:f7:ea:eb:94:94:d9:ec:f8:f4:e1:f9:9b:2f: 16:1f:8a:dd:50:78:85:1b:86:ce:89:48:14:ce:ed:7a:9e:5b: 9f:5c:59:30:da:33:45:70:25:2c:ec:02:9b:98:be:0e:ba:c1: 0a:57:66:68:21:e3:3f:07:e1:0a:3d:23:62:48:75:be:de:f7: a0:0b:31:a4:5d:f3:14:de:cb:2f:2c:3d:2e:e5:67:39:cd:71: 84:67:31:5d:2e:b1:68:29:18:0e:73:2b:7a:d8:3a:8d:96:05: ea:ac:db:04:01:c1:16:3d:49:ee:f2:78:c8:d1:e6:77:67:cc: c9:75:b5:eb:fe:14:2d:8c:76:e6:26:6f:e4:52:d5:c5:2d:19: 06:e6:db:7d:66:c0:23:3b:e4:b3:e8:53:1a:2e:f3:2c:1f:ab: 49:d3:da:8d:eb:fc:d0:3a:06:b0:bf:12:bf:10:cd:a6:26:54: 88:2a:8f:4e -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3WOEeCl5Q91OwyMXLejSCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhOTI2Zjk2MzUxMTg5M2ZhNGQ5ZmJkNWU2NGUwZjhhNDM4 MzdlNDAwHhcNMjYwMTAxMDIxNzUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhM2JmOWJiNWY4NzUyM2EzOTQyYzE2MTVjZGY1NmVmM2Y1ZjMxM2NhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqT8hZq4qlstd/hJqyCmmqw/Kdflm Pnp+m7natd60KKgGvuRAwDUDg+iVOlbz8ZWfBgWr9ZVtTUdPUifJ11NOw+jU4KgO 5UhpkXXkh6fM8s9qogRbVwK/SmrpulBqNEZqxSbMF3R0Gf9E687PoyXIne20+vrM Suy6i7E2jt93mVkWH/bTvgJAmk3iDW9btsiyf+jQg3QWXXa2DOXtmDYDC0ocVCzj S8Hbog9JqGly5EdaM4tovxg4dJR/yC5m+2xCKptfgBN00tzc7btKTpXC7FBSx814 gHMS95gw/bw02NUxcHxSx0WrKnnluiY0LFA2HNDq9t8sesU2lhsfeS0fEwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFKO/m7X4dSOjlCwWFc31bvP18xPKMB8GA1UdIwQY MBaAFMqSb5Y1EYk/pNn71eZOD4pDg35AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveXBKdmxqVVJpVC1rMmZ2VjVrNFBpa09EZmtBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy80NGI3YmItMjYwNS00MjViLWIzNDEt MTQ2MDVkYjU0M2QwLzEvbzctYnRmaDFJNk9VTEJZVnpmVnU4X1h6RThvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNy80NGI3YmItMjYwNS00MjViLWIzNDEtMTQ2MDVkYjU0M2Qw LzEveXBKdmxqVVJpVC1rMmZ2VjVrNFBpa09EZmtBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZVsMA0G CSqGSIb3DQEBCwUAA4IBAQCMA5TMIqWZw9M+Y01PxMQOan7KorJM5WXMojBDi9rX moiK3noVuovySFEQiD6wmlNLznInvFEc2PvQ0ksjJXAvUJdj4VBSoGvfJgxiqvfq 65SU2ez49OH5my8WH4rdUHiFG4bOiUgUzu16nlufXFkw2jNFcCUs7AKbmL4OusEK V2ZoIeM/B+EKPSNiSHW+3vegCzGkXfMU3ssvLD0u5Wc5zXGEZzFdLrFoKRgOcyt6 2DqNlgXqrNsEAcEWPUnu8njI0eZ3Z8zJdbXr/hQtjHbmJm/kUtXFLRkG5tt9ZsAj O+Sz6FMaLvMsH6tJ09qN6/zQOgawvxK/EM2mJlSIKo9O -----END CERTIFICATE-----Generated at Fri Jan 2 09:29:49 2026 by rpki-client