This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/464260-8d7e-4507-b44b-2864707b2b3f/1/Om7ZQ-8XCQlgOaJIlxkUZHdp1tc.roa File: Om7ZQ-8XCQlgOaJIlxkUZHdp1tc.roa (raw, json) Hash identifier: bjl4aARKpgl6sPBL+R2cds28ZzucnTcBrTeFC8PyXIc= Subject key identifier: 3A:6E:D9:43:EF:17:09:09:60:39:A2:48:97:19:14:64:77:69:D6:D7 Certificate issuer: /CN=9c721ac807a326f871bbaa184963cd602b5cc2d6 Certificate serial: 019B7C80C0CDAF1AA9DC9FD6691DD7ABDB44 Authority key identifier: 9C:72:1A:C8:07:A3:26:F8:71:BB:AA:18:49:63:CD:60:2B:5C:C2:D6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nHIayAejJvhxu6oYSWPNYCtcwtY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/464260-8d7e-4507-b44b-2864707b2b3f/1/Om7ZQ-8XCQlgOaJIlxkUZHdp1tc.roa Signing time: Fri 02 Jan 2026 02:19:31 +0000 ROA not before: Fri 02 Jan 2026 02:19:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50877 IP address blocks: 159.255.128.0/21 maxlen: 21 185.182.208.0/22 maxlen: 22 2a0a:f980::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/464260-8d7e-4507-b44b-2864707b2b3f/1/nHIayAejJvhxu6oYSWPNYCtcwtY.crl rsync://rpki.ripe.net/repository/DEFAULT/0b/464260-8d7e-4507-b44b-2864707b2b3f/1/nHIayAejJvhxu6oYSWPNYCtcwtY.mft rsync://rpki.ripe.net/repository/DEFAULT/nHIayAejJvhxu6oYSWPNYCtcwtY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:c0:cd:af:1a:a9:dc:9f:d6:69:1d:d7:ab:db:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9c721ac807a326f871bbaa184963cd602b5cc2d6 Validity Not Before: Jan 2 02:19:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3a6ed943ef1709096039a248971914647769d6d7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:88:60:92:b9:3a:24:23:eb:71:92:ef:29:cc: 0a:0d:a5:f2:fb:07:e9:ca:5d:a4:ee:53:fb:95:39: 18:40:99:a2:a9:30:10:96:36:21:97:d2:ec:50:85: e6:f7:ac:39:02:a3:11:7a:73:7d:df:1c:a1:45:5f: 28:4a:08:75:f7:bb:79:6e:77:f2:29:f9:cc:0a:bd: 67:dc:99:bc:45:2c:a7:9b:a6:a4:74:e6:e9:10:55: e9:41:b8:60:e0:84:8a:2f:81:04:64:9c:9f:2f:8d: 52:74:b4:96:cd:35:df:86:a8:45:dc:d6:cb:3c:39: 87:cc:29:6f:89:f2:4b:cd:5b:50:b7:28:4e:21:2b: 00:fa:79:ef:ca:d1:de:62:dc:c8:04:ad:ec:51:6e: 40:23:f8:d1:6e:1a:67:07:db:33:4c:cd:13:6a:dd: 21:e5:19:57:84:1a:18:a5:30:a7:18:5c:e3:c1:16: 47:8d:50:8e:9b:7d:1c:74:b4:a1:68:28:f4:e0:34: b3:3d:7d:98:a6:14:6d:69:a4:9f:60:47:2e:0e:94: bd:a9:a3:44:b4:fb:35:11:e0:f3:c7:34:0d:5c:03: e5:0b:c4:80:72:ae:24:e2:a4:97:8f:0e:93:b5:31: 34:38:df:b7:99:85:b3:9f:45:bf:43:e6:7f:62:7f: c1:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:6E:D9:43:EF:17:09:09:60:39:A2:48:97:19:14:64:77:69:D6:D7 X509v3 Authority Key Identifier: keyid:9C:72:1A:C8:07:A3:26:F8:71:BB:AA:18:49:63:CD:60:2B:5C:C2:D6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nHIayAejJvhxu6oYSWPNYCtcwtY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/464260-8d7e-4507-b44b-2864707b2b3f/1/Om7ZQ-8XCQlgOaJIlxkUZHdp1tc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/464260-8d7e-4507-b44b-2864707b2b3f/1/nHIayAejJvhxu6oYSWPNYCtcwtY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.255.128.0/21 185.182.208.0/22 IPv6: 2a0a:f980::/29 Signature Algorithm: sha256WithRSAEncryption 1a:f7:61:be:fe:3e:b1:7a:ba:6d:5f:ba:e7:42:a6:c6:e0:c9: 91:97:b7:b1:74:17:5b:3e:4c:3e:f2:5c:bf:7b:87:4a:9a:33: 91:ba:fd:a2:04:4b:b5:e6:e1:65:30:5a:25:c3:f2:a9:e8:f3: df:e5:7e:e2:94:7f:8b:03:ca:67:56:6e:68:0a:28:c9:b3:76: de:89:95:bd:71:66:33:6b:ea:b1:d8:b7:d7:65:7d:29:fc:08: 2e:a3:21:93:c5:b6:61:08:aa:4d:3c:5d:c8:ac:bf:2a:fd:9b: 4d:f1:08:c9:20:9f:f7:f9:62:57:10:86:45:ff:c9:fb:2f:7d: 31:ea:91:82:97:cf:56:08:e0:52:6d:d0:61:a1:f8:86:fa:85: 2c:d9:52:cc:80:9c:67:6d:8d:8b:36:c9:5a:93:22:c5:f2:11: f1:c3:3a:89:da:30:87:be:2a:f7:9c:4e:b6:f2:aa:2d:08:a6: 40:c3:1e:8e:43:94:60:58:f0:91:7f:23:43:45:f1:00:54:00: fc:94:2a:5c:6d:2e:bf:fc:6b:06:91:30:17:21:7b:72:20:e6: 5c:c7:ad:28:2c:95:3c:75:b2:1a:68:09:7d:0f:1e:20:87:5a: 54:1d:94:f2:4d:2a:93:b0:ee:56:95:4a:dd:29:6b:b7:96:c8: 58:12:74:5f -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt8gMDNrxqp3J/WaR3Xq9tEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDljNzIxYWM4MDdhMzI2Zjg3MWJiYWExODQ5NjNjZDYwMmI1 Y2MyZDYwHhcNMjYwMTAyMDIxOTMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYTZlZDk0M2VmMTcwOTA5NjAzOWEyNDg5NzE5MTQ2NDc3NjlkNmQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIhgkrk6JCPrcZLvKcwKDaXy+wfp yl2k7lP7lTkYQJmiqTAQljYhl9LsUIXm96w5AqMRenN93xyhRV8oSgh197t5bnfy KfnMCr1n3Jm8RSynm6akdObpEFXpQbhg4ISKL4EEZJyfL41SdLSWzTXfhqhF3NbL PDmHzClvifJLzVtQtyhOISsA+nnvytHeYtzIBK3sUW5AI/jRbhpnB9szTM0Tat0h 5RlXhBoYpTCnGFzjwRZHjVCOm30cdLShaCj04DSzPX2YphRtaaSfYEcuDpS9qaNE tPs1EeDzxzQNXAPlC8SAcq4k4qSXjw6TtTE0ON+3mYWzn0W/Q+Z/Yn/BAwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFDpu2UPvFwkJYDmiSJcZFGR3adbXMB8GA1UdIwQY MBaAFJxyGsgHoyb4cbuqGEljzWArXMLWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbkhJYXlBZWpKdmh4dTZvWVNXUE5ZQ3Rjd3RZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80NjQyNjAtOGQ3ZS00NTA3LWI0NGIt Mjg2NDcwN2IyYjNmLzEvT203WlEtOFhDUWxnT2FKSWx4a1VaSGRwMXRjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYi80NjQyNjAtOGQ3ZS00NTA3LWI0NGItMjg2NDcwN2IyYjNm LzEvbkhJYXlBZWpKdmh4dTZvWVNXUE5ZQ3Rjd3RZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDn/+AAwQC ubbQMA0EAgACMAcDBQMqCvmAMA0GCSqGSIb3DQEBCwUAA4IBAQAa92G+/j6xerpt X7rnQqbG4MmRl7exdBdbPkw+8ly/e4dKmjORuv2iBEu15uFlMFolw/Kp6PPf5X7i lH+LA8pnVm5oCijJs3beiZW9cWYza+qx2LfXZX0p/AguoyGTxbZhCKpNPF3IrL8q /ZtN8QjJIJ/3+WJXEIZF/8n7L30x6pGCl89WCOBSbdBhofiG+oUs2VLMgJxnbY2L NslakyLF8hHxwzqJ2jCHvir3nE628qotCKZAwx6OQ5RgWPCRfyNDRfEAVAD8lCpc bS6//GsGkTAXIXtyIOZcx60oLJU8dbIaaAl9Dx4gh1pUHZTyTSqTsO5WlUrdKWu3 lshYEnRf -----END CERTIFICATE-----Generated at Mon Feb 9 18:43:41 2026 by rpki-client