This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/85a208-1ab6-46f7-b1a5-a26d25bc7654/1/OIwvLVG14Er178GMxwrh7ig3kjQ.roa File: OIwvLVG14Er178GMxwrh7ig3kjQ.roa (raw, json) Hash identifier: rrrKwVzY5LibLzq9ZeJSCRsjD6gQ33lRLKMuzjoUt44= Subject key identifier: 38:8C:2F:2D:51:B5:E0:4A:F5:EF:C1:8C:C7:0A:E1:EE:28:37:92:34 Certificate issuer: /CN=09c50efe13aadf5423b04f0ddca8b3288395823e Certificate serial: 019B7F85837F0B15994D3E66654D40578676 Authority key identifier: 09:C5:0E:FE:13:AA:DF:54:23:B0:4F:0D:DC:A8:B3:28:83:95:82:3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CcUO_hOq31QjsE8N3KizKIOVgj4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/85a208-1ab6-46f7-b1a5-a26d25bc7654/1/OIwvLVG14Er178GMxwrh7ig3kjQ.roa Signing time: Fri 02 Jan 2026 16:23:34 +0000 ROA not before: Fri 02 Jan 2026 16:23:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51964 IP address blocks: 194.24.8.0/24 maxlen: 24 194.24.10.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/85a208-1ab6-46f7-b1a5-a26d25bc7654/1/CcUO_hOq31QjsE8N3KizKIOVgj4.crl rsync://rpki.ripe.net/repository/DEFAULT/0e/85a208-1ab6-46f7-b1a5-a26d25bc7654/1/CcUO_hOq31QjsE8N3KizKIOVgj4.mft rsync://rpki.ripe.net/repository/DEFAULT/CcUO_hOq31QjsE8N3KizKIOVgj4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 24 Jan 2026 07:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:83:7f:0b:15:99:4d:3e:66:65:4d:40:57:86:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=09c50efe13aadf5423b04f0ddca8b3288395823e Validity Not Before: Jan 2 16:23:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=388c2f2d51b5e04af5efc18cc70ae1ee28379234 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:31:e1:b2:80:e7:a8:7a:24:85:76:da:59:0d: ea:9c:d5:89:4d:c8:89:93:62:2a:d6:16:ab:e6:bb: 68:f1:42:8b:35:64:f4:4a:40:21:0a:31:47:fc:6b: bd:27:86:e0:32:f6:5b:8e:0b:54:d2:2d:a0:ec:a5: 40:59:52:09:ab:71:32:1a:fa:54:dd:34:73:b8:36: 54:63:50:07:7b:d9:f2:34:db:f9:4b:cd:c1:b4:e3: 57:b6:4f:a6:6c:ad:56:40:13:16:0d:16:4c:e7:ae: 11:d2:f2:ad:4a:1c:b3:bd:57:05:38:6b:30:03:3f: 19:fd:48:35:31:1c:65:4f:20:69:9b:e6:38:25:73: bd:6c:45:08:35:3c:19:8c:d5:7c:96:97:18:15:dd: a8:16:b7:f8:b0:a3:f3:96:eb:2e:08:b0:1a:7f:72: 37:76:c6:0c:3a:9c:54:46:59:19:6d:2d:22:9e:06: 5e:d1:a4:2d:8b:50:4a:d9:15:0c:ca:34:7d:d1:5e: dc:81:1d:c1:e7:19:e3:65:a0:e6:13:91:58:94:b4: a5:64:aa:7e:13:c6:b1:4f:f0:ba:c3:17:36:28:21: c1:c3:4e:ed:21:47:c1:f8:91:4d:27:75:b2:d2:45: 49:c1:11:0e:65:6b:ee:3f:5a:a4:57:d7:e9:ad:07: a1:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:8C:2F:2D:51:B5:E0:4A:F5:EF:C1:8C:C7:0A:E1:EE:28:37:92:34 X509v3 Authority Key Identifier: keyid:09:C5:0E:FE:13:AA:DF:54:23:B0:4F:0D:DC:A8:B3:28:83:95:82:3E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CcUO_hOq31QjsE8N3KizKIOVgj4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/85a208-1ab6-46f7-b1a5-a26d25bc7654/1/OIwvLVG14Er178GMxwrh7ig3kjQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/85a208-1ab6-46f7-b1a5-a26d25bc7654/1/CcUO_hOq31QjsE8N3KizKIOVgj4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.24.8.0/24 194.24.10.0/24 Signature Algorithm: sha256WithRSAEncryption 22:8e:47:a6:5d:0d:2f:ae:a6:fa:e5:26:ab:89:d5:c3:01:89: 66:ab:99:58:79:89:2e:a9:cf:81:00:45:ba:47:44:74:e8:e5: ac:da:38:d7:c0:b8:0c:28:17:22:33:2b:7d:44:3c:b7:3e:ad: c9:90:db:42:98:7d:eb:0a:29:b3:57:ce:f5:3d:47:57:88:d4: 2d:c0:ea:18:d9:4f:12:64:18:f3:47:42:fd:01:06:f1:fb:5a: 06:6d:e0:5c:43:32:d4:bb:90:42:36:0e:50:ae:50:42:d7:a2: 0d:f6:38:7f:f1:dd:09:36:34:18:de:07:e3:7e:1a:16:7a:03: 30:dd:5c:cb:50:2c:8f:11:70:8b:97:ad:cd:70:3e:b9:80:5b: fd:c4:29:af:48:ce:c4:37:8b:93:1f:9c:aa:1f:85:c5:1b:9f: 83:4a:43:d7:38:86:d6:12:0f:7a:11:ba:82:74:90:10:4e:29: db:29:74:f1:b6:1b:43:63:77:37:2f:20:cc:f8:92:8e:ad:d5: 6b:22:5c:e9:a8:4e:53:f2:05:92:64:17:2a:9d:4d:2b:fa:06: 63:93:b0:4b:a3:c1:5c:1f:bb:47:c6:5d:04:ce:4b:20:4a:8c: b4:8f:a7:2b:f8:f3:38:b9:e7:88:56:27:1d:a4:84:0f:95:f2: 6f:f4:36:c2 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/hYN/CxWZTT5mZU1AV4Z2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5YzUwZWZlMTNhYWRmNTQyM2IwNGYwZGRjYThiMzI4ODM5 NTgyM2UwHhcNMjYwMTAyMTYyMzM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzODhjMmYyZDUxYjVlMDRhZjVlZmMxOGNjNzBhZTFlZTI4Mzc5MjM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjHhsoDnqHokhXbaWQ3qnNWJTciJ k2Iq1har5rto8UKLNWT0SkAhCjFH/Gu9J4bgMvZbjgtU0i2g7KVAWVIJq3EyGvpU 3TRzuDZUY1AHe9nyNNv5S83BtONXtk+mbK1WQBMWDRZM564R0vKtShyzvVcFOGsw Az8Z/Ug1MRxlTyBpm+Y4JXO9bEUINTwZjNV8lpcYFd2oFrf4sKPzlusuCLAaf3I3 dsYMOpxURlkZbS0ingZe0aQti1BK2RUMyjR90V7cgR3B5xnjZaDmE5FYlLSlZKp+ E8axT/C6wxc2KCHBw07tIUfB+JFNJ3Wy0kVJwREOZWvuP1qkV9fprQehFQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFDiMLy1RteBK9e/BjMcK4e4oN5I0MB8GA1UdIwQY MBaAFAnFDv4Tqt9UI7BPDdyosyiDlYI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ2NVT19oT3EzMVFqc0U4TjNLaXpLSU9WZ2o0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS84NWEyMDgtMWFiNi00NmY3LWIxYTUt YTI2ZDI1YmM3NjU0LzEvT0l3dkxWRzE0RXIxNzhHTXh3cmg3aWcza2pRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZS84NWEyMDgtMWFiNi00NmY3LWIxYTUtYTI2ZDI1YmM3NjU0 LzEvQ2NVT19oT3EzMVFqc0U4TjNLaXpLSU9WZ2o0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwhgIAwQA whgKMA0GCSqGSIb3DQEBCwUAA4IBAQAijkemXQ0vrqb65SaridXDAYlmq5lYeYku qc+BAEW6R0R06OWs2jjXwLgMKBciMyt9RDy3Pq3JkNtCmH3rCimzV871PUdXiNQt wOoY2U8SZBjzR0L9AQbx+1oGbeBcQzLUu5BCNg5QrlBC16IN9jh/8d0JNjQY3gfj fhoWegMw3VzLUCyPEXCLl63NcD65gFv9xCmvSM7EN4uTH5yqH4XFG5+DSkPXOIbW Eg96EbqCdJAQTinbKXTxthtDY3c3LyDM+JKOrdVrIlzpqE5T8gWSZBcqnU0r+gZj k7BLo8FcH7tHxl0EzksgSoy0j6cr+PM4ueeIVicdpIQPlfJv9DbC -----END CERTIFICATE-----Generated at Fri Jan 23 15:10:47 2026 by rpki-client