This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/c80896-c36e-4627-8353-341c3fa45b43/1/oyKh1GZmmmicse4bqcfsPq9PxSg.roa File: oyKh1GZmmmicse4bqcfsPq9PxSg.roa (raw, json) Hash identifier: YSuCQpmgXDGJyq+euD80LcmH0pwmzSboam85gWy8j5E= Subject key identifier: A3:22:A1:D4:66:66:9A:68:9C:B1:EE:1B:A9:C7:EC:3E:AF:4F:C5:28 Certificate issuer: /CN=2aaf24e9111a889db4dae087e4809e1086e33f82 Certificate serial: 019B77C75B3D83065239C52E9EEF6B99B5EB Authority key identifier: 2A:AF:24:E9:11:1A:88:9D:B4:DA:E0:87:E4:80:9E:10:86:E3:3F:82 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kq8k6REaiJ202uCH5ICeEIbjP4I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/c80896-c36e-4627-8353-341c3fa45b43/1/oyKh1GZmmmicse4bqcfsPq9PxSg.roa Signing time: Thu 01 Jan 2026 04:18:32 +0000 ROA not before: Thu 01 Jan 2026 04:18:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203255 IP address blocks: 185.137.48.0/22 maxlen: 24 2a0f:cb40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/c80896-c36e-4627-8353-341c3fa45b43/1/Kq8k6REaiJ202uCH5ICeEIbjP4I.crl rsync://rpki.ripe.net/repository/DEFAULT/11/c80896-c36e-4627-8353-341c3fa45b43/1/Kq8k6REaiJ202uCH5ICeEIbjP4I.mft rsync://rpki.ripe.net/repository/DEFAULT/Kq8k6REaiJ202uCH5ICeEIbjP4I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:5b:3d:83:06:52:39:c5:2e:9e:ef:6b:99:b5:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2aaf24e9111a889db4dae087e4809e1086e33f82 Validity Not Before: Jan 1 04:18:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a322a1d466669a689cb1ee1ba9c7ec3eaf4fc528 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:fe:73:fa:fa:e0:d3:35:e0:a0:02:50:6f:d4: 8e:5f:76:3b:ef:c4:34:3f:12:fa:f6:7d:b8:f5:fe: b1:74:f7:68:a1:5d:21:ba:4d:1a:4d:d7:8c:17:b9: 1c:92:7d:52:4d:3e:78:4d:cc:81:5a:41:af:21:89: d5:8b:f3:fd:33:d0:c8:9c:07:5d:5e:9a:04:ac:d4: 0a:1f:6b:09:46:e4:ff:35:4f:e7:92:8f:3a:01:51: 06:c3:ba:cf:97:49:d9:a6:6b:d3:93:29:e0:2e:17: 47:8d:91:d0:a0:ae:44:be:11:0d:a7:b7:53:1b:ae: 46:79:62:6f:95:b4:88:90:71:b7:80:9c:fd:82:74: 92:11:41:58:3f:f0:f6:5a:64:a3:17:4e:f7:32:42: 08:5f:f5:65:53:1c:95:58:26:b3:b6:6d:9b:09:af: 53:28:e5:df:06:5e:8a:66:db:24:2b:64:05:17:80: d7:a9:60:4a:44:83:9e:1d:7e:c0:79:73:80:ab:d9: 6a:6b:e0:11:70:5c:4c:5c:86:1f:07:32:4a:63:ef: 03:8e:9c:ed:dd:9e:f2:1d:7a:64:df:39:9f:4c:83: 1e:d5:c3:34:9b:ee:f1:48:15:88:4f:23:02:a6:ff: 08:96:63:de:bf:fd:e6:e2:9c:51:c8:52:c8:65:77: da:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:22:A1:D4:66:66:9A:68:9C:B1:EE:1B:A9:C7:EC:3E:AF:4F:C5:28 X509v3 Authority Key Identifier: keyid:2A:AF:24:E9:11:1A:88:9D:B4:DA:E0:87:E4:80:9E:10:86:E3:3F:82 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kq8k6REaiJ202uCH5ICeEIbjP4I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/c80896-c36e-4627-8353-341c3fa45b43/1/oyKh1GZmmmicse4bqcfsPq9PxSg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/c80896-c36e-4627-8353-341c3fa45b43/1/Kq8k6REaiJ202uCH5ICeEIbjP4I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.137.48.0/22 IPv6: 2a0f:cb40::/32 Signature Algorithm: sha256WithRSAEncryption 51:92:58:15:e8:c5:34:e7:ba:28:f4:2f:1d:03:12:4f:1d:12: 41:0d:9e:04:a5:77:f8:31:f5:a5:d7:e6:26:8d:74:e6:ab:5a: 32:b3:6e:4f:b3:36:1f:ce:d4:28:91:6b:e0:53:ec:3e:8a:dc: 30:1f:00:7c:0d:63:19:94:8d:10:24:5e:ec:07:b8:09:05:1d: 2b:0e:75:3f:21:98:d6:d8:85:0c:52:fa:cb:d2:47:6a:d1:5d: 7b:a0:1c:3e:41:0b:07:ef:88:b8:d9:d6:35:73:3a:75:09:a7: f7:bf:18:2a:82:da:63:e7:2b:15:c1:f7:52:c4:58:61:4a:07: 31:12:70:71:3f:2d:8f:7d:58:be:0b:02:57:8d:a9:03:33:c9: 6f:e7:a9:cf:ca:99:58:db:24:8e:50:35:b6:c4:ec:3f:8a:49: 6f:08:16:75:be:d8:49:c0:05:f6:94:ab:06:0b:b0:2f:4c:56: 74:16:dc:ba:16:38:76:d9:a6:5a:92:92:86:9b:14:78:dc:02: 59:42:2a:82:81:34:32:34:9a:3f:9a:69:59:92:8d:fd:ea:52: c5:95:e8:82:c9:86:94:22:ae:a1:b3:ff:1c:fb:76:6c:44:11: ef:12:65:25:bc:46:7f:92:fd:66:5e:e3:b7:1e:ff:52:b8:1d: d4:b6:29:56 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt3x1s9gwZSOcUunu9rmbXrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhYWYyNGU5MTExYTg4OWRiNGRhZTA4N2U0ODA5ZTEwODZl MzNmODIwHhcNMjYwMTAxMDQxODMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMzIyYTFkNDY2NjY5YTY4OWNiMWVlMWJhOWM3ZWMzZWFmNGZjNTI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/5z+vrg0zXgoAJQb9SOX3Y778Q0 PxL69n249f6xdPdooV0huk0aTdeMF7kckn1STT54TcyBWkGvIYnVi/P9M9DInAdd XpoErNQKH2sJRuT/NU/nko86AVEGw7rPl0nZpmvTkyngLhdHjZHQoK5EvhENp7dT G65GeWJvlbSIkHG3gJz9gnSSEUFYP/D2WmSjF073MkIIX/VlUxyVWCaztm2bCa9T KOXfBl6KZtskK2QFF4DXqWBKRIOeHX7AeXOAq9lqa+ARcFxMXIYfBzJKY+8Djpzt 3Z7yHXpk3zmfTIMe1cM0m+7xSBWITyMCpv8IlmPev/3m4pxRyFLIZXfanwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFKMiodRmZpponLHuG6nH7D6vT8UoMB8GA1UdIwQY MBaAFCqvJOkRGoidtNrgh+SAnhCG4z+CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3E4azZSRWFpSjIwMnVDSDVJQ2VFSWJqUDRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9jODA4OTYtYzM2ZS00NjI3LTgzNTMt MzQxYzNmYTQ1YjQzLzEvb3lLaDFHWm1tbWljc2U0YnFjZnNQcTlQeFNnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS9jODA4OTYtYzM2ZS00NjI3LTgzNTMtMzQxYzNmYTQ1YjQz LzEvS3E4azZSRWFpSjIwMnVDSDVJQ2VFSWJqUDRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYkwMA0E AgACMAcDBQAqD8tAMA0GCSqGSIb3DQEBCwUAA4IBAQBRklgV6MU057oo9C8dAxJP HRJBDZ4EpXf4MfWl1+YmjXTmq1oys25PszYfztQokWvgU+w+itwwHwB8DWMZlI0Q JF7sB7gJBR0rDnU/IZjW2IUMUvrL0kdq0V17oBw+QQsH74i42dY1czp1Caf3vxgq gtpj5ysVwfdSxFhhSgcxEnBxPy2PfVi+CwJXjakDM8lv56nPyplY2ySOUDW2xOw/ iklvCBZ1vthJwAX2lKsGC7AvTFZ0Fty6Fjh22aZakpKGmxR43AJZQiqCgTQyNJo/ mmlZko396lLFleiCyYaUIq6hs/8c+3ZsRBHvEmUlvEZ/kv1mXuO3Hv9SuB3UtilW -----END CERTIFICATE-----Generated at Tue Feb 10 02:46:09 2026 by rpki-client