This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/OKCXW7_MWWto3GWe7wi0avKoJxY.roa File: OKCXW7_MWWto3GWe7wi0avKoJxY.roa (raw, json) Hash identifier: WqcSKwFHiTej52k827avLCbdmV9f2szfzxuzHTMps/4= Subject key identifier: 38:A0:97:5B:BF:CC:59:6B:68:DC:65:9E:EF:08:B4:6A:F2:A8:27:16 Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7 Certificate serial: 019B7A59ADBED257930CC654A4FC129EBBF9 Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/OKCXW7_MWWto3GWe7wi0avKoJxY.roa Signing time: Thu 01 Jan 2026 16:17:36 +0000 ROA not before: Thu 01 Jan 2026 16:17:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9009 IP address blocks: 5.182.100.0/24 maxlen: 24 5.182.101.0/24 maxlen: 24 45.14.72.0/24 maxlen: 24 45.84.44.0/24 maxlen: 24 45.84.45.0/24 maxlen: 24 45.84.46.0/24 maxlen: 24 45.84.47.0/24 maxlen: 24 45.157.74.0/23 maxlen: 23 85.8.188.0/24 maxlen: 24 85.8.189.0/24 maxlen: 24 85.8.190.0/23 maxlen: 23 85.209.216.0/24 maxlen: 24 85.209.218.0/23 maxlen: 23 88.218.100.0/24 maxlen: 24 88.218.101.0/24 maxlen: 24 88.218.102.0/23 maxlen: 23 91.201.142.0/23 maxlen: 23 92.119.180.0/24 maxlen: 24 92.119.181.0/24 maxlen: 24 92.119.183.0/24 maxlen: 24 139.28.137.0/24 maxlen: 24 139.28.138.0/23 maxlen: 23 141.98.240.0/24 maxlen: 24 141.98.241.0/24 maxlen: 24 141.98.242.0/23 maxlen: 23 193.31.72.0/24 maxlen: 24 193.31.73.0/24 maxlen: 24 193.31.75.0/24 maxlen: 24 194.5.0.0/22 maxlen: 22 194.124.52.0/22 maxlen: 22 195.206.108.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 05 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:59:ad:be:d2:57:93:0c:c6:54:a4:fc:12:9e:bb:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7 Validity Not Before: Jan 1 16:17:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=38a0975bbfcc596b68dc659eef08b46af2a82716 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:1d:0d:10:71:e6:55:fa:fd:38:78:95:19:b1: 7a:15:14:8c:d7:be:fc:98:f9:96:6a:e7:51:7a:a8: 62:98:92:5b:58:cc:c1:8b:9b:1d:15:b3:e6:c9:b7: 39:fd:1f:81:3b:98:6c:00:9a:d6:51:df:ba:56:53: df:e4:d3:f7:ea:f3:6c:1a:97:89:08:5a:b3:94:bf: 3e:a8:a1:24:06:fc:06:f0:10:b1:90:48:8e:31:00: ea:89:12:b2:50:e9:d9:cd:5b:2b:3b:0b:69:e6:a2: de:17:6e:17:aa:d8:aa:64:96:20:b3:92:ac:74:5a: f1:a2:a6:f7:06:2c:52:84:b0:6b:2f:d6:1c:ee:78: 08:ce:07:f4:47:3e:f8:a0:83:17:d0:5a:0a:66:95: 33:a5:c2:7a:17:e9:b3:c8:81:ab:17:c5:57:c7:2d: e5:c6:95:e2:f9:85:d6:93:b8:74:26:18:5f:a6:e4: 62:1b:e7:1c:d0:b3:c1:1a:67:a5:3e:24:7f:1c:75: d8:8b:cc:58:b1:43:3b:63:8d:c0:90:02:dc:27:b5: 62:45:d7:a9:9a:ab:1f:02:49:6d:42:1f:cc:3c:1c: e0:0b:e1:df:80:ab:f1:a0:2e:a8:27:1b:4c:f4:15: d5:8e:a8:1a:b1:70:ca:ff:31:4c:54:20:3b:51:ce: 43:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:A0:97:5B:BF:CC:59:6B:68:DC:65:9E:EF:08:B4:6A:F2:A8:27:16 X509v3 Authority Key Identifier: keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/OKCXW7_MWWto3GWe7wi0avKoJxY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.182.100.0/23 45.14.72.0/24 45.84.44.0/22 45.157.74.0/23 85.8.188.0/22 85.209.216.0/24 85.209.218.0/23 88.218.100.0/22 91.201.142.0/23 92.119.180.0/23 92.119.183.0/24 139.28.137.0-139.28.139.255 141.98.240.0/22 193.31.72.0/23 193.31.75.0/24 194.5.0.0/22 194.124.52.0/22 195.206.108.0/24 Signature Algorithm: sha256WithRSAEncryption 00:07:31:2c:de:2f:39:50:19:6e:41:df:ca:1f:f0:0e:f8:1b: 1c:cd:26:ed:3f:6a:46:ba:fe:b6:7d:8b:9c:27:ed:fe:44:af: 67:bf:2c:88:4a:7f:0f:9c:67:4a:68:f0:2c:78:48:ea:7b:d3: 89:f2:0c:44:41:00:c2:fb:de:c7:d9:09:f4:26:6d:5f:eb:83: 11:5a:68:b8:66:8f:ce:5d:c1:7c:ba:18:c3:9d:13:52:db:cc: ca:90:20:5c:f9:32:a1:86:7c:de:e9:bf:69:8b:ea:bb:38:e0: a0:88:d9:1f:20:6b:e0:8b:0e:78:95:0d:7c:3d:07:e5:d3:3a: b9:be:8e:f0:94:63:e9:10:48:ce:e5:ce:b1:7b:12:47:9f:35: 39:27:b5:7e:31:59:7e:91:9d:85:f8:47:e9:19:df:1e:86:bf: a4:1d:e1:f5:37:ae:bb:ff:c2:0d:7d:8f:fc:f9:93:c8:1d:2a: 7e:71:81:02:34:a1:40:a1:27:c3:08:26:4e:96:59:a4:b0:62: ff:dc:ea:4e:62:ef:79:39:3a:bd:5a:44:49:0c:63:79:a2:aa: 6c:f1:94:9c:e9:71:20:59:d2:43:28:d5:95:8e:5a:b9:53:ce: cb:ae:28:fb:b0:16:9d:91:3f:d9:33:43:ab:42:aa:aa:44:f2: b7:cf:a7:6c -----BEGIN CERTIFICATE----- MIIFbDCCBFSgAwIBAgISAZt6Wa2+0leTDMZUpPwSnrv5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx MTliZDcwHhcNMjYwMTAxMTYxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzOGEwOTc1YmJmY2M1OTZiNjhkYzY1OWVlZjA4YjQ2YWYyYTgyNzE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApR0NEHHmVfr9OHiVGbF6FRSM1778 mPmWaudReqhimJJbWMzBi5sdFbPmybc5/R+BO5hsAJrWUd+6VlPf5NP36vNsGpeJ CFqzlL8+qKEkBvwG8BCxkEiOMQDqiRKyUOnZzVsrOwtp5qLeF24XqtiqZJYgs5Ks dFrxoqb3BixShLBrL9Yc7ngIzgf0Rz74oIMX0FoKZpUzpcJ6F+mzyIGrF8VXxy3l xpXi+YXWk7h0JhhfpuRiG+cc0LPBGmelPiR/HHXYi8xYsUM7Y43AkALcJ7ViRdep mqsfAkltQh/MPBzgC+HfgKvxoC6oJxtM9BXVjqgasXDK/zFMVCA7Uc5DYQIDAQAB o4ICeDCCAnQwHQYDVR0OBBYEFDigl1u/zFlraNxlnu8ItGryqCcWMB8GA1UdIwQY MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt YjZmMmFjODZlZjI3LzEvT0tDWFc3X01XV3RvM0dXZTd3aTBhdktvSnhZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3 LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAQW2ZAME AC0OSAMEAi1ULAMEAS2dSgMEAlUIvAMEAFXR2AMEAVXR2gMEAljaZAMEAVvJjgME AVx3tAMEAFx3tzAMAwQAixyJAwQCixyIAwQCjWLwAwQBwR9IAwQAwR9LAwQCwgUA AwQCwnw0AwQAw85sMA0GCSqGSIb3DQEBCwUAA4IBAQAABzEs3i85UBluQd/KH/AO +BsczSbtP2pGuv62fYucJ+3+RK9nvyyISn8PnGdKaPAseEjqe9OJ8gxEQQDC+97H 2Qn0Jm1f64MRWmi4Zo/OXcF8uhjDnRNS28zKkCBc+TKhhnze6b9pi+q7OOCgiNkf IGvgiw54lQ18PQfl0zq5vo7wlGPpEEjO5c6xexJHnzU5J7V+MVl+kZ2F+EfpGd8e hr+kHeH1N667/8INfY/8+ZPIHSp+cYECNKFAoSfDCCZOllmksGL/3OpOYu95OTq9 WkRJDGN5oqps8ZSc6XEgWdJDKNWVjlq5U87Lrij7sBadkT/ZM0OrQqqqRPK3z6ds -----END CERTIFICATE-----Generated at Mon Jan 5 03:57:59 2026 by rpki-client