This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/OxJM60qRQUOtdqYrv27xs3_kv9k.roa File: OxJM60qRQUOtdqYrv27xs3_kv9k.roa (raw, json) Hash identifier: w3ZIUcbiJQn/X+ANNYduQprQtRgqv43tl64iIBJ+uVs= Subject key identifier: 3B:12:4C:EB:4A:91:41:43:AD:76:A6:2B:BF:6E:F1:B3:7F:E4:BF:D9 Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7 Certificate serial: 019B7A59AD71635C68D4BFAFFBC049A8A26C Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/OxJM60qRQUOtdqYrv27xs3_kv9k.roa Signing time: Thu 01 Jan 2026 16:17:35 +0000 ROA not before: Thu 01 Jan 2026 16:17:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 7979 IP address blocks: 45.84.44.0/24 maxlen: 24 194.5.0.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 05 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:59:ad:71:63:5c:68:d4:bf:af:fb:c0:49:a8:a2:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7 Validity Not Before: Jan 1 16:17:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3b124ceb4a914143ad76a62bbf6ef1b37fe4bfd9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:48:29:37:e2:6d:4b:ee:cf:71:d8:51:48:c7: 95:fc:fb:b6:72:e0:91:cd:fa:1a:18:f7:58:f3:e8: 93:29:15:fa:d0:3d:b4:30:ea:fd:a7:c3:1c:0d:ba: 58:66:b3:2a:36:81:5e:6d:11:de:9d:d4:bc:31:d2: 9a:2e:69:79:29:5d:07:62:68:c6:7b:33:67:17:fd: bd:dd:b4:56:97:15:2d:5b:1c:a5:7a:da:49:12:3a: 80:9a:41:12:10:dc:3a:3f:d5:4d:af:f3:c3:80:52: 71:64:90:ce:44:db:0a:b0:c2:45:54:70:a6:f2:44: 0f:8b:6f:c9:c6:3b:be:79:b1:7e:7b:8e:e8:2a:12: f2:99:0d:4c:33:10:a8:3d:cb:18:b0:eb:62:d5:45: 1b:d9:0e:d7:cb:92:ff:ec:f5:b5:83:fb:3f:ed:47: 2a:66:f7:a2:81:fe:e1:f0:22:9c:a1:2a:e7:f6:c5: 9f:7f:48:df:23:9d:d2:e0:23:97:d6:d2:d4:47:01: f0:a1:75:a4:34:38:d4:43:2f:55:a4:a5:df:c7:dd: e6:85:21:68:42:70:af:ed:56:64:b2:fc:72:46:95: e1:a9:8c:01:87:70:50:5a:83:d0:0f:3a:6e:bb:1f: 8d:96:ad:a1:da:0f:f3:67:64:59:09:e2:53:d9:e1: c6:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:12:4C:EB:4A:91:41:43:AD:76:A6:2B:BF:6E:F1:B3:7F:E4:BF:D9 X509v3 Authority Key Identifier: keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/OxJM60qRQUOtdqYrv27xs3_kv9k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.84.44.0/24 194.5.0.0/22 Signature Algorithm: sha256WithRSAEncryption 47:b4:94:92:3a:5e:3b:a4:78:a5:5d:5d:a3:7a:6c:4d:ea:f4: d4:3a:fb:eb:a5:bb:b0:c2:5a:3f:eb:c0:95:01:f6:80:29:a5: 5d:6d:b3:fc:42:6f:ce:6e:f1:0c:bd:f4:fc:9c:b4:da:7b:fb: 98:40:7c:e7:b5:86:cd:4e:3b:c6:2e:00:0b:e4:ae:6a:30:4b: 1c:a3:3b:81:5b:7f:04:de:0f:32:fe:bc:aa:18:c9:35:e6:2b: 44:36:0f:9b:93:48:3e:4d:0e:54:f8:f1:17:32:64:4d:bd:58: 71:a6:13:c6:42:04:d4:6d:e8:35:47:03:c2:78:11:92:52:ce: d6:28:bb:6d:11:60:fa:da:da:be:69:c4:2d:a7:dd:22:a8:49: 2f:dc:17:d6:39:24:40:49:2f:da:3f:2f:8e:86:32:80:a5:87: ce:26:1e:a6:7b:f0:81:ad:3e:6e:b6:3c:83:d9:54:b6:b4:bf: ef:7a:62:c2:88:af:e5:1b:68:56:30:1e:6d:79:fd:55:76:50: 5f:ac:1f:7e:49:81:14:fa:43:23:54:ff:12:c5:88:7f:a9:12: d3:12:37:d2:c1:1b:1a:5b:13:1c:46:90:bb:a2:a4:88:fc:4c: 24:30:e5:bb:11:f5:57:d2:46:a1:f8:1e:d5:f3:f2:f8:e2:bc: 6a:39:67:10 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt6Wa1xY1xo1L+v+8BJqKJsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx MTliZDcwHhcNMjYwMTAxMTYxNzM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYjEyNGNlYjRhOTE0MTQzYWQ3NmE2MmJiZjZlZjFiMzdmZTRiZmQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0gpN+JtS+7PcdhRSMeV/Pu2cuCR zfoaGPdY8+iTKRX60D20MOr9p8McDbpYZrMqNoFebRHendS8MdKaLml5KV0HYmjG ezNnF/293bRWlxUtWxyletpJEjqAmkESENw6P9VNr/PDgFJxZJDORNsKsMJFVHCm 8kQPi2/Jxju+ebF+e47oKhLymQ1MMxCoPcsYsOti1UUb2Q7Xy5L/7PW1g/s/7Ucq Zveigf7h8CKcoSrn9sWff0jfI53S4COX1tLURwHwoXWkNDjUQy9VpKXfx93mhSFo QnCv7VZksvxyRpXhqYwBh3BQWoPQDzpuux+Nlq2h2g/zZ2RZCeJT2eHGLQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFDsSTOtKkUFDrXamK79u8bN/5L/ZMB8GA1UdIwQY MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt YjZmMmFjODZlZjI3LzEvT3hKTTYwcVJRVU90ZHFZcnYyN3hzM19rdjlrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3 LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVQsAwQC wgUAMA0GCSqGSIb3DQEBCwUAA4IBAQBHtJSSOl47pHilXV2jemxN6vTUOvvrpbuw wlo/68CVAfaAKaVdbbP8Qm/ObvEMvfT8nLTae/uYQHzntYbNTjvGLgAL5K5qMEsc ozuBW38E3g8y/ryqGMk15itENg+bk0g+TQ5U+PEXMmRNvVhxphPGQgTUbeg1RwPC eBGSUs7WKLttEWD62tq+acQtp90iqEkv3BfWOSRASS/aPy+OhjKApYfOJh6me/CB rT5utjyD2VS2tL/vemLCiK/lG2hWMB5tef1VdlBfrB9+SYEU+kMjVP8SxYh/qRLT EjfSwRsaWxMcRpC7oqSI/EwkMOW7EfVX0kah+B7V8/L44rxqOWcQ -----END CERTIFICATE-----Generated at Mon Jan 5 03:58:39 2026 by rpki-client