This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/OjonUzF1NsgnyhyfAGDi0Ad_ZV8.roa File: OjonUzF1NsgnyhyfAGDi0Ad_ZV8.roa (raw, json) Hash identifier: j+zA3BpnmubN0SZjfVmZz4t88PWjupu6ADdbnii7mMU= Subject key identifier: 3A:3A:27:53:31:75:36:C8:27:CA:1C:9F:00:60:E2:D0:07:7F:65:5F Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb Certificate serial: 019B7E390DA476CD2095D83A7CEA521CD533 Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/OjonUzF1NsgnyhyfAGDi0Ad_ZV8.roa Signing time: Fri 02 Jan 2026 10:20:26 +0000 ROA not before: Fri 02 Jan 2026 10:20:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5511 IP address blocks: 163.5.192.0/24 maxlen: 24 163.5.193.0/24 maxlen: 24 163.5.195.0/24 maxlen: 24 163.5.213.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 03:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:0d:a4:76:cd:20:95:d8:3a:7c:ea:52:1c:d5:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb Validity Not Before: Jan 2 10:20:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3a3a2753317536c827ca1c9f0060e2d0077f655f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:16:82:97:96:0b:71:8a:9d:57:76:9a:c6:ac: da:2d:31:63:99:b3:ef:50:1d:c7:17:31:2d:0d:fd: 8c:a8:34:55:d8:b5:10:b6:d9:9e:07:34:4e:0a:95: b2:65:a4:7b:90:8d:55:1c:e3:c0:86:81:59:57:bd: 31:43:2a:ac:90:60:4d:22:95:48:03:08:cc:7b:e5: 02:fa:c6:53:87:14:00:51:3a:11:f3:58:3d:72:ba: 1f:64:f5:08:87:52:b1:7e:72:19:b3:d3:e8:cc:25: ed:66:a0:f3:8a:e5:fb:b8:c6:1f:01:47:82:a3:d5: 40:62:d2:b2:23:0d:7f:b2:82:30:69:ed:43:b5:83: 2b:64:9a:47:ac:4a:b3:90:95:f2:af:c1:d5:18:16: 71:95:74:19:60:36:bc:c0:f4:37:dd:86:00:13:6b: 88:4b:e5:56:1b:03:88:17:e5:7e:ec:c5:f1:1a:7e: 8b:bd:07:1a:1f:73:0c:f9:ac:53:5e:33:95:83:e3: ed:fa:1e:54:2e:72:f6:7f:85:c2:fb:82:48:b1:b8: 75:d5:e9:c9:c5:be:f6:53:c7:7e:98:ba:2f:41:5a: 01:0e:d7:1e:6a:08:0b:52:82:98:e8:5a:1d:6b:00: c3:63:52:34:9d:47:0a:17:f7:87:07:c6:cd:88:ff: 86:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:3A:27:53:31:75:36:C8:27:CA:1C:9F:00:60:E2:D0:07:7F:65:5F X509v3 Authority Key Identifier: keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/OjonUzF1NsgnyhyfAGDi0Ad_ZV8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 163.5.192.0/23 163.5.195.0/24 163.5.213.0/24 Signature Algorithm: sha256WithRSAEncryption 96:02:6e:50:d3:71:43:a6:33:f1:08:7c:69:5d:8b:db:74:82: e9:08:c1:d3:27:0f:38:18:bb:85:5d:b2:f4:a6:86:5c:f6:0b: 11:3f:f7:0c:31:ae:19:cc:a9:e9:ca:62:4c:4f:70:71:8c:65: 4b:68:32:59:90:a1:37:b9:33:dc:c0:1d:2f:57:29:77:2f:6d: 90:35:0a:a8:15:d4:48:44:2c:36:99:53:34:f2:b4:69:e5:46: 9c:39:c9:b0:28:f1:52:99:ab:a1:7b:77:ec:74:dc:60:44:06: cf:c8:e4:46:e8:6c:7d:90:0a:46:6a:e3:80:24:42:45:2c:a3: 91:6e:59:f5:45:cc:41:4a:9d:d7:4f:ea:3c:93:84:4c:2f:fb: 60:99:7e:c2:fa:5a:5c:e8:46:00:a9:ec:6e:64:b4:05:38:4d: aa:09:a1:5c:99:46:d8:a6:eb:26:43:13:7c:08:1c:f5:8a:42: fd:07:05:03:f1:c9:45:7d:27:e8:44:3c:ba:ec:4f:9d:4f:3e: c2:e2:dd:e8:65:19:0f:61:8e:76:ea:91:e5:90:9b:16:36:b7: a9:c2:7b:cc:a7:21:3c:6e:9d:97:a5:d1:90:87:25:f8:15:ad: 8f:1d:4e:7a:4a:7f:9d:d1:1b:52:ff:3e:6f:00:01:c0:48:7a: 55:cf:4e:29 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt+OQ2kds0gldg6fOpSHNUzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2 MjRiY2IwHhcNMjYwMTAyMTAyMDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYTNhMjc1MzMxNzUzNmM4MjdjYTFjOWYwMDYwZTJkMDA3N2Y2NTVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRaCl5YLcYqdV3aaxqzaLTFjmbPv UB3HFzEtDf2MqDRV2LUQttmeBzROCpWyZaR7kI1VHOPAhoFZV70xQyqskGBNIpVI AwjMe+UC+sZThxQAUToR81g9crofZPUIh1KxfnIZs9PozCXtZqDziuX7uMYfAUeC o9VAYtKyIw1/soIwae1DtYMrZJpHrEqzkJXyr8HVGBZxlXQZYDa8wPQ33YYAE2uI S+VWGwOIF+V+7MXxGn6LvQcaH3MM+axTXjOVg+Pt+h5ULnL2f4XC+4JIsbh11enJ xb72U8d+mLovQVoBDtceaggLUoKY6FodawDDY1I0nUcKF/eHB8bNiP+GMwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFDo6J1MxdTbIJ8ocnwBg4tAHf2VfMB8GA1UdIwQY MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt OWZlOTQxMDhmZjAxLzEvT2pvblV6RjFOc2dueWh5ZkFHRGkwQWRfWlY4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBowXAAwQA owXDAwQAowXVMA0GCSqGSIb3DQEBCwUAA4IBAQCWAm5Q03FDpjPxCHxpXYvbdILp CMHTJw84GLuFXbL0poZc9gsRP/cMMa4ZzKnpymJMT3BxjGVLaDJZkKE3uTPcwB0v Vyl3L22QNQqoFdRIRCw2mVM08rRp5UacOcmwKPFSmauhe3fsdNxgRAbPyORG6Gx9 kApGauOAJEJFLKORbln1RcxBSp3XT+o8k4RML/tgmX7C+lpc6EYAqexuZLQFOE2q CaFcmUbYpusmQxN8CBz1ikL9BwUD8clFfSfoRDy67E+dTz7C4t3oZRkPYY526pHl kJsWNrepwnvMpyE8bp2XpdGQhyX4Fa2PHU56Sn+d0RtS/z5vAAHASHpVz04p -----END CERTIFICATE-----Generated at Sun Jan 18 11:04:04 2026 by rpki-client