This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/OUo2-_z7ZwJP4yvmGUs1ZUP-ALU.roa File: OUo2-_z7ZwJP4yvmGUs1ZUP-ALU.roa (raw, json) Hash identifier: kUKNwP9z4WpXOZS3n+mI9u2cgdXowzL+jJ2s8nNJ/ng= Subject key identifier: 39:4A:36:FB:FC:FB:67:02:4F:E3:2B:E6:19:4B:35:65:43:FE:00:B5 Certificate issuer: /CN=d36bfd928bccb42ad9c468a552ab7393fdd87095 Certificate serial: 019B775912499E31D9BAD9D316EF1810FDF7 Authority key identifier: D3:6B:FD:92:8B:CC:B4:2A:D9:C4:68:A5:52:AB:73:93:FD:D8:70:95 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02v9kovMtCrZxGilUqtzk_3YcJU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/OUo2-_z7ZwJP4yvmGUs1ZUP-ALU.roa Signing time: Thu 01 Jan 2026 02:18:04 +0000 ROA not before: Thu 01 Jan 2026 02:18:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198949 IP address blocks: 83.138.0.0/21 maxlen: 24 212.25.192.0/20 maxlen: 24 212.25.208.0/23 maxlen: 24 212.25.212.0/23 maxlen: 24 212.159.192.0/19 maxlen: 24 212.159.224.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/02v9kovMtCrZxGilUqtzk_3YcJU.crl rsync://rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/02v9kovMtCrZxGilUqtzk_3YcJU.mft rsync://rpki.ripe.net/repository/DEFAULT/02v9kovMtCrZxGilUqtzk_3YcJU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 15:30:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:12:49:9e:31:d9:ba:d9:d3:16:ef:18:10:fd:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d36bfd928bccb42ad9c468a552ab7393fdd87095 Validity Not Before: Jan 1 02:18:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=394a36fbfcfb67024fe32be6194b356543fe00b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:43:d6:c7:fd:43:cf:40:18:89:f5:8e:ae:76: c9:44:9b:d5:cf:c8:a4:ce:25:0a:ee:5c:ee:e8:1e: af:9f:3f:56:39:3a:76:db:f0:33:2b:4f:74:73:11: 42:ab:ee:de:65:45:76:e9:69:2b:e3:4a:6d:ae:f4: df:7b:a8:d1:5a:e5:07:a1:de:0a:24:55:92:a8:46: 4a:72:53:cc:3f:32:97:16:51:b9:65:5d:07:72:16: 4b:5f:95:54:3d:c3:d9:62:a7:7c:88:7e:db:d9:7e: 6b:05:99:fa:03:67:f4:3f:36:d5:86:99:a4:47:af: 8e:9b:ff:62:9a:4d:26:dc:d3:88:7e:d4:1e:33:a4: e7:49:83:61:09:a4:0f:48:a2:c1:ee:85:94:78:21: 80:26:9a:65:a5:a5:59:a1:91:37:d5:76:ad:2a:b6: 97:c7:17:15:fc:40:76:98:4b:4c:73:93:9c:4d:2f: da:b9:07:94:7a:9b:ac:1c:f1:0d:c6:b9:3e:48:d2: 17:ac:cb:3f:30:19:63:38:e6:7f:e1:24:4d:32:bf: 83:55:33:fa:39:ed:3f:1a:dc:09:30:b4:ae:b7:c6: de:32:d0:87:d8:5f:f7:22:2f:02:76:50:f2:97:06: 55:ca:a3:e4:cc:26:7a:fb:5f:98:35:4c:45:35:25: 1e:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:4A:36:FB:FC:FB:67:02:4F:E3:2B:E6:19:4B:35:65:43:FE:00:B5 X509v3 Authority Key Identifier: keyid:D3:6B:FD:92:8B:CC:B4:2A:D9:C4:68:A5:52:AB:73:93:FD:D8:70:95 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02v9kovMtCrZxGilUqtzk_3YcJU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/OUo2-_z7ZwJP4yvmGUs1ZUP-ALU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/02v9kovMtCrZxGilUqtzk_3YcJU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 83.138.0.0/21 212.25.192.0-212.25.209.255 212.25.212.0/23 212.159.192.0/18 Signature Algorithm: sha256WithRSAEncryption 42:61:d3:8d:d0:0d:ca:c1:c4:50:9d:00:d1:1d:c1:f4:0c:b8: 10:21:b1:b9:b5:df:ad:99:79:c2:e9:4a:41:73:86:10:d3:0f: 22:fb:98:23:83:66:8a:0c:ce:56:8f:67:51:25:69:e6:64:7a: aa:f8:28:a2:18:4b:48:24:43:d8:d4:26:3f:e5:f4:b5:b3:5a: 5b:64:3e:51:2d:23:be:0e:09:3f:c9:54:d4:09:84:7e:2a:00: 49:50:54:48:ee:78:44:4c:60:2e:92:29:6c:97:1c:98:41:a2: f3:bd:df:1c:fc:84:98:e2:81:0a:8f:18:5a:c2:5b:4a:19:6d: a6:35:b2:b9:30:a4:54:de:65:32:9a:8d:0c:2f:83:89:0d:fb: be:10:78:2e:4d:7b:3e:8b:3e:c6:ec:9b:41:58:8e:2f:81:34: 5a:55:c4:e1:ce:08:ae:ba:5f:3f:fa:0d:3a:dc:c9:00:e5:66: d5:2a:53:f8:9d:93:7a:1f:76:cc:ef:7a:e3:c8:12:6c:34:42: 34:c1:c9:55:aa:11:94:7c:50:d9:8b:07:3d:58:bc:c4:b5:c9: c7:ae:bc:f1:30:c0:c6:b5:62:66:2f:a0:bd:2c:50:70:34:34: 76:39:c5:43:cc:ca:82:ae:ad:d0:9f:7b:90:d0:a7:d7:89:42: 08:2d:50:d2 -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZt3WRJJnjHZutnTFu8YEP33MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzNmJmZDkyOGJjY2I0MmFkOWM0NjhhNTUyYWI3MzkzZmRk ODcwOTUwHhcNMjYwMTAxMDIxODA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzOTRhMzZmYmZjZmI2NzAyNGZlMzJiZTYxOTRiMzU2NTQzZmUwMGI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUPWx/1Dz0AYifWOrnbJRJvVz8ik ziUK7lzu6B6vnz9WOTp22/AzK090cxFCq+7eZUV26Wkr40ptrvTfe6jRWuUHod4K JFWSqEZKclPMPzKXFlG5ZV0HchZLX5VUPcPZYqd8iH7b2X5rBZn6A2f0PzbVhpmk R6+Om/9imk0m3NOIftQeM6TnSYNhCaQPSKLB7oWUeCGAJpplpaVZoZE31XatKraX xxcV/EB2mEtMc5OcTS/auQeUepusHPENxrk+SNIXrMs/MBljOOZ/4SRNMr+DVTP6 Oe0/GtwJMLSut8beMtCH2F/3Ii8CdlDylwZVyqPkzCZ6+1+YNUxFNSUe6wIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFDlKNvv8+2cCT+Mr5hlLNWVD/gC1MB8GA1UdIwQY MBaAFNNr/ZKLzLQq2cRopVKrc5P92HCVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDJ2OWtvdk10Q3JaeEdpbFVxdHprXzNZY0pVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9jN2FhMmEtMDkwYy00Zjc3LTlkNjkt YTc0ZTRhODg3ODA0LzEvT1VvMi1fejdad0pQNHl2bUdVczFaVVAtQUxVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYy9jN2FhMmEtMDkwYy00Zjc3LTlkNjktYTc0ZTRhODg3ODA0 LzEvMDJ2OWtvdk10Q3JaeEdpbFVxdHprXzNZY0pVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQDU4oAMAwD BAbUGcADBAHUGdADBAHUGdQDBAbUn8AwDQYJKoZIhvcNAQELBQADggEBAEJh043Q DcrBxFCdANEdwfQMuBAhsbm1362ZecLpSkFzhhDTDyL7mCODZooMzlaPZ1ElaeZk eqr4KKIYS0gkQ9jUJj/l9LWzWltkPlEtI74OCT/JVNQJhH4qAElQVEjueERMYC6S KWyXHJhBovO93xz8hJjigQqPGFrCW0oZbaY1srkwpFTeZTKajQwvg4kN+74QeC5N ez6LPsbsm0FYji+BNFpVxOHOCK66Xz/6DTrcyQDlZtUqU/idk3ofdszveuPIEmw0 QjTByVWqEZR8UNmLBz1YvMS1yceuvPEwwMa1YmYvoL0sUHA0NHY5xUPMyoKurdCf e5DQp9eJQggtUNI= -----END CERTIFICATE-----Generated at Wed Jan 7 22:33:31 2026 by rpki-client