This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/5ccb8f-5148-4706-a040-2f9b00fdc5d3/1/OHiJ9XzBUi42gNdFbFSonns_rq0.roa File: OHiJ9XzBUi42gNdFbFSonns_rq0.roa (raw, json) Hash identifier: 5izRR616Szlh4ynpWzSXWkX0E9KgDJBqg2wIQA5yWeg= Subject key identifier: 38:78:89:F5:7C:C1:52:2E:36:80:D7:45:6C:54:A8:9E:7B:3F:AE:AD Certificate issuer: /CN=089bbb09a5fbef6135c2d920bf27bb61f5c2e09d Certificate serial: 019B7AC88D054BEEE96303F13CD34790A7A0 Authority key identifier: 08:9B:BB:09:A5:FB:EF:61:35:C2:D9:20:BF:27:BB:61:F5:C2:E0:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CJu7CaX772E1wtkgvye7YfXC4J0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/5ccb8f-5148-4706-a040-2f9b00fdc5d3/1/OHiJ9XzBUi42gNdFbFSonns_rq0.roa Signing time: Thu 01 Jan 2026 18:18:42 +0000 ROA not before: Thu 01 Jan 2026 18:18:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49820 IP address blocks: 5.35.176.0/21 maxlen: 21 195.93.224.0/23 maxlen: 23 2001:67c:1e8::/48 maxlen: 48 2a10:87c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/5ccb8f-5148-4706-a040-2f9b00fdc5d3/1/CJu7CaX772E1wtkgvye7YfXC4J0.crl rsync://rpki.ripe.net/repository/DEFAULT/1d/5ccb8f-5148-4706-a040-2f9b00fdc5d3/1/CJu7CaX772E1wtkgvye7YfXC4J0.mft rsync://rpki.ripe.net/repository/DEFAULT/CJu7CaX772E1wtkgvye7YfXC4J0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 09:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:8d:05:4b:ee:e9:63:03:f1:3c:d3:47:90:a7:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=089bbb09a5fbef6135c2d920bf27bb61f5c2e09d Validity Not Before: Jan 1 18:18:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=387889f57cc1522e3680d7456c54a89e7b3faead Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:7a:ab:ca:6f:d7:17:44:79:7c:96:0b:47:f6: 02:94:b7:e5:46:1d:e4:b6:a1:e1:91:c0:1d:fb:b0: 84:76:7c:1d:fb:a0:8a:30:73:fa:1b:ec:a7:ff:c7: a6:df:00:77:14:10:e0:38:8e:3c:98:eb:35:d4:10: 6d:9a:a0:85:17:86:44:8a:f5:79:19:ec:bc:1d:63: 4b:bb:25:0f:53:f8:9e:51:f3:0d:6f:d5:4d:3e:f9: 8d:04:80:55:b8:44:13:26:8d:eb:8d:fe:f4:c1:8f: 75:bb:16:10:f5:91:89:fe:1b:48:77:db:f2:a6:1c: 91:0a:a7:74:b3:2c:4c:83:9a:a9:df:ad:d6:cd:d6: a6:16:e3:da:d9:a3:2d:44:a1:fd:c7:5f:e6:95:36: 04:41:ad:eb:00:4d:00:09:6f:f9:79:b1:eb:80:f1: fd:1a:68:5f:5b:ea:86:1a:fe:fb:e4:14:0f:ab:4a: 8a:49:68:64:ca:ec:ee:7c:28:62:f9:9e:bd:a1:98: 0a:1b:10:6e:a8:84:07:7e:fb:5f:a5:e2:f3:f1:fc: 3b:6a:20:63:84:9a:36:8f:12:e6:d9:f3:f4:9e:57: c2:34:1a:c5:c8:82:5a:53:a6:18:fe:6f:6f:9b:ac: 9a:3c:77:7e:10:3e:79:f8:ca:49:79:07:78:30:c4: f4:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:78:89:F5:7C:C1:52:2E:36:80:D7:45:6C:54:A8:9E:7B:3F:AE:AD X509v3 Authority Key Identifier: keyid:08:9B:BB:09:A5:FB:EF:61:35:C2:D9:20:BF:27:BB:61:F5:C2:E0:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CJu7CaX772E1wtkgvye7YfXC4J0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/5ccb8f-5148-4706-a040-2f9b00fdc5d3/1/OHiJ9XzBUi42gNdFbFSonns_rq0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/5ccb8f-5148-4706-a040-2f9b00fdc5d3/1/CJu7CaX772E1wtkgvye7YfXC4J0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.35.176.0/21 195.93.224.0/23 IPv6: 2001:67c:1e8::/48 2a10:87c0::/29 Signature Algorithm: sha256WithRSAEncryption 88:98:a7:0b:59:59:ac:04:5d:ae:e0:dc:80:e8:5b:00:3e:24: f5:4a:93:fb:02:23:db:ad:ed:7c:80:9a:a1:d7:a9:c0:1d:e6: 0b:cb:c4:f1:3c:a7:30:82:2f:89:ae:02:1c:ef:12:e7:ad:5f: 69:b3:7d:a5:85:f2:59:de:99:df:72:97:f2:31:4d:e2:5f:f5: a6:c5:3c:6e:9e:7b:8b:bd:b8:5c:8c:a9:eb:13:74:0c:ca:ce: 7f:5d:b4:ec:f3:35:06:a6:d6:82:c4:8d:3f:76:88:d8:f6:0d: 58:ae:f2:53:8b:5b:b7:45:72:98:3f:35:a4:92:bf:75:bd:f6: 1f:6f:48:36:9d:9a:f1:5e:c7:fb:91:0f:6d:9a:eb:cd:d0:35: 2e:52:57:8d:b6:8f:ee:95:ca:a3:59:99:7b:10:89:82:2d:02: 3f:da:43:39:1d:bb:2d:28:1c:74:dc:41:b7:c4:c9:76:8e:cd: ca:08:85:15:8a:0e:d3:07:b8:e9:25:f7:ae:93:1c:99:23:15: 97:d8:bc:83:33:74:3f:c0:3a:4b:3d:5f:00:33:da:07:6e:2c: a3:d8:90:90:d3:d3:3e:d9:ff:51:49:7b:59:0a:15:0f:15:d3: 98:a1:8b:f8:93:f4:27:7a:f6:c1:38:4a:da:a2:a2:f8:96:72: e1:7a:a3:2c -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt6yI0FS+7pYwPxPNNHkKegMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4OWJiYjA5YTVmYmVmNjEzNWMyZDkyMGJmMjdiYjYxZjVj MmUwOWQwHhcNMjYwMTAxMTgxODQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzODc4ODlmNTdjYzE1MjJlMzY4MGQ3NDU2YzU0YTg5ZTdiM2ZhZWFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHqrym/XF0R5fJYLR/YClLflRh3k tqHhkcAd+7CEdnwd+6CKMHP6G+yn/8em3wB3FBDgOI48mOs11BBtmqCFF4ZEivV5 Gey8HWNLuyUPU/ieUfMNb9VNPvmNBIBVuEQTJo3rjf70wY91uxYQ9ZGJ/htId9vy phyRCqd0syxMg5qp363WzdamFuPa2aMtRKH9x1/mlTYEQa3rAE0ACW/5ebHrgPH9 GmhfW+qGGv775BQPq0qKSWhkyuzufChi+Z69oZgKGxBuqIQHfvtfpeLz8fw7aiBj hJo2jxLm2fP0nlfCNBrFyIJaU6YY/m9vm6yaPHd+ED55+MpJeQd4MMT0BQIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFDh4ifV8wVIuNoDXRWxUqJ57P66tMB8GA1UdIwQY MBaAFAibuwml++9hNcLZIL8nu2H1wuCdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ0p1N0NhWDc3MkUxd3RrZ3Z5ZTdZZlhDNEowLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC81Y2NiOGYtNTE0OC00NzA2LWEwNDAt MmY5YjAwZmRjNWQzLzEvT0hpSjlYekJVaTQyZ05kRmJGU29ubnNfcnEwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZC81Y2NiOGYtNTE0OC00NzA2LWEwNDAtMmY5YjAwZmRjNWQz LzEvQ0p1N0NhWDc3MkUxd3RrZ3Z5ZTdZZlhDNEowLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQDBSOwAwQB w13gMBYEAgACMBADBwAgAQZ8AegDBQMqEIfAMA0GCSqGSIb3DQEBCwUAA4IBAQCI mKcLWVmsBF2u4NyA6FsAPiT1SpP7AiPbre18gJqh16nAHeYLy8TxPKcwgi+JrgIc 7xLnrV9ps32lhfJZ3pnfcpfyMU3iX/WmxTxunnuLvbhcjKnrE3QMys5/XbTs8zUG ptaCxI0/dojY9g1YrvJTi1u3RXKYPzWkkr91vfYfb0g2nZrxXsf7kQ9tmuvN0DUu UleNto/ulcqjWZl7EImCLQI/2kM5HbstKBx03EG3xMl2js3KCIUVig7TB7jpJfeu kxyZIxWX2LyDM3Q/wDpLPV8AM9oHbiyj2JCQ09M+2f9RSXtZChUPFdOYoYv4k/Qn evbBOEraoqL4lnLheqMs -----END CERTIFICATE-----Generated at Mon Feb 9 18:30:18 2026 by rpki-client