This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/34bff3-39da-4877-b75c-5016ce92f122/1/OCWMjUbV-RFWWbEAfOnnKmG-Ygw.roa File: OCWMjUbV-RFWWbEAfOnnKmG-Ygw.roa (raw, json) Hash identifier: wVP7cqC9QuE0DdbIuexkFJhonHykfMO7bJmfVohZyAM= Subject key identifier: 38:25:8C:8D:46:D5:F9:11:56:59:B1:00:7C:E9:E7:2A:61:BE:62:0C Certificate issuer: /CN=cd9de08b3053bac61713c46b43d4093818c2046f Certificate serial: 019B7F82936CD604505D18992EAEA438EE60 Authority key identifier: CD:9D:E0:8B:30:53:BA:C6:17:13:C4:6B:43:D4:09:38:18:C2:04:6F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zZ3gizBTusYXE8RrQ9QJOBjCBG8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/34bff3-39da-4877-b75c-5016ce92f122/1/OCWMjUbV-RFWWbEAfOnnKmG-Ygw.roa Signing time: Fri 02 Jan 2026 16:20:22 +0000 ROA not before: Fri 02 Jan 2026 16:20:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31317 IP address blocks: 2001:67c:468::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/34bff3-39da-4877-b75c-5016ce92f122/1/zZ3gizBTusYXE8RrQ9QJOBjCBG8.crl rsync://rpki.ripe.net/repository/DEFAULT/1f/34bff3-39da-4877-b75c-5016ce92f122/1/zZ3gizBTusYXE8RrQ9QJOBjCBG8.mft rsync://rpki.ripe.net/repository/DEFAULT/zZ3gizBTusYXE8RrQ9QJOBjCBG8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:82:93:6c:d6:04:50:5d:18:99:2e:ae:a4:38:ee:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd9de08b3053bac61713c46b43d4093818c2046f Validity Not Before: Jan 2 16:20:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=38258c8d46d5f9115659b1007ce9e72a61be620c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:39:82:42:00:7d:d4:b3:df:b8:9c:e1:09:13: a3:65:26:e2:6c:9f:e2:d9:07:4a:29:a6:1f:ec:fb: 5f:1f:70:53:40:d9:d9:61:4a:f4:e6:4e:e3:f8:c2: da:97:81:7e:5c:c5:67:18:95:00:95:87:c0:e1:5f: 21:5d:36:b3:e6:2c:e9:f4:6b:16:8d:ac:fc:d9:43: b1:a7:1f:24:8b:5b:b4:02:24:81:13:9c:c3:4e:ee: 95:b4:91:20:30:cd:67:19:ef:6e:5e:1c:6a:eb:0e: c1:e8:39:77:2f:a3:83:5f:14:cb:e4:bc:a7:61:4a: c8:de:e8:fa:b6:ba:fa:77:ae:8e:c4:8d:88:d6:99: 7d:be:a9:a2:2f:f9:e3:d4:5b:cd:2d:60:5c:6d:82: 43:e2:ed:73:93:38:7c:68:d1:64:19:c5:28:1b:1f: fd:5e:50:47:2e:bc:7f:f2:74:b0:6b:23:ad:a4:b5: b4:e0:79:30:e5:22:6c:25:35:95:55:f3:b6:69:e4: c1:ae:58:8e:ba:aa:1a:30:5e:71:4e:2f:d2:be:71: e8:69:58:2c:2f:b5:1e:2b:5d:62:5f:68:c8:f2:26: b2:0f:4a:7c:ad:66:8e:d5:e7:0a:fa:95:0a:74:de: 74:2e:1a:f7:83:9e:42:ba:ee:6b:55:23:8f:08:8f: ed:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:25:8C:8D:46:D5:F9:11:56:59:B1:00:7C:E9:E7:2A:61:BE:62:0C X509v3 Authority Key Identifier: keyid:CD:9D:E0:8B:30:53:BA:C6:17:13:C4:6B:43:D4:09:38:18:C2:04:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zZ3gizBTusYXE8RrQ9QJOBjCBG8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/34bff3-39da-4877-b75c-5016ce92f122/1/OCWMjUbV-RFWWbEAfOnnKmG-Ygw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/34bff3-39da-4877-b75c-5016ce92f122/1/zZ3gizBTusYXE8RrQ9QJOBjCBG8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:468::/48 Signature Algorithm: sha256WithRSAEncryption 51:10:a7:02:b4:2d:22:d7:c9:38:1f:88:0a:7d:2e:56:d9:c9: 63:c7:02:a2:4b:af:87:89:53:2c:75:35:cf:22:88:42:54:94: 2b:5d:26:e8:2a:40:9f:ed:1f:05:81:91:2d:aa:fa:9a:e5:4a: 5a:a3:67:51:6f:c3:0f:36:98:db:7b:aa:ab:5f:a7:f7:ad:63: ff:b7:72:8d:99:71:fc:fa:89:6e:fa:42:5a:9c:2d:42:15:cf: b8:09:d4:de:6b:98:76:69:1e:fe:95:48:fd:dd:3c:fe:be:c1: 3c:b5:71:52:45:d9:3c:d0:62:de:1a:12:2b:e8:f0:b1:5e:25: 98:5e:2b:fc:19:04:0e:01:89:ad:0b:7f:17:23:5c:b4:23:2a: 03:5b:c4:bb:88:49:40:57:96:0a:80:d7:4f:dc:22:d4:a3:85: ce:f9:9c:94:e5:83:8b:91:0c:23:42:e3:e3:dd:ef:58:5e:9c: 66:07:e1:20:8e:c1:e0:ed:58:88:fe:c1:e0:eb:75:6b:56:df: bd:b8:98:85:9e:47:85:fc:18:38:fd:af:52:9d:bf:b3:87:8c: 84:be:e9:65:73:44:13:b3:7f:cd:71:df:ec:c2:a0:78:01:36: b7:82:f9:04:f9:dc:46:7f:55:6d:74:de:cf:28:89:45:a7:92: 54:6f:03:dd -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/gpNs1gRQXRiZLq6kOO5gMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkOWRlMDhiMzA1M2JhYzYxNzEzYzQ2YjQzZDQwOTM4MThj MjA0NmYwHhcNMjYwMTAyMTYyMDIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzODI1OGM4ZDQ2ZDVmOTExNTY1OWIxMDA3Y2U5ZTcyYTYxYmU2MjBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2zmCQgB91LPfuJzhCROjZSbibJ/i 2QdKKaYf7PtfH3BTQNnZYUr05k7j+MLal4F+XMVnGJUAlYfA4V8hXTaz5izp9GsW jaz82UOxpx8ki1u0AiSBE5zDTu6VtJEgMM1nGe9uXhxq6w7B6Dl3L6ODXxTL5Lyn YUrI3uj6trr6d66OxI2I1pl9vqmiL/nj1FvNLWBcbYJD4u1zkzh8aNFkGcUoGx/9 XlBHLrx/8nSwayOtpLW04Hkw5SJsJTWVVfO2aeTBrliOuqoaMF5xTi/SvnHoaVgs L7UeK11iX2jI8iayD0p8rWaO1ecK+pUKdN50Lhr3g55Cuu5rVSOPCI/t3QIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFDgljI1G1fkRVlmxAHzp5yphvmIMMB8GA1UdIwQY MBaAFM2d4IswU7rGFxPEa0PUCTgYwgRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvelozZ2l6QlR1c1lYRThSclE5UUpPQmpDQkc4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8zNGJmZjMtMzlkYS00ODc3LWI3NWMt NTAxNmNlOTJmMTIyLzEvT0NXTWpVYlYtUkZXV2JFQWZPbm5LbUctWWd3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZi8zNGJmZjMtMzlkYS00ODc3LWI3NWMtNTAxNmNlOTJmMTIy LzEvelozZ2l6QlR1c1lYRThSclE5UUpPQmpDQkc4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfARo MA0GCSqGSIb3DQEBCwUAA4IBAQBREKcCtC0i18k4H4gKfS5W2cljxwKiS6+HiVMs dTXPIohCVJQrXSboKkCf7R8FgZEtqvqa5Upao2dRb8MPNpjbe6qrX6f3rWP/t3KN mXH8+olu+kJanC1CFc+4CdTea5h2aR7+lUj93Tz+vsE8tXFSRdk80GLeGhIr6PCx XiWYXiv8GQQOAYmtC38XI1y0IyoDW8S7iElAV5YKgNdP3CLUo4XO+ZyU5YOLkQwj QuPj3e9YXpxmB+EgjsHg7ViI/sHg63VrVt+9uJiFnkeF/Bg4/a9Snb+zh4yEvull c0QTs3/Ncd/swqB4ATa3gvkE+dxGf1VtdN7PKIlFp5JUbwPd -----END CERTIFICATE-----Generated at Mon Feb 9 22:32:03 2026 by rpki-client