This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/65690a-0acf-4f36-a89c-2b4a2714214a/1/OKZ4RBLd9A-erw36PbwJ3C3LJo0.roa File: OKZ4RBLd9A-erw36PbwJ3C3LJo0.roa (raw, json) Hash identifier: 7yPskL1QQ8Sx8qqCwYj9KNvr1Nkq7IbAM3Yyme3KyJQ= Subject key identifier: 38:A6:78:44:12:DD:F4:0F:9E:AF:0D:FA:3D:BC:09:DC:2D:CB:26:8D Certificate issuer: /CN=13b43dace8663447ee4725520d78c54ab7b99ad4 Certificate serial: 019B7A5B6F833A0AAB3A23B480DD3E14DB8B Authority key identifier: 13:B4:3D:AC:E8:66:34:47:EE:47:25:52:0D:78:C5:4A:B7:B9:9A:D4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E7Q9rOhmNEfuRyVSDXjFSre5mtQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/65690a-0acf-4f36-a89c-2b4a2714214a/1/OKZ4RBLd9A-erw36PbwJ3C3LJo0.roa Signing time: Thu 01 Jan 2026 16:19:31 +0000 ROA not before: Thu 01 Jan 2026 16:19:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 692 IP address blocks: 64.224.12.0/22 maxlen: 22 185.101.140.0/22 maxlen: 22 185.178.20.0/22 maxlen: 22 193.41.58.0/24 maxlen: 24 2a10:5940::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/65690a-0acf-4f36-a89c-2b4a2714214a/1/E7Q9rOhmNEfuRyVSDXjFSre5mtQ.crl rsync://rpki.ripe.net/repository/DEFAULT/26/65690a-0acf-4f36-a89c-2b4a2714214a/1/E7Q9rOhmNEfuRyVSDXjFSre5mtQ.mft rsync://rpki.ripe.net/repository/DEFAULT/E7Q9rOhmNEfuRyVSDXjFSre5mtQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:6f:83:3a:0a:ab:3a:23:b4:80:dd:3e:14:db:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=13b43dace8663447ee4725520d78c54ab7b99ad4 Validity Not Before: Jan 1 16:19:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=38a6784412ddf40f9eaf0dfa3dbc09dc2dcb268d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:a0:9e:72:45:95:cd:d5:ce:48:6f:73:cf:69: c7:15:cc:aa:82:9b:b7:0c:02:ce:74:76:30:6d:15: d1:b4:71:52:79:7c:79:ec:da:73:79:cb:e8:e1:c1: 50:f6:05:61:6f:43:a0:8f:77:af:80:3b:cf:cc:14: 24:05:3a:83:1f:a1:d4:37:65:cb:4f:d3:65:59:89: ef:7d:94:15:7b:3a:64:b0:70:7c:1b:83:13:56:56: 3f:7c:bd:db:79:72:95:17:9b:19:77:33:7f:c7:36: a6:b0:82:50:d3:59:ee:11:c7:37:6d:20:1e:78:b7: 47:e2:70:5b:d9:fc:bf:d0:14:0a:b1:25:0f:d6:99: 30:e6:86:9d:e6:06:63:41:72:53:31:96:58:9a:b0: 61:ff:8e:58:59:ea:20:a6:f5:5f:9e:b0:19:73:7c: fb:36:cb:1d:ea:b0:4d:53:15:54:e0:52:57:2a:63: dd:87:47:44:b4:fb:bb:27:b8:9b:5d:7a:2d:98:4b: b1:34:6d:e8:b2:59:9b:72:33:f3:8e:5f:3f:a1:dd: 33:57:f3:62:3f:59:02:02:c3:f9:49:de:90:b6:15: c6:18:5e:b1:b7:e1:85:a6:bf:7a:1f:a2:b2:fc:4c: 5a:23:73:04:fc:25:21:8f:d9:67:1c:e4:9a:87:00: 1c:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:A6:78:44:12:DD:F4:0F:9E:AF:0D:FA:3D:BC:09:DC:2D:CB:26:8D X509v3 Authority Key Identifier: keyid:13:B4:3D:AC:E8:66:34:47:EE:47:25:52:0D:78:C5:4A:B7:B9:9A:D4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E7Q9rOhmNEfuRyVSDXjFSre5mtQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/65690a-0acf-4f36-a89c-2b4a2714214a/1/OKZ4RBLd9A-erw36PbwJ3C3LJo0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/26/65690a-0acf-4f36-a89c-2b4a2714214a/1/E7Q9rOhmNEfuRyVSDXjFSre5mtQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 64.224.12.0/22 185.101.140.0/22 185.178.20.0/22 193.41.58.0/24 IPv6: 2a10:5940::/29 Signature Algorithm: sha256WithRSAEncryption 3e:6c:df:17:f1:9e:13:7e:15:5b:33:0b:8f:dd:39:c0:98:3f: e5:9d:fc:f1:2c:09:fd:24:6a:12:41:27:9d:55:5e:76:be:c0: 73:4a:52:99:13:88:6f:08:cb:ec:a5:2b:05:83:dc:16:69:e0: 5a:98:63:fc:b4:fe:3c:77:d9:92:1e:cb:16:8f:fd:f6:aa:40: 33:db:b1:0f:a6:c1:26:c7:ca:c6:dc:0e:ef:f5:77:58:6d:64: c6:13:70:73:50:21:e9:11:d4:2f:50:77:0b:c3:96:c8:bc:b8: f9:51:13:da:ed:b9:4d:28:54:8d:93:96:d3:c5:c0:ff:c7:3f: bd:17:d1:1b:f4:3c:c1:b6:71:02:c2:f1:49:d2:56:1f:97:47: 76:71:5c:95:e0:f2:cc:b1:73:ee:a9:85:07:a0:58:cd:43:c4: d1:be:b2:90:ed:3a:c1:dd:df:3f:b3:ef:dc:cf:86:54:75:b4: 50:b4:d4:cb:7a:56:f0:15:87:3e:95:23:8e:c8:e0:c7:bd:76: da:6c:05:2d:f0:fd:be:c1:8b:45:96:b2:60:3f:77:1c:f9:97: 09:64:f7:67:49:f7:c3:45:24:a9:e4:14:c8:b6:e7:c0:b1:82: 3d:63:5b:e8:74:a1:80:21:66:8f:60:85:00:05:8c:33:4f:fc: 57:aa:93:51 -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt6W2+DOgqrOiO0gN0+FNuLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEzYjQzZGFjZTg2NjM0NDdlZTQ3MjU1MjBkNzhjNTRhYjdi OTlhZDQwHhcNMjYwMTAxMTYxOTMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzOGE2Nzg0NDEyZGRmNDBmOWVhZjBkZmEzZGJjMDlkYzJkY2IyNjhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqCeckWVzdXOSG9zz2nHFcyqgpu3 DALOdHYwbRXRtHFSeXx57Npzecvo4cFQ9gVhb0Ogj3evgDvPzBQkBTqDH6HUN2XL T9NlWYnvfZQVezpksHB8G4MTVlY/fL3beXKVF5sZdzN/xzamsIJQ01nuEcc3bSAe eLdH4nBb2fy/0BQKsSUP1pkw5oad5gZjQXJTMZZYmrBh/45YWeogpvVfnrAZc3z7 Nssd6rBNUxVU4FJXKmPdh0dEtPu7J7ibXXotmEuxNG3oslmbcjPzjl8/od0zV/Ni P1kCAsP5Sd6QthXGGF6xt+GFpr96H6Ky/ExaI3ME/CUhj9lnHOSahwAckQIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFDimeEQS3fQPnq8N+j28CdwtyyaNMB8GA1UdIwQY MBaAFBO0PazoZjRH7kclUg14xUq3uZrUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRTdROXJPaG1ORWZ1UnlWU0RYakZTcmU1bXRRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82NTY5MGEtMGFjZi00ZjM2LWE4OWMt MmI0YTI3MTQyMTRhLzEvT0taNFJCTGQ5QS1lcnczNlBid0ozQzNMSm8wLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNi82NTY5MGEtMGFjZi00ZjM2LWE4OWMtMmI0YTI3MTQyMTRh LzEvRTdROXJPaG1ORWZ1UnlWU0RYakZTcmU1bXRRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCQOAMAwQC uWWMAwQCubIUAwQAwSk6MA0EAgACMAcDBQMqEFlAMA0GCSqGSIb3DQEBCwUAA4IB AQA+bN8X8Z4TfhVbMwuP3TnAmD/lnfzxLAn9JGoSQSedVV52vsBzSlKZE4hvCMvs pSsFg9wWaeBamGP8tP48d9mSHssWj/32qkAz27EPpsEmx8rG3A7v9XdYbWTGE3Bz UCHpEdQvUHcLw5bIvLj5URPa7blNKFSNk5bTxcD/xz+9F9Eb9DzBtnECwvFJ0lYf l0d2cVyV4PLMsXPuqYUHoFjNQ8TRvrKQ7TrB3d8/s+/cz4ZUdbRQtNTLelbwFYc+ lSOOyODHvXbabAUt8P2+wYtFlrJgP3cc+ZcJZPdnSffDRSSp5BTItufAsYI9Y1vo dKGAIWaPYIUABYwzT/xXqpNR -----END CERTIFICATE-----Generated at Tue Feb 10 02:32:04 2026 by rpki-client