This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/oQjGS8W_5tPPwVVXM-fDZ4QfqFs.roa File: oQjGS8W_5tPPwVVXM-fDZ4QfqFs.roa (raw, json) Hash identifier: qhQNTicoIxuhBTufRlzaBk+rgI949V+sKKIRwlKBeDI= Subject key identifier: A1:08:C6:4B:C5:BF:E6:D3:CF:C1:55:57:33:E7:C3:67:84:1F:A8:5B Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449 Certificate serial: 019B7F13756488AC1BA638FEA9F25A77A9C8 Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/oQjGS8W_5tPPwVVXM-fDZ4QfqFs.roa Signing time: Fri 02 Jan 2026 14:19:00 +0000 ROA not before: Fri 02 Jan 2026 14:19:00 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59729 IP address blocks: 77.90.167.0/24 maxlen: 24 213.209.135.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 23:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:13:75:64:88:ac:1b:a6:38:fe:a9:f2:5a:77:a9:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449 Validity Not Before: Jan 2 14:19:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a108c64bc5bfe6d3cfc1555733e7c367841fa85b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:d2:b6:82:ab:49:cc:8f:29:31:33:4b:db:85: 76:3c:8f:d7:d2:f7:f5:24:f3:18:cc:52:5f:94:91: 62:b1:26:ca:81:e2:c9:a3:cf:aa:bf:98:d8:76:c2: ea:65:4b:77:0e:b5:a3:0b:9c:c4:30:9e:69:b5:f1: ab:6e:93:9a:fa:ad:e9:15:a0:de:51:e0:23:2c:9c: a6:16:68:0f:ad:aa:2d:f3:48:3c:2e:20:b9:2b:5d: 88:b7:b4:d0:ce:fa:e8:73:f0:20:dc:02:cf:0a:aa: 7d:1f:95:a6:e1:e8:11:54:22:8f:0f:64:83:ee:f7: 92:b3:70:1f:28:98:81:fa:d0:61:28:c7:95:9d:90: 47:91:6d:6f:28:c4:78:79:1a:1e:df:e4:ba:c5:5a: df:64:31:fe:2c:e6:66:03:e1:9b:dc:e8:c6:83:66: 95:ee:e7:50:6b:0e:41:89:51:2f:4e:3b:68:1e:20: f2:d4:6d:e0:d7:1f:a5:d9:a5:42:ba:a4:77:9b:42: 1b:dd:b9:66:1e:68:25:b9:1d:e0:d8:64:46:7c:83: c1:23:23:12:bd:8c:08:21:e3:97:f1:ac:10:7e:c5: 22:b3:2d:5f:00:6c:a6:c5:a9:07:bc:20:dd:b0:f2: fd:fd:84:5d:4c:cf:00:50:2e:16:33:6a:10:a5:cb: 48:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:08:C6:4B:C5:BF:E6:D3:CF:C1:55:57:33:E7:C3:67:84:1F:A8:5B X509v3 Authority Key Identifier: keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/oQjGS8W_5tPPwVVXM-fDZ4QfqFs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.90.167.0/24 213.209.135.0/24 Signature Algorithm: sha256WithRSAEncryption 28:ee:d0:ed:a9:b4:6e:4d:4c:67:8c:c5:6d:ee:8f:04:c6:ce: 83:16:a4:2e:7c:8b:83:1e:ee:7a:eb:06:a9:61:ca:42:47:e2: b4:31:c3:d3:6c:21:76:e0:dd:62:0f:ad:2a:0b:f4:f5:ff:ae: 21:95:08:80:d5:68:b7:31:3a:b0:fd:b0:64:9c:1d:1f:15:e3: 62:f7:2e:ac:db:26:5f:94:f5:dd:22:16:97:e1:d2:2d:92:97: 86:53:6d:36:ee:6c:06:d2:f9:32:0e:d9:31:76:ac:fd:67:8d: 10:b8:88:2d:28:8d:55:08:5d:1c:7d:1a:e1:24:6c:2e:1f:41: 55:ce:f7:72:64:80:b7:b6:d1:7d:35:10:80:61:3c:4b:37:16: b3:b7:2d:3d:02:d3:76:28:f7:d3:0b:83:9e:39:fc:3d:b3:42: 70:9b:c3:47:0c:b4:fe:c7:cc:9a:55:67:f3:a0:c5:b3:f0:f3: 2f:aa:4a:9a:a3:17:6a:bf:ac:57:e4:89:da:a0:34:1c:f9:14: 69:41:4c:41:96:20:9a:54:fd:08:56:95:e8:85:7e:26:e5:5d: 51:11:c3:ed:b4:5a:55:10:da:eb:c0:c8:4a:23:3d:13:78:63: d2:b9:4a:7a:e3:31:aa:70:b3:2a:35:e2:39:e0:ef:45:8e:09: 0c:65:7d:34 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/E3VkiKwbpjj+qfJad6nIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz Yzg0NDkwHhcNMjYwMTAyMTQxOTAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMTA4YzY0YmM1YmZlNmQzY2ZjMTU1NTczM2U3YzM2Nzg0MWZhODViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtK2gqtJzI8pMTNL24V2PI/X0vf1 JPMYzFJflJFisSbKgeLJo8+qv5jYdsLqZUt3DrWjC5zEMJ5ptfGrbpOa+q3pFaDe UeAjLJymFmgPraot80g8LiC5K12It7TQzvroc/Ag3ALPCqp9H5Wm4egRVCKPD2SD 7veSs3AfKJiB+tBhKMeVnZBHkW1vKMR4eRoe3+S6xVrfZDH+LOZmA+Gb3OjGg2aV 7udQaw5BiVEvTjtoHiDy1G3g1x+l2aVCuqR3m0Ib3blmHmgluR3g2GRGfIPBIyMS vYwIIeOX8awQfsUisy1fAGymxakHvCDdsPL9/YRdTM8AUC4WM2oQpctIFwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFKEIxkvFv+bTz8FVVzPnw2eEH6hbMB8GA1UdIwQY MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt NmNiZmYzYzRkYTAxLzEvb1FqR1M4V181dFBQd1ZWWE0tZkRaNFFmcUZzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATVqnAwQA 1dGHMA0GCSqGSIb3DQEBCwUAA4IBAQAo7tDtqbRuTUxnjMVt7o8Exs6DFqQufIuD Hu566wapYcpCR+K0McPTbCF24N1iD60qC/T1/64hlQiA1Wi3MTqw/bBknB0fFeNi 9y6s2yZflPXdIhaX4dItkpeGU2027mwG0vkyDtkxdqz9Z40QuIgtKI1VCF0cfRrh JGwuH0FVzvdyZIC3ttF9NRCAYTxLNxazty09AtN2KPfTC4OeOfw9s0Jwm8NHDLT+ x8yaVWfzoMWz8PMvqkqaoxdqv6xX5InaoDQc+RRpQUxBliCaVP0IVpXohX4m5V1R EcPttFpVENrrwMhKIz0TeGPSuUp64zGqcLMqNeI54O9FjgkMZX00 -----END CERTIFICATE-----Generated at Wed Jan 21 07:48:05 2026 by rpki-client