This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/OMZJTfEMX_P-o40x7sNRJUiIL4c.roa File: OMZJTfEMX_P-o40x7sNRJUiIL4c.roa (raw, json) Hash identifier: +/OiISUXHSKCG7hFmdUA41onjdMcxoyC7Y6Vt6TTSZY= Subject key identifier: 38:C6:49:4D:F1:0C:5F:F3:FE:A3:8D:31:EE:C3:51:25:48:88:2F:87 Certificate issuer: /CN=ff7d8a79bad4f983d0c49895af50ea8a03ebc70d Certificate serial: 019B7BA3ED103C0B51A48B6D07BBE3CA6484 Authority key identifier: FF:7D:8A:79:BA:D4:F9:83:D0:C4:98:95:AF:50:EA:8A:03:EB:C7:0D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_32KebrU-YPQxJiVr1DqigPrxw0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/OMZJTfEMX_P-o40x7sNRJUiIL4c.roa Signing time: Thu 01 Jan 2026 22:18:19 +0000 ROA not before: Thu 01 Jan 2026 22:18:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43641 IP address blocks: 31.42.176.0/23 maxlen: 24 37.16.75.0/24 maxlen: 24 91.202.4.0/23 maxlen: 24 91.239.76.0/24 maxlen: 24 213.111.144.0/23 maxlen: 24 213.111.146.0/24 maxlen: 24 213.111.147.0/24 maxlen: 24 213.111.151.0/24 maxlen: 24 213.111.154.0/23 maxlen: 24 213.111.156.0/24 maxlen: 24 2a11:6100::/32 maxlen: 32 2a11:6101::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/_32KebrU-YPQxJiVr1DqigPrxw0.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/_32KebrU-YPQxJiVr1DqigPrxw0.mft rsync://rpki.ripe.net/repository/DEFAULT/_32KebrU-YPQxJiVr1DqigPrxw0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 04:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:ed:10:3c:0b:51:a4:8b:6d:07:bb:e3:ca:64:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ff7d8a79bad4f983d0c49895af50ea8a03ebc70d Validity Not Before: Jan 1 22:18:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=38c6494df10c5ff3fea38d31eec3512548882f87 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:cb:78:80:ad:92:e7:8a:47:24:a9:2c:2d:c3: 2a:48:3b:a4:c9:25:e9:ab:80:c3:38:53:c4:4a:5f: 34:22:3f:92:7e:ef:94:bd:f3:00:01:36:9b:ed:2c: 96:f2:22:f9:7a:d2:02:f3:cf:f3:b2:95:33:00:2a: 23:8a:b0:19:de:75:82:b9:40:60:7c:97:a4:3f:a1: 62:6d:27:90:08:d1:14:24:fe:c5:dd:bc:61:7c:cd: df:e6:bc:16:75:ca:3e:68:d7:2f:af:b4:4e:db:0a: d4:59:3b:d0:b5:b4:a3:7d:4d:f0:e5:89:81:6d:90: 41:40:0d:d2:42:b5:98:dd:ee:f1:d5:e0:50:b7:8c: 32:a0:a2:92:56:8c:31:31:2a:4f:9c:d6:ef:8a:dc: b4:29:a1:6f:00:c1:8c:71:8e:98:e1:5f:d4:87:30: 0d:c5:7f:9c:e6:0f:81:ed:cc:e0:87:79:60:bf:6b: db:1e:5a:87:c3:83:b8:18:21:3f:86:87:cd:87:05: 1b:14:49:73:fc:4f:de:04:76:15:33:34:70:98:29: 22:a6:87:20:e5:4b:6d:31:ee:c1:ca:db:b1:bb:1b: 8e:35:31:d8:74:c6:b1:a8:e6:b4:d4:72:62:f2:f8: db:fb:25:1c:e9:63:9a:0e:08:36:16:a4:af:37:03: 37:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:C6:49:4D:F1:0C:5F:F3:FE:A3:8D:31:EE:C3:51:25:48:88:2F:87 X509v3 Authority Key Identifier: keyid:FF:7D:8A:79:BA:D4:F9:83:D0:C4:98:95:AF:50:EA:8A:03:EB:C7:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_32KebrU-YPQxJiVr1DqigPrxw0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/OMZJTfEMX_P-o40x7sNRJUiIL4c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/_32KebrU-YPQxJiVr1DqigPrxw0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.42.176.0/23 37.16.75.0/24 91.202.4.0/23 91.239.76.0/24 213.111.144.0/22 213.111.151.0/24 213.111.154.0-213.111.156.255 IPv6: 2a11:6100::/31 Signature Algorithm: sha256WithRSAEncryption 1c:0b:b0:e6:fb:12:c6:f0:b1:9e:ce:16:86:4c:1f:9e:11:66: 0d:2e:58:05:39:36:2c:c2:3d:ba:2c:b7:08:b6:0d:2f:b4:2d: bd:04:19:1e:d8:d8:15:1c:1c:5b:c7:51:f7:9f:a9:59:6b:83: 94:53:04:a3:de:04:40:1f:ab:d4:43:e5:ab:49:8d:c3:9a:d6: 81:64:f4:df:33:35:47:ec:13:fa:85:65:84:c6:93:e8:12:e7: d1:70:24:e6:a0:19:1b:f3:ae:a2:3f:d5:83:f5:1e:f5:18:cf: 1e:f7:62:78:17:db:74:41:39:10:f9:5e:57:a5:44:86:0b:45: 7c:48:72:7c:7a:43:af:e2:13:8f:c5:e3:34:11:f8:22:12:01: 6a:f3:66:e6:8f:dc:f3:12:8e:cd:b3:ad:e5:04:a5:b7:cc:00: 01:9f:75:f9:a1:dc:4c:e7:a3:55:1e:af:99:e1:c3:f2:a1:3f: 56:b3:8a:ba:5c:de:0f:f1:87:81:13:49:30:f8:cf:83:d4:04: e7:ab:25:0a:7b:4f:70:8b:8d:0a:69:b7:f6:a3:48:4a:05:42: 26:a5:58:1a:38:0d:00:ff:2b:4b:67:ad:be:79:bb:88:4f:61: f3:aa:67:54:83:67:8b:e0:ac:d8:ab:de:66:36:e4:39:8e:3c: 96:57:39:ab -----BEGIN CERTIFICATE----- MIIFODCCBCCgAwIBAgISAZt7o+0QPAtRpIttB7vjymSEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZmN2Q4YTc5YmFkNGY5ODNkMGM0OTg5NWFmNTBlYThhMDNl YmM3MGQwHhcNMjYwMTAxMjIxODE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzOGM2NDk0ZGYxMGM1ZmYzZmVhMzhkMzFlZWMzNTEyNTQ4ODgyZjg3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMt4gK2S54pHJKksLcMqSDukySXp q4DDOFPESl80Ij+Sfu+UvfMAATab7SyW8iL5etIC88/zspUzACojirAZ3nWCuUBg fJekP6FibSeQCNEUJP7F3bxhfM3f5rwWdco+aNcvr7RO2wrUWTvQtbSjfU3w5YmB bZBBQA3SQrWY3e7x1eBQt4wyoKKSVowxMSpPnNbvity0KaFvAMGMcY6Y4V/UhzAN xX+c5g+B7czgh3lgv2vbHlqHw4O4GCE/hofNhwUbFElz/E/eBHYVMzRwmCkipocg 5UttMe7BytuxuxuONTHYdMaxqOa01HJi8vjb+yUc6WOaDgg2FqSvNwM3YQIDAQAB o4ICRDCCAkAwHQYDVR0OBBYEFDjGSU3xDF/z/qONMe7DUSVIiC+HMB8GA1UdIwQY MBaAFP99inm61PmD0MSYla9Q6ooD68cNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvXzMyS2ViclUtWVBReEppVnIxRHFpZ1ByeHcwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi80NDI0ZWYtNjhhYS00YjcwLWIyY2Mt MDg3M2UzOTk0ZDBlLzEvT01aSlRmRU1YX1AtbzQweDdzTlJKVWlJTDRjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi80NDI0ZWYtNjhhYS00YjcwLWIyY2MtMDg3M2UzOTk0ZDBl LzEvXzMyS2ViclUtWVBReEppVnIxRHFpZ1ByeHcwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQBHyqwAwQA JRBLAwQBW8oEAwQAW+9MAwQC1W+QAwQA1W+XMAwDBAHVb5oDBADVb5wwDQQCAAIw BwMFASoRYQAwDQYJKoZIhvcNAQELBQADggEBABwLsOb7EsbwsZ7OFoZMH54RZg0u WAU5NizCPbostwi2DS+0Lb0EGR7Y2BUcHFvHUfefqVlrg5RTBKPeBEAfq9RD5atJ jcOa1oFk9N8zNUfsE/qFZYTGk+gS59FwJOagGRvzrqI/1YP1HvUYzx73YngX23RB ORD5XlelRIYLRXxIcnx6Q6/iE4/F4zQR+CISAWrzZuaP3PMSjs2zreUEpbfMAAGf dfmh3Ezno1Uer5nhw/KhP1azirpc3g/xh4ETSTD4z4PUBOerJQp7T3CLjQppt/aj SEoFQialWBo4DQD/K0tnrb55u4hPYfOqZ1SDZ4vgrNir3mY25DmOPJZXOas= -----END CERTIFICATE-----Generated at Mon Jan 19 11:22:30 2026 by rpki-client