This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/Ojccpt6PXIjVPE6KsXsIl0xR4xg.roa File: Ojccpt6PXIjVPE6KsXsIl0xR4xg.roa (raw, json) Hash identifier: qxyOGoR8Wod4FdQBMKKBbpkBt/WZQYeVXJhIKDf74AM= Subject key identifier: 3A:37:1C:A6:DE:8F:5C:88:D5:3C:4E:8A:B1:7B:08:97:4C:51:E3:18 Certificate issuer: /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96 Certificate serial: 019B7E389697D42B23C2F91F5D24D12F6FA5 Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/Ojccpt6PXIjVPE6KsXsIl0xR4xg.roa Signing time: Fri 02 Jan 2026 10:19:56 +0000 ROA not before: Fri 02 Jan 2026 10:19:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200131 IP address blocks: 213.109.154.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.mft rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 03:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:96:97:d4:2b:23:c2:f9:1f:5d:24:d1:2f:6f:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96 Validity Not Before: Jan 2 10:19:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3a371ca6de8f5c88d53c4e8ab17b08974c51e318 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:2c:bc:0e:b8:65:17:4a:68:47:b7:ae:79:d0: 0b:36:34:53:2f:61:7e:08:6d:51:53:91:c6:5d:eb: 80:3a:ad:83:51:f4:39:54:41:40:ac:97:0b:bd:5d: 55:13:18:4b:94:c2:0b:d6:47:04:05:83:1d:58:32: 7e:5f:bc:b6:1d:5c:0c:31:f3:e2:03:6d:0f:94:b0: d4:cd:a9:b8:ba:19:8c:25:7e:f2:4b:ab:48:e8:4f: 1d:73:83:91:cf:cb:9e:f2:99:91:84:c4:51:59:99: 76:52:97:b3:88:31:63:17:ae:c1:53:5d:03:56:e0: 20:36:2e:c4:7e:a0:8a:79:81:6b:dc:24:c8:c1:42: 2e:38:e7:ac:9f:d5:93:2c:10:3b:c5:36:3f:9b:ff: c2:cc:8b:21:54:d4:bc:af:d2:d6:c7:85:65:ad:c8: 5c:92:1d:ff:c7:a2:d3:14:d9:33:e0:b4:b8:cd:4b: 1c:43:94:ae:11:1d:99:d2:0e:c0:4f:a8:b2:82:df: ba:70:5a:56:af:0d:d9:53:64:c5:ba:ee:41:4e:66: ee:10:b2:cb:0b:df:a5:74:a3:6f:8e:81:09:90:8c: ef:17:58:bf:27:af:b6:6c:5f:24:b2:30:0f:1e:f5: c2:f1:7a:3d:f9:2e:3a:10:7f:6f:68:fd:1c:a6:df: 2c:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:37:1C:A6:DE:8F:5C:88:D5:3C:4E:8A:B1:7B:08:97:4C:51:E3:18 X509v3 Authority Key Identifier: keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/Ojccpt6PXIjVPE6KsXsIl0xR4xg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 213.109.154.0/24 Signature Algorithm: sha256WithRSAEncryption 83:40:d3:83:36:15:8a:5c:c1:8e:3b:cd:4d:8d:b0:fc:ab:b3: b3:d1:d5:2d:0a:3e:7e:a1:19:ec:cd:f6:90:5a:d5:fd:29:cf: 56:9b:84:87:b6:70:01:4f:f5:06:3b:e0:65:d0:de:dd:22:2c: 15:ea:a4:08:d5:0f:41:e1:0c:65:bf:61:50:ee:9a:c0:86:91: 02:a4:a6:86:08:5a:56:bd:71:38:88:aa:e3:d5:09:f2:cc:c9: 97:bc:b4:2b:6b:eb:72:7a:b1:8c:15:ac:81:89:96:11:da:c9: 7b:9f:56:71:63:fe:79:7e:0c:69:0e:31:dd:82:9e:5b:95:2a: aa:3f:84:60:b7:96:95:c6:0d:fb:cd:d3:81:ea:37:9d:02:a5: 94:bc:06:76:dc:a0:ec:07:1a:5d:4d:67:86:0f:3b:2b:9b:9e: 33:60:f3:4d:f3:27:cc:f7:e0:d4:53:79:2a:6e:74:b7:28:66: 6d:ab:de:14:83:2e:13:ae:d0:69:1b:f6:c9:0e:21:81:27:cc: db:43:a2:60:18:c9:68:df:fc:a7:29:6a:6d:3d:25:82:ea:d0: 05:11:6e:00:23:4f:2e:f7:7d:7f:55:f0:2e:18:2d:f6:a9:15: 07:31:63:e3:3f:79:7d:76:5d:94:2a:13:8f:b2:8c:35:13:eb: e7:62:30:6f -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+OJaX1CsjwvkfXSTRL2+lMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz M2RiOTYwHhcNMjYwMTAyMTAxOTU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYTM3MWNhNmRlOGY1Yzg4ZDUzYzRlOGFiMTdiMDg5NzRjNTFlMzE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryy8DrhlF0poR7euedALNjRTL2F+ CG1RU5HGXeuAOq2DUfQ5VEFArJcLvV1VExhLlMIL1kcEBYMdWDJ+X7y2HVwMMfPi A20PlLDUzam4uhmMJX7yS6tI6E8dc4ORz8ue8pmRhMRRWZl2UpeziDFjF67BU10D VuAgNi7EfqCKeYFr3CTIwUIuOOesn9WTLBA7xTY/m//CzIshVNS8r9LWx4Vlrchc kh3/x6LTFNkz4LS4zUscQ5SuER2Z0g7AT6iygt+6cFpWrw3ZU2TFuu5BTmbuELLL C9+ldKNvjoEJkIzvF1i/J6+2bF8ksjAPHvXC8Xo9+S46EH9vaP0cpt8sKwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFDo3HKbej1yI1TxOirF7CJdMUeMYMB8GA1UdIwQY MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt MmM3MDg2ZmRlZDkzLzEvT2pjY3B0NlBYSWpWUEU2S3NYc0lsMHhSNHhnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1W2aMA0G CSqGSIb3DQEBCwUAA4IBAQCDQNODNhWKXMGOO81NjbD8q7Oz0dUtCj5+oRnszfaQ WtX9Kc9Wm4SHtnABT/UGO+Bl0N7dIiwV6qQI1Q9B4Qxlv2FQ7prAhpECpKaGCFpW vXE4iKrj1QnyzMmXvLQra+tyerGMFayBiZYR2sl7n1ZxY/55fgxpDjHdgp5blSqq P4Rgt5aVxg37zdOB6jedAqWUvAZ23KDsBxpdTWeGDzsrm54zYPNN8yfM9+DUU3kq bnS3KGZtq94Ugy4TrtBpG/bJDiGBJ8zbQ6JgGMlo3/ynKWptPSWC6tAFEW4AI08u 931/VfAuGC32qRUHMWPjP3l9dl2UKhOPsow1E+vnYjBv -----END CERTIFICATE-----Generated at Tue Jan 20 09:07:40 2026 by rpki-client