This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/a9beb0-cbe7-465e-8008-d54722cca849/1/OfBW0MMBYKoL5t19m_08A88rcZg.roa File: OfBW0MMBYKoL5t19m_08A88rcZg.roa (raw, json) Hash identifier: u1ZLF7MAr32G/X+Xmx4V3foHqEpblcryfz+L5C312U0= Subject key identifier: 39:F0:56:D0:C3:01:60:AA:0B:E6:DD:7D:9B:FD:3C:03:CF:2B:71:98 Certificate issuer: /CN=044fa3808c2d28c577f9976c61cd226e188695d8 Certificate serial: 019B7E388999D28EF48078D03B51C04A7524 Authority key identifier: 04:4F:A3:80:8C:2D:28:C5:77:F9:97:6C:61:CD:22:6E:18:86:95:D8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BE-jgIwtKMV3-ZdsYc0ibhiGldg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/a9beb0-cbe7-465e-8008-d54722cca849/1/OfBW0MMBYKoL5t19m_08A88rcZg.roa Signing time: Fri 02 Jan 2026 10:19:53 +0000 ROA not before: Fri 02 Jan 2026 10:19:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57458 IP address blocks: 130.255.176.0/21 maxlen: 21 130.255.176.0/24 maxlen: 24 130.255.177.0/24 maxlen: 24 2a03:c080::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/a9beb0-cbe7-465e-8008-d54722cca849/1/BE-jgIwtKMV3-ZdsYc0ibhiGldg.crl rsync://rpki.ripe.net/repository/DEFAULT/40/a9beb0-cbe7-465e-8008-d54722cca849/1/BE-jgIwtKMV3-ZdsYc0ibhiGldg.mft rsync://rpki.ripe.net/repository/DEFAULT/BE-jgIwtKMV3-ZdsYc0ibhiGldg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:89:99:d2:8e:f4:80:78:d0:3b:51:c0:4a:75:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=044fa3808c2d28c577f9976c61cd226e188695d8 Validity Not Before: Jan 2 10:19:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=39f056d0c30160aa0be6dd7d9bfd3c03cf2b7198 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:3b:a2:77:96:c6:d5:4e:9d:06:f7:ac:53:56: 07:31:6f:ea:a8:18:c6:20:ec:52:93:ea:b2:e9:04: df:ab:2f:ae:88:3d:57:2b:f3:92:20:f8:18:1e:1e: 9d:d7:6c:20:82:67:d4:02:2a:fe:4f:8a:32:59:24: 10:44:e1:80:49:d4:6a:5a:16:71:27:ed:5a:4e:57: cb:cb:b5:7a:b4:02:89:47:c5:a5:51:fc:ce:de:b3: 83:43:f0:3c:0d:f5:10:a3:9f:65:97:7d:ef:14:7b: 28:78:3a:15:62:8f:ce:e4:8f:56:49:0c:16:4e:02: 98:46:1e:76:32:99:ce:8d:5b:95:57:77:ac:47:3f: e1:12:79:8f:63:d5:48:5a:f5:b8:8f:5a:10:36:29: a8:55:80:0e:ea:9a:ed:3f:59:91:05:e8:01:ae:5a: 8c:0b:aa:83:3f:ba:09:d0:97:4b:4b:e3:d1:d6:a6: fc:b8:3c:4a:cd:29:59:25:3e:11:47:49:a1:d9:dc: 50:15:ad:e4:4f:12:54:26:49:b5:8b:ad:50:d1:47: 4c:04:6b:13:a8:f5:f8:c3:a6:fc:5a:3c:5c:d5:aa: 6d:c2:a4:68:68:04:c5:fc:ea:72:27:e5:76:56:b3: f7:06:ee:07:49:8e:7a:aa:bc:a9:85:2f:a5:24:42: 66:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:F0:56:D0:C3:01:60:AA:0B:E6:DD:7D:9B:FD:3C:03:CF:2B:71:98 X509v3 Authority Key Identifier: keyid:04:4F:A3:80:8C:2D:28:C5:77:F9:97:6C:61:CD:22:6E:18:86:95:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BE-jgIwtKMV3-ZdsYc0ibhiGldg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a9beb0-cbe7-465e-8008-d54722cca849/1/OfBW0MMBYKoL5t19m_08A88rcZg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a9beb0-cbe7-465e-8008-d54722cca849/1/BE-jgIwtKMV3-ZdsYc0ibhiGldg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 130.255.176.0/21 IPv6: 2a03:c080::/32 Signature Algorithm: sha256WithRSAEncryption 2d:4e:72:c7:70:08:83:f6:cd:26:61:e8:e7:d5:3a:f5:78:81: 94:c0:f6:e8:fd:b8:7b:71:36:8c:ae:ea:56:bb:bb:2c:9b:a3: 75:e8:42:0e:e2:18:30:97:ef:d0:19:8b:51:a3:26:ba:1b:39: dc:fe:25:ee:ca:f9:21:2f:26:5d:80:f1:9c:02:3f:20:96:c5: f6:34:8d:c8:8d:04:cc:b1:90:59:70:08:4b:c1:c8:6a:bb:1d: ae:2d:c1:4f:10:df:f5:6f:95:b0:56:42:bd:b8:a1:d6:b2:40: 1f:d1:40:33:97:4d:a9:5b:a9:c2:a7:5d:b7:6b:4d:7e:12:b4: 79:10:d8:86:36:fd:3d:1e:dd:76:f2:d3:68:d3:84:e6:c7:68: cb:33:6b:5f:57:20:e0:f9:96:0f:53:27:56:ad:a0:60:d9:e8: f6:f1:cb:d4:a6:a8:26:db:50:db:85:b6:ad:4d:9f:81:83:f2: d4:a5:ba:c5:3c:fd:36:ea:94:ac:47:6f:cd:a9:86:59:ec:1f: ee:b9:2b:09:88:1f:f3:3e:62:77:1d:f9:51:80:4d:5f:ac:22: 56:7c:1a:8b:cb:62:7c:f1:ab:dd:d2:30:7f:8b:83:b3:b9:4f: 0c:ee:76:6a:c0:98:f1:54:6a:17:e6:72:51:14:40:48:27:fa: 1d:a9:34:51 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt+OImZ0o70gHjQO1HASnUkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA0NGZhMzgwOGMyZDI4YzU3N2Y5OTc2YzYxY2QyMjZlMTg4 Njk1ZDgwHhcNMjYwMTAyMTAxOTUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzOWYwNTZkMGMzMDE2MGFhMGJlNmRkN2Q5YmZkM2MwM2NmMmI3MTk4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjuid5bG1U6dBvesU1YHMW/qqBjG IOxSk+qy6QTfqy+uiD1XK/OSIPgYHh6d12wggmfUAir+T4oyWSQQROGASdRqWhZx J+1aTlfLy7V6tAKJR8WlUfzO3rODQ/A8DfUQo59ll33vFHsoeDoVYo/O5I9WSQwW TgKYRh52MpnOjVuVV3esRz/hEnmPY9VIWvW4j1oQNimoVYAO6prtP1mRBegBrlqM C6qDP7oJ0JdLS+PR1qb8uDxKzSlZJT4RR0mh2dxQFa3kTxJUJkm1i61Q0UdMBGsT qPX4w6b8Wjxc1aptwqRoaATF/OpyJ+V2VrP3Bu4HSY56qryphS+lJEJmMwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFDnwVtDDAWCqC+bdfZv9PAPPK3GYMB8GA1UdIwQY MBaAFARPo4CMLSjFd/mXbGHNIm4YhpXYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQkUtamdJd3RLTVYzLVpkc1ljMGliaGlHbGRnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9hOWJlYjAtY2JlNy00NjVlLTgwMDgt ZDU0NzIyY2NhODQ5LzEvT2ZCVzBNTUJZS29MNXQxOW1fMDhBODhyY1pnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC9hOWJlYjAtY2JlNy00NjVlLTgwMDgtZDU0NzIyY2NhODQ5 LzEvQkUtamdJd3RLTVYzLVpkc1ljMGliaGlHbGRnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDgv+wMA0E AgACMAcDBQAqA8CAMA0GCSqGSIb3DQEBCwUAA4IBAQAtTnLHcAiD9s0mYejn1Tr1 eIGUwPbo/bh7cTaMrupWu7ssm6N16EIO4hgwl+/QGYtRoya6Gznc/iXuyvkhLyZd gPGcAj8glsX2NI3IjQTMsZBZcAhLwchqux2uLcFPEN/1b5WwVkK9uKHWskAf0UAz l02pW6nCp123a01+ErR5ENiGNv09Ht128tNo04Tmx2jLM2tfVyDg+ZYPUydWraBg 2ej28cvUpqgm21DbhbatTZ+Bg/LUpbrFPP026pSsR2/NqYZZ7B/uuSsJiB/zPmJ3 HflRgE1frCJWfBqLy2J88avd0jB/i4OzuU8M7nZqwJjxVGoX5nJRFEBIJ/odqTRR -----END CERTIFICATE-----Generated at Tue Feb 10 02:46:49 2026 by rpki-client