This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a64b09-64df-470c-a64d-1f6991877b26/1/oZ5KMTsfThBFq6HeEDiKMmNpYEI.roa File: oZ5KMTsfThBFq6HeEDiKMmNpYEI.roa (raw, json) Hash identifier: Fya1WLYfdNkhjXqChkihYHmhU9AOfJPUlY74dXuOW2U= Subject key identifier: A1:9E:4A:31:3B:1F:4E:10:45:AB:A1:DE:10:38:8A:32:63:69:60:42 Certificate issuer: /CN=4b72066d7e6ca8ad2ffa62a69b067923a42df96f Certificate serial: 019B7A5A745F6151989F1A11A42F5ED608A2 Authority key identifier: 4B:72:06:6D:7E:6C:A8:AD:2F:FA:62:A6:9B:06:79:23:A4:2D:F9:6F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S3IGbX5sqK0v-mKmmwZ5I6Qt-W8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a64b09-64df-470c-a64d-1f6991877b26/1/oZ5KMTsfThBFq6HeEDiKMmNpYEI.roa Signing time: Thu 01 Jan 2026 16:18:26 +0000 ROA not before: Thu 01 Jan 2026 16:18:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212138 IP address blocks: 192.145.104.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/a64b09-64df-470c-a64d-1f6991877b26/1/S3IGbX5sqK0v-mKmmwZ5I6Qt-W8.crl rsync://rpki.ripe.net/repository/DEFAULT/45/a64b09-64df-470c-a64d-1f6991877b26/1/S3IGbX5sqK0v-mKmmwZ5I6Qt-W8.mft rsync://rpki.ripe.net/repository/DEFAULT/S3IGbX5sqK0v-mKmmwZ5I6Qt-W8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:74:5f:61:51:98:9f:1a:11:a4:2f:5e:d6:08:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4b72066d7e6ca8ad2ffa62a69b067923a42df96f Validity Not Before: Jan 1 16:18:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a19e4a313b1f4e1045aba1de10388a3263696042 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:ea:7c:9f:45:7e:22:ea:33:66:00:e2:87:12: 28:51:bd:c5:a1:43:1b:78:54:53:eb:f3:a4:f7:df: 03:cc:30:1d:71:6a:de:9b:bb:2a:99:4c:3a:ae:ee: cb:9f:d3:98:52:ae:e1:f9:a4:be:c5:0e:49:e0:cc: 2d:35:4f:9b:2e:41:89:04:31:aa:22:29:a4:05:de: f9:67:72:8f:f3:d1:84:19:a1:93:ac:4c:3a:2f:c2: ae:1d:d5:07:a7:8e:10:7b:23:c6:c3:4a:81:a3:84: fd:ad:6a:54:64:30:81:a2:9f:a3:d8:e6:d2:fc:2d: cf:e6:6b:d9:5a:79:4f:eb:b0:68:51:4d:85:33:14: 01:37:d8:86:e8:a1:2e:09:8f:42:e1:ea:02:23:41: a0:be:55:ee:db:7c:ee:05:c9:9d:26:3f:0a:87:8b: 0b:64:ae:b7:ee:4a:86:5d:a6:0a:b2:18:b0:ed:dc: 87:84:3c:26:47:86:1d:67:7e:ba:ce:3e:dd:e8:3c: 9f:73:5a:b0:3f:55:53:76:69:4f:84:b6:57:29:4e: b9:4d:4e:26:10:97:29:85:2c:65:02:64:92:48:8c: af:bf:09:8f:d4:2c:cf:21:9c:14:10:1b:f2:ed:80: be:d9:07:3d:55:a7:aa:af:fa:9c:39:30:fa:77:b8: 3f:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:9E:4A:31:3B:1F:4E:10:45:AB:A1:DE:10:38:8A:32:63:69:60:42 X509v3 Authority Key Identifier: keyid:4B:72:06:6D:7E:6C:A8:AD:2F:FA:62:A6:9B:06:79:23:A4:2D:F9:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S3IGbX5sqK0v-mKmmwZ5I6Qt-W8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a64b09-64df-470c-a64d-1f6991877b26/1/oZ5KMTsfThBFq6HeEDiKMmNpYEI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a64b09-64df-470c-a64d-1f6991877b26/1/S3IGbX5sqK0v-mKmmwZ5I6Qt-W8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.145.104.0/22 Signature Algorithm: sha256WithRSAEncryption 0f:11:98:0f:7f:1a:03:a0:f8:51:ed:4a:9d:40:c0:45:67:d6: f8:f0:69:16:99:1e:ba:94:c7:d0:4d:ef:e1:d1:ad:34:5b:8e: f2:f8:1d:33:61:1e:ee:6c:e2:6d:72:97:fa:07:1c:57:d9:a4: e8:34:15:96:7c:83:93:bc:6d:44:ac:f0:56:ef:5a:76:8e:6f: d2:7d:17:d4:77:2e:62:02:7d:ab:98:f5:d6:10:62:7e:11:32: 7e:c7:60:c3:95:26:79:81:cc:2a:85:5b:da:68:ee:19:de:0d: c2:7b:5f:6c:84:5c:7b:d0:90:bb:8e:b8:5e:92:4f:14:b5:40: 93:d0:ac:2e:48:84:39:bb:44:2c:cd:1f:a5:fe:cc:f1:2d:f3: e5:f4:07:60:da:f7:5c:02:9f:02:3b:c6:2a:f2:a4:af:1c:b5: 2d:97:85:59:c9:9c:16:9c:6e:66:91:75:0a:4b:7c:06:96:49: 56:f3:52:82:35:f8:a4:6e:14:e5:7e:ad:10:97:2b:c8:a2:43: 89:86:a1:fb:89:1d:05:e3:48:52:18:76:5b:50:d5:e7:78:99: 0a:e9:bc:f4:a6:b1:ab:b8:8a:89:3d:b0:c4:e1:aa:21:76:80: 5a:90:5b:58:47:6e:2f:f4:83:0c:25:9e:cd:67:3f:f2:ba:54: e5:40:69:35 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6WnRfYVGYnxoRpC9e1giiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRiNzIwNjZkN2U2Y2E4YWQyZmZhNjJhNjliMDY3OTIzYTQy ZGY5NmYwHhcNMjYwMTAxMTYxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMTllNGEzMTNiMWY0ZTEwNDVhYmExZGUxMDM4OGEzMjYzNjk2MDQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ep8n0V+IuozZgDihxIoUb3FoUMb eFRT6/Ok998DzDAdcWrem7sqmUw6ru7Ln9OYUq7h+aS+xQ5J4MwtNU+bLkGJBDGq IimkBd75Z3KP89GEGaGTrEw6L8KuHdUHp44QeyPGw0qBo4T9rWpUZDCBop+j2ObS /C3P5mvZWnlP67BoUU2FMxQBN9iG6KEuCY9C4eoCI0GgvlXu23zuBcmdJj8Kh4sL ZK637kqGXaYKshiw7dyHhDwmR4YdZ366zj7d6Dyfc1qwP1VTdmlPhLZXKU65TU4m EJcphSxlAmSSSIyvvwmP1CzPIZwUEBvy7YC+2Qc9Vaeqr/qcOTD6d7g/RwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFKGeSjE7H04QRauh3hA4ijJjaWBCMB8GA1UdIwQY MBaAFEtyBm1+bKitL/pippsGeSOkLflvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUzNJR2JYNXNxSzB2LW1LbW13WjVJNlF0LVc4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hNjRiMDktNjRkZi00NzBjLWE2NGQt MWY2OTkxODc3YjI2LzEvb1o1S01Uc2ZUaEJGcTZIZUVEaUtNbU5wWUVJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS9hNjRiMDktNjRkZi00NzBjLWE2NGQtMWY2OTkxODc3YjI2 LzEvUzNJR2JYNXNxSzB2LW1LbW13WjVJNlF0LVc4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwJFoMA0G CSqGSIb3DQEBCwUAA4IBAQAPEZgPfxoDoPhR7UqdQMBFZ9b48GkWmR66lMfQTe/h 0a00W47y+B0zYR7ubOJtcpf6BxxX2aToNBWWfIOTvG1ErPBW71p2jm/SfRfUdy5i An2rmPXWEGJ+ETJ+x2DDlSZ5gcwqhVvaaO4Z3g3Ce19shFx70JC7jrhekk8UtUCT 0KwuSIQ5u0QszR+l/szxLfPl9Adg2vdcAp8CO8Yq8qSvHLUtl4VZyZwWnG5mkXUK S3wGlklW81KCNfikbhTlfq0QlyvIokOJhqH7iR0F40hSGHZbUNXneJkK6bz0prGr uIqJPbDE4aohdoBakFtYR24v9IMMJZ7NZz/yulTlQGk1 -----END CERTIFICATE-----Generated at Mon Feb 9 22:31:47 2026 by rpki-client