This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/oPaj67m8bb6wLfZ_kepjcuLeEhE.roa File: oPaj67m8bb6wLfZ_kepjcuLeEhE.roa (raw, json) Hash identifier: xT/OMVsHzyIeWqD0D8up+2bTSbacFSUUAPM7Eyfo9Ss= Subject key identifier: A0:F6:A3:EB:B9:BC:6D:BE:B0:2D:F6:7F:91:EA:63:72:E2:DE:12:11 Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e Certificate serial: 019B77C6841E9894E884D7C795D2C04637EA Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/oPaj67m8bb6wLfZ_kepjcuLeEhE.roa Signing time: Thu 01 Jan 2026 04:17:37 +0000 ROA not before: Thu 01 Jan 2026 04:17:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31577 IP address blocks: 5.35.200.0/21 maxlen: 21 5.35.201.0/24 maxlen: 24 5.35.202.0/24 maxlen: 24 5.35.203.0/24 maxlen: 24 5.35.204.0/24 maxlen: 24 5.35.206.0/24 maxlen: 24 31.3.120.0/21 maxlen: 21 31.3.120.0/24 maxlen: 24 31.3.124.0/24 maxlen: 24 31.3.125.0/24 maxlen: 24 31.3.126.0/24 maxlen: 24 31.3.127.0/24 maxlen: 24 83.136.184.0/21 maxlen: 21 83.136.189.0/24 maxlen: 24 83.136.190.0/24 maxlen: 24 83.136.191.0/24 maxlen: 24 95.129.112.0/21 maxlen: 21 95.129.114.0/24 maxlen: 24 95.129.115.0/24 maxlen: 24 95.129.118.0/24 maxlen: 24 185.23.120.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 12:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:84:1e:98:94:e8:84:d7:c7:95:d2:c0:46:37:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e Validity Not Before: Jan 1 04:17:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a0f6a3ebb9bc6dbeb02df67f91ea6372e2de1211 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:67:59:74:a2:f4:cf:ed:61:0f:a7:19:89:6d: f9:11:5b:cd:6b:07:77:12:58:a9:73:3e:65:50:5a: 40:80:d8:e1:2a:3e:01:c3:be:52:3a:1d:07:e4:0c: 51:e9:d7:42:38:ce:9a:18:43:31:a9:21:b4:cf:95: d3:fa:8c:11:1a:73:0f:b1:33:de:16:6b:b0:f7:71: b1:28:0d:49:ef:62:61:18:32:fb:f8:38:1c:94:ab: 70:1e:80:f1:e6:0d:7b:f0:ca:4e:02:cf:9d:e9:62: d3:95:13:d1:fe:4f:69:21:fe:65:53:a5:0b:dc:9f: 3e:de:9f:65:04:fa:52:ba:98:43:37:fa:67:c1:1a: 6c:8a:21:41:fa:ac:89:9c:f5:21:94:2c:34:5d:23: 4f:9a:29:07:6f:dd:02:d4:08:8c:60:42:9a:2b:ea: cf:e9:07:b6:5c:77:65:a3:b3:cc:4d:3c:5c:08:15: 69:7b:c1:ab:e8:a1:44:d9:6c:62:b8:ef:65:a0:bf: ac:4f:83:18:e5:72:76:f6:93:93:6b:28:bc:0e:9a: e8:8a:a7:d1:0b:3e:51:df:66:e4:63:41:14:23:92: 61:54:1e:c7:d3:58:e6:bd:8d:64:60:37:74:5d:56: 53:6e:d7:81:9a:75:76:12:dc:39:01:be:31:86:48: 0e:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:F6:A3:EB:B9:BC:6D:BE:B0:2D:F6:7F:91:EA:63:72:E2:DE:12:11 X509v3 Authority Key Identifier: keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/oPaj67m8bb6wLfZ_kepjcuLeEhE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.35.200.0/21 31.3.120.0/21 83.136.184.0/21 95.129.112.0/21 185.23.120.0/22 Signature Algorithm: sha256WithRSAEncryption 6f:4a:9c:dc:f8:4f:ec:5c:ab:a4:1c:65:05:01:21:7d:f5:c4: b7:14:ff:3b:e1:50:77:91:9b:27:0e:7b:8e:ea:5d:ff:f4:08: b9:de:40:b7:f4:0c:24:83:d5:4a:e2:d9:6c:25:79:21:f2:f1: 62:42:d1:d8:ed:53:be:39:0a:ef:fe:68:d5:92:d5:66:21:08: 4c:69:e6:20:97:78:0e:e0:37:84:38:9e:35:44:d3:df:6d:db: e1:0a:3a:0f:ba:a7:de:93:8e:89:77:4a:83:14:e4:9c:9d:43: d4:64:28:91:e4:7b:63:b8:6f:1f:3b:08:12:77:39:7c:f0:97: 36:b1:6a:9c:54:27:4e:87:4e:9e:46:7a:b8:f7:b5:28:3b:8d: 84:69:95:5e:b1:29:c9:e8:a2:1d:47:69:3a:6d:d0:68:a2:57: dd:bc:c6:50:2d:2b:f6:bf:3d:e9:12:27:f6:de:82:c7:29:4c: 29:8c:55:28:4b:fa:57:62:9b:54:22:fa:09:f5:fc:ae:68:55: 35:60:ab:8a:a8:d1:76:b6:11:66:c9:16:d0:df:f8:22:09:f6: 41:59:49:ec:6c:f8:75:dd:7a:d8:53:fb:e2:5c:c3:ff:9c:0e: cf:23:79:4f:d2:b4:f5:bf:46:98:eb:6a:ed:a8:4d:5f:d4:20: 03:58:17:e9 -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt3xoQemJTohNfHldLARjfqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy MGI3M2UwHhcNMjYwMTAxMDQxNzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMGY2YTNlYmI5YmM2ZGJlYjAyZGY2N2Y5MWVhNjM3MmUyZGUxMjExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWdZdKL0z+1hD6cZiW35EVvNawd3 Elipcz5lUFpAgNjhKj4Bw75SOh0H5AxR6ddCOM6aGEMxqSG0z5XT+owRGnMPsTPe Fmuw93GxKA1J72JhGDL7+DgclKtwHoDx5g178MpOAs+d6WLTlRPR/k9pIf5lU6UL 3J8+3p9lBPpSuphDN/pnwRpsiiFB+qyJnPUhlCw0XSNPmikHb90C1AiMYEKaK+rP 6Qe2XHdlo7PMTTxcCBVpe8Gr6KFE2WxiuO9loL+sT4MY5XJ29pOTayi8DproiqfR Cz5R32bkY0EUI5JhVB7H01jmvY1kYDd0XVZTbteBmnV2Etw5Ab4xhkgOMQIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFKD2o+u5vG2+sC32f5HqY3Li3hIRMB8GA1UdIwQY MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt Y2YwNmQxOTgzYmExLzEvb1BhajY3bThiYjZ3TGZaX2tlcGpjdUxlRWhFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDBSPIAwQD HwN4AwQDU4i4AwQDX4FwAwQCuRd4MA0GCSqGSIb3DQEBCwUAA4IBAQBvSpzc+E/s XKukHGUFASF99cS3FP874VB3kZsnDnuO6l3/9Ai53kC39Awkg9VK4tlsJXkh8vFi QtHY7VO+OQrv/mjVktVmIQhMaeYgl3gO4DeEOJ41RNPfbdvhCjoPuqfek46Jd0qD FOScnUPUZCiR5HtjuG8fOwgSdzl88Jc2sWqcVCdOh06eRnq497UoO42EaZVesSnJ 6KIdR2k6bdBoolfdvMZQLSv2vz3pEif23oLHKUwpjFUoS/pXYptUIvoJ9fyuaFU1 YKuKqNF2thFmyRbQ3/giCfZBWUnsbPh13XrYU/viXMP/nA7PI3lP0rT1v0aY62rt qE1f1CADWBfp -----END CERTIFICATE-----Generated at Wed Jan 21 21:31:17 2026 by rpki-client