This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/290a60-792f-4475-a9f4-e3b9e0bae6ab/1/OYXBnR_i_32vVbXh0HFOhPBkIao.roa File: OYXBnR_i_32vVbXh0HFOhPBkIao.roa (raw, json) Hash identifier: uFNMDyNJ2OVPR9PkOadpZs87yuOZdywd47eCM9lTesc= Subject key identifier: 39:85:C1:9D:1F:E2:FF:7D:AF:55:B5:E1:D0:71:4E:84:F0:64:21:AA Certificate issuer: /CN=7f1d58d62ddd7e47af2196fd754bb3ff2679892a Certificate serial: 019B7DC9ED3427A60572A3C352083DDF4CEC Authority key identifier: 7F:1D:58:D6:2D:DD:7E:47:AF:21:96:FD:75:4B:B3:FF:26:79:89:2A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fx1Y1i3dfkevIZb9dUuz_yZ5iSo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/290a60-792f-4475-a9f4-e3b9e0bae6ab/1/OYXBnR_i_32vVbXh0HFOhPBkIao.roa Signing time: Fri 02 Jan 2026 08:19:03 +0000 ROA not before: Fri 02 Jan 2026 08:19:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60068 IP address blocks: 185.102.216.0/24 maxlen: 24 185.102.217.0/24 maxlen: 24 185.102.218.0/24 maxlen: 24 185.102.219.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/290a60-792f-4475-a9f4-e3b9e0bae6ab/1/fx1Y1i3dfkevIZb9dUuz_yZ5iSo.crl rsync://rpki.ripe.net/repository/DEFAULT/46/290a60-792f-4475-a9f4-e3b9e0bae6ab/1/fx1Y1i3dfkevIZb9dUuz_yZ5iSo.mft rsync://rpki.ripe.net/repository/DEFAULT/fx1Y1i3dfkevIZb9dUuz_yZ5iSo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c9:ed:34:27:a6:05:72:a3:c3:52:08:3d:df:4c:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7f1d58d62ddd7e47af2196fd754bb3ff2679892a Validity Not Before: Jan 2 08:19:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3985c19d1fe2ff7daf55b5e1d0714e84f06421aa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:21:ea:3c:ca:05:b8:33:b4:4b:ae:f1:7e:36: 37:96:3e:9c:5c:8b:81:75:ff:ff:da:20:f9:85:2a: 62:76:27:14:ef:20:ae:8d:cf:26:19:92:53:0d:b4: 7f:9a:a1:d4:fd:d0:43:db:43:96:a8:a1:23:7b:96: 9e:1e:9b:49:67:50:7e:3b:f4:e7:3a:75:bf:74:ce: 99:cd:fa:2f:ce:ff:67:40:c1:d9:44:9e:63:67:f3: aa:04:7c:47:af:7c:7f:d0:ea:d8:9e:f2:c6:6e:29: 83:f7:ea:9d:f5:36:bf:7f:e7:fe:87:61:a8:4d:36: 0b:54:ad:08:fa:38:6c:0b:24:84:a1:fc:5d:1b:7f: 76:ff:79:24:27:1c:94:e2:2d:13:74:b8:1c:36:72: 45:93:0f:93:af:0b:f0:32:eb:fd:c5:fb:e5:04:1a: 75:7e:ba:3f:a1:ea:2b:67:35:e9:b1:a7:ce:28:e5: c6:29:d0:1e:e6:2f:4a:7b:4a:9b:c5:b7:5a:6b:1b: 71:b8:34:78:d8:5b:12:2f:30:4e:6e:4a:6e:3c:25: 9e:ce:3d:68:47:3c:33:33:ea:c6:a3:53:72:b9:10: 23:cf:b6:17:28:15:8c:2a:48:b8:e4:b2:ec:2b:39: 95:c6:26:76:9c:bf:9b:e9:96:8e:f9:19:ab:a8:35: aa:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:85:C1:9D:1F:E2:FF:7D:AF:55:B5:E1:D0:71:4E:84:F0:64:21:AA X509v3 Authority Key Identifier: keyid:7F:1D:58:D6:2D:DD:7E:47:AF:21:96:FD:75:4B:B3:FF:26:79:89:2A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fx1Y1i3dfkevIZb9dUuz_yZ5iSo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/290a60-792f-4475-a9f4-e3b9e0bae6ab/1/OYXBnR_i_32vVbXh0HFOhPBkIao.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/46/290a60-792f-4475-a9f4-e3b9e0bae6ab/1/fx1Y1i3dfkevIZb9dUuz_yZ5iSo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.102.216.0/22 Signature Algorithm: sha256WithRSAEncryption 5a:58:71:9d:a6:cf:1b:67:1e:15:96:90:21:b5:f1:6a:0b:fa: fa:31:4b:49:b0:f0:ae:ab:b4:bb:9d:6f:40:ed:be:40:b8:1b: d6:6a:c8:60:dd:b8:6b:51:1f:ba:85:94:44:e5:77:f9:cf:12: 37:f8:55:a8:db:6f:f4:93:05:00:a7:f5:c5:5d:49:09:cf:46: 4c:db:bb:47:1b:e1:72:bc:10:27:ba:29:d8:6e:10:b7:af:de: 6c:a1:32:c7:60:fa:ca:d2:15:85:bf:7d:97:9a:3c:55:8b:5d: 35:f6:ef:39:83:e6:20:87:7b:fb:96:e7:c5:72:66:2d:a0:ad: c7:a4:8b:24:76:e2:bb:44:1c:e9:6b:0b:36:55:a9:1e:95:4d: 75:4a:17:93:26:ad:ca:b8:97:96:94:d8:df:04:3d:b0:82:19: bd:ac:d0:64:24:7e:5f:9e:b9:99:8b:9e:0b:6e:73:61:0e:1b: 84:19:8a:e0:2b:6f:a6:84:cb:66:79:aa:5f:85:7d:8a:23:2e: 0c:06:a4:b0:4e:05:4d:d3:86:03:e0:a2:14:ca:68:09:cf:32: a4:20:68:4c:b9:52:20:7f:2d:33:22:63:74:b9:4a:e9:86:d2: f6:c8:8b:3f:2a:19:bf:1b:06:29:1d:04:95:c8:45:12:73:cb: 1d:f4:b3:71 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9ye00J6YFcqPDUgg930zsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdmMWQ1OGQ2MmRkZDdlNDdhZjIxOTZmZDc1NGJiM2ZmMjY3 OTg5MmEwHhcNMjYwMTAyMDgxOTAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzOTg1YzE5ZDFmZTJmZjdkYWY1NWI1ZTFkMDcxNGU4NGYwNjQyMWFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriHqPMoFuDO0S67xfjY3lj6cXIuB df//2iD5hSpidicU7yCujc8mGZJTDbR/mqHU/dBD20OWqKEje5aeHptJZ1B+O/Tn OnW/dM6Zzfovzv9nQMHZRJ5jZ/OqBHxHr3x/0OrYnvLGbimD9+qd9Ta/f+f+h2Go TTYLVK0I+jhsCySEofxdG392/3kkJxyU4i0TdLgcNnJFkw+TrwvwMuv9xfvlBBp1 fro/oeorZzXpsafOKOXGKdAe5i9Ke0qbxbdaaxtxuDR42FsSLzBObkpuPCWezj1o RzwzM+rGo1NyuRAjz7YXKBWMKki45LLsKzmVxiZ2nL+b6ZaO+RmrqDWqaQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFDmFwZ0f4v99r1W14dBxToTwZCGqMB8GA1UdIwQY MBaAFH8dWNYt3X5HryGW/XVLs/8meYkqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZngxWTFpM2Rma2V2SVpiOWRVdXpfeVo1aVNvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8yOTBhNjAtNzkyZi00NDc1LWE5ZjQt ZTNiOWUwYmFlNmFiLzEvT1lYQm5SX2lfMzJ2VmJYaDBIRk9oUEJrSWFvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ni8yOTBhNjAtNzkyZi00NDc1LWE5ZjQtZTNiOWUwYmFlNmFi LzEvZngxWTFpM2Rma2V2SVpiOWRVdXpfeVo1aVNvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWbYMA0G CSqGSIb3DQEBCwUAA4IBAQBaWHGdps8bZx4VlpAhtfFqC/r6MUtJsPCuq7S7nW9A 7b5AuBvWashg3bhrUR+6hZRE5Xf5zxI3+FWo22/0kwUAp/XFXUkJz0ZM27tHG+Fy vBAnuinYbhC3r95soTLHYPrK0hWFv32XmjxVi1019u85g+Ygh3v7lufFcmYtoK3H pIskduK7RBzpaws2VakelU11SheTJq3KuJeWlNjfBD2wghm9rNBkJH5fnrmZi54L bnNhDhuEGYrgK2+mhMtmeapfhX2KIy4MBqSwTgVN04YD4KIUymgJzzKkIGhMuVIg fy0zImN0uUrphtL2yIs/Khm/GwYpHQSVyEUSc8sd9LNx -----END CERTIFICATE-----Generated at Wed Jan 21 07:23:26 2026 by rpki-client