This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/oNUyO24qjfd5xtSDIWPcDNoijxo.roa File: oNUyO24qjfd5xtSDIWPcDNoijxo.roa (raw, json) Hash identifier: WoMYVT2feU1FlqCnW1Iw0oCuWmwfAa3ijaSrKK3RFe8= Subject key identifier: A0:D5:32:3B:6E:2A:8D:F7:79:C6:D4:83:21:63:DC:0C:DA:22:8F:1A Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13 Certificate serial: 019B7DC97F90BCA9509015DD00D81D0DAE8C Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/oNUyO24qjfd5xtSDIWPcDNoijxo.roa Signing time: Fri 02 Jan 2026 08:18:35 +0000 ROA not before: Fri 02 Jan 2026 08:18:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9009 IP address blocks: 158.46.128.0/18 maxlen: 24 158.46.132.0/22 maxlen: 22 158.46.136.0/21 maxlen: 21 158.46.144.0/20 maxlen: 24 158.46.148.0/24 maxlen: 24 158.46.152.0/24 maxlen: 24 158.46.156.0/24 maxlen: 24 158.46.158.0/24 maxlen: 24 158.46.160.0/23 maxlen: 23 158.46.164.0/22 maxlen: 22 158.46.168.0/21 maxlen: 21 158.46.184.0/23 maxlen: 23 158.46.186.0/23 maxlen: 23 158.46.188.0/22 maxlen: 24 158.46.192.0/19 maxlen: 24 158.46.204.0/24 maxlen: 24 158.46.205.0/24 maxlen: 24 158.46.207.0/24 maxlen: 24 158.46.250.0/23 maxlen: 24 178.171.0.0/17 maxlen: 24 178.171.20.0/22 maxlen: 24 178.171.36.0/23 maxlen: 23 178.171.86.0/24 maxlen: 24 178.171.103.0/24 maxlen: 24 178.171.105.0/24 maxlen: 24 178.171.106.0/23 maxlen: 23 178.171.108.0/23 maxlen: 23 178.171.112.0/23 maxlen: 23 178.171.114.0/23 maxlen: 23 178.171.116.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.mft rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 02:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c9:7f:90:bc:a9:50:90:15:dd:00:d8:1d:0d:ae:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13 Validity Not Before: Jan 2 08:18:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a0d5323b6e2a8df779c6d4832163dc0cda228f1a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:34:f9:31:11:ed:00:27:5b:d4:76:5e:69:42: 17:34:f6:5c:ff:43:06:f7:cc:41:35:7a:03:04:87: e5:58:b3:48:ce:57:e8:b8:4e:92:5a:ef:93:d9:60: 6f:ed:be:a5:4d:43:91:73:fe:72:ca:29:2f:4d:85: f8:28:b8:5e:bd:6b:5c:f5:3e:b7:e2:a3:bf:f9:87: 80:5c:14:8a:ff:3a:16:98:cd:b7:b8:8d:5a:20:18: 95:03:75:aa:b7:8b:eb:e4:7a:b4:9f:19:f1:33:28: 35:ed:e7:79:ea:e4:0d:42:b0:9f:0e:fd:ee:c1:77: b3:f8:53:b4:00:9f:94:3c:d4:fd:1f:e7:34:5f:99: d2:92:db:26:72:93:40:46:1e:ea:03:ad:f0:99:34: a7:19:13:7e:37:ff:78:f4:cb:99:13:ed:c5:03:05: c4:dc:2d:1c:39:9c:9f:91:39:ce:a4:a0:75:74:ee: c8:01:9d:05:b9:b5:b3:6d:bb:f7:d7:7e:b8:d6:4a: e0:5e:ce:77:e2:0f:7b:78:41:06:ef:7d:e2:ff:7a: 45:56:ea:e0:3b:8d:83:fe:a6:97:13:82:67:ba:16: fa:9a:bd:23:30:15:78:ae:df:13:c4:e5:71:22:fd: 17:c4:c0:4b:71:d6:d5:06:f6:1a:90:54:61:9a:57: 1b:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:D5:32:3B:6E:2A:8D:F7:79:C6:D4:83:21:63:DC:0C:DA:22:8F:1A X509v3 Authority Key Identifier: keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/oNUyO24qjfd5xtSDIWPcDNoijxo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.46.128.0-158.46.223.255 158.46.250.0/23 178.171.0.0/17 Signature Algorithm: sha256WithRSAEncryption 4b:66:21:2a:ff:ad:11:44:8b:78:cc:13:53:1a:61:44:8b:77: 10:c0:f2:7a:4f:20:b4:b9:f3:aa:aa:3d:e7:ca:9e:00:b9:0d: 07:59:80:81:6e:fd:4a:4b:2b:b6:b3:da:c6:09:be:98:0d:75: 01:25:1b:a9:3d:b2:4a:17:07:e5:55:9b:bc:e5:e7:c5:0d:8e: d9:2a:c7:68:c9:ee:1c:df:ef:a3:cd:74:52:d2:2c:bb:ba:74: f7:f6:12:3f:5d:29:fe:3e:77:77:cc:a0:fa:a1:4f:3a:0a:ab: 10:d9:32:78:09:bc:d7:af:04:7e:98:6e:7c:1e:45:78:8b:ec: 31:4a:dc:15:c0:98:06:ee:f4:9a:3e:eb:93:a6:0e:bc:f3:31: 42:40:55:7e:2f:9b:35:52:88:d7:23:7a:08:3e:47:44:50:53: 34:70:82:6f:6b:bd:47:e7:0f:c8:3c:3d:a0:01:53:06:cb:51: 6b:25:ce:bb:ab:c9:2c:32:d9:5a:02:4b:87:a3:84:12:b1:1e: 25:a8:d2:09:fa:af:32:f8:86:89:56:1f:68:6f:2c:e7:b5:6a: 20:77:0c:f6:ca:06:ed:51:9e:47:23:bd:49:3d:2c:8f:3c:6b: bc:12:02:f0:1b:ff:1d:b0:7e:cf:2e:0e:54:f5:89:73:45:4d: 2d:ab:b2:97 -----BEGIN CERTIFICATE----- MIIFETCCA/mgAwIBAgISAZt9yX+QvKlQkBXdANgdDa6MMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl NjNjMTMwHhcNMjYwMTAyMDgxODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMGQ1MzIzYjZlMmE4ZGY3NzljNmQ0ODMyMTYzZGMwY2RhMjI4ZjFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTT5MRHtACdb1HZeaUIXNPZc/0MG 98xBNXoDBIflWLNIzlfouE6SWu+T2WBv7b6lTUORc/5yyikvTYX4KLhevWtc9T63 4qO/+YeAXBSK/zoWmM23uI1aIBiVA3Wqt4vr5Hq0nxnxMyg17ed56uQNQrCfDv3u wXez+FO0AJ+UPNT9H+c0X5nSktsmcpNARh7qA63wmTSnGRN+N/949MuZE+3FAwXE 3C0cOZyfkTnOpKB1dO7IAZ0FubWzbbv313641krgXs534g97eEEG733i/3pFVurg O42D/qaXE4Jnuhb6mr0jMBV4rt8TxOVxIv0XxMBLcdbVBvYakFRhmlcbpQIDAQAB o4ICHTCCAhkwHQYDVR0OBBYEFKDVMjtuKo33ecbUgyFj3AzaIo8aMB8GA1UdIwQY MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt YmE3NzFmZmQyNjljLzEvb05VeU8yNHFqZmQ1eHRTRElXUGNETm9panhvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAeeLoAD BAWeLsADBAGeLvoDBAeyqwAwDQYJKoZIhvcNAQELBQADggEBAEtmISr/rRFEi3jM E1MaYUSLdxDA8npPILS586qqPefKngC5DQdZgIFu/UpLK7az2sYJvpgNdQElG6k9 skoXB+VVm7zl58UNjtkqx2jJ7hzf76PNdFLSLLu6dPf2Ej9dKf4+d3fMoPqhTzoK qxDZMngJvNevBH6YbnweRXiL7DFK3BXAmAbu9Jo+65OmDrzzMUJAVX4vmzVSiNcj egg+R0RQUzRwgm9rvUfnD8g8PaABUwbLUWslzrurySwy2VoCS4ejhBKxHiWo0gn6 rzL4holWH2hvLOe1aiB3DPbKBu1RnkcjvUk9LI88a7wSAvAb/x2wfs8uDlT1iXNF TS2rspc= -----END CERTIFICATE-----Generated at Sun Jan 18 08:54:59 2026 by rpki-client