This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/ojMiU5ZW89cnHI1G20p4HQw3p0E.roa File: ojMiU5ZW89cnHI1G20p4HQw3p0E.roa (raw, json) Hash identifier: vNBIj7f+Qx1+2T2uT1qli3Cooig9ZkkBG0sEKNGjtRU= Subject key identifier: A2:33:22:53:96:56:F3:D7:27:1C:8D:46:DB:4A:78:1D:0C:37:A7:41 Certificate issuer: /CN=2f6f0ea0127a6e392195696380be5bb0474b01df Certificate serial: 019B7F156A73F92DB049D1EE31208E2E5651 Authority key identifier: 2F:6F:0E:A0:12:7A:6E:39:21:95:69:63:80:BE:5B:B0:47:4B:01:DF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L28OoBJ6bjkhlWljgL5bsEdLAd8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/ojMiU5ZW89cnHI1G20p4HQw3p0E.roa Signing time: Fri 02 Jan 2026 14:21:08 +0000 ROA not before: Fri 02 Jan 2026 14:21:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 553 IP address blocks: 45.90.132.0/22 maxlen: 22 185.134.84.0/22 maxlen: 22 2a06:ec00::/29 maxlen: 29 2a0e:3c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/L28OoBJ6bjkhlWljgL5bsEdLAd8.crl rsync://rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/L28OoBJ6bjkhlWljgL5bsEdLAd8.mft rsync://rpki.ripe.net/repository/DEFAULT/L28OoBJ6bjkhlWljgL5bsEdLAd8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Feb 2026 21:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:6a:73:f9:2d:b0:49:d1:ee:31:20:8e:2e:56:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2f6f0ea0127a6e392195696380be5bb0474b01df Validity Not Before: Jan 2 14:21:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a23322539656f3d7271c8d46db4a781d0c37a741 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:07:42:ce:dd:8b:d0:7b:d3:b8:0c:3f:66:b2: e0:96:af:0a:1e:09:b7:ab:ed:64:b0:ff:10:21:8d: 2f:85:47:b9:37:02:c5:98:53:6b:d5:78:34:d6:b5: b3:af:d1:5c:fc:5e:f7:bb:86:15:d4:05:53:18:5f: a2:95:1e:88:d8:6f:63:7f:2d:cd:37:e0:8c:98:02: dd:7a:79:d6:bb:93:c8:f1:1b:7c:d3:f4:f9:01:64: 1c:c5:84:c1:f0:72:fb:85:1c:32:4d:b7:44:67:50: c3:88:bd:8d:47:26:e3:33:40:3b:96:90:ee:49:0e: a9:5c:ab:d7:86:18:cf:f8:02:fe:6a:9c:ab:f6:d1: 1c:56:cf:03:14:c5:0b:59:a2:20:29:77:4e:3b:dc: 03:fa:bd:85:ba:cc:bb:28:9a:6d:f6:7c:e1:83:2b: 13:36:ff:a2:ab:6c:03:7c:58:01:7f:10:41:14:70: 9c:df:74:fd:89:1d:88:d7:da:e7:c0:f8:59:45:0a: b5:2c:a2:5d:73:37:a8:34:4d:0f:58:4f:f9:4b:ef: b2:b2:4b:dd:d0:55:63:46:3c:ef:d9:31:0b:da:25: 0e:40:8e:17:c0:ae:c6:a3:1c:9c:b4:51:32:c3:4f: be:d0:bb:69:6e:e7:4b:11:27:32:86:1e:0b:81:a1: 23:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:33:22:53:96:56:F3:D7:27:1C:8D:46:DB:4A:78:1D:0C:37:A7:41 X509v3 Authority Key Identifier: keyid:2F:6F:0E:A0:12:7A:6E:39:21:95:69:63:80:BE:5B:B0:47:4B:01:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L28OoBJ6bjkhlWljgL5bsEdLAd8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/ojMiU5ZW89cnHI1G20p4HQw3p0E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/L28OoBJ6bjkhlWljgL5bsEdLAd8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.90.132.0/22 185.134.84.0/22 IPv6: 2a06:ec00::/29 2a0e:3c0::/29 Signature Algorithm: sha256WithRSAEncryption 51:4d:84:bb:c9:d5:c2:e6:7f:f6:1b:1f:07:64:c8:f7:4b:83: 48:3e:d9:87:7e:7d:c1:7b:86:4b:16:69:14:0e:ce:06:a4:2f: 4a:ab:ec:ac:2d:a1:82:ce:0e:61:87:14:fc:1e:59:14:d1:46: 2f:cc:73:03:fd:b9:c9:08:22:9e:7d:68:87:08:b2:4a:d7:c9: 7d:96:76:41:a5:46:33:8b:df:b0:13:9d:b0:f5:a2:2d:1d:93: cc:ef:3b:31:73:80:96:25:df:5d:31:fe:a8:18:eb:87:4b:3e: 7c:8c:a4:3d:56:ba:05:9d:7e:2e:f3:b6:f3:17:dc:ff:0d:96: 9d:08:98:b3:35:0b:d5:ac:0e:ee:32:06:21:49:1b:db:07:39: 9e:0c:91:22:68:89:9b:de:4c:fb:3e:1c:b2:72:38:42:1a:7f: 6e:36:b8:c7:65:e8:09:ab:14:c7:b1:ac:15:4b:e8:71:c1:73: 5e:2b:2a:55:0d:46:59:99:84:2f:7f:26:b3:e2:10:09:61:13: b5:eb:37:2f:18:35:4c:6a:4d:f0:14:39:7a:ab:9e:ca:43:08: 6c:bf:75:32:4e:cd:61:97:60:db:f7:f0:25:58:cf:d1:20:d9: 6b:8d:e8:f7:f5:b9:b4:aa:b9:b0:c6:14:3d:12:09:92:20:9f: c8:0f:eb:54 -----BEGIN CERTIFICATE----- MIIFGTCCBAGgAwIBAgISAZt/FWpz+S2wSdHuMSCOLlZRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJmNmYwZWEwMTI3YTZlMzkyMTk1Njk2MzgwYmU1YmIwNDc0 YjAxZGYwHhcNMjYwMTAyMTQyMTA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMjMzMjI1Mzk2NTZmM2Q3MjcxYzhkNDZkYjRhNzgxZDBjMzdhNzQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAdCzt2L0HvTuAw/ZrLglq8KHgm3 q+1ksP8QIY0vhUe5NwLFmFNr1Xg01rWzr9Fc/F73u4YV1AVTGF+ilR6I2G9jfy3N N+CMmALdennWu5PI8Rt80/T5AWQcxYTB8HL7hRwyTbdEZ1DDiL2NRybjM0A7lpDu SQ6pXKvXhhjP+AL+apyr9tEcVs8DFMULWaIgKXdOO9wD+r2Fusy7KJpt9nzhgysT Nv+iq2wDfFgBfxBBFHCc33T9iR2I19rnwPhZRQq1LKJdczeoNE0PWE/5S++yskvd 0FVjRjzv2TEL2iUOQI4XwK7GoxyctFEyw0++0LtpbudLEScyhh4LgaEjGwIDAQAB o4ICJTCCAiEwHQYDVR0OBBYEFKIzIlOWVvPXJxyNRttKeB0MN6dBMB8GA1UdIwQY MBaAFC9vDqASem45IZVpY4C+W7BHSwHfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTDI4T29CSjZiamtobFdsamdMNWJzRWRMQWQ4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS82MjY0MWYtY2Y5OS00NTE0LWI3ZDct YjJhMjMyNDZlNjE0LzEvb2pNaVU1Wlc4OWNuSEkxRzIwcDRIUXczcDBFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OS82MjY0MWYtY2Y5OS00NTE0LWI3ZDctYjJhMjMyNDZlNjE0 LzEvTDI4T29CSjZiamtobFdsamdMNWJzRWRMQWQ4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLVqEAwQC uYZUMBQEAgACMA4DBQMqBuwAAwUDKg4DwDANBgkqhkiG9w0BAQsFAAOCAQEAUU2E u8nVwuZ/9hsfB2TI90uDSD7Zh359wXuGSxZpFA7OBqQvSqvsrC2hgs4OYYcU/B5Z FNFGL8xzA/25yQginn1ohwiyStfJfZZ2QaVGM4vfsBOdsPWiLR2TzO87MXOAliXf XTH+qBjrh0s+fIykPVa6BZ1+LvO28xfc/w2WnQiYszUL1awO7jIGIUkb2wc5ngyR ImiJm95M+z4csnI4Qhp/bja4x2XoCasUx7GsFUvoccFzXisqVQ1GWZmEL38ms+IQ CWETtes3Lxg1TGpN8BQ5equeykMIbL91Mk7NYZdg2/fwJVjP0SDZa43o9/W5tKq5 sMYUPRIJkiCfyA/rVA== -----END CERTIFICATE-----Generated at Mon Feb 2 08:09:16 2026 by rpki-client