This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/29a0dc-20af-437e-9870-3669d1b569d6/1/OMhZqYIdlbW6MwJAX5hoXZbZs2s.roa File: OMhZqYIdlbW6MwJAX5hoXZbZs2s.roa (raw, json) Hash identifier: Fz6GaOA6LETuiDcthzdYWCgbQdrzncp3eZt1aOMvmKA= Subject key identifier: 38:C8:59:A9:82:1D:95:B5:BA:33:02:40:5F:98:68:5D:96:D9:B3:6B Certificate issuer: /CN=87210b34ce002e30a0a54fabfa2bcac46dfa7228 Certificate serial: 019B7758F4F3F51555DECAF301E15EF62D40 Authority key identifier: 87:21:0B:34:CE:00:2E:30:A0:A5:4F:AB:FA:2B:CA:C4:6D:FA:72:28 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hyELNM4ALjCgpU-r-ivKxG36cig.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/29a0dc-20af-437e-9870-3669d1b569d6/1/OMhZqYIdlbW6MwJAX5hoXZbZs2s.roa Signing time: Thu 01 Jan 2026 02:17:56 +0000 ROA not before: Thu 01 Jan 2026 02:17:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214615 IP address blocks: 2a05:a00::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/29a0dc-20af-437e-9870-3669d1b569d6/1/hyELNM4ALjCgpU-r-ivKxG36cig.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/29a0dc-20af-437e-9870-3669d1b569d6/1/hyELNM4ALjCgpU-r-ivKxG36cig.mft rsync://rpki.ripe.net/repository/DEFAULT/hyELNM4ALjCgpU-r-ivKxG36cig.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:f4:f3:f5:15:55:de:ca:f3:01:e1:5e:f6:2d:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87210b34ce002e30a0a54fabfa2bcac46dfa7228 Validity Not Before: Jan 1 02:17:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=38c859a9821d95b5ba3302405f98685d96d9b36b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:6d:7e:b8:f8:c8:dd:c6:ce:a5:be:72:e3:b0: fe:e4:de:29:9b:ad:0e:a6:6b:8d:c8:c6:37:df:a1: 97:96:3e:97:c6:74:4e:55:b4:ab:6e:e4:3d:62:3d: 72:8c:90:b9:ba:3a:99:ad:b2:62:bc:ea:ae:a1:90: 4b:ab:cf:a6:af:ff:3e:89:c3:71:47:b6:5f:d4:d1: 15:17:9a:62:2d:f6:61:c5:8a:3b:8f:ca:39:21:9f: 8f:c2:e5:11:7e:ba:5e:1b:04:55:49:9b:c1:67:5c: 67:e3:cd:c1:e8:77:20:59:1a:e9:90:e4:f4:23:ef: ff:6b:3c:24:0f:a2:0b:d3:34:d8:69:04:93:b8:fd: 4d:07:20:57:13:b2:63:a3:38:5b:31:55:c3:0a:05: 23:d2:54:9f:07:5f:16:71:ad:ab:ab:86:dd:f5:1c: 9d:74:53:c3:0a:70:32:67:93:6f:c9:f8:3b:b1:ae: 6f:82:4f:3c:76:c2:bd:b5:b3:72:0c:7c:d2:8c:2e: a8:30:3b:6f:f4:42:68:0d:a1:ed:03:6f:29:4b:10: bc:af:bb:8d:88:25:0f:82:33:be:d2:c2:3c:31:ae: c6:c5:69:62:ad:0a:f6:0a:ba:91:b0:07:c2:83:dd: fa:4c:83:ca:f2:c0:3c:ec:9d:f2:32:cb:ed:ad:32: b6:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:C8:59:A9:82:1D:95:B5:BA:33:02:40:5F:98:68:5D:96:D9:B3:6B X509v3 Authority Key Identifier: keyid:87:21:0B:34:CE:00:2E:30:A0:A5:4F:AB:FA:2B:CA:C4:6D:FA:72:28 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hyELNM4ALjCgpU-r-ivKxG36cig.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/29a0dc-20af-437e-9870-3669d1b569d6/1/OMhZqYIdlbW6MwJAX5hoXZbZs2s.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/29a0dc-20af-437e-9870-3669d1b569d6/1/hyELNM4ALjCgpU-r-ivKxG36cig.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:a00::/32 Signature Algorithm: sha256WithRSAEncryption b0:c1:82:f2:5f:0c:29:7c:e7:a2:70:4a:51:5f:0a:8b:79:3c: 0b:91:c7:a4:5c:e4:30:0b:27:ab:bb:73:e5:bb:14:9d:80:d6: c6:ac:f8:c3:1a:41:15:8c:c6:78:0e:63:0d:93:bf:00:3b:76: 7c:d2:e6:8d:b3:4d:84:c3:8e:2f:12:2e:7b:3c:3b:23:55:3b: c2:73:64:41:1b:7f:41:ac:e1:1f:1d:b3:d9:c2:e1:e6:dd:90: 40:80:83:25:ec:23:73:7e:4d:97:de:d2:c2:01:7f:18:89:9f: d0:67:a8:37:b4:72:bf:d8:b0:51:c3:3d:88:0c:53:24:3d:90: b3:96:30:b0:ec:8f:65:72:a8:3f:f6:8c:70:e1:27:39:22:1d: 69:4d:0c:a3:3b:6b:4f:2b:6a:4e:70:c2:7e:52:65:1d:4f:48: f6:a3:8e:2b:6a:b7:e2:04:b0:64:5f:8a:e3:33:9b:7f:b4:a4: 92:9a:29:a7:ed:ce:3c:e6:dd:2a:bc:ac:bc:f6:af:c7:da:c7: 10:bf:36:53:11:37:df:78:18:bd:2f:f7:4a:2d:75:58:41:bb: 7a:69:6e:ec:bb:cb:c5:0a:7b:d3:9b:4e:0a:26:cc:2f:26:78: 62:fb:5b:23:f3:a2:8b:fb:42:56:e2:f5:85:0f:74:ae:fd:d4: 04:9a:4d:52 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt3WPTz9RVV3srzAeFe9i1AMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3MjEwYjM0Y2UwMDJlMzBhMGE1NGZhYmZhMmJjYWM0NmRm YTcyMjgwHhcNMjYwMTAxMDIxNzU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzOGM4NTlhOTgyMWQ5NWI1YmEzMzAyNDA1Zjk4Njg1ZDk2ZDliMzZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8W1+uPjI3cbOpb5y47D+5N4pm60O pmuNyMY336GXlj6XxnROVbSrbuQ9Yj1yjJC5ujqZrbJivOquoZBLq8+mr/8+icNx R7Zf1NEVF5piLfZhxYo7j8o5IZ+PwuURfrpeGwRVSZvBZ1xn483B6HcgWRrpkOT0 I+//azwkD6IL0zTYaQSTuP1NByBXE7JjozhbMVXDCgUj0lSfB18Wca2rq4bd9Ryd dFPDCnAyZ5Nvyfg7sa5vgk88dsK9tbNyDHzSjC6oMDtv9EJoDaHtA28pSxC8r7uN iCUPgjO+0sI8Ma7GxWlirQr2CrqRsAfCg936TIPK8sA87J3yMsvtrTK2zQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFDjIWamCHZW1ujMCQF+YaF2W2bNrMB8GA1UdIwQY MBaAFIchCzTOAC4woKVPq/orysRt+nIoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaHlFTE5NNEFMakNncFUtci1pdkt4RzM2Y2lnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8yOWEwZGMtMjBhZi00MzdlLTk4NzAt MzY2OWQxYjU2OWQ2LzEvT01oWnFZSWRsYlc2TXdKQVg1aG9YWmJaczJzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS8yOWEwZGMtMjBhZi00MzdlLTk4NzAtMzY2OWQxYjU2OWQ2 LzEvaHlFTE5NNEFMakNncFUtci1pdkt4RzM2Y2lnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgUKADAN BgkqhkiG9w0BAQsFAAOCAQEAsMGC8l8MKXznonBKUV8Ki3k8C5HHpFzkMAsnq7tz 5bsUnYDWxqz4wxpBFYzGeA5jDZO/ADt2fNLmjbNNhMOOLxIuezw7I1U7wnNkQRt/ QazhHx2z2cLh5t2QQICDJewjc35Nl97SwgF/GImf0GeoN7Ryv9iwUcM9iAxTJD2Q s5YwsOyPZXKoP/aMcOEnOSIdaU0MoztrTytqTnDCflJlHU9I9qOOK2q34gSwZF+K 4zObf7Skkpopp+3OPObdKrysvPavx9rHEL82UxE333gYvS/3Si11WEG7emlu7LvL xQp705tOCibMLyZ4YvtbI/Oii/tCVuL1hQ90rv3UBJpNUg== -----END CERTIFICATE-----Generated at Mon Feb 9 20:09:34 2026 by rpki-client