This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/2995cd-465f-4b40-a455-16d3cd352f2e/1/oNy7iyROhmf7k1QXS1fyOykVhms.roa File: oNy7iyROhmf7k1QXS1fyOykVhms.roa (raw, json) Hash identifier: 7ICki/NejOefHux3d5CNCzujTTJwY1H52uKM23OBmV4= Subject key identifier: A0:DC:BB:8B:24:4E:86:67:FB:93:54:17:4B:57:F2:3B:29:15:86:6B Certificate issuer: /CN=9bda3414137129fa38a6c61c496ab8b61409ce02 Certificate serial: 019B7B3691C5A1CA6A05CA20F708F078386F Authority key identifier: 9B:DA:34:14:13:71:29:FA:38:A6:C6:1C:49:6A:B8:B6:14:09:CE:02 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9o0FBNxKfo4psYcSWq4thQJzgI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/2995cd-465f-4b40-a455-16d3cd352f2e/1/oNy7iyROhmf7k1QXS1fyOykVhms.roa Signing time: Thu 01 Jan 2026 20:18:52 +0000 ROA not before: Thu 01 Jan 2026 20:18:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34108 IP address blocks: 95.128.88.0/21 maxlen: 24 178.250.144.0/21 maxlen: 24 2a02:928::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/2995cd-465f-4b40-a455-16d3cd352f2e/1/m9o0FBNxKfo4psYcSWq4thQJzgI.crl rsync://rpki.ripe.net/repository/DEFAULT/52/2995cd-465f-4b40-a455-16d3cd352f2e/1/m9o0FBNxKfo4psYcSWq4thQJzgI.mft rsync://rpki.ripe.net/repository/DEFAULT/m9o0FBNxKfo4psYcSWq4thQJzgI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 14:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:91:c5:a1:ca:6a:05:ca:20:f7:08:f0:78:38:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9bda3414137129fa38a6c61c496ab8b61409ce02 Validity Not Before: Jan 1 20:18:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a0dcbb8b244e8667fb9354174b57f23b2915866b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:60:e3:1f:e9:ab:d7:86:e1:61:44:03:0c:c5: e8:ae:21:67:cf:be:dd:ec:66:02:9c:9b:d6:19:b1: 4f:1a:06:fd:87:82:0a:d1:9e:4a:91:c2:bd:44:94: 78:09:f0:38:7b:b1:84:b9:86:9c:91:0e:73:61:a5: f6:16:fc:a1:74:b4:ad:97:88:f8:90:e1:40:97:5b: 7d:b2:ac:52:c8:cd:c2:8f:c4:d2:ca:de:fa:47:62: 53:3d:41:d9:89:04:70:e8:cb:ab:a4:a2:d0:70:aa: cb:8e:e7:7c:18:ba:30:47:f9:da:b2:e0:5f:fc:a4: 0f:99:08:a5:83:b2:59:0c:99:de:15:94:de:f5:b3: 1c:05:7e:5a:1c:5e:54:44:22:ff:71:87:74:46:c1: 74:6a:85:f7:83:1a:8e:64:48:22:a6:5a:e5:ca:6c: 31:0f:35:3d:34:a4:6d:62:ac:9e:8c:62:5e:20:20: 39:89:45:70:57:50:fa:e8:2d:93:57:f4:61:9d:fd: e6:73:e7:0a:ca:0a:d7:0b:df:b9:13:6b:30:73:ad: d7:59:d6:9f:9b:be:5e:ca:8d:56:3f:82:a2:c0:45: db:7c:12:7f:b9:07:33:e5:90:b0:67:36:2c:9d:1c: f9:4a:0c:a6:df:da:8e:53:56:4d:93:72:8d:e4:5f: 33:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:DC:BB:8B:24:4E:86:67:FB:93:54:17:4B:57:F2:3B:29:15:86:6B X509v3 Authority Key Identifier: keyid:9B:DA:34:14:13:71:29:FA:38:A6:C6:1C:49:6A:B8:B6:14:09:CE:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9o0FBNxKfo4psYcSWq4thQJzgI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2995cd-465f-4b40-a455-16d3cd352f2e/1/oNy7iyROhmf7k1QXS1fyOykVhms.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2995cd-465f-4b40-a455-16d3cd352f2e/1/m9o0FBNxKfo4psYcSWq4thQJzgI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 95.128.88.0/21 178.250.144.0/21 IPv6: 2a02:928::/32 Signature Algorithm: sha256WithRSAEncryption 20:e4:ff:c7:8a:a2:38:c8:b5:56:1e:fb:94:61:29:16:f4:70: 41:ca:b9:fa:1c:2d:15:29:cd:6d:41:c1:af:7f:f1:fb:8f:f9: f1:da:2b:4a:51:1e:36:50:b6:0d:a0:74:75:4d:35:97:2e:c2: ef:98:33:34:4f:9d:ce:91:93:73:c6:3c:3f:b8:5e:1a:e1:fe: fe:42:07:f2:80:ca:0d:e0:ab:ad:63:ce:11:67:be:95:6d:82: f1:c2:d5:1b:19:45:dc:d9:43:52:0f:d0:dc:9b:b3:fb:66:ec: 3a:3a:41:63:4b:2d:69:54:b6:48:5e:00:ad:7b:5a:5b:99:87: 80:45:84:80:b8:14:7a:f3:90:f3:e1:55:a2:97:47:78:2c:48: 3b:83:ee:11:35:c2:62:fe:de:f2:a6:b0:55:30:db:6f:2d:43: 61:46:c3:6a:7d:46:99:ab:90:d9:55:2f:61:e7:cc:54:e9:1e: f1:90:f1:1b:5a:12:8e:4a:0a:eb:3f:21:04:ee:60:2e:4c:c0: 58:66:16:d3:e8:80:57:0b:94:98:ce:a1:be:da:e5:6d:fa:d7: ae:27:af:8b:28:23:90:08:27:3d:af:55:96:33:d5:0f:16:4a: 1f:3f:83:46:b0:24:d1:f6:32:a6:f8:2a:2a:97:e1:ef:a5:c5: 7b:b8:32:08 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt7NpHFocpqBcog9wjweDhvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDliZGEzNDE0MTM3MTI5ZmEzOGE2YzYxYzQ5NmFiOGI2MTQw OWNlMDIwHhcNMjYwMTAxMjAxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMGRjYmI4YjI0NGU4NjY3ZmI5MzU0MTc0YjU3ZjIzYjI5MTU4NjZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGDjH+mr14bhYUQDDMXoriFnz77d 7GYCnJvWGbFPGgb9h4IK0Z5KkcK9RJR4CfA4e7GEuYackQ5zYaX2FvyhdLStl4j4 kOFAl1t9sqxSyM3Cj8TSyt76R2JTPUHZiQRw6MurpKLQcKrLjud8GLowR/nasuBf /KQPmQilg7JZDJneFZTe9bMcBX5aHF5URCL/cYd0RsF0aoX3gxqOZEgiplrlymwx DzU9NKRtYqyejGJeICA5iUVwV1D66C2TV/Rhnf3mc+cKygrXC9+5E2swc63XWdaf m75eyo1WP4KiwEXbfBJ/uQcz5ZCwZzYsnRz5Sgym39qOU1ZNk3KN5F8z3QIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFKDcu4skToZn+5NUF0tX8jspFYZrMB8GA1UdIwQY MBaAFJvaNBQTcSn6OKbGHElquLYUCc4CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbTlvMEZCTnhLZm80cHNZY1NXcTR0aFFKemdJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yOTk1Y2QtNDY1Zi00YjQwLWE0NTUt MTZkM2NkMzUyZjJlLzEvb055N2l5Uk9obWY3azFRWFMxZnlPeWtWaG1zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi8yOTk1Y2QtNDY1Zi00YjQwLWE0NTUtMTZkM2NkMzUyZjJl LzEvbTlvMEZCTnhLZm80cHNZY1NXcTR0aFFKemdJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDX4BYAwQD svqQMA0EAgACMAcDBQAqAgkoMA0GCSqGSIb3DQEBCwUAA4IBAQAg5P/HiqI4yLVW HvuUYSkW9HBByrn6HC0VKc1tQcGvf/H7j/nx2itKUR42ULYNoHR1TTWXLsLvmDM0 T53OkZNzxjw/uF4a4f7+QgfygMoN4KutY84RZ76VbYLxwtUbGUXc2UNSD9Dcm7P7 Zuw6OkFjSy1pVLZIXgCte1pbmYeARYSAuBR685Dz4VWil0d4LEg7g+4RNcJi/t7y prBVMNtvLUNhRsNqfUaZq5DZVS9h58xU6R7xkPEbWhKOSgrrPyEE7mAuTMBYZhbT 6IBXC5SYzqG+2uVt+teuJ6+LKCOQCCc9r1WWM9UPFkofP4NGsCTR9jKm+Coql+Hv pcV7uDII -----END CERTIFICATE-----Generated at Mon Jan 26 23:22:13 2026 by rpki-client