This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/oh53IB-aUH2plypNUq8_qw59tUU.roa File: oh53IB-aUH2plypNUq8_qw59tUU.roa (raw, json) Hash identifier: k/rLC3QFD8nEmci+tQAmE7NOGPMxS4KDVOpLNqgFsg4= Subject key identifier: A2:1E:77:20:1F:9A:50:7D:A9:97:2A:4D:52:AF:3F:AB:0E:7D:B5:45 Certificate issuer: /CN=a124ccdd70f3ec762cbd65e04dd6f76be236a8a7 Certificate serial: 019B7758A59DBEF7CCB0A05ACBA21089E328 Authority key identifier: A1:24:CC:DD:70:F3:EC:76:2C:BD:65:E0:4D:D6:F7:6B:E2:36:A8:A7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oSTM3XDz7HYsvWXgTdb3a-I2qKc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/oh53IB-aUH2plypNUq8_qw59tUU.roa Signing time: Thu 01 Jan 2026 02:17:36 +0000 ROA not before: Thu 01 Jan 2026 02:17:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 38846 IP address blocks: 2a13:aac4:f020::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/oSTM3XDz7HYsvWXgTdb3a-I2qKc.crl rsync://rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/oSTM3XDz7HYsvWXgTdb3a-I2qKc.mft rsync://rpki.ripe.net/repository/DEFAULT/oSTM3XDz7HYsvWXgTdb3a-I2qKc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:a5:9d:be:f7:cc:b0:a0:5a:cb:a2:10:89:e3:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a124ccdd70f3ec762cbd65e04dd6f76be236a8a7 Validity Not Before: Jan 1 02:17:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a21e77201f9a507da9972a4d52af3fab0e7db545 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:7b:9b:0a:aa:a5:41:c7:03:43:63:f2:34:0e: 11:8d:ed:dc:fc:06:e6:1e:66:55:0a:55:d0:fb:05: ae:c5:c1:98:e7:e5:11:58:2d:5d:53:31:6c:65:c5: 45:db:1e:0b:69:ef:73:fa:ae:5a:f6:eb:f9:48:f3: 6a:dc:ab:f3:15:ba:e6:9a:14:1e:a0:1f:8e:41:08: 20:b7:b4:91:ca:4f:88:21:a0:ef:2c:e0:78:7a:d8: 6c:b8:a7:2b:56:54:ca:2d:d6:7e:14:4c:7a:33:28: 8f:d7:4e:e7:dd:72:6b:05:65:44:fb:da:36:48:92: f0:d5:7e:de:7e:8a:a3:e4:21:7b:32:c7:c2:3c:41: 94:9d:f5:43:9b:ba:0b:c5:d9:00:d6:be:65:42:3b: 4e:9c:cb:bc:14:a9:e9:c9:f7:81:08:10:61:0f:e7: 8b:c5:86:83:f5:9c:9b:9d:a6:d3:9a:4e:3c:e7:99: be:7a:0a:db:94:52:75:db:73:57:99:d7:1f:cb:6f: 1b:15:a6:79:05:79:0a:f9:f0:ab:9c:03:26:ab:3a: 2e:3e:4b:31:2b:83:3f:25:38:27:05:72:67:81:94: 7b:47:14:f7:83:21:4e:72:21:24:62:af:de:b4:58: 45:bc:b6:bd:5a:80:e7:be:b3:0d:c1:31:fb:98:ac: dc:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:1E:77:20:1F:9A:50:7D:A9:97:2A:4D:52:AF:3F:AB:0E:7D:B5:45 X509v3 Authority Key Identifier: keyid:A1:24:CC:DD:70:F3:EC:76:2C:BD:65:E0:4D:D6:F7:6B:E2:36:A8:A7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oSTM3XDz7HYsvWXgTdb3a-I2qKc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/oh53IB-aUH2plypNUq8_qw59tUU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/oSTM3XDz7HYsvWXgTdb3a-I2qKc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a13:aac4:f020::/44 Signature Algorithm: sha256WithRSAEncryption 73:ad:4d:d1:e8:1f:d3:11:87:c4:95:7f:57:13:d8:e5:e3:9b: c0:17:46:81:c2:f5:04:cd:c5:19:3b:d7:17:ff:54:ca:79:75: b6:5a:14:dd:41:9b:52:b4:64:61:bc:05:a6:c4:f8:5c:06:d0: b8:39:f9:87:c2:f9:d6:98:69:c4:57:1e:ed:4f:51:eb:c0:6c: 7e:70:83:05:b4:29:6a:25:db:d9:37:12:75:68:ae:86:df:a7: a0:9a:41:55:d6:14:b9:be:69:37:20:14:cb:e9:58:78:f4:ce: 9f:ba:d9:48:11:66:87:0f:e6:d2:42:8b:7f:d0:ef:57:78:10: c7:e0:45:10:b6:32:a4:bd:85:ec:6b:bc:16:0d:48:37:e6:b4: 34:0d:36:78:8e:aa:e1:e1:06:0e:18:a2:06:a3:2a:0a:22:97: cf:72:08:ff:b3:41:ad:7d:bf:bd:55:18:7b:52:5c:71:da:c6: ac:bb:84:3f:cf:0c:20:95:8b:0e:7e:03:0e:16:5f:79:ff:8d: 50:e1:89:ae:9c:a5:5b:85:0b:e7:70:81:c6:92:f1:fe:f7:55: e2:04:49:2b:55:be:74:c7:5d:8d:e7:f3:7e:05:16:1e:8b:b0: 6a:86:6f:9f:85:0f:87:43:03:76:95:e8:88:56:5b:6c:80:8c: d7:2a:35:11 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt3WKWdvvfMsKBay6IQieMoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExMjRjY2RkNzBmM2VjNzYyY2JkNjVlMDRkZDZmNzZiZTIz NmE4YTcwHhcNMjYwMTAxMDIxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMjFlNzcyMDFmOWE1MDdkYTk5NzJhNGQ1MmFmM2ZhYjBlN2RiNTQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XubCqqlQccDQ2PyNA4Rje3c/Abm HmZVClXQ+wWuxcGY5+URWC1dUzFsZcVF2x4Lae9z+q5a9uv5SPNq3KvzFbrmmhQe oB+OQQggt7SRyk+IIaDvLOB4ethsuKcrVlTKLdZ+FEx6MyiP107n3XJrBWVE+9o2 SJLw1X7efoqj5CF7MsfCPEGUnfVDm7oLxdkA1r5lQjtOnMu8FKnpyfeBCBBhD+eL xYaD9ZybnabTmk4855m+egrblFJ123NXmdcfy28bFaZ5BXkK+fCrnAMmqzouPksx K4M/JTgnBXJngZR7RxT3gyFOciEkYq/etFhFvLa9WoDnvrMNwTH7mKzccQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFKIedyAfmlB9qZcqTVKvP6sOfbVFMB8GA1UdIwQY MBaAFKEkzN1w8+x2LL1l4E3W92viNqinMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb1NUTTNYRHo3SFlzdldYZ1RkYjNhLUkycUtjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9iNjk0YjgtODIxMS00YzA2LTljODEt N2IzNTM5N2FmMmY3LzEvb2g1M0lCLWFVSDJwbHlwTlVxOF9xdzU5dFVVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ni9iNjk0YjgtODIxMS00YzA2LTljODEtN2IzNTM5N2FmMmY3 LzEvb1NUTTNYRHo3SFlzdldYZ1RkYjNhLUkycUtjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhOqxPAg MA0GCSqGSIb3DQEBCwUAA4IBAQBzrU3R6B/TEYfElX9XE9jl45vAF0aBwvUEzcUZ O9cX/1TKeXW2WhTdQZtStGRhvAWmxPhcBtC4OfmHwvnWmGnEVx7tT1HrwGx+cIMF tClqJdvZNxJ1aK6G36egmkFV1hS5vmk3IBTL6Vh49M6futlIEWaHD+bSQot/0O9X eBDH4EUQtjKkvYXsa7wWDUg35rQ0DTZ4jqrh4QYOGKIGoyoKIpfPcgj/s0Gtfb+9 VRh7Ulxx2sasu4Q/zwwglYsOfgMOFl95/41Q4YmunKVbhQvncIHGkvH+91XiBEkr Vb50x12N5/N+BRYei7Bqhm+fhQ+HQwN2leiIVltsgIzXKjUR -----END CERTIFICATE-----Generated at Mon Jan 26 11:06:55 2026 by rpki-client