This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/ozz0x0OXpUjt9QlyXfs9KZpHyLU.roa File: ozz0x0OXpUjt9QlyXfs9KZpHyLU.roa (raw, json) Hash identifier: 9p88oMkfOmCl4BZ4A7v3PATdrJhihjQlrWGyNGhJfyU= Subject key identifier: A3:3C:F4:C7:43:97:A5:48:ED:F5:09:72:5D:FB:3D:29:9A:47:C8:B5 Certificate issuer: /CN=ea0f76282df53209a58c0302e74f8a97ca3aff05 Certificate serial: 019B7910B7028015B3CE31DACE59BC65001E Authority key identifier: EA:0F:76:28:2D:F5:32:09:A5:8C:03:02:E7:4F:8A:97:CA:3A:FF:05 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6g92KC31MgmljAMC50-Kl8o6_wU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/ozz0x0OXpUjt9QlyXfs9KZpHyLU.roa Signing time: Thu 01 Jan 2026 10:18:17 +0000 ROA not before: Thu 01 Jan 2026 10:18:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42512 IP address blocks: 31.43.168.0/22 maxlen: 22 31.43.168.0/24 maxlen: 24 31.43.169.0/24 maxlen: 24 31.43.170.0/24 maxlen: 24 31.43.171.0/24 maxlen: 24 31.43.180.0/22 maxlen: 22 31.43.180.0/24 maxlen: 24 31.43.181.0/24 maxlen: 24 31.43.182.0/24 maxlen: 24 31.43.183.0/24 maxlen: 24 91.208.65.0/24 maxlen: 24 91.225.120.0/22 maxlen: 22 91.225.120.0/24 maxlen: 24 91.225.121.0/24 maxlen: 24 91.225.122.0/24 maxlen: 24 91.225.123.0/24 maxlen: 24 193.110.76.0/22 maxlen: 22 193.110.76.0/24 maxlen: 24 193.110.77.0/24 maxlen: 24 193.110.78.0/24 maxlen: 24 193.110.79.0/24 maxlen: 24 194.110.126.0/24 maxlen: 24 2001:67c:a28::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/6g92KC31MgmljAMC50-Kl8o6_wU.crl rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/6g92KC31MgmljAMC50-Kl8o6_wU.mft rsync://rpki.ripe.net/repository/DEFAULT/6g92KC31MgmljAMC50-Kl8o6_wU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:b7:02:80:15:b3:ce:31:da:ce:59:bc:65:00:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ea0f76282df53209a58c0302e74f8a97ca3aff05 Validity Not Before: Jan 1 10:18:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a33cf4c74397a548edf509725dfb3d299a47c8b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:8a:66:68:30:ca:93:b8:62:26:81:a1:a6:ea: 10:dc:a0:54:79:12:e5:2b:f6:15:26:1f:9f:36:99: a0:03:71:bf:f0:00:76:f9:a3:61:88:83:ee:20:eb: 00:e7:f4:5e:49:8c:09:95:98:55:7d:a4:a4:8b:63: d6:64:57:be:14:e8:80:1c:50:c1:c7:3d:be:7d:a0: 00:99:75:db:84:2c:aa:af:ee:24:a0:21:14:48:f3: e3:e2:4c:2c:ee:73:ee:ea:d0:a7:e4:8e:62:a6:50: 6e:c8:93:b5:e7:92:c2:07:3e:cf:c3:f7:8a:ca:dc: 71:5c:0f:0f:b0:fb:4d:b2:a8:d1:92:86:c7:22:28: b1:99:3f:32:80:ae:c6:62:58:9d:36:99:80:b6:c4: 7c:c0:d5:5d:9f:11:56:3e:51:ac:b5:a9:24:29:10: de:37:6b:dd:27:f3:65:a8:e5:f4:eb:6a:a7:d1:3a: 1d:61:e0:ad:70:cf:37:42:1e:70:64:a0:6a:36:a8: a0:ad:97:2a:c3:84:bc:f4:4e:24:f8:15:bb:02:14: e5:46:30:24:34:19:85:80:06:06:bc:32:e5:16:87: 21:ce:24:d4:e1:0d:99:64:c0:3c:f8:68:38:32:c8: 80:77:14:63:f6:a3:d3:2a:f1:a1:90:43:32:16:5e: f8:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:3C:F4:C7:43:97:A5:48:ED:F5:09:72:5D:FB:3D:29:9A:47:C8:B5 X509v3 Authority Key Identifier: keyid:EA:0F:76:28:2D:F5:32:09:A5:8C:03:02:E7:4F:8A:97:CA:3A:FF:05 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6g92KC31MgmljAMC50-Kl8o6_wU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/ozz0x0OXpUjt9QlyXfs9KZpHyLU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/6g92KC31MgmljAMC50-Kl8o6_wU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.43.168.0/22 31.43.180.0/22 91.208.65.0/24 91.225.120.0/22 193.110.76.0/22 194.110.126.0/24 IPv6: 2001:67c:a28::/48 Signature Algorithm: sha256WithRSAEncryption ac:13:11:62:f7:b6:e5:db:a9:3a:42:e2:34:1a:f4:20:44:f2: 75:db:9a:94:c6:fb:c0:c5:8d:3b:a1:1c:ac:30:e6:ee:37:d2: fd:0c:c1:b2:ce:8a:38:e4:8b:0a:65:57:7f:2f:ac:53:34:3e: 5c:08:e9:48:49:04:34:f7:66:5a:a2:0e:65:fe:1d:29:84:38: be:20:2a:d8:9a:dd:3f:db:41:a7:ba:4d:f8:e3:6a:6e:15:d6: 69:93:c3:5c:26:0a:32:27:13:0c:51:50:cd:b3:7c:3f:be:81: d8:51:36:94:dd:a4:64:b0:96:bc:d3:32:21:a9:e1:bc:94:88: f4:8d:1e:64:96:d0:75:33:41:ec:b5:8a:b8:5b:1e:f3:01:e2: c5:6c:23:1c:d9:d0:9d:a7:a3:bc:47:36:fb:35:68:c7:fd:5f: 1b:da:da:af:f2:30:90:61:b8:ba:4b:2b:a6:90:a8:a6:0c:60: fb:1e:0f:46:8d:43:0e:d3:62:7d:8e:70:ab:c4:09:b8:18:ef: e1:ec:f8:6f:c7:79:a8:a5:bd:cd:c0:ee:d0:6a:e7:8f:10:1b: 43:86:8d:be:69:54:33:7f:e0:c4:b0:e4:a2:16:6b:09:60:08: 9a:f1:36:47:25:79:ab:56:94:f4:8f:2d:a9:36:af:52:0d:20: 92:61:27:14 -----BEGIN CERTIFICATE----- MIIFLDCCBBSgAwIBAgISAZt5ELcCgBWzzjHazlm8ZQAeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVhMGY3NjI4MmRmNTMyMDlhNThjMDMwMmU3NGY4YTk3Y2Ez YWZmMDUwHhcNMjYwMTAxMTAxODE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMzNjZjRjNzQzOTdhNTQ4ZWRmNTA5NzI1ZGZiM2QyOTlhNDdjOGI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1IpmaDDKk7hiJoGhpuoQ3KBUeRLl K/YVJh+fNpmgA3G/8AB2+aNhiIPuIOsA5/ReSYwJlZhVfaSki2PWZFe+FOiAHFDB xz2+faAAmXXbhCyqr+4koCEUSPPj4kws7nPu6tCn5I5iplBuyJO155LCBz7Pw/eK ytxxXA8PsPtNsqjRkobHIiixmT8ygK7GYlidNpmAtsR8wNVdnxFWPlGstakkKRDe N2vdJ/NlqOX062qn0TodYeCtcM83Qh5wZKBqNqigrZcqw4S89E4k+BW7AhTlRjAk NBmFgAYGvDLlFochziTU4Q2ZZMA8+Gg4MsiAdxRj9qPTKvGhkEMyFl74VwIDAQAB o4ICODCCAjQwHQYDVR0OBBYEFKM89MdDl6VI7fUJcl37PSmaR8i1MB8GA1UdIwQY MBaAFOoPdigt9TIJpYwDAudPipfKOv8FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNmc5MktDMzFNZ21sakFNQzUwLUtsOG82X3dVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lN2ZhNTUtNTkyNS00YmE5LWFkMzgt YmU3YzgxOTQ4MzI0LzEvb3p6MHgwT1hwVWp0OVFseVhmczlLWnBIeUxVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ni9lN2ZhNTUtNTkyNS00YmE5LWFkMzgtYmU3YzgxOTQ4MzI0 LzEvNmc5MktDMzFNZ21sakFNQzUwLUtsOG82X3dVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQCHyuoAwQC Hyu0AwQAW9BBAwQCW+F4AwQCwW5MAwQAwm5+MA8EAgACMAkDBwAgAQZ8CigwDQYJ KoZIhvcNAQELBQADggEBAKwTEWL3tuXbqTpC4jQa9CBE8nXbmpTG+8DFjTuhHKww 5u430v0MwbLOijjkiwplV38vrFM0PlwI6UhJBDT3ZlqiDmX+HSmEOL4gKtia3T/b Qae6Tfjjam4V1mmTw1wmCjInEwxRUM2zfD++gdhRNpTdpGSwlrzTMiGp4byUiPSN HmSW0HUzQey1irhbHvMB4sVsIxzZ0J2no7xHNvs1aMf9Xxva2q/yMJBhuLpLK6aQ qKYMYPseD0aNQw7TYn2OcKvECbgY7+Hs+G/Heailvc3A7tBq548QG0OGjb5pVDN/ 4MSw5KIWawlgCJrxNkcleatWlPSPLak2r1INIJJhJxQ= -----END CERTIFICATE-----Generated at Tue Feb 10 00:14:46 2026 by rpki-client