This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/1608b0-e7ca-4b3b-902f-4d0a7ec07786/1/OfoBCzmtnFm0hwGR9A2PXWfAk1I.roa File: OfoBCzmtnFm0hwGR9A2PXWfAk1I.roa (raw, json) Hash identifier: ayIedPzOzNkrSBeiWSMs33csQjbzHkEQVrKoALTU/M0= Subject key identifier: 39:FA:01:0B:39:AD:9C:59:B4:87:01:91:F4:0D:8F:5D:67:C0:93:52 Certificate issuer: /CN=d5de43cd1f8af45c689867d9f5a881a2aec34b31 Certificate serial: 019B7AC781DE08E634353C2F70D798F6C4DA Authority key identifier: D5:DE:43:CD:1F:8A:F4:5C:68:98:67:D9:F5:A8:81:A2:AE:C3:4B:31 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1d5DzR-K9FxomGfZ9aiBoq7DSzE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/1608b0-e7ca-4b3b-902f-4d0a7ec07786/1/OfoBCzmtnFm0hwGR9A2PXWfAk1I.roa Signing time: Thu 01 Jan 2026 18:17:33 +0000 ROA not before: Thu 01 Jan 2026 18:17:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49981 IP address blocks: 86.105.18.0/24 maxlen: 24 89.42.212.0/24 maxlen: 24 93.119.123.0/24 maxlen: 24 94.177.12.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/1608b0-e7ca-4b3b-902f-4d0a7ec07786/1/1d5DzR-K9FxomGfZ9aiBoq7DSzE.crl rsync://rpki.ripe.net/repository/DEFAULT/59/1608b0-e7ca-4b3b-902f-4d0a7ec07786/1/1d5DzR-K9FxomGfZ9aiBoq7DSzE.mft rsync://rpki.ripe.net/repository/DEFAULT/1d5DzR-K9FxomGfZ9aiBoq7DSzE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 09:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:81:de:08:e6:34:35:3c:2f:70:d7:98:f6:c4:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d5de43cd1f8af45c689867d9f5a881a2aec34b31 Validity Not Before: Jan 1 18:17:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=39fa010b39ad9c59b4870191f40d8f5d67c09352 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:96:24:a2:fe:94:f1:a2:ad:74:a0:59:75:b8: 41:1a:42:0b:68:f1:e9:33:f4:90:1a:b9:a2:e6:cb: a0:ee:98:81:93:a4:57:84:48:1a:f3:34:62:cb:bd: 75:a8:65:88:5f:11:32:f0:04:f0:d1:92:78:b0:fd: ae:28:b7:f5:8d:1a:f5:24:d2:78:99:fe:01:76:4d: 32:57:80:95:05:50:02:7c:6f:6f:da:b6:0f:6a:ab: cb:1d:94:7a:02:28:4d:3a:3d:90:6f:67:79:30:aa: 23:b6:f8:6d:c4:5a:1f:aa:73:1a:d1:0c:47:77:ea: 80:e4:33:1d:fb:8e:a5:0f:2b:18:3a:78:28:86:5b: d6:82:33:7f:a9:5c:15:bf:3e:44:2d:7c:4a:7b:51: 67:63:44:42:f7:a4:70:b1:88:25:e8:b4:6f:83:11: 52:59:78:82:0e:50:5e:8c:94:83:d4:e9:0b:2e:a3: 4b:00:08:5b:0e:51:82:97:f9:78:f3:7d:01:9d:be: b0:fa:bc:a2:32:da:2e:97:58:30:11:b8:55:91:e1: fd:ea:11:94:b1:fe:c6:dc:6b:3f:c3:6c:c5:fa:16: 51:27:47:e5:8c:b7:84:78:a1:02:4a:4a:a1:31:fd: f5:8e:99:96:bb:65:25:1b:38:13:e3:52:38:da:81: 54:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:FA:01:0B:39:AD:9C:59:B4:87:01:91:F4:0D:8F:5D:67:C0:93:52 X509v3 Authority Key Identifier: keyid:D5:DE:43:CD:1F:8A:F4:5C:68:98:67:D9:F5:A8:81:A2:AE:C3:4B:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d5DzR-K9FxomGfZ9aiBoq7DSzE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1608b0-e7ca-4b3b-902f-4d0a7ec07786/1/OfoBCzmtnFm0hwGR9A2PXWfAk1I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1608b0-e7ca-4b3b-902f-4d0a7ec07786/1/1d5DzR-K9FxomGfZ9aiBoq7DSzE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.105.18.0/24 89.42.212.0/24 93.119.123.0/24 94.177.12.0/24 Signature Algorithm: sha256WithRSAEncryption 07:19:93:e0:f5:45:dc:36:48:b6:ca:b9:fe:2c:b7:0d:c2:bf: b6:3b:61:dd:e8:7b:5d:9e:b8:eb:1c:28:96:a0:6c:08:42:c7: 89:ad:42:30:1a:ab:32:31:df:99:29:74:a4:f6:f4:eb:75:b5: 68:6e:1f:3a:a4:30:65:f4:a9:a0:2f:db:3a:c2:b3:8a:3f:17: 16:4e:8a:2b:28:85:e3:83:b1:e4:89:50:8d:d3:22:2b:1b:c9: b6:f3:c8:80:d5:88:2c:8f:25:a5:5d:c0:a3:be:a9:6f:6a:56: e4:0b:52:69:3b:a2:0e:06:1f:58:75:f2:1f:02:49:11:a0:81: cd:ed:13:5e:b2:43:5b:66:8c:0d:b3:9e:2f:4c:ab:1c:47:4c: 92:34:3d:41:97:cc:0e:a7:e0:23:2c:ff:e3:65:3f:7e:1e:bc: 14:8b:30:96:b8:12:bd:3e:d4:c1:43:b1:f5:5c:dd:e9:18:ad: 8a:9d:fd:c5:4b:75:d7:cd:25:c3:97:91:e2:3f:e2:df:96:6b: 55:93:58:bc:5a:61:99:70:0a:10:21:e9:7b:18:84:a5:55:22: 49:65:33:13:61:c1:34:7f:78:76:53:fe:df:b5:27:2d:71:23: 7a:4c:60:bb:70:6c:e1:85:99:ec:b7:a3:02:d4:d7:d2:ec:92: fa:d6:03:32 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt6x4HeCOY0NTwvcNeY9sTaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ1ZGU0M2NkMWY4YWY0NWM2ODk4NjdkOWY1YTg4MWEyYWVj MzRiMzEwHhcNMjYwMTAxMTgxNzMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzOWZhMDEwYjM5YWQ5YzU5YjQ4NzAxOTFmNDBkOGY1ZDY3YzA5MzUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZYkov6U8aKtdKBZdbhBGkILaPHp M/SQGrmi5sug7piBk6RXhEga8zRiy711qGWIXxEy8ATw0ZJ4sP2uKLf1jRr1JNJ4 mf4Bdk0yV4CVBVACfG9v2rYPaqvLHZR6AihNOj2Qb2d5MKojtvhtxFofqnMa0QxH d+qA5DMd+46lDysYOngohlvWgjN/qVwVvz5ELXxKe1FnY0RC96RwsYgl6LRvgxFS WXiCDlBejJSD1OkLLqNLAAhbDlGCl/l4830Bnb6w+ryiMtoul1gwEbhVkeH96hGU sf7G3Gs/w2zF+hZRJ0fljLeEeKECSkqhMf31jpmWu2UlGzgT41I42oFU7QIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFDn6AQs5rZxZtIcBkfQNj11nwJNSMB8GA1UdIwQY MBaAFNXeQ80fivRcaJhn2fWogaKuw0sxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMWQ1RHpSLUs5RnhvbUdmWjlhaUJvcTdEU3pFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xNjA4YjAtZTdjYS00YjNiLTkwMmYt NGQwYTdlYzA3Nzg2LzEvT2ZvQkN6bXRuRm0waHdHUjlBMlBYV2ZBazFJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OS8xNjA4YjAtZTdjYS00YjNiLTkwMmYtNGQwYTdlYzA3Nzg2 LzEvMWQ1RHpSLUs5RnhvbUdmWjlhaUJvcTdEU3pFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVmkSAwQA WSrUAwQAXXd7AwQAXrEMMA0GCSqGSIb3DQEBCwUAA4IBAQAHGZPg9UXcNki2yrn+ LLcNwr+2O2Hd6HtdnrjrHCiWoGwIQseJrUIwGqsyMd+ZKXSk9vTrdbVobh86pDBl 9KmgL9s6wrOKPxcWToorKIXjg7HkiVCN0yIrG8m288iA1YgsjyWlXcCjvqlvalbk C1JpO6IOBh9YdfIfAkkRoIHN7RNeskNbZowNs54vTKscR0ySND1Bl8wOp+AjLP/j ZT9+HrwUizCWuBK9PtTBQ7H1XN3pGK2Knf3FS3XXzSXDl5HiP+LflmtVk1i8WmGZ cAoQIel7GISlVSJJZTMTYcE0f3h2U/7ftSctcSN6TGC7cGzhhZnst6MC1NfS7JL6 1gMy -----END CERTIFICATE-----Generated at Mon Jan 19 17:29:56 2026 by rpki-client