This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/OHcQVOiDzKC_wv6FNo8ZwPwzleA.roa File: OHcQVOiDzKC_wv6FNo8ZwPwzleA.roa (raw, json) Hash identifier: xT0LBnbL9kaBG9ZFdkmrq9KOkjCUtUhM0nWVPUAZpOU= Subject key identifier: 38:77:10:54:E8:83:CC:A0:BF:C2:FE:85:36:8F:19:C0:FC:33:95:E0 Certificate issuer: /CN=cf4a717f8fa1bb0359274223acdae22b70e66bec Certificate serial: 019B7910CBADCBBFC3B216BD22A51FECB1BA Authority key identifier: CF:4A:71:7F:8F:A1:BB:03:59:27:42:23:AC:DA:E2:2B:70:E6:6B:EC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z0pxf4-huwNZJ0IjrNriK3Dma-w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/OHcQVOiDzKC_wv6FNo8ZwPwzleA.roa Signing time: Thu 01 Jan 2026 10:18:22 +0000 ROA not before: Thu 01 Jan 2026 10:18:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42323 IP address blocks: 91.202.140.0/22 maxlen: 32 109.197.128.0/21 maxlen: 32 195.238.100.0/22 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/z0pxf4-huwNZJ0IjrNriK3Dma-w.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/z0pxf4-huwNZJ0IjrNriK3Dma-w.mft rsync://rpki.ripe.net/repository/DEFAULT/z0pxf4-huwNZJ0IjrNriK3Dma-w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 01 Feb 2026 08:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:cb:ad:cb:bf:c3:b2:16:bd:22:a5:1f:ec:b1:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cf4a717f8fa1bb0359274223acdae22b70e66bec Validity Not Before: Jan 1 10:18:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=38771054e883cca0bfc2fe85368f19c0fc3395e0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:dd:ce:62:6e:87:cf:c7:75:00:c3:2f:74:a8: 94:df:7d:3e:61:52:ac:4b:d1:d8:38:94:5b:49:a7: 54:d3:bb:81:47:c8:11:e1:76:61:81:28:65:86:20: 5c:7e:4a:e8:6f:c3:b7:55:49:83:f3:00:91:45:d1: 82:d4:31:7c:00:0b:94:50:4f:ed:52:af:1c:2e:a4: dc:2c:dc:06:4f:6d:d5:62:b8:0f:76:5a:e5:93:db: 5a:6e:f4:83:dd:40:6b:eb:e4:3f:ef:1b:0a:e1:0f: ef:a4:41:27:47:09:8b:24:e7:07:80:32:8d:6b:45: 6a:be:e8:dc:b1:d4:a4:6f:36:e7:61:27:d3:48:ee: 27:ae:62:a0:b2:27:73:46:73:33:0b:a9:6b:51:2e: 05:84:c4:25:8f:a4:4c:45:1a:ce:3e:62:00:34:a5: 00:3f:6f:0f:0a:a6:77:9e:c4:9e:77:64:59:c2:08: 7c:1a:c4:98:8c:1d:02:91:2f:d7:fd:ac:43:6f:b1: 15:6c:02:a8:64:dd:c0:1a:67:15:f1:07:c0:bf:fc: 01:f1:57:60:87:3f:19:a7:c9:5b:d7:6a:d4:4c:47: e3:9d:cc:7f:83:0b:41:1e:3d:e9:fe:55:a3:4c:cf: 27:5f:55:97:0b:0a:c5:d2:00:6e:1c:ad:e1:79:14: 30:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:77:10:54:E8:83:CC:A0:BF:C2:FE:85:36:8F:19:C0:FC:33:95:E0 X509v3 Authority Key Identifier: keyid:CF:4A:71:7F:8F:A1:BB:03:59:27:42:23:AC:DA:E2:2B:70:E6:6B:EC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z0pxf4-huwNZJ0IjrNriK3Dma-w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/OHcQVOiDzKC_wv6FNo8ZwPwzleA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/z0pxf4-huwNZJ0IjrNriK3Dma-w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.202.140.0/22 109.197.128.0/21 195.238.100.0/22 Signature Algorithm: sha256WithRSAEncryption 25:22:d8:1f:8b:9a:79:ca:d4:30:6a:c5:09:4e:89:2a:0b:58: d7:6f:9c:ea:59:d8:53:8d:9b:dc:d0:19:e3:12:aa:f0:42:49: 8d:2e:89:9f:13:67:91:b4:bb:f9:99:60:8b:e3:7e:18:e3:f9: ba:c4:e0:db:ec:7e:a0:c6:55:27:ab:5f:49:5f:c2:dc:0b:ca: 3c:be:6f:03:0a:d6:0b:b6:66:9b:1c:cf:89:15:72:df:ea:e7: dc:e1:5b:4d:ea:5f:8a:d4:22:08:ad:ca:d0:34:a2:c9:78:c3: 88:ff:0f:ad:bf:ab:94:0a:d7:8e:85:6b:bc:41:55:04:14:14: cb:0d:d2:6b:0e:1b:0a:b7:13:52:78:5b:8e:ab:96:cf:55:e3: 18:6d:42:64:2b:01:cc:92:5c:71:58:af:2d:79:a4:40:15:a6: b5:63:82:40:c9:c7:10:25:50:bb:e2:60:f9:c1:20:d1:39:4a: 5f:71:55:39:99:7b:db:0e:36:9d:e5:b9:d4:19:e3:1b:0f:5a: b8:68:b0:7f:d2:a9:b5:5f:32:cb:91:51:12:21:af:f8:32:99: 2b:4f:a6:50:c5:3e:87:e7:13:1d:61:12:ca:38:f6:74:cf:0b: 69:6a:25:42:ad:c2:6d:53:91:97:6f:a3:1f:a7:af:7a:94:70: 78:a3:69:d7 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt5EMuty7/Dsha9IqUf7LG6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmNGE3MTdmOGZhMWJiMDM1OTI3NDIyM2FjZGFlMjJiNzBl NjZiZWMwHhcNMjYwMTAxMTAxODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzODc3MTA1NGU4ODNjY2EwYmZjMmZlODUzNjhmMTljMGZjMzM5NWUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw93OYm6Hz8d1AMMvdKiU330+YVKs S9HYOJRbSadU07uBR8gR4XZhgShlhiBcfkrob8O3VUmD8wCRRdGC1DF8AAuUUE/t Uq8cLqTcLNwGT23VYrgPdlrlk9tabvSD3UBr6+Q/7xsK4Q/vpEEnRwmLJOcHgDKN a0VqvujcsdSkbzbnYSfTSO4nrmKgsidzRnMzC6lrUS4FhMQlj6RMRRrOPmIANKUA P28PCqZ3nsSed2RZwgh8GsSYjB0CkS/X/axDb7EVbAKoZN3AGmcV8QfAv/wB8Vdg hz8Zp8lb12rUTEfjncx/gwtBHj3p/lWjTM8nX1WXCwrF0gBuHK3heRQw8QIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFDh3EFTog8ygv8L+hTaPGcD8M5XgMB8GA1UdIwQY MBaAFM9KcX+PobsDWSdCI6za4itw5mvsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvejBweGY0LWh1d05aSjBJanJOcmlLM0RtYS13LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9lNTBmNTQtNmZkZC00ZmU5LTlmZTkt NmFhYTZiMDIxNjBkLzEvT0hjUVZPaUR6S0Nfd3Y2Rk5vOFp3UHd6bGVBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC9lNTBmNTQtNmZkZC00ZmU5LTlmZTktNmFhYTZiMDIxNjBk LzEvejBweGY0LWh1d05aSjBJanJOcmlLM0RtYS13LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW8qMAwQD bcWAAwQCw+5kMA0GCSqGSIb3DQEBCwUAA4IBAQAlItgfi5p5ytQwasUJTokqC1jX b5zqWdhTjZvc0BnjEqrwQkmNLomfE2eRtLv5mWCL434Y4/m6xODb7H6gxlUnq19J X8LcC8o8vm8DCtYLtmabHM+JFXLf6ufc4VtN6l+K1CIIrcrQNKLJeMOI/w+tv6uU CteOhWu8QVUEFBTLDdJrDhsKtxNSeFuOq5bPVeMYbUJkKwHMklxxWK8teaRAFaa1 Y4JAyccQJVC74mD5wSDROUpfcVU5mXvbDjad5bnUGeMbD1q4aLB/0qm1XzLLkVES Ia/4MpkrT6ZQxT6H5xMdYRLKOPZ0zwtpaiVCrcJtU5GXb6Mfp696lHB4o2nX -----END CERTIFICATE-----Generated at Sat Jan 31 14:00:45 2026 by rpki-client