This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/okHlLCRKW1jfeWujkLxIt5XycXI.roa File: okHlLCRKW1jfeWujkLxIt5XycXI.roa (raw, json) Hash identifier: 8XqeerISM4GszeKJVfQ1ZLZsJv7bqVDCw3CslmFn+r4= Subject key identifier: A2:41:E5:2C:24:4A:5B:58:DF:79:6B:A3:90:BC:48:B7:95:F2:71:72 Certificate issuer: /CN=70f9b16adf2fd31988859922b4457481dd7eef40 Certificate serial: 019B7DC8A87F624268F28AF6E03666F8C347 Authority key identifier: 70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/okHlLCRKW1jfeWujkLxIt5XycXI.roa Signing time: Fri 02 Jan 2026 08:17:40 +0000 ROA not before: Fri 02 Jan 2026 08:17:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42689 IP address blocks: 141.226.240.0/24 maxlen: 24 141.226.244.0/24 maxlen: 24 141.226.247.0/24 maxlen: 24 213.137.80.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.mft rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 14:01:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c8:a8:7f:62:42:68:f2:8a:f6:e0:36:66:f8:c3:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=70f9b16adf2fd31988859922b4457481dd7eef40 Validity Not Before: Jan 2 08:17:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a241e52c244a5b58df796ba390bc48b795f27172 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:e8:f2:6b:f7:f1:92:18:42:d3:0d:58:72:e8: df:51:cd:63:24:7a:b2:79:2d:ff:44:b9:92:fd:52: cf:4a:c2:f0:cd:3a:b6:6a:39:6b:23:38:1f:e9:97: 38:d2:e5:99:3c:30:ef:a0:19:00:80:59:f3:a7:89: cc:f7:ad:63:85:8e:ea:01:1d:cc:46:b8:b2:8d:1a: 37:6b:1c:1e:cf:36:03:f6:68:85:7d:c2:73:b7:56: bc:eb:df:27:cf:d0:6e:ea:4a:e4:1a:47:bd:ed:1a: 42:6f:b8:05:2d:cc:ed:fe:a2:35:12:47:84:8f:8f: 39:80:ba:ed:09:de:ac:1f:57:ec:bb:6d:71:ce:7a: da:60:1b:33:40:c6:e8:ca:5f:1a:82:6f:4f:3a:3d: d7:38:b0:eb:81:5f:ce:e6:2b:91:73:56:71:6f:d7: 75:50:42:6f:f0:9e:ae:1a:c3:66:72:37:96:d2:ca: 90:cd:40:c2:4c:76:e7:41:99:f0:73:39:a1:3c:38: 50:d6:bf:eb:4a:42:8d:3b:69:2d:67:bd:4c:9e:f2: fe:09:95:17:4e:e6:ae:0a:7c:51:c8:11:1e:22:28: c7:89:dc:31:79:65:0c:61:26:8d:c2:94:ba:ce:f3: 00:2a:ed:ea:51:5e:9f:d7:33:da:e0:8f:6c:9d:bc: 74:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:41:E5:2C:24:4A:5B:58:DF:79:6B:A3:90:BC:48:B7:95:F2:71:72 X509v3 Authority Key Identifier: keyid:70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/okHlLCRKW1jfeWujkLxIt5XycXI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 141.226.240.0/24 141.226.244.0/24 141.226.247.0/24 213.137.80.0/23 Signature Algorithm: sha256WithRSAEncryption b3:13:43:5d:43:c1:16:79:12:5e:2a:e3:e1:b8:4a:15:c4:0a: 4c:0c:f4:aa:45:18:70:e4:04:bc:c8:18:fa:16:7a:a5:90:01: 35:92:ca:08:da:e5:8c:ca:a4:28:21:c9:e8:65:b0:41:ee:80: 0a:ac:73:13:1d:cf:9f:20:a5:2c:28:e7:52:ec:99:c4:ad:48: 18:31:a0:35:fe:fe:32:61:69:b2:f2:b7:06:85:2f:38:53:ae: c3:0f:b1:fd:17:cb:3b:96:ec:31:0c:37:ac:25:02:a9:d1:8f: 22:6f:e7:00:1b:7d:9b:55:91:98:f1:af:df:b7:5e:a4:f3:1a: 49:78:cd:7d:0f:b1:ed:01:ac:41:d7:d8:f4:f0:51:18:35:32: 08:57:8b:1f:bc:17:b7:3b:c9:78:52:ec:f9:ae:6b:5b:90:f9: 31:0f:bc:41:a1:26:a0:50:30:1a:52:e8:7f:eb:c9:a7:6b:ed: 20:81:cd:f8:cd:83:c6:2c:a7:d2:88:77:e3:e1:6c:a2:39:85: a1:b6:42:e8:c3:87:71:3d:70:93:40:0f:b9:a8:e4:6d:f3:d4: 3b:63:a3:29:a0:35:75:73:44:33:d3:55:2c:0b:07:8d:ea:b3: 18:6e:ee:41:b5:cb:bf:ec:d6:c6:ab:52:e0:b2:67:e7:fe:c4: 09:af:e4:2b -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt9yKh/YkJo8or24DZm+MNHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwZjliMTZhZGYyZmQzMTk4ODg1OTkyMmI0NDU3NDgxZGQ3 ZWVmNDAwHhcNMjYwMTAyMDgxNzQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMjQxZTUyYzI0NGE1YjU4ZGY3OTZiYTM5MGJjNDhiNzk1ZjI3MTcyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOjya/fxkhhC0w1YcujfUc1jJHqy eS3/RLmS/VLPSsLwzTq2ajlrIzgf6Zc40uWZPDDvoBkAgFnzp4nM961jhY7qAR3M RriyjRo3axwezzYD9miFfcJzt1a8698nz9Bu6krkGke97RpCb7gFLczt/qI1EkeE j485gLrtCd6sH1fsu21xznraYBszQMboyl8agm9POj3XOLDrgV/O5iuRc1Zxb9d1 UEJv8J6uGsNmcjeW0sqQzUDCTHbnQZnwczmhPDhQ1r/rSkKNO2ktZ71MnvL+CZUX TuauCnxRyBEeIijHidwxeWUMYSaNwpS6zvMAKu3qUV6f1zPa4I9snbx0lwIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFKJB5SwkSltY33lro5C8SLeV8nFyMB8GA1UdIwQY MBaAFHD5sWrfL9MZiIWZIrRFdIHdfu9AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUt YmM2ZGI3MjQ4YWRkLzEvb2tIbExDUktXMWpmZVd1amtMeEl0NVh5Y1hJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUtYmM2ZGI3MjQ4YWRk LzEvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAjeLwAwQA jeL0AwQAjeL3AwQB1YlQMA0GCSqGSIb3DQEBCwUAA4IBAQCzE0NdQ8EWeRJeKuPh uEoVxApMDPSqRRhw5AS8yBj6FnqlkAE1ksoI2uWMyqQoIcnoZbBB7oAKrHMTHc+f IKUsKOdS7JnErUgYMaA1/v4yYWmy8rcGhS84U67DD7H9F8s7luwxDDesJQKp0Y8i b+cAG32bVZGY8a/ft16k8xpJeM19D7HtAaxB19j08FEYNTIIV4sfvBe3O8l4Uuz5 rmtbkPkxD7xBoSagUDAaUuh/68mna+0ggc34zYPGLKfSiHfj4WyiOYWhtkLow4dx PXCTQA+5qORt89Q7Y6MpoDV1c0Qz01UsCweN6rMYbu5Btcu/7NbGq1Lgsmfn/sQJ r+Qr -----END CERTIFICATE-----Generated at Mon Jan 19 23:20:58 2026 by rpki-client