This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/oTRGw6Zs-d6bpDvQ-kL6ClRG4Ik.roa File: oTRGw6Zs-d6bpDvQ-kL6ClRG4Ik.roa (raw, json) Hash identifier: bLoXf9n41kaDI/ipYk9F3/X8uzxUQT3nnCgm1AJq7NE= Subject key identifier: A1:34:46:C3:A6:6C:F9:DE:9B:A4:3B:D0:FA:42:FA:0A:54:46:E0:89 Certificate issuer: /CN=4196230e58decc0cbcfb15f56aa64dedd1f389f5 Certificate serial: 019B797F198B35E2097F0C0A2FE262809285 Authority key identifier: 41:96:23:0E:58:DE:CC:0C:BC:FB:15:F5:6A:A6:4D:ED:D1:F3:89:F5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QZYjDljezAy8-xX1aqZN7dHzifU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/oTRGw6Zs-d6bpDvQ-kL6ClRG4Ik.roa Signing time: Thu 01 Jan 2026 12:18:51 +0000 ROA not before: Thu 01 Jan 2026 12:18:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39855 IP address blocks: 89.106.204.0/24 maxlen: 24 195.128.162.0/24 maxlen: 24 195.128.178.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/QZYjDljezAy8-xX1aqZN7dHzifU.crl rsync://rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/QZYjDljezAy8-xX1aqZN7dHzifU.mft rsync://rpki.ripe.net/repository/DEFAULT/QZYjDljezAy8-xX1aqZN7dHzifU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:19:8b:35:e2:09:7f:0c:0a:2f:e2:62:80:92:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4196230e58decc0cbcfb15f56aa64dedd1f389f5 Validity Not Before: Jan 1 12:18:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a13446c3a66cf9de9ba43bd0fa42fa0a5446e089 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:76:be:93:37:ba:6d:fd:e9:ce:fe:03:33:42: fb:b3:b3:68:d1:59:90:f7:17:2f:dc:23:43:1a:fc: aa:43:d6:c6:4c:74:b6:51:09:88:c7:c7:2b:39:2e: 8c:c0:1d:2d:6b:17:c7:32:da:cc:c9:58:39:6c:4d: f4:95:8f:5d:c9:93:1b:6e:ce:52:25:54:32:13:e1: 96:be:b8:ab:5c:1d:28:27:d0:45:cd:00:a0:6d:70: bc:f7:a8:f2:94:e0:7b:fc:33:12:11:1b:11:22:7b: 9a:7f:38:f3:ce:5d:c5:c1:9d:9b:32:1d:37:83:39: f4:b8:fc:61:31:6a:eb:89:9d:10:d4:9e:e7:ad:d9: fe:0d:de:02:45:75:b7:7f:01:be:89:65:cd:2f:95: 1d:b0:88:7f:7a:1c:57:2e:52:1d:e6:4f:3b:33:93: f7:b1:cb:43:23:fa:42:ac:3c:35:ee:7e:42:04:f1: a1:51:a6:7c:4e:e2:e1:44:e3:33:28:96:ac:06:f1: f2:e1:f5:6b:6a:aa:27:65:9d:ec:f0:25:8b:ae:3a: bd:17:57:18:a1:b2:49:21:eb:4a:88:b5:04:51:59: df:bf:a2:82:bc:5b:b2:4c:2f:3f:32:f9:95:47:83: 22:59:36:75:de:33:eb:ed:13:00:2c:ac:d3:da:31: c2:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:34:46:C3:A6:6C:F9:DE:9B:A4:3B:D0:FA:42:FA:0A:54:46:E0:89 X509v3 Authority Key Identifier: keyid:41:96:23:0E:58:DE:CC:0C:BC:FB:15:F5:6A:A6:4D:ED:D1:F3:89:F5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QZYjDljezAy8-xX1aqZN7dHzifU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/oTRGw6Zs-d6bpDvQ-kL6ClRG4Ik.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/QZYjDljezAy8-xX1aqZN7dHzifU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.106.204.0/24 195.128.162.0/24 195.128.178.0/24 Signature Algorithm: sha256WithRSAEncryption 36:69:0b:6f:f5:07:e3:ea:20:f2:1a:84:6f:35:dd:f4:fe:59: 4c:e5:08:a7:1f:ea:0a:a8:16:0f:79:6a:ea:da:0c:a1:5c:54: 3a:41:e7:74:5a:e3:59:91:5a:40:a0:ed:62:36:09:72:ad:af: 73:e3:2b:c3:9d:7c:fe:c7:80:f6:ae:97:46:28:e0:ad:8b:f1: f6:c4:e6:59:8a:39:df:ea:f4:05:9f:fc:25:af:60:67:15:97: 16:be:ae:de:be:ff:2d:5a:15:ac:ba:38:a1:cb:8b:9a:1b:17: 99:69:03:7d:40:d1:9c:43:89:fd:0c:46:fd:05:73:f5:7c:1e: 2a:f7:f0:cf:d9:f6:26:64:d3:9d:3b:21:4c:e2:17:f9:3e:4a: 0d:c2:0e:89:7a:27:f0:d0:79:66:b0:09:f3:10:53:77:13:9f: 33:b9:09:79:a1:09:cc:fd:b9:9d:bc:91:d8:90:3f:ad:79:89: 0a:47:86:10:43:b4:a6:42:ff:c5:f2:d4:c1:83:89:86:91:7e: f4:4c:a8:70:c5:9d:ed:24:b1:52:15:f2:81:24:2a:02:e5:23: c5:49:49:e8:4b:c0:bc:48:c6:bb:ad:69:4e:30:5e:02:bc:d7: d2:81:32:c3:39:0a:d4:6c:e5:48:2b:2a:66:be:68:69:45:f8: 60:80:b8:65 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt5fxmLNeIJfwwKL+JigJKFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxOTYyMzBlNThkZWNjMGNiY2ZiMTVmNTZhYTY0ZGVkZDFm Mzg5ZjUwHhcNMjYwMTAxMTIxODUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMTM0NDZjM2E2NmNmOWRlOWJhNDNiZDBmYTQyZmEwYTU0NDZlMDg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuna+kze6bf3pzv4DM0L7s7No0VmQ 9xcv3CNDGvyqQ9bGTHS2UQmIx8crOS6MwB0taxfHMtrMyVg5bE30lY9dyZMbbs5S JVQyE+GWvrirXB0oJ9BFzQCgbXC896jylOB7/DMSERsRInuafzjzzl3FwZ2bMh03 gzn0uPxhMWrriZ0Q1J7nrdn+Dd4CRXW3fwG+iWXNL5UdsIh/ehxXLlId5k87M5P3 sctDI/pCrDw17n5CBPGhUaZ8TuLhROMzKJasBvHy4fVraqonZZ3s8CWLrjq9F1cY obJJIetKiLUEUVnfv6KCvFuyTC8/MvmVR4MiWTZ13jPr7RMALKzT2jHC1QIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFKE0RsOmbPnem6Q70PpC+gpURuCJMB8GA1UdIwQY MBaAFEGWIw5Y3swMvPsV9WqmTe3R84n1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUVpZakRsamV6QXk4LXhYMWFxWk43ZEh6aWZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kYTk2ZjUtM2YzMy00NmY5LWE1MTQt MmJlZmZmZDU3ZmI3LzEvb1RSR3c2WnMtZDZicER2US1rTDZDbFJHNElrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC9kYTk2ZjUtM2YzMy00NmY5LWE1MTQtMmJlZmZmZDU3ZmI3 LzEvUVpZakRsamV6QXk4LXhYMWFxWk43ZEh6aWZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWWrMAwQA w4CiAwQAw4CyMA0GCSqGSIb3DQEBCwUAA4IBAQA2aQtv9Qfj6iDyGoRvNd30/llM 5QinH+oKqBYPeWrq2gyhXFQ6Qed0WuNZkVpAoO1iNglyra9z4yvDnXz+x4D2rpdG KOCti/H2xOZZijnf6vQFn/wlr2BnFZcWvq7evv8tWhWsujihy4uaGxeZaQN9QNGc Q4n9DEb9BXP1fB4q9/DP2fYmZNOdOyFM4hf5PkoNwg6Jeifw0HlmsAnzEFN3E58z uQl5oQnM/bmdvJHYkD+teYkKR4YQQ7SmQv/F8tTBg4mGkX70TKhwxZ3tJLFSFfKB JCoC5SPFSUnoS8C8SMa7rWlOMF4CvNfSgTLDOQrUbOVIKypmvmhpRfhggLhl -----END CERTIFICATE-----Generated at Mon Jan 19 23:21:43 2026 by rpki-client