This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/oCkrji-yhOLJX8VHxwbdTNBaxF4.roa File: oCkrji-yhOLJX8VHxwbdTNBaxF4.roa (raw, json) Hash identifier: vhMG86jwpjaLSfFs6ZRS9x4Io+mWCNdI1hjeUMa7cfs= Subject key identifier: A0:29:2B:8E:2F:B2:84:E2:C9:5F:C5:47:C7:06:DD:4C:D0:5A:C4:5E Certificate issuer: /CN=3406a12ecc53a251a75ce7bacaac9e41aee8b4ca Certificate serial: 019B797DDCF6525AE39C569AA6195148E68C Authority key identifier: 34:06:A1:2E:CC:53:A2:51:A7:5C:E7:BA:CA:AC:9E:41:AE:E8:B4:CA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/oCkrji-yhOLJX8VHxwbdTNBaxF4.roa Signing time: Thu 01 Jan 2026 12:17:30 +0000 ROA not before: Thu 01 Jan 2026 12:17:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206767 IP address blocks: 185.171.12.0/24 maxlen: 24 185.171.13.0/24 maxlen: 24 185.171.14.0/24 maxlen: 24 185.171.15.0/24 maxlen: 24 2a0d:580::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.crl rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 12:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7d:dc:f6:52:5a:e3:9c:56:9a:a6:19:51:48:e6:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3406a12ecc53a251a75ce7bacaac9e41aee8b4ca Validity Not Before: Jan 1 12:17:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a0292b8e2fb284e2c95fc547c706dd4cd05ac45e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:c1:b0:73:04:2c:88:ec:c9:35:db:7f:b6:1b: 2d:ce:36:16:82:e9:6e:42:7d:29:24:1d:e0:32:78: 50:60:e8:74:60:04:37:d4:d1:ae:93:a0:4f:84:96: af:6a:ae:37:17:8d:ad:b0:57:80:8d:bb:78:67:d8: dc:fa:1c:5a:c2:e5:09:f1:84:fd:95:fa:d1:1d:ec: 2f:48:03:0c:7a:93:6d:f1:36:5a:e3:8a:4a:15:9c: 4c:12:08:7b:fe:e8:eb:8f:81:10:e5:08:3f:e7:7a: ff:31:84:35:15:cc:5e:77:1c:62:43:09:1a:37:0a: e8:f8:f4:7e:ef:55:35:a1:9c:24:b2:37:d6:e2:fe: 42:23:ea:8d:be:df:f5:59:e6:e7:77:4c:0b:ba:75: ac:8b:1e:3b:cb:e3:86:20:71:d9:6f:4a:d2:02:72: f8:e4:a0:57:19:a4:da:4a:04:f9:ac:d1:6a:62:19: c5:6e:9d:72:66:60:b8:8a:29:98:5e:19:2c:ba:82: 66:5d:38:4d:e5:be:0c:4e:9a:5d:94:53:c2:e0:57: d6:af:1b:12:f5:bb:72:f6:00:05:99:b3:39:7a:9a: a1:96:85:4c:cf:5d:40:64:51:0c:cb:a0:94:dd:a9: 84:45:a9:16:0a:99:3b:46:d3:73:db:45:68:aa:47: 96:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:29:2B:8E:2F:B2:84:E2:C9:5F:C5:47:C7:06:DD:4C:D0:5A:C4:5E X509v3 Authority Key Identifier: keyid:34:06:A1:2E:CC:53:A2:51:A7:5C:E7:BA:CA:AC:9E:41:AE:E8:B4:CA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/oCkrji-yhOLJX8VHxwbdTNBaxF4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.171.12.0/22 IPv6: 2a0d:580::/32 Signature Algorithm: sha256WithRSAEncryption 2a:51:30:b7:a1:c0:e5:7b:56:aa:67:e6:74:66:0d:85:48:94: 09:10:ea:21:06:4c:81:8a:67:80:96:c7:e8:ca:ce:27:c4:59: 90:41:c6:c5:6d:c2:e7:0a:36:c8:2b:67:d2:45:fd:1a:9f:d5: f5:4f:12:25:38:c1:f6:2a:90:2b:3c:69:fa:72:fd:09:ea:ea: bd:38:ea:f1:a4:32:ab:91:a2:bd:9d:84:66:f8:22:c5:6d:10: 8f:11:71:a3:ca:b3:46:89:bd:3f:51:5a:79:e8:06:f2:ca:cf: 88:c3:bd:4c:11:dd:76:07:ec:0c:02:af:18:fa:7a:96:96:b1: d2:5b:a6:18:d3:66:11:25:0b:5d:e9:b4:b6:a1:87:7d:c8:5f: 4c:b6:06:90:d3:4e:5e:12:c1:f6:ea:bb:30:08:d1:30:86:c3: 53:9c:bf:6e:47:c9:ed:53:ce:a1:33:98:a9:0e:0d:4a:60:f4: 7c:2d:be:67:d7:3f:8c:21:73:f3:0d:49:82:1c:aa:6a:07:c0: 02:7d:3e:03:b9:63:99:e6:e5:4f:fa:45:03:01:12:00:67:74: bb:66:5f:d2:27:0d:0f:6a:dd:b8:f5:66:e4:b7:21:49:24:56: d4:d6:87:d5:90:e5:f1:53:fa:e5:5a:e5:55:9f:ba:a7:a5:0e: c5:2a:bd:dd -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt5fdz2UlrjnFaaphlRSOaMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0MDZhMTJlY2M1M2EyNTFhNzVjZTdiYWNhYWM5ZTQxYWVl OGI0Y2EwHhcNMjYwMTAxMTIxNzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMDI5MmI4ZTJmYjI4NGUyYzk1ZmM1NDdjNzA2ZGQ0Y2QwNWFjNDVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsGwcwQsiOzJNdt/thstzjYWgulu Qn0pJB3gMnhQYOh0YAQ31NGuk6BPhJavaq43F42tsFeAjbt4Z9jc+hxawuUJ8YT9 lfrRHewvSAMMepNt8TZa44pKFZxMEgh7/ujrj4EQ5Qg/53r/MYQ1FcxedxxiQwka Nwro+PR+71U1oZwksjfW4v5CI+qNvt/1Webnd0wLunWsix47y+OGIHHZb0rSAnL4 5KBXGaTaSgT5rNFqYhnFbp1yZmC4iimYXhksuoJmXThN5b4MTppdlFPC4FfWrxsS 9bty9gAFmbM5epqhloVMz11AZFEMy6CU3amERakWCpk7RtNz20VoqkeWYQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFKApK44vsoTiyV/FR8cG3UzQWsReMB8GA1UdIwQY MBaAFDQGoS7MU6JRp1znusqsnkGu6LTKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkFhaExzeFRvbEduWE9lNnlxeWVRYTdvdE1vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84N2Y5MmUtNGU2Ny00YWM5LTk2YzUt YTc3OWJhYWE3NTk5LzEvb0NrcmppLXloT0xKWDhWSHh3YmRUTkJheEY0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Mi84N2Y5MmUtNGU2Ny00YWM5LTk2YzUtYTc3OWJhYWE3NTk5 LzEvTkFhaExzeFRvbEduWE9lNnlxeWVRYTdvdE1vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuasMMA0E AgACMAcDBQAqDQWAMA0GCSqGSIb3DQEBCwUAA4IBAQAqUTC3ocDle1aqZ+Z0Zg2F SJQJEOohBkyBimeAlsfoys4nxFmQQcbFbcLnCjbIK2fSRf0an9X1TxIlOMH2KpAr PGn6cv0J6uq9OOrxpDKrkaK9nYRm+CLFbRCPEXGjyrNGib0/UVp56Abyys+Iw71M Ed12B+wMAq8Y+nqWlrHSW6YY02YRJQtd6bS2oYd9yF9MtgaQ005eEsH26rswCNEw hsNTnL9uR8ntU86hM5ipDg1KYPR8Lb5n1z+MIXPzDUmCHKpqB8ACfT4DuWOZ5uVP +kUDARIAZ3S7Zl/SJw0Pat249WbktyFJJFbU1ofVkOXxU/rlWuVVn7qnpQ7FKr3d -----END CERTIFICATE-----Generated at Mon Feb 9 18:42:31 2026 by rpki-client