This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/O0rfOGz-McmMnU1eCY2sEgNi7PU.roa File: O0rfOGz-McmMnU1eCY2sEgNi7PU.roa (raw, json) Hash identifier: 4rQUZ3pnpaJVp0N8CW/NojdvUgqmwQuyE4ZpcBYicXU= Subject key identifier: 3B:4A:DF:38:6C:FE:31:C9:8C:9D:4D:5E:09:8D:AC:12:03:62:EC:F5 Certificate issuer: /CN=4da84d247ce37cdccf06e1571d226a2b85677bcd Certificate serial: 019B7DCB12A844F0BF475CD5936AEA403C04 Authority key identifier: 4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/O0rfOGz-McmMnU1eCY2sEgNi7PU.roa Signing time: Fri 02 Jan 2026 08:20:19 +0000 ROA not before: Fri 02 Jan 2026 08:20:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206119 IP address blocks: 185.78.87.0/24 maxlen: 24 185.174.71.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.crl rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.mft rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 11:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:12:a8:44:f0:bf:47:5c:d5:93:6a:ea:40:3c:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4da84d247ce37cdccf06e1571d226a2b85677bcd Validity Not Before: Jan 2 08:20:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3b4adf386cfe31c98c9d4d5e098dac120362ecf5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:86:15:65:2f:73:c1:2f:ff:a5:e4:cd:54:41: 8e:c9:85:a4:d3:a7:3a:2b:ac:16:03:8a:19:b1:dc: 07:bf:82:94:f1:4b:5c:e7:9d:5d:54:a1:50:73:a1: 13:15:90:b2:d9:c5:95:7f:5c:a0:1a:05:7c:ad:83: 9c:ef:f7:45:ff:51:13:f8:82:94:f9:93:20:cf:d9: 18:b4:bc:3a:d9:f2:40:6a:fa:2f:a8:89:5c:5b:c2: ad:ef:97:c4:e2:c5:a1:b7:dc:31:ac:cf:47:0f:6b: 1f:5e:e9:b8:ef:e5:64:41:6a:ca:e2:99:88:91:47: 42:25:b6:7e:bb:a7:45:dc:69:06:3c:eb:44:05:f2: 8f:24:ca:c2:5a:ff:a8:27:46:62:f7:10:40:78:2e: 4e:c9:f4:0f:2b:74:ff:45:3b:56:9c:e6:e2:57:12: 30:ee:50:a1:f4:6c:fe:ad:ff:f3:f6:ec:dc:35:18: 03:9c:6d:58:ef:66:0f:59:64:b2:be:3c:65:10:16: a6:e8:70:01:89:4f:6c:40:53:3f:e4:55:0b:df:6c: e9:d9:77:5d:d7:19:ae:2f:8e:8a:a4:6c:1d:cd:f8: 00:7e:67:2d:73:ea:27:92:40:99:7a:42:4d:dc:46: 49:f3:82:f9:1c:b5:bf:71:2b:4b:37:b6:85:cc:d5: e2:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:4A:DF:38:6C:FE:31:C9:8C:9D:4D:5E:09:8D:AC:12:03:62:EC:F5 X509v3 Authority Key Identifier: keyid:4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/O0rfOGz-McmMnU1eCY2sEgNi7PU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.78.87.0/24 185.174.71.0/24 Signature Algorithm: sha256WithRSAEncryption 1d:7f:2b:ee:71:01:29:41:ed:b2:5d:1c:c5:e2:2f:3b:0b:39: 88:26:2b:95:2b:21:d6:b4:1a:4e:fc:7b:8e:26:f1:4f:b3:a5: 63:3c:80:eb:43:0c:f7:5a:c1:db:99:05:33:eb:c7:ec:67:5d: c5:72:f4:c7:5a:92:66:9e:a1:b7:23:7f:2d:7d:7a:57:e0:6f: 52:c7:5e:d7:9a:90:bc:5d:7f:9f:8c:5d:d9:51:10:ef:b1:0f: a6:43:b6:43:5c:17:79:ef:9b:3f:55:b5:48:18:0f:a1:69:ee: 94:9c:6a:0b:8f:e9:bd:3b:e1:ed:9e:0d:a2:d2:07:31:6a:32: 19:d1:59:07:83:c6:b8:2a:64:5f:8d:f9:4c:f4:21:b7:a8:1b: 76:37:22:52:8e:b9:3f:3c:ab:64:3d:82:ff:e3:ba:40:40:6b: 5b:2e:d6:50:28:33:6e:d0:7a:55:8b:99:e0:7b:0b:17:ad:70: 24:44:1f:92:cc:3c:a8:a5:c4:a1:83:4c:a5:f8:51:7e:1d:aa: 48:77:30:5d:1a:f4:4b:17:d9:f7:b2:95:21:3d:2f:1c:d2:e3: a2:83:7d:55:fc:4b:8f:00:c4:3b:52:5c:44:cc:2c:cc:12:e3: 97:30:41:22:1f:03:c3:85:04:27:09:de:7d:e9:b6:8b:1b:77: 72:e9:83:9e -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9yxKoRPC/R1zVk2rqQDwEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRkYTg0ZDI0N2NlMzdjZGNjZjA2ZTE1NzFkMjI2YTJiODU2 NzdiY2QwHhcNMjYwMTAyMDgyMDE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYjRhZGYzODZjZmUzMWM5OGM5ZDRkNWUwOThkYWMxMjAzNjJlY2Y1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4YVZS9zwS//peTNVEGOyYWk06c6 K6wWA4oZsdwHv4KU8Utc551dVKFQc6ETFZCy2cWVf1ygGgV8rYOc7/dF/1ET+IKU +ZMgz9kYtLw62fJAavovqIlcW8Kt75fE4sWht9wxrM9HD2sfXum47+VkQWrK4pmI kUdCJbZ+u6dF3GkGPOtEBfKPJMrCWv+oJ0Zi9xBAeC5OyfQPK3T/RTtWnObiVxIw 7lCh9Gz+rf/z9uzcNRgDnG1Y72YPWWSyvjxlEBam6HABiU9sQFM/5FUL32zp2Xdd 1xmuL46KpGwdzfgAfmctc+onkkCZekJN3EZJ84L5HLW/cStLN7aFzNXimwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFDtK3zhs/jHJjJ1NXgmNrBIDYuz1MB8GA1UdIwQY MBaAFE2oTSR843zczwbhVx0iaiuFZ3vNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGIt NTU1OGE4YjUzZTNkLzEvTzByZk9Hei1NY21NblUxZUNZMnNFZ05pN1BVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGItNTU1OGE4YjUzZTNk LzEvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuU5XAwQA ua5HMA0GCSqGSIb3DQEBCwUAA4IBAQAdfyvucQEpQe2yXRzF4i87CzmIJiuVKyHW tBpO/HuOJvFPs6VjPIDrQwz3WsHbmQUz68fsZ13FcvTHWpJmnqG3I38tfXpX4G9S x17XmpC8XX+fjF3ZURDvsQ+mQ7ZDXBd575s/VbVIGA+hae6UnGoLj+m9O+Htng2i 0gcxajIZ0VkHg8a4KmRfjflM9CG3qBt2NyJSjrk/PKtkPYL/47pAQGtbLtZQKDNu 0HpVi5ngewsXrXAkRB+SzDyopcShg0yl+FF+HapIdzBdGvRLF9n3spUhPS8c0uOi g31V/EuPAMQ7UlxEzCzMEuOXMEEiHwPDhQQnCd596baLG3dy6YOe -----END CERTIFICATE-----Generated at Wed Jan 21 19:00:20 2026 by rpki-client