This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/OBr2F303x9MDT8JTGnvzPF-wvXc.roa File: OBr2F303x9MDT8JTGnvzPF-wvXc.roa (raw, json) Hash identifier: cOK1QoBz3jKcCO+ykZwrg17kbD5d5rmbhZzkw1sT9nY= Subject key identifier: 38:1A:F6:17:7D:37:C7:D3:03:4F:C2:53:1A:7B:F3:3C:5F:B0:BD:77 Certificate issuer: /CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626 Certificate serial: 019B7BA3D6AE15BCE55F248045CF1C197970 Authority key identifier: 51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/OBr2F303x9MDT8JTGnvzPF-wvXc.roa Signing time: Thu 01 Jan 2026 22:18:13 +0000 ROA not before: Thu 01 Jan 2026 22:18:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206300 IP address blocks: 212.100.170.0/24 maxlen: 24 212.100.174.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.mft rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 11 Jan 2026 22:01:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:d6:ae:15:bc:e5:5f:24:80:45:cf:1c:19:79:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626 Validity Not Before: Jan 1 22:18:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=381af6177d37c7d3034fc2531a7bf33c5fb0bd77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:2b:cd:68:c1:eb:3e:51:ab:3c:3d:31:84:6d: 22:65:b1:5e:17:ce:9c:de:cb:00:b3:6f:e2:27:b0: f7:3f:02:42:b3:c9:fc:2b:05:7a:09:f3:f0:cb:8c: c4:b2:7e:61:c9:0c:a8:cc:70:04:02:87:3c:37:e1: 86:34:59:a8:7b:01:94:f5:81:2d:6d:00:95:6c:81: 25:60:34:92:44:a9:4d:d4:96:b4:67:41:8d:09:1b: 73:a8:a8:3e:96:0c:09:d5:46:30:c2:57:1f:e6:36: 4d:83:02:6c:e5:6d:45:84:37:46:a9:41:07:85:70: 96:ac:25:d7:a6:77:f7:77:dc:10:9f:92:f9:55:c7: b8:d7:9e:48:af:9b:d9:b9:aa:be:06:9f:29:76:16: 88:37:2c:78:37:49:41:9d:cb:10:c3:d1:b9:6a:b7: 44:c2:37:fd:95:45:33:31:1f:84:b4:1b:f0:bb:37: 74:b9:61:6e:b4:fb:2b:cd:b3:5f:40:9e:87:5f:79: 82:f6:07:fa:ce:9e:74:5a:5a:e1:bb:4f:45:af:9f: a8:04:be:0e:1d:c1:de:cc:56:73:d9:b2:3b:73:95: 13:01:8f:94:50:a0:24:dd:32:05:09:67:e5:ea:73: 54:53:f9:0b:94:cd:7a:c0:1e:18:a7:36:e5:5b:8b: 7a:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:1A:F6:17:7D:37:C7:D3:03:4F:C2:53:1A:7B:F3:3C:5F:B0:BD:77 X509v3 Authority Key Identifier: keyid:51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/OBr2F303x9MDT8JTGnvzPF-wvXc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 212.100.170.0/24 212.100.174.0/24 Signature Algorithm: sha256WithRSAEncryption 98:cb:13:9b:17:fe:9b:b2:ca:6e:e5:67:ee:21:bf:5b:97:2c: 26:53:de:0e:dc:8e:76:0f:ab:45:3d:ed:fb:91:c8:ee:9a:8c: 57:38:bd:2a:78:3c:15:bf:82:fa:b4:4a:76:dc:9d:99:77:c5: e6:ee:53:41:ef:67:29:1b:88:85:0a:45:cb:38:4e:5b:f9:50: 1c:6b:6a:14:eb:61:59:fc:ac:b8:4b:19:0e:46:90:b0:36:33: 20:72:04:e2:43:d1:47:ac:aa:8c:89:ce:ec:53:70:92:fd:70: 4c:80:20:60:14:20:14:cf:93:31:62:e1:1d:fe:c3:ee:b9:f9: cb:cc:dd:c7:16:72:58:9c:57:e4:86:a3:04:7f:16:d6:a7:0a: 0b:1e:44:77:be:63:8a:ac:a5:36:76:1f:1d:8b:e1:27:f1:b1: 80:b6:11:d1:51:01:3a:f7:54:e6:29:3f:50:0c:3b:47:83:61: 17:57:e1:df:f5:eb:32:98:39:01:47:2f:2b:5f:51:1b:d4:3c: 54:72:c2:3b:fd:7c:7e:41:49:f6:d6:e1:56:a8:6d:9e:c9:95: 20:a7:ff:2e:72:dd:0e:6d:d0:01:99:ff:e3:11:de:ab:2d:3d: fe:6e:75:da:3d:6e:91:2d:f7:87:f3:fe:3b:5c:12:ac:2c:0c: 3f:b2:38:76 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt7o9auFbzlXySARc8cGXlwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUxYjQ5YmEwZGQ4NjE1MTI4NjE4ZDUwMTU5Y2IwZjNiNWU5 ZWU2MjYwHhcNMjYwMTAxMjIxODEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzODFhZjYxNzdkMzdjN2QzMDM0ZmMyNTMxYTdiZjMzYzVmYjBiZDc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyvNaMHrPlGrPD0xhG0iZbFeF86c 3ssAs2/iJ7D3PwJCs8n8KwV6CfPwy4zEsn5hyQyozHAEAoc8N+GGNFmoewGU9YEt bQCVbIElYDSSRKlN1Ja0Z0GNCRtzqKg+lgwJ1UYwwlcf5jZNgwJs5W1FhDdGqUEH hXCWrCXXpnf3d9wQn5L5Vce4155Ir5vZuaq+Bp8pdhaINyx4N0lBncsQw9G5ardE wjf9lUUzMR+EtBvwuzd0uWFutPsrzbNfQJ6HX3mC9gf6zp50Wlrhu09Fr5+oBL4O HcHezFZz2bI7c5UTAY+UUKAk3TIFCWfl6nNUU/kLlM16wB4YpzblW4t66QIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFDga9hd9N8fTA0/CUxp78zxfsL13MB8GA1UdIwQY MBaAFFG0m6DdhhUShhjVAVnLDztenuYmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQt NGFiOWU4YWEzMjYyLzEvT0JyMkYzMDN4OU1EVDhKVEdudnpQRi13dlhjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQtNGFiOWU4YWEzMjYy LzEvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1GSqAwQA 1GSuMA0GCSqGSIb3DQEBCwUAA4IBAQCYyxObF/6bsspu5WfuIb9blywmU94O3I52 D6tFPe37kcjumoxXOL0qeDwVv4L6tEp23J2Zd8Xm7lNB72cpG4iFCkXLOE5b+VAc a2oU62FZ/Ky4SxkORpCwNjMgcgTiQ9FHrKqMic7sU3CS/XBMgCBgFCAUz5MxYuEd /sPuufnLzN3HFnJYnFfkhqMEfxbWpwoLHkR3vmOKrKU2dh8di+En8bGAthHRUQE6 91TmKT9QDDtHg2EXV+Hf9esymDkBRy8rX1Eb1DxUcsI7/Xx+QUn21uFWqG2eyZUg p/8uct0ObdABmf/jEd6rLT3+bnXaPW6RLfeH8/47XBKsLAw/sjh2 -----END CERTIFICATE-----Generated at Sun Jan 11 07:31:19 2026 by rpki-client