This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/fc96a4-36d1-4c3d-850b-3cd417aee9ce/1/oqNjVEEZfgF_pXpWc6CrASntmYs.roa File: oqNjVEEZfgF_pXpWc6CrASntmYs.roa (raw, json) Hash identifier: jOJJEomQIaI7d5om0st81IDIJu3E4sOZ9MO04rQCsvw= Subject key identifier: A2:A3:63:54:41:19:7E:01:7F:A5:7A:56:73:A0:AB:01:29:ED:99:8B Certificate issuer: /CN=580dddb511603e41c2b7abba3d249d5ef5ed4d11 Certificate serial: 019B7C1330979FEB8F84271D51E7ECA75C86 Authority key identifier: 58:0D:DD:B5:11:60:3E:41:C2:B7:AB:BA:3D:24:9D:5E:F5:ED:4D:11 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WA3dtRFgPkHCt6u6PSSdXvXtTRE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/fc96a4-36d1-4c3d-850b-3cd417aee9ce/1/oqNjVEEZfgF_pXpWc6CrASntmYs.roa Signing time: Fri 02 Jan 2026 00:19:50 +0000 ROA not before: Fri 02 Jan 2026 00:19:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201119 IP address blocks: 185.195.144.0/24 maxlen: 24 185.195.145.0/24 maxlen: 24 185.195.146.0/24 maxlen: 24 185.195.147.0/24 maxlen: 24 2a0a:5bc0::/48 maxlen: 48 2a0a:5bc0:1::/48 maxlen: 48 2a0a:5bc0:2::/48 maxlen: 48 2a0a:5bc0:3::/48 maxlen: 48 2a0a:5bc0:4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/fc96a4-36d1-4c3d-850b-3cd417aee9ce/1/WA3dtRFgPkHCt6u6PSSdXvXtTRE.crl rsync://rpki.ripe.net/repository/DEFAULT/82/fc96a4-36d1-4c3d-850b-3cd417aee9ce/1/WA3dtRFgPkHCt6u6PSSdXvXtTRE.mft rsync://rpki.ripe.net/repository/DEFAULT/WA3dtRFgPkHCt6u6PSSdXvXtTRE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 09:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:30:97:9f:eb:8f:84:27:1d:51:e7:ec:a7:5c:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=580dddb511603e41c2b7abba3d249d5ef5ed4d11 Validity Not Before: Jan 2 00:19:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a2a3635441197e017fa57a5673a0ab0129ed998b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:24:41:90:0a:d2:59:80:cd:62:af:9b:75:ca: 00:5b:c5:4e:31:d0:80:a3:64:50:b6:7b:02:06:cc: 5d:96:7f:39:9d:82:8a:3a:5f:80:8b:7d:f2:a6:ec: e0:48:30:0d:91:96:93:42:a2:55:3d:fd:c5:fb:31: 81:1d:34:5a:71:94:e4:14:0b:19:7b:5e:c0:4e:b3: 1b:4c:73:00:1c:54:03:6c:fb:d7:5d:ec:49:d3:1b: c2:d6:cc:ac:4c:c0:33:9d:3d:16:28:34:26:ce:b0: 3f:14:2f:9a:09:82:cb:6f:af:54:21:0a:56:4e:61: 7c:07:69:0d:8c:43:f8:d3:35:01:9f:af:a9:50:7d: 5c:00:28:d7:5a:37:76:ac:97:bd:e1:14:78:b4:0b: 67:6e:03:e1:87:12:5f:c1:4f:91:aa:fc:d4:c0:46: 63:c2:fe:63:07:5a:37:16:d3:a0:69:d7:c9:74:6e: 7c:60:55:1f:d8:79:f8:4b:69:82:a7:0d:23:ce:5d: 04:21:6d:85:b0:f9:39:51:b3:56:48:85:01:de:41: 0f:30:e9:30:ab:7b:22:62:41:1c:33:6e:04:60:4d: 60:ad:36:04:d2:5b:e6:66:03:05:29:c8:b6:6d:ae: 53:b5:a5:e1:61:f0:12:55:b2:c9:b2:2b:0f:1b:9d: 81:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:A3:63:54:41:19:7E:01:7F:A5:7A:56:73:A0:AB:01:29:ED:99:8B X509v3 Authority Key Identifier: keyid:58:0D:DD:B5:11:60:3E:41:C2:B7:AB:BA:3D:24:9D:5E:F5:ED:4D:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WA3dtRFgPkHCt6u6PSSdXvXtTRE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/fc96a4-36d1-4c3d-850b-3cd417aee9ce/1/oqNjVEEZfgF_pXpWc6CrASntmYs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/82/fc96a4-36d1-4c3d-850b-3cd417aee9ce/1/WA3dtRFgPkHCt6u6PSSdXvXtTRE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.195.144.0/22 IPv6: 2a0a:5bc0::-2a0a:5bc0:4:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 58:db:4f:dd:c3:50:e4:cb:b0:18:a4:f3:e6:92:11:0c:bc:31: bb:00:39:e1:ec:d8:4e:d2:85:10:0b:c9:ac:b7:0b:3b:73:9f: 04:52:d1:fa:b6:34:51:d0:a3:f3:a3:58:4d:2c:8b:98:d3:79: 7a:4b:7c:d6:2f:1d:83:6f:4a:2a:b7:3a:21:fa:5a:42:29:24: d8:9b:a1:d4:e5:aa:00:99:5a:99:5f:e4:5a:50:d0:91:64:6c: e5:78:bd:c0:33:74:12:68:84:7b:a0:30:0c:e5:f9:49:0f:16: c9:1d:11:d3:37:10:21:b3:c4:b3:4f:82:61:59:1f:45:b0:4c: fc:3a:75:82:3b:cd:67:75:96:a4:0b:57:2b:b6:9a:66:47:81: 11:6a:29:f8:b2:a3:6f:48:aa:a9:63:2d:a0:ee:1e:85:b5:93: 28:2e:60:53:ac:42:c8:79:ba:f2:44:bf:ca:03:65:d1:c9:47: dc:42:ad:21:cd:e5:d1:99:df:ba:59:c1:e7:ea:2d:89:bf:51: 8d:b9:51:44:2a:02:4e:ea:23:dd:e8:13:d3:ed:a9:cb:45:30: 59:35:4a:43:a5:29:9c:53:b4:03:b5:eb:3c:7f:71:72:0b:a7: bd:a8:3d:d6:05:1b:5e:4e:9c:f9:f4:6f:e6:b5:05:4c:f8:33: e6:e1:8b:76 -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZt8EzCXn+uPhCcdUefsp1yGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU4MGRkZGI1MTE2MDNlNDFjMmI3YWJiYTNkMjQ5ZDVlZjVl ZDRkMTEwHhcNMjYwMTAyMDAxOTUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMmEzNjM1NDQxMTk3ZTAxN2ZhNTdhNTY3M2EwYWIwMTI5ZWQ5OThiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSRBkArSWYDNYq+bdcoAW8VOMdCA o2RQtnsCBsxdln85nYKKOl+Ai33ypuzgSDANkZaTQqJVPf3F+zGBHTRacZTkFAsZ e17ATrMbTHMAHFQDbPvXXexJ0xvC1sysTMAznT0WKDQmzrA/FC+aCYLLb69UIQpW TmF8B2kNjEP40zUBn6+pUH1cACjXWjd2rJe94RR4tAtnbgPhhxJfwU+RqvzUwEZj wv5jB1o3FtOgadfJdG58YFUf2Hn4S2mCpw0jzl0EIW2FsPk5UbNWSIUB3kEPMOkw q3siYkEcM24EYE1grTYE0lvmZgMFKci2ba5TtaXhYfASVbLJsisPG52BFQIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFKKjY1RBGX4Bf6V6VnOgqwEp7ZmLMB8GA1UdIwQY MBaAFFgN3bURYD5Bwreruj0knV717U0RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV0EzZHRSRmdQa0hDdDZ1NlBTU2RYdlh0VFJFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9mYzk2YTQtMzZkMS00YzNkLTg1MGIt M2NkNDE3YWVlOWNlLzEvb3FOalZFRVpmZ0ZfcFhwV2M2Q3JBU250bVlzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Mi9mYzk2YTQtMzZkMS00YzNkLTg1MGItM2NkNDE3YWVlOWNl LzEvV0EzZHRSRmdQa0hDdDZ1NlBTU2RYdlh0VFJFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCucOQMBgE AgACMBIwEAMFBioKW8ADBwAqClvAAAQwDQYJKoZIhvcNAQELBQADggEBAFjbT93D UOTLsBik8+aSEQy8MbsAOeHs2E7ShRALyay3CztznwRS0fq2NFHQo/OjWE0si5jT eXpLfNYvHYNvSiq3OiH6WkIpJNibodTlqgCZWplf5FpQ0JFkbOV4vcAzdBJohHug MAzl+UkPFskdEdM3ECGzxLNPgmFZH0WwTPw6dYI7zWd1lqQLVyu2mmZHgRFqKfiy o29IqqljLaDuHoW1kyguYFOsQsh5uvJEv8oDZdHJR9xCrSHN5dGZ37pZwefqLYm/ UY25UUQqAk7qI93oE9PtqctFMFk1SkOlKZxTtAO16zx/cXILp72oPdYFG15OnPn0 b+a1BUz4M+bhi3Y= -----END CERTIFICATE-----Generated at Mon Jan 26 13:45:13 2026 by rpki-client