This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/eba459-03d3-4cd5-8606-25c5f7123e35/1/opgto3lf-uASZpY1UQFHGbhOzeU.roa File: opgto3lf-uASZpY1UQFHGbhOzeU.roa (raw, json) Hash identifier: 3TR6BeZ5ansPG9ZOYBmWYTVEtFBiV31qgxyOFhIhE/E= Subject key identifier: A2:98:2D:A3:79:5F:FA:E0:12:66:96:35:51:01:47:19:B8:4E:CD:E5 Certificate issuer: /CN=a214fabfef203a8ee08ccb47dd6473fce799a28f Certificate serial: 019B7EA71BDEDE37D78CAB6C5E733B7C9557 Authority key identifier: A2:14:FA:BF:EF:20:3A:8E:E0:8C:CB:47:DD:64:73:FC:E7:99:A2:8F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ohT6v-8gOo7gjMtH3WRz_OeZoo8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/eba459-03d3-4cd5-8606-25c5f7123e35/1/opgto3lf-uASZpY1UQFHGbhOzeU.roa Signing time: Fri 02 Jan 2026 12:20:39 +0000 ROA not before: Fri 02 Jan 2026 12:20:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49544 IP address blocks: 89.104.160.0/21 maxlen: 21 2a00:1708::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/eba459-03d3-4cd5-8606-25c5f7123e35/1/ohT6v-8gOo7gjMtH3WRz_OeZoo8.crl rsync://rpki.ripe.net/repository/DEFAULT/87/eba459-03d3-4cd5-8606-25c5f7123e35/1/ohT6v-8gOo7gjMtH3WRz_OeZoo8.mft rsync://rpki.ripe.net/repository/DEFAULT/ohT6v-8gOo7gjMtH3WRz_OeZoo8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:1b:de:de:37:d7:8c:ab:6c:5e:73:3b:7c:95:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a214fabfef203a8ee08ccb47dd6473fce799a28f Validity Not Before: Jan 2 12:20:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a2982da3795ffae01266963551014719b84ecde5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:91:5d:12:2a:f2:e0:d5:d6:e2:79:58:85:a5: f4:60:c3:9b:a5:96:a7:e1:97:75:df:bc:95:5a:8b: 25:a5:18:83:53:95:20:a4:ef:62:6b:3b:55:0d:0b: 59:6f:a5:e3:a0:29:a5:24:e1:91:93:43:3a:26:5b: 43:44:77:a8:8b:a5:cd:fb:40:91:14:f3:91:ec:4e: 99:bb:f9:f8:7f:69:1d:78:1e:e7:e7:cd:b3:0e:f2: 1d:ec:05:0d:6f:5f:41:c1:7e:0f:29:ca:8e:62:8f: 47:67:81:3b:06:8f:93:af:51:38:8d:e7:33:2b:5c: 92:d4:35:b9:03:0d:11:3a:bc:2a:7e:7e:74:7f:2e: 4a:0b:65:1c:0a:a2:00:cd:a3:8c:c7:03:91:f1:a0: 6b:ef:22:b4:49:55:cf:63:9a:09:55:e3:fd:bd:55: fd:a5:ea:bd:e7:6f:08:c1:4e:19:93:56:12:15:44: c0:73:1c:ab:47:59:03:48:cd:21:75:7d:c2:00:8c: 3d:7b:06:d3:76:60:08:41:c3:dd:39:1d:22:7c:30: 43:01:2e:fb:71:f9:f5:99:f7:cf:46:83:68:46:ce: 50:55:8c:3f:03:b1:11:89:78:22:72:fe:4f:56:97: be:7c:e7:fd:c8:1f:ba:94:e3:bf:e2:28:09:02:a8: f3:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:98:2D:A3:79:5F:FA:E0:12:66:96:35:51:01:47:19:B8:4E:CD:E5 X509v3 Authority Key Identifier: keyid:A2:14:FA:BF:EF:20:3A:8E:E0:8C:CB:47:DD:64:73:FC:E7:99:A2:8F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ohT6v-8gOo7gjMtH3WRz_OeZoo8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/eba459-03d3-4cd5-8606-25c5f7123e35/1/opgto3lf-uASZpY1UQFHGbhOzeU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/eba459-03d3-4cd5-8606-25c5f7123e35/1/ohT6v-8gOo7gjMtH3WRz_OeZoo8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.104.160.0/21 IPv6: 2a00:1708::/32 Signature Algorithm: sha256WithRSAEncryption b8:93:f3:da:ec:df:8e:38:8c:aa:e9:e9:e3:bd:3d:98:7c:4e: bf:77:b9:96:c3:fe:db:16:69:5f:0f:bb:12:83:15:87:e7:3b: 24:c8:81:bd:36:4d:93:cc:70:ac:dd:93:b9:7f:c2:d7:1c:e0: 83:47:12:16:d1:cc:58:70:b4:ff:df:bb:09:96:36:20:c0:e2: 9a:07:01:d8:d3:f9:be:42:f8:cf:0b:1d:e6:79:85:7d:02:40: 10:1e:5c:14:36:b0:c6:b2:95:10:4e:74:88:40:fc:28:26:1d: f6:b8:5c:f7:3a:53:a3:d9:ce:6c:b9:fd:84:5b:9a:dc:ad:84: af:03:72:ee:e3:01:70:c7:8c:d1:c5:e4:c8:39:70:fa:57:d7: 68:4a:9b:6a:e2:c5:a4:54:d5:73:ef:fb:6c:09:56:73:72:98: 33:83:e4:53:69:a6:1b:25:18:d4:26:d2:22:79:c9:1d:10:a0: 79:53:23:96:45:e0:c4:7f:b6:2e:6e:22:8d:e4:04:a2:da:da: d2:cf:91:8a:62:fd:16:b9:33:03:39:e8:a3:95:b2:1e:25:2c: 4e:6e:dd:18:b6:cc:cf:36:02:fd:81:73:a4:c6:4b:2e:1b:74: 24:13:ac:1b:51:54:13:11:1f:3b:1b:f8:44:ee:ba:00:fc:58: 12:14:00:0b -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt+pxve3jfXjKtsXnM7fJVXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyMTRmYWJmZWYyMDNhOGVlMDhjY2I0N2RkNjQ3M2ZjZTc5 OWEyOGYwHhcNMjYwMTAyMTIyMDM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMjk4MmRhMzc5NWZmYWUwMTI2Njk2MzU1MTAxNDcxOWI4NGVjZGU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZFdEiry4NXW4nlYhaX0YMObpZan 4Zd137yVWoslpRiDU5UgpO9iaztVDQtZb6XjoCmlJOGRk0M6JltDRHeoi6XN+0CR FPOR7E6Zu/n4f2kdeB7n582zDvId7AUNb19BwX4PKcqOYo9HZ4E7Bo+Tr1E4jecz K1yS1DW5Aw0ROrwqfn50fy5KC2UcCqIAzaOMxwOR8aBr7yK0SVXPY5oJVeP9vVX9 peq9528IwU4Zk1YSFUTAcxyrR1kDSM0hdX3CAIw9ewbTdmAIQcPdOR0ifDBDAS77 cfn1mffPRoNoRs5QVYw/A7ERiXgicv5PVpe+fOf9yB+6lOO/4igJAqjzoQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFKKYLaN5X/rgEmaWNVEBRxm4Ts3lMB8GA1UdIwQY MBaAFKIU+r/vIDqO4IzLR91kc/znmaKPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb2hUNnYtOGdPbzdnak10SDNXUnpfT2Vab284LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9lYmE0NTktMDNkMy00Y2Q1LTg2MDYt MjVjNWY3MTIzZTM1LzEvb3BndG8zbGYtdUFTWnBZMVVRRkhHYmhPemVVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny9lYmE0NTktMDNkMy00Y2Q1LTg2MDYtMjVjNWY3MTIzZTM1 LzEvb2hUNnYtOGdPbzdnak10SDNXUnpfT2Vab284LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDWWigMA0E AgACMAcDBQAqABcIMA0GCSqGSIb3DQEBCwUAA4IBAQC4k/Pa7N+OOIyq6enjvT2Y fE6/d7mWw/7bFmlfD7sSgxWH5zskyIG9Nk2TzHCs3ZO5f8LXHOCDRxIW0cxYcLT/ 37sJljYgwOKaBwHY0/m+QvjPCx3meYV9AkAQHlwUNrDGspUQTnSIQPwoJh32uFz3 OlOj2c5suf2EW5rcrYSvA3Lu4wFwx4zRxeTIOXD6V9doSptq4sWkVNVz7/tsCVZz cpgzg+RTaaYbJRjUJtIieckdEKB5UyOWReDEf7YubiKN5ASi2trSz5GKYv0WuTMD OeijlbIeJSxObt0YtszPNgL9gXOkxksuG3QkE6wbUVQTER87G/hE7roA/FgSFAAL -----END CERTIFICATE-----Generated at Tue Jan 20 01:22:18 2026 by rpki-client