This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/oFb4jBbqBQ0GaSAPZ2CPzXwpuXU.roa File: oFb4jBbqBQ0GaSAPZ2CPzXwpuXU.roa (raw, json) Hash identifier: ReFO9yx5996yanj90nD2kh+KTbHdkiMkBpj9BJ+Y/vs= Subject key identifier: A0:56:F8:8C:16:EA:05:0D:06:69:20:0F:67:60:8F:CD:7C:29:B9:75 Certificate issuer: /CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3 Certificate serial: 019B7C12453459F89E58F165A99BC5B3444B Authority key identifier: A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/oFb4jBbqBQ0GaSAPZ2CPzXwpuXU.roa Signing time: Fri 02 Jan 2026 00:18:50 +0000 ROA not before: Fri 02 Jan 2026 00:18:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51964 IP address blocks: 149.238.0.0/19 maxlen: 24 149.238.32.0/19 maxlen: 24 149.238.64.0/19 maxlen: 24 149.238.96.0/19 maxlen: 24 149.238.128.0/19 maxlen: 24 149.238.160.0/19 maxlen: 24 149.238.192.0/19 maxlen: 24 149.238.224.0/19 maxlen: 24 192.77.114.0/23 maxlen: 24 192.112.208.0/24 maxlen: 24 193.33.52.0/23 maxlen: 24 193.202.20.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.crl rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.mft rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 24 Jan 2026 09:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:45:34:59:f8:9e:58:f1:65:a9:9b:c5:b3:44:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3 Validity Not Before: Jan 2 00:18:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a056f88c16ea050d0669200f67608fcd7c29b975 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:ca:8f:8d:f1:bb:51:06:82:43:91:16:c5:51: 6f:c3:05:d8:2b:7d:d2:92:2a:cc:3f:8d:68:c0:3b: ab:10:45:47:0c:52:4f:23:1c:96:11:c4:a9:ef:0a: c2:e6:1d:24:8c:c8:56:20:cd:6f:d9:66:01:6a:7b: 53:e7:c4:03:2b:7f:4b:63:e8:de:ef:26:b2:fd:cb: ea:54:ca:c6:13:45:79:a3:62:e6:a9:b8:75:e7:69: 52:e5:f1:1e:22:4c:36:63:8c:ef:9f:29:8f:af:94: b0:1a:e5:4b:2f:1b:a1:a2:7a:2d:20:b9:4d:1d:75: 67:a8:96:a9:88:af:9c:d0:9f:6a:f6:11:aa:1d:ec: 1c:1f:8f:13:a4:2a:1e:dd:af:39:f6:77:70:10:44: 87:f2:06:ef:c8:16:33:f1:e3:1c:fd:fa:9d:5d:19: 07:46:ff:09:ea:fe:85:a4:61:5f:a6:a2:3a:e8:cf: 36:63:e2:b5:a9:4f:f8:e4:5f:b6:98:ba:e0:b7:ba: c8:6b:8c:57:11:d1:8e:06:cb:bd:e2:5b:75:b5:91: 93:03:2f:e1:77:93:82:d4:69:36:26:d8:56:37:6b: 66:4c:f7:a6:ff:1d:4a:cd:11:b1:34:05:9c:a3:01: 1e:c6:68:53:a3:99:aa:32:13:b8:77:fc:8d:f4:12: f4:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:56:F8:8C:16:EA:05:0D:06:69:20:0F:67:60:8F:CD:7C:29:B9:75 X509v3 Authority Key Identifier: keyid:A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/oFb4jBbqBQ0GaSAPZ2CPzXwpuXU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 149.238.0.0/16 192.77.114.0/23 192.112.208.0/24 193.33.52.0/23 193.202.20.0/24 Signature Algorithm: sha256WithRSAEncryption 08:4d:2c:91:99:c5:b2:cd:8a:9c:67:25:34:2c:8b:e5:13:bc: 76:0f:6a:57:c3:f1:f5:a6:fa:4f:82:9c:22:3e:ff:54:ec:b0: a2:9c:a9:53:66:fb:f9:75:ea:95:d7:5a:42:f5:ca:93:24:fd: 10:33:99:de:c6:10:a4:00:ba:67:cd:67:e9:e3:36:f5:06:2b: f3:f4:33:89:6b:37:66:0e:b2:fc:fb:9a:62:46:ec:b1:a5:97: 21:76:d8:73:16:72:ce:10:68:29:c1:68:b8:ac:28:fa:5a:04: fa:86:64:8b:f1:9e:15:84:a2:e2:08:c9:94:ff:63:7b:d0:b0: 27:45:22:97:08:2a:39:8b:3e:87:3f:e3:72:db:e0:aa:78:59: a9:93:1d:e7:b8:61:70:8e:75:01:77:0d:32:65:f8:50:65:4e: 4f:37:17:7c:22:dd:35:ea:15:24:66:64:8a:8d:8b:d6:87:67: 31:3a:28:7d:0e:4a:c0:62:2e:a2:03:df:8d:49:9d:82:19:2e: a6:70:b3:5b:d1:ca:d9:7b:bd:e9:e4:18:01:a3:f5:97:0a:b7: 9a:3e:93:eb:95:b6:73:8b:24:30:06:84:5a:bc:69:51:3f:b6: c0:32:42:59:db:d0:f0:4d:f6:77:b5:f0:95:45:fe:8b:0d:4e: 67:f9:24:84 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt8EkU0WfieWPFlqZvFs0RLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE0MzI3YzU2ZTk0MTE3MWVhM2JlYmEyNmViYjllMjNmNGRm NWJjZjMwHhcNMjYwMTAyMDAxODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMDU2Zjg4YzE2ZWEwNTBkMDY2OTIwMGY2NzYwOGZjZDdjMjliOTc1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8qPjfG7UQaCQ5EWxVFvwwXYK33S kirMP41owDurEEVHDFJPIxyWEcSp7wrC5h0kjMhWIM1v2WYBantT58QDK39LY+je 7yay/cvqVMrGE0V5o2Lmqbh152lS5fEeIkw2Y4zvnymPr5SwGuVLLxuhonotILlN HXVnqJapiK+c0J9q9hGqHewcH48TpCoe3a859ndwEESH8gbvyBYz8eMc/fqdXRkH Rv8J6v6FpGFfpqI66M82Y+K1qU/45F+2mLrgt7rIa4xXEdGOBsu94lt1tZGTAy/h d5OC1Gk2JthWN2tmTPem/x1KzRGxNAWcowEexmhTo5mqMhO4d/yN9BL0pwIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFKBW+IwW6gUNBmkgD2dgj818Kbl1MB8GA1UdIwQY MBaAFKQyfFbpQRceo766Juu54j9N9bzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWIt MjhjMzQzY2U5ZDVkLzEvb0ZiNGpCYnFCUTBHYVNBUFoyQ1B6WHdwdVhVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWItMjhjMzQzY2U5ZDVk LzEvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAATAdAwMAle4DBAHA TXIDBADAcNADBAHBITQDBADByhQwDQYJKoZIhvcNAQELBQADggEBAAhNLJGZxbLN ipxnJTQsi+UTvHYPalfD8fWm+k+CnCI+/1TssKKcqVNm+/l16pXXWkL1ypMk/RAz md7GEKQAumfNZ+njNvUGK/P0M4lrN2YOsvz7mmJG7LGllyF22HMWcs4QaCnBaLis KPpaBPqGZIvxnhWEouIIyZT/Y3vQsCdFIpcIKjmLPoc/43Lb4Kp4WamTHee4YXCO dQF3DTJl+FBlTk83F3wi3TXqFSRmZIqNi9aHZzE6KH0OSsBiLqID341JnYIZLqZw s1vRytl7venkGAGj9ZcKt5o+k+uVtnOLJDAGhFq8aVE/tsAyQlnb0PBN9ne18JVF /osNTmf5JIQ= -----END CERTIFICATE-----Generated at Fri Jan 23 15:08:14 2026 by rpki-client