This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/64b6b4-7ce2-4c8b-8585-ed092dbc72b3/1/Onkw20J3Jeq06l3BhcttsXGB3d0.roa File: Onkw20J3Jeq06l3BhcttsXGB3d0.roa (raw, json) Hash identifier: Ot3mUR6mror5TcUgnoDKZwfM/GJizJrnhX1MdvXwCEI= Subject key identifier: 3A:79:30:DB:42:77:25:EA:B4:EA:5D:C1:85:CB:6D:B1:71:81:DD:DD Certificate issuer: /CN=ffb5852780142e413f9f15b24d59913311a10ec2 Certificate serial: 019B7EA4AEB2C7C0689FCC668BB8E3747D50 Authority key identifier: FF:B5:85:27:80:14:2E:41:3F:9F:15:B2:4D:59:91:33:11:A1:0E:C2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_7WFJ4AULkE_nxWyTVmRMxGhDsI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/64b6b4-7ce2-4c8b-8585-ed092dbc72b3/1/Onkw20J3Jeq06l3BhcttsXGB3d0.roa Signing time: Fri 02 Jan 2026 12:18:00 +0000 ROA not before: Fri 02 Jan 2026 12:18:00 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 47876 IP address blocks: 91.208.150.0/24 maxlen: 24 91.209.155.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/64b6b4-7ce2-4c8b-8585-ed092dbc72b3/1/_7WFJ4AULkE_nxWyTVmRMxGhDsI.crl rsync://rpki.ripe.net/repository/DEFAULT/95/64b6b4-7ce2-4c8b-8585-ed092dbc72b3/1/_7WFJ4AULkE_nxWyTVmRMxGhDsI.mft rsync://rpki.ripe.net/repository/DEFAULT/_7WFJ4AULkE_nxWyTVmRMxGhDsI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a4:ae:b2:c7:c0:68:9f:cc:66:8b:b8:e3:74:7d:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ffb5852780142e413f9f15b24d59913311a10ec2 Validity Not Before: Jan 2 12:18:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3a7930db427725eab4ea5dc185cb6db17181dddd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:01:e2:c8:2f:83:2a:c5:0f:f6:e2:d6:0b:67: b1:8a:24:6c:88:b5:ff:2e:d5:24:a5:ac:7b:46:83: f6:4f:5f:56:b7:3c:fe:88:38:9f:8e:7e:79:9b:c4: b6:c7:d1:be:da:da:42:56:e0:f1:a1:cb:9a:a0:8c: 14:78:f9:23:2c:cd:b7:bc:0c:9c:10:e9:d6:10:17: af:b4:d3:b0:84:35:a5:4a:88:3b:f4:25:95:c0:d9: 82:1f:47:af:38:61:69:7f:a6:2f:c4:4d:2c:d6:56: ae:01:6c:4f:e8:6b:a1:30:58:7c:f4:2e:49:fb:31: c9:36:f3:d7:36:54:5f:cb:22:0a:e5:d8:5a:d6:41: bf:df:4e:70:f0:8d:ca:9b:ea:05:e8:91:3b:fa:a0: 8c:50:24:98:e9:55:3b:79:ae:58:fb:6d:fb:31:be: 2a:d0:3a:0a:42:ca:d9:47:21:eb:3b:16:5a:21:45: 1f:fc:6a:14:10:c8:66:c1:ae:05:7c:b4:f3:f7:b3: a4:f5:66:34:60:67:d9:26:52:a2:75:5a:16:ee:a7: 65:ad:b0:c8:c8:58:5f:db:3b:b3:18:20:30:5f:7e: 5e:14:d0:dc:db:7d:e6:a8:62:3f:25:d0:48:e6:e1: ca:ec:c8:78:5b:79:9c:97:66:0f:14:26:da:02:1a: 94:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:79:30:DB:42:77:25:EA:B4:EA:5D:C1:85:CB:6D:B1:71:81:DD:DD X509v3 Authority Key Identifier: keyid:FF:B5:85:27:80:14:2E:41:3F:9F:15:B2:4D:59:91:33:11:A1:0E:C2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_7WFJ4AULkE_nxWyTVmRMxGhDsI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/64b6b4-7ce2-4c8b-8585-ed092dbc72b3/1/Onkw20J3Jeq06l3BhcttsXGB3d0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/95/64b6b4-7ce2-4c8b-8585-ed092dbc72b3/1/_7WFJ4AULkE_nxWyTVmRMxGhDsI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.208.150.0/24 91.209.155.0/24 Signature Algorithm: sha256WithRSAEncryption 3d:51:3b:0e:65:5a:61:d1:dd:6a:d1:5c:5e:1e:6d:e0:ca:47: ca:45:a1:56:68:b4:5f:50:06:bd:77:15:af:5e:fa:07:d5:bd: fb:09:99:e3:4b:75:00:53:9a:f3:24:33:9f:cc:85:7c:93:dc: 88:6c:f9:b0:fc:3e:98:ed:a8:8f:0e:85:f3:57:f4:56:b9:1f: db:47:65:48:85:67:23:ba:9c:78:5c:8c:5b:c3:f6:0d:a5:7a: 7d:e8:11:df:0e:07:8a:33:c3:80:69:3c:38:e7:7f:94:db:04: 97:52:8a:2e:42:39:3a:fe:0e:a2:fa:af:e6:b1:45:78:93:53: a1:6c:b3:09:bb:f9:be:26:84:7b:68:83:eb:df:70:88:3a:c1: 79:79:ca:5c:e3:68:64:64:f7:ff:6f:87:28:c0:4d:1f:e4:a3: 21:8a:49:ab:59:58:d7:1c:79:9e:d8:2b:b4:83:91:91:12:b1: d8:7a:b2:45:e6:ae:e8:d5:b0:67:70:70:1c:0a:a6:91:c2:64: 50:d7:5f:60:e2:1a:83:cd:5e:28:e2:1a:bb:9c:67:a7:07:f5: aa:c9:af:4a:bf:55:cf:34:b0:70:b5:15:e9:43:b0:51:64:03: c4:ff:b0:6e:1d:db:55:f1:be:84:e3:a8:68:0d:2d:ff:8f:ed: 42:ff:73:7e -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+pK6yx8Bon8xmi7jjdH1QMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZmYjU4NTI3ODAxNDJlNDEzZjlmMTViMjRkNTk5MTMzMTFh MTBlYzIwHhcNMjYwMTAyMTIxODAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYTc5MzBkYjQyNzcyNWVhYjRlYTVkYzE4NWNiNmRiMTcxODFkZGRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAHiyC+DKsUP9uLWC2exiiRsiLX/ LtUkpax7RoP2T19Wtzz+iDifjn55m8S2x9G+2tpCVuDxocuaoIwUePkjLM23vAyc EOnWEBevtNOwhDWlSog79CWVwNmCH0evOGFpf6YvxE0s1lauAWxP6GuhMFh89C5J +zHJNvPXNlRfyyIK5dha1kG/305w8I3Km+oF6JE7+qCMUCSY6VU7ea5Y+237Mb4q 0DoKQsrZRyHrOxZaIUUf/GoUEMhmwa4FfLTz97Ok9WY0YGfZJlKidVoW7qdlrbDI yFhf2zuzGCAwX35eFNDc233mqGI/JdBI5uHK7Mh4W3mcl2YPFCbaAhqUvwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFDp5MNtCdyXqtOpdwYXLbbFxgd3dMB8GA1UdIwQY MBaAFP+1hSeAFC5BP58Vsk1ZkTMRoQ7CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvXzdXRko0QVVMa0VfbnhXeVRWbVJNeEdoRHNJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS82NGI2YjQtN2NlMi00YzhiLTg1ODUt ZWQwOTJkYmM3MmIzLzEvT25rdzIwSjNKZXEwNmwzQmhjdHRzWEdCM2QwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85NS82NGI2YjQtN2NlMi00YzhiLTg1ODUtZWQwOTJkYmM3MmIz LzEvXzdXRko0QVVMa0VfbnhXeVRWbVJNeEdoRHNJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9CWAwQA W9GbMA0GCSqGSIb3DQEBCwUAA4IBAQA9UTsOZVph0d1q0VxeHm3gykfKRaFWaLRf UAa9dxWvXvoH1b37CZnjS3UAU5rzJDOfzIV8k9yIbPmw/D6Y7aiPDoXzV/RWuR/b R2VIhWcjupx4XIxbw/YNpXp96BHfDgeKM8OAaTw453+U2wSXUoouQjk6/g6i+q/m sUV4k1OhbLMJu/m+JoR7aIPr33CIOsF5ecpc42hkZPf/b4cowE0f5KMhikmrWVjX HHme2Cu0g5GRErHYerJF5q7o1bBncHAcCqaRwmRQ119g4hqDzV4o4hq7nGenB/Wq ya9Kv1XPNLBwtRXpQ7BRZAPE/7BuHdtV8b6E46hoDS3/j+1C/3N+ -----END CERTIFICATE-----Generated at Tue Feb 10 00:15:05 2026 by rpki-client