This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/OKvF1jZUD1oQ8vjnPvKbRctzA_Y.roa File: OKvF1jZUD1oQ8vjnPvKbRctzA_Y.roa (raw, json) Hash identifier: TURUpo5c7V3B7eiBvFVs4P/z+qyI+1sdNbYu2NhorzE= Subject key identifier: 38:AB:C5:D6:36:54:0F:5A:10:F2:F8:E7:3E:F2:9B:45:CB:73:03:F6 Certificate issuer: /CN=3c350ba82f3feb5aee28938fbf1b09c1e2fd19b4 Certificate serial: 019B7EA64E890932C2E5B75FD15F2B64C4E2 Authority key identifier: 3C:35:0B:A8:2F:3F:EB:5A:EE:28:93:8F:BF:1B:09:C1:E2:FD:19:B4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PDULqC8_61ruKJOPvxsJweL9GbQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/OKvF1jZUD1oQ8vjnPvKbRctzA_Y.roa Signing time: Fri 02 Jan 2026 12:19:46 +0000 ROA not before: Fri 02 Jan 2026 12:19:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 0 IP address blocks: 195.42.144.0/23 maxlen: 32 2001:7f8:43::/48 maxlen: 128 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/PDULqC8_61ruKJOPvxsJweL9GbQ.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/PDULqC8_61ruKJOPvxsJweL9GbQ.mft rsync://rpki.ripe.net/repository/DEFAULT/PDULqC8_61ruKJOPvxsJweL9GbQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 06:01:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:4e:89:09:32:c2:e5:b7:5f:d1:5f:2b:64:c4:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3c350ba82f3feb5aee28938fbf1b09c1e2fd19b4 Validity Not Before: Jan 2 12:19:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=38abc5d636540f5a10f2f8e73ef29b45cb7303f6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:42:71:fd:2c:1d:d4:86:4c:dc:81:3d:1d:47: 2e:6f:f2:9f:20:98:b0:8f:6d:d1:91:5b:1c:fb:2c: c1:1b:31:97:f2:de:80:fb:0e:48:37:e1:68:24:9e: a1:22:f8:97:fd:b2:bf:e8:06:5d:fb:b5:4c:3c:eb: 65:49:47:eb:9d:e2:f5:19:39:05:ab:8a:14:8a:37: be:bf:62:f2:51:e2:57:97:db:36:c5:66:40:bf:b4: 94:73:2d:df:39:d4:fa:40:e1:2a:5f:15:99:61:55: 81:3b:73:4c:bb:57:df:1d:b4:b7:18:83:12:32:61: 50:0d:8d:22:34:36:0b:4a:f4:83:18:c9:e9:17:02: 47:f6:93:5c:96:fb:6e:1c:e3:02:75:1e:63:f5:91: fd:e3:4c:64:37:9a:83:99:44:9a:f4:bf:9e:3f:78: de:7b:34:3a:64:eb:9e:67:df:8a:e8:0e:7d:a7:ef: 1c:7c:fa:46:39:78:75:30:05:55:29:48:48:8d:58: 81:7f:0a:e8:39:db:48:6c:33:31:01:36:df:a6:61: 35:e3:30:b6:d2:b7:e2:54:17:4e:25:ae:87:29:68: 0f:4f:71:12:6c:34:70:14:38:87:d6:0f:ef:be:46: c4:89:64:09:c0:00:8e:a4:c1:e1:3a:f5:8b:ba:3f: a3:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:AB:C5:D6:36:54:0F:5A:10:F2:F8:E7:3E:F2:9B:45:CB:73:03:F6 X509v3 Authority Key Identifier: keyid:3C:35:0B:A8:2F:3F:EB:5A:EE:28:93:8F:BF:1B:09:C1:E2:FD:19:B4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PDULqC8_61ruKJOPvxsJweL9GbQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/OKvF1jZUD1oQ8vjnPvKbRctzA_Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/PDULqC8_61ruKJOPvxsJweL9GbQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.42.144.0/23 IPv6: 2001:7f8:43::/48 Signature Algorithm: sha256WithRSAEncryption 31:32:e7:a0:dd:f0:21:70:a6:aa:5a:58:10:c6:d2:2e:13:0b: 0e:4f:2c:e6:a4:19:9c:6a:e6:a7:e6:9b:fe:05:f2:a8:ac:f3: bd:02:0a:7d:fe:ea:e9:65:d0:27:e6:1c:b4:a2:e4:31:6f:a7: 2e:1c:8e:74:d4:d8:15:7b:7d:93:9b:ab:73:35:cd:d0:d4:bf: 92:dc:de:e5:98:4f:f5:be:68:7a:24:db:a8:b6:e3:68:27:fa: 52:97:62:44:64:a2:cf:6b:84:fe:90:9d:4a:87:a6:99:08:a1: 14:bb:51:da:9f:c2:4f:3a:b0:86:80:0c:79:26:15:7b:bb:3f: 69:e5:38:5f:c2:5d:50:80:68:d2:45:8c:22:41:7d:b5:c0:b1: e3:47:7d:f5:10:ed:f9:fb:d8:b5:39:36:f3:4d:bb:8c:da:5e: da:73:e0:b0:4c:28:94:3f:15:5e:4a:48:6a:e7:ce:77:3e:b5: 3f:b1:ed:fb:1a:10:cb:01:b6:3a:59:54:70:10:f9:9e:e5:f5: b4:1b:b6:bc:26:d5:99:1c:fe:5a:72:a6:ef:55:08:7b:8b:b5: ef:15:86:f1:cc:81:f5:4c:0f:7f:df:c7:54:de:26:49:bb:ec: f2:03:1f:51:73:86:87:e4:a5:82:42:99:22:1f:ac:b1:f5:df: 53:b7:8d:1c -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt+pk6JCTLC5bdf0V8rZMTiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjMzUwYmE4MmYzZmViNWFlZTI4OTM4ZmJmMWIwOWMxZTJm ZDE5YjQwHhcNMjYwMTAyMTIxOTQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzOGFiYzVkNjM2NTQwZjVhMTBmMmY4ZTczZWYyOWI0NWNiNzMwM2Y2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUJx/Swd1IZM3IE9HUcub/KfIJiw j23RkVsc+yzBGzGX8t6A+w5IN+FoJJ6hIviX/bK/6AZd+7VMPOtlSUfrneL1GTkF q4oUije+v2LyUeJXl9s2xWZAv7SUcy3fOdT6QOEqXxWZYVWBO3NMu1ffHbS3GIMS MmFQDY0iNDYLSvSDGMnpFwJH9pNclvtuHOMCdR5j9ZH940xkN5qDmUSa9L+eP3je ezQ6ZOueZ9+K6A59p+8cfPpGOXh1MAVVKUhIjViBfwroOdtIbDMxATbfpmE14zC2 0rfiVBdOJa6HKWgPT3ESbDRwFDiH1g/vvkbEiWQJwACOpMHhOvWLuj+jHQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFDirxdY2VA9aEPL45z7ym0XLcwP2MB8GA1UdIwQY MBaAFDw1C6gvP+ta7iiTj78bCcHi/Rm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUERVTHFDOF82MXJ1S0pPUHZ4c0p3ZUw5R2JRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82NGQ3YTktY2FjMy00NTQ5LWE3YWEt NjFiNzkwMmVlMjA0LzEvT0t2RjFqWlVEMW9ROHZqblB2S2JSY3R6QV9ZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS82NGQ3YTktY2FjMy00NTQ5LWE3YWEtNjFiNzkwMmVlMjA0 LzEvUERVTHFDOF82MXJ1S0pPUHZ4c0p3ZUw5R2JRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwyqQMA8E AgACMAkDBwAgAQf4AEMwDQYJKoZIhvcNAQELBQADggEBADEy56Dd8CFwpqpaWBDG 0i4TCw5PLOakGZxq5qfmm/4F8qis870CCn3+6ull0CfmHLSi5DFvpy4cjnTU2BV7 fZObq3M1zdDUv5Lc3uWYT/W+aHok26i242gn+lKXYkRkos9rhP6QnUqHppkIoRS7 Udqfwk86sIaADHkmFXu7P2nlOF/CXVCAaNJFjCJBfbXAseNHffUQ7fn72LU5NvNN u4zaXtpz4LBMKJQ/FV5KSGrnznc+tT+x7fsaEMsBtjpZVHAQ+Z7l9bQbtrwm1Zkc /lpypu9VCHuLte8VhvHMgfVMD3/fx1TeJkm77PIDH1FzhofkpYJCmSIfrLH131O3 jRw= -----END CERTIFICATE-----Generated at Fri Jan 9 17:06:03 2026 by rpki-client