This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/OqIocgnak9yhJpreiE6Mi6z6xSU.roa File: OqIocgnak9yhJpreiE6Mi6z6xSU.roa (raw, json) Hash identifier: Rwov355LSNytrdcR+XWNcMvCnOqJKqNHapmX2SP3tWA= Subject key identifier: 3A:A2:28:72:09:DA:93:DC:A1:26:9A:DE:88:4E:8C:8B:AC:FA:C5:25 Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045 Certificate serial: 019B76EB87F672DDF59B969920C62289EB6A Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/OqIocgnak9yhJpreiE6Mi6z6xSU.roa Signing time: Thu 01 Jan 2026 00:18:25 +0000 ROA not before: Thu 01 Jan 2026 00:18:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 136258 IP address blocks: 46.16.128.0/24 maxlen: 24 46.16.129.0/24 maxlen: 24 46.16.130.0/24 maxlen: 24 46.16.131.0/24 maxlen: 24 109.104.152.0/24 maxlen: 24 109.104.153.0/24 maxlen: 24 109.104.155.0/24 maxlen: 24 147.78.0.0/24 maxlen: 24 147.78.1.0/24 maxlen: 24 147.78.2.0/24 maxlen: 24 147.78.3.0/24 maxlen: 24 185.126.236.0/24 maxlen: 24 185.126.237.0/24 maxlen: 24 185.126.238.0/24 maxlen: 24 185.126.239.0/24 maxlen: 24 185.213.20.0/24 maxlen: 24 185.213.21.0/24 maxlen: 24 185.213.23.0/24 maxlen: 24 2a11:840:1::/48 maxlen: 48 2a11:840:3::/48 maxlen: 48 2a11:840:4::/48 maxlen: 48 2a11:840:5::/48 maxlen: 48 2a11:840:6::/48 maxlen: 48 2a11:840:7::/48 maxlen: 48 2a11:840:8::/48 maxlen: 48 2a11:840:9::/48 maxlen: 48 2a11:840:10::/48 maxlen: 48 2a11:840:11::/48 maxlen: 48 2a11:840:12::/48 maxlen: 48 2a11:840:13::/48 maxlen: 48 2a11:840:14::/48 maxlen: 48 2a11:840:16::/48 maxlen: 48 2a11:840:17::/48 maxlen: 48 2a11:840:18::/48 maxlen: 48 2a11:840:19::/48 maxlen: 48 2a11:840:20::/48 maxlen: 48 2a11:840:21::/48 maxlen: 48 2a11:840:22::/48 maxlen: 48 2a11:840:23::/48 maxlen: 48 2a11:840:24::/48 maxlen: 48 2a11:840:25::/48 maxlen: 48 2a11:840:26::/48 maxlen: 48 2a11:840:28::/48 maxlen: 48 2a11:840:30::/48 maxlen: 48 2a11:840:33::/48 maxlen: 48 2a11:840:40::/48 maxlen: 48 2a11:840:41::/48 maxlen: 48 2a11:840:47::/48 maxlen: 48 2a11:840:48::/48 maxlen: 48 2a11:840:53::/48 maxlen: 48 2a11:840:54::/48 maxlen: 48 2a11:840:57::/48 maxlen: 48 2a11:840:60::/48 maxlen: 48 2a11:840:61::/48 maxlen: 48 2a11:840:62::/48 maxlen: 48 2a11:840:63::/48 maxlen: 48 2a11:840:64::/48 maxlen: 48 2a11:840:65::/48 maxlen: 48 2a11:840:66::/48 maxlen: 48 2a11:840:67::/48 maxlen: 48 2a11:840:68::/48 maxlen: 48 2a11:840:69::/48 maxlen: 48 2a11:840:70::/48 maxlen: 48 2a11:840:71::/48 maxlen: 48 2a11:840:72::/48 maxlen: 48 2a11:840:73::/48 maxlen: 48 2a11:840:73:1b::/64 maxlen: 64 2a11:840:74::/48 maxlen: 48 2a11:840:75::/48 maxlen: 48 2a11:840:76::/48 maxlen: 48 2a11:840:77::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.mft rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 09:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:87:f6:72:dd:f5:9b:96:99:20:c6:22:89:eb:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045 Validity Not Before: Jan 1 00:18:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3aa2287209da93dca1269ade884e8c8bacfac525 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:7c:8d:59:a9:dd:08:10:b4:87:fd:d8:59:93: 6b:c8:6b:a2:9e:4f:79:ef:0c:d6:1e:5e:c8:6b:fc: 82:93:0a:be:2a:63:0b:11:31:92:d2:d7:ae:22:ad: 68:ec:20:64:17:7a:d8:9f:cf:36:fb:0d:88:be:6b: 8a:61:30:37:e1:51:4a:f4:f4:85:7a:db:dc:80:0f: b0:8a:df:6a:62:01:92:1d:b7:99:9f:ed:72:10:b5: 70:d2:7b:9f:87:21:e6:ba:52:da:97:4e:c2:42:e7: ca:e6:53:4b:9a:22:92:a0:88:f6:33:f0:8b:a2:ff: 2c:42:d3:45:2a:c8:52:12:fc:2d:d1:f9:08:45:23: 26:ff:9a:85:32:29:5b:f7:dd:b3:02:5c:17:6c:93: 0d:64:f0:a1:18:84:0c:c2:7d:d7:34:49:fb:ab:b1: 77:22:92:d5:8f:1d:a7:e3:29:a7:6c:eb:50:5f:58: 5f:08:bc:83:a9:dd:28:67:60:8e:ae:bb:63:db:de: d6:b7:e2:2c:2d:59:86:91:de:2b:f9:28:ac:4a:7f: 96:d4:54:08:b0:51:13:73:ef:25:06:6a:f9:a3:a1: ed:7e:48:ae:ee:ea:ea:49:5b:c0:5a:db:d1:ae:71: c2:38:26:5c:5c:fd:68:40:01:0c:1c:de:1f:e1:8b: 0e:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:A2:28:72:09:DA:93:DC:A1:26:9A:DE:88:4E:8C:8B:AC:FA:C5:25 X509v3 Authority Key Identifier: keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/OqIocgnak9yhJpreiE6Mi6z6xSU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.16.128.0/22 109.104.152.0/23 109.104.155.0/24 147.78.0.0/22 185.126.236.0/22 185.213.20.0/23 185.213.23.0/24 IPv6: 2a11:840:1::/48 2a11:840:3::-2a11:840:9:ffff:ffff:ffff:ffff:ffff 2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff 2a11:840:16::-2a11:840:19:ffff:ffff:ffff:ffff:ffff 2a11:840:20::-2a11:840:26:ffff:ffff:ffff:ffff:ffff 2a11:840:28::/48 2a11:840:30::/48 2a11:840:33::/48 2a11:840:40::/47 2a11:840:47::-2a11:840:48:ffff:ffff:ffff:ffff:ffff 2a11:840:53::-2a11:840:54:ffff:ffff:ffff:ffff:ffff 2a11:840:57::/48 2a11:840:60::-2a11:840:69:ffff:ffff:ffff:ffff:ffff 2a11:840:70::/45 Signature Algorithm: sha256WithRSAEncryption 14:64:e2:fe:96:fb:20:3e:73:29:f2:80:b0:95:bf:27:7c:ac: 70:92:d1:88:f2:38:3f:b9:06:90:0a:66:86:54:e9:6d:f0:5f: 75:b4:24:23:98:6e:da:48:d4:e8:87:a2:3e:82:d1:b4:d8:72: a4:c6:21:d7:be:9c:54:e6:55:3b:09:6d:ba:a7:65:29:ba:92: 9c:91:1d:b9:28:05:4b:b3:e3:4e:85:8c:5a:4a:83:ba:90:29: 10:73:8f:37:f6:cf:7e:2c:bf:5d:aa:19:41:02:bf:9d:5c:ad: 4e:da:59:44:52:3c:41:b2:ae:52:fd:e3:ae:d6:c7:22:3d:e0: 83:43:43:b3:d7:65:ae:91:78:ee:78:d2:e4:9e:97:6d:70:a0: 01:ae:c3:10:15:37:10:96:f5:32:ba:03:30:6d:e1:31:61:23: 4c:9d:33:99:bd:da:18:09:3c:a7:67:5e:11:15:e7:f0:ec:f8: c9:16:c7:af:5f:c9:49:b2:49:37:17:59:15:11:22:a9:e8:96: 5a:61:48:80:12:b7:59:14:e1:42:1d:49:d7:91:6b:d9:ae:46: 2b:8e:f4:1d:bb:97:f2:cf:04:f1:0e:61:28:c3:1d:5e:26:70: a1:70:3c:9a:24:b2:1f:64:aa:5a:f0:8d:37:74:9c:7c:e7:a9: e3:89:14:ef -----BEGIN CERTIFICATE----- MIIF/DCCBOSgAwIBAgISAZt264f2ct31m5aZIMYiietqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx NjAwNDUwHhcNMjYwMTAxMDAxODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYWEyMjg3MjA5ZGE5M2RjYTEyNjlhZGU4ODRlOGM4YmFjZmFjNTI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3yNWandCBC0h/3YWZNryGuink95 7wzWHl7Ia/yCkwq+KmMLETGS0teuIq1o7CBkF3rYn882+w2IvmuKYTA34VFK9PSF etvcgA+wit9qYgGSHbeZn+1yELVw0nufhyHmulLal07CQufK5lNLmiKSoIj2M/CL ov8sQtNFKshSEvwt0fkIRSMm/5qFMilb992zAlwXbJMNZPChGIQMwn3XNEn7q7F3 IpLVjx2n4ymnbOtQX1hfCLyDqd0oZ2COrrtj297Wt+IsLVmGkd4r+SisSn+W1FQI sFETc+8lBmr5o6Htfkiu7urqSVvAWtvRrnHCOCZcXP1oQAEMHN4f4YsOsQIDAQAB o4IDCDCCAwQwHQYDVR0OBBYEFDqiKHIJ2pPcoSaa3ohOjIus+sUlMB8GA1UdIwQY MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt NTE5MjAzNzMzNTNjLzEvT3FJb2NnbmFrOXloSnByZWlFNk1pNno2eFNVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIBHAYIKwYBBQUHAQcBAf8EggELMIIBBzAwBAIAATAqAwQC LhCAAwQBbWiYAwQAbWibAwQCk04AAwQCuX7sAwQBudUUAwQAudUXMIHSBAIAAjCB ywMHACoRCEAAATASAwcAKhEIQAADAwcBKhEIQAAIMBIDBwQqEQhAABADBwAqEQhA ABQwEgMHASoRCEAAFgMHASoRCEAAGDASAwcFKhEIQAAgAwcAKhEIQAAmAwcAKhEI QAAoAwcAKhEIQAAwAwcAKhEIQAAzAwcBKhEIQABAMBIDBwAqEQhAAEcDBwAqEQhA AEgwEgMHACoRCEAAUwMHACoRCEAAVAMHACoRCEAAVzASAwcFKhEIQABgAwcBKhEI QABoAwcDKhEIQABwMA0GCSqGSIb3DQEBCwUAA4IBAQAUZOL+lvsgPnMp8oCwlb8n fKxwktGI8jg/uQaQCmaGVOlt8F91tCQjmG7aSNToh6I+gtG02HKkxiHXvpxU5lU7 CW26p2UpupKckR25KAVLs+NOhYxaSoO6kCkQc4839s9+LL9dqhlBAr+dXK1O2llE UjxBsq5S/eOu1sciPeCDQ0Oz12WukXjueNLknpdtcKABrsMQFTcQlvUyugMwbeEx YSNMnTOZvdoYCTynZ14RFefw7PjJFsevX8lJskk3F1kVESKp6JZaYUiAErdZFOFC HUnXkWvZrkYrjvQdu5fyzwTxDmEowx1eJnChcDyaJLIfZKpa8I03dJx856njiRTv -----END CERTIFICATE-----Generated at Mon Jan 19 17:50:12 2026 by rpki-client