This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Oz3LfP0DpGMUeKBrv4UYr8C8MGk.roa File: Oz3LfP0DpGMUeKBrv4UYr8C8MGk.roa (raw, json) Hash identifier: hndZFKDhE6UNdKFto0lMtD//IogpnFbaRhK3/BvltXY= Subject key identifier: 3B:3D:CB:7C:FD:03:A4:63:14:78:A0:6B:BF:85:18:AF:C0:BC:30:69 Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704 Certificate serial: 019B76EAC332D170B044D7CD89191660DE55 Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Oz3LfP0DpGMUeKBrv4UYr8C8MGk.roa Signing time: Thu 01 Jan 2026 00:17:35 +0000 ROA not before: Thu 01 Jan 2026 00:17:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 63018 IP address blocks: 45.128.59.0/24 maxlen: 24 171.22.108.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 18:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:c3:32:d1:70:b0:44:d7:cd:89:19:16:60:de:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704 Validity Not Before: Jan 1 00:17:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3b3dcb7cfd03a4631478a06bbf8518afc0bc3069 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:11:d1:60:de:87:b3:90:38:68:48:37:22:fe: a1:27:fe:ca:21:76:48:ab:72:5e:a2:4d:77:ba:5d: e9:4d:18:b2:4e:69:a3:34:a6:26:af:f4:69:f1:dc: da:8d:34:86:78:62:99:38:36:79:32:ee:d9:d6:e4: d6:1d:4e:c2:ba:57:a9:52:7d:4b:ec:93:82:8c:4e: f4:28:f9:2e:47:7d:c2:50:13:a6:f0:d7:41:e0:66: 9e:60:20:91:52:0f:8f:b6:3a:06:84:58:84:7d:cb: 89:c4:dd:15:9b:a6:37:18:2d:fe:64:5d:99:e2:04: 3d:71:ae:15:44:b5:7c:36:e7:12:91:7a:bc:91:eb: 06:b1:53:9b:50:81:85:91:8a:fe:b7:3a:81:f6:51: ad:2f:5a:7c:6e:ba:94:59:33:79:d8:30:bc:32:85: bf:6c:fd:4d:d8:36:07:54:72:30:d3:39:99:d2:90: b0:72:b4:3e:5a:2c:21:ae:74:83:79:86:66:39:a5: d7:95:f2:03:c4:65:86:b2:f6:d5:5b:f7:6a:ff:fd: f9:38:42:fc:2e:18:ca:5f:e8:c5:a7:d1:d8:4a:2a: 84:0a:5b:e8:7a:ce:cd:2a:e5:eb:44:ee:0f:92:9c: eb:35:ee:f3:2a:a2:a4:12:a2:a6:74:56:0c:c5:f8: 20:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:3D:CB:7C:FD:03:A4:63:14:78:A0:6B:BF:85:18:AF:C0:BC:30:69 X509v3 Authority Key Identifier: keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Oz3LfP0DpGMUeKBrv4UYr8C8MGk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.128.59.0/24 171.22.108.0/24 Signature Algorithm: sha256WithRSAEncryption 8c:b0:82:c9:fe:dc:0c:02:46:9b:f2:87:6b:1f:ef:cb:1c:ec: ba:e8:dd:fe:57:79:c1:82:1a:36:5a:b4:39:42:d9:47:95:d9: a9:84:f5:62:63:d0:26:13:fb:d9:e6:d2:f6:48:2a:db:6c:48: f1:93:f3:97:b0:d5:de:51:27:ea:db:21:f3:ec:6d:df:fb:f9: 2b:40:8e:3d:1b:f4:80:07:f4:af:4c:3b:27:5a:eb:ec:ee:87: 27:0f:1c:14:20:01:67:38:83:6b:b0:08:17:7e:0b:cc:63:74: 90:c6:cf:56:35:a2:69:29:d5:83:e8:4e:b8:76:d5:52:9a:b6: 71:5c:8c:34:7f:eb:10:a8:ea:cd:17:80:c8:16:b4:09:19:77: 30:27:44:c0:6f:c1:b7:43:ca:a0:cd:67:19:a5:75:c0:af:c9: de:56:8e:31:6e:1d:6f:2a:5b:15:41:87:c0:ba:d3:eb:4c:a5: 5d:a1:b6:7f:2e:d2:ab:92:0c:9c:24:47:fb:13:47:80:cf:3d: 33:6b:0d:96:04:f9:b7:05:9e:31:61:28:a1:92:0c:8a:35:d5: 8e:41:b6:b6:3b:ac:b9:1d:5c:72:f7:ca:51:15:71:15:d3:9e: e1:0d:15:c4:94:6f:66:0f:f0:2f:0b:e3:cd:c2:8a:c8:2c:18: 82:ac:ec:15 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt26sMy0XCwRNfNiRkWYN5VMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj Zjk3MDQwHhcNMjYwMTAxMDAxNzM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYjNkY2I3Y2ZkMDNhNDYzMTQ3OGEwNmJiZjg1MThhZmMwYmMzMDY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxHRYN6Hs5A4aEg3Iv6hJ/7KIXZI q3Jeok13ul3pTRiyTmmjNKYmr/Rp8dzajTSGeGKZODZ5Mu7Z1uTWHU7CulepUn1L 7JOCjE70KPkuR33CUBOm8NdB4GaeYCCRUg+PtjoGhFiEfcuJxN0Vm6Y3GC3+ZF2Z 4gQ9ca4VRLV8NucSkXq8kesGsVObUIGFkYr+tzqB9lGtL1p8brqUWTN52DC8MoW/ bP1N2DYHVHIw0zmZ0pCwcrQ+WiwhrnSDeYZmOaXXlfIDxGWGsvbVW/dq//35OEL8 LhjKX+jFp9HYSiqEClvoes7NKuXrRO4PkpzrNe7zKqKkEqKmdFYMxfggjQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFDs9y3z9A6RjFHiga7+FGK/AvDBpMB8GA1UdIwQY MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct ZTg2MTIxYzU5NGRmLzEvT3ozTGZQMERwR01VZUtCcnY0VVlyOEM4TUdrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYA7AwQA qxZsMA0GCSqGSIb3DQEBCwUAA4IBAQCMsILJ/twMAkab8odrH+/LHOy66N3+V3nB gho2WrQ5QtlHldmphPViY9AmE/vZ5tL2SCrbbEjxk/OXsNXeUSfq2yHz7G3f+/kr QI49G/SAB/SvTDsnWuvs7ocnDxwUIAFnOINrsAgXfgvMY3SQxs9WNaJpKdWD6E64 dtVSmrZxXIw0f+sQqOrNF4DIFrQJGXcwJ0TAb8G3Q8qgzWcZpXXAr8neVo4xbh1v KlsVQYfAutPrTKVdobZ/LtKrkgycJEf7E0eAzz0zaw2WBPm3BZ4xYSihkgyKNdWO Qba2O6y5HVxy98pRFXEV057hDRXElG9mD/AvC+PNworILBiCrOwV -----END CERTIFICATE-----Generated at Wed Jan 21 02:30:55 2026 by rpki-client