This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Oj7kl_bH77kj9SAqWGY4uCStCEg.roa File: Oj7kl_bH77kj9SAqWGY4uCStCEg.roa (raw, json) Hash identifier: A+llct/Q746d6/s75PGsnYBmoqXPziVa2v7aaC7eizw= Subject key identifier: 3A:3E:E4:97:F6:C7:EF:B9:23:F5:20:2A:58:66:38:B8:24:AD:08:48 Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Certificate serial: 019B7D5D5001F0F3E817918A00D4842980D1 Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Oj7kl_bH77kj9SAqWGY4uCStCEg.roa Signing time: Fri 02 Jan 2026 06:20:25 +0000 ROA not before: Fri 02 Jan 2026 06:20:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199614 IP address blocks: 94.176.110.0/24 maxlen: 24 185.241.209.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 11:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:50:01:f0:f3:e8:17:91:8a:00:d4:84:29:80:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Validity Not Before: Jan 2 06:20:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3a3ee497f6c7efb923f5202a586638b824ad0848 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:6c:a3:d5:32:05:99:1b:e4:8a:0c:6f:89:9d: 6e:78:ef:e7:44:4d:4c:02:f4:07:f3:e9:41:77:d4: 01:ff:60:33:81:a8:6a:17:5b:cd:29:33:8d:e0:6a: b6:5c:50:ed:61:35:42:1f:6e:15:43:bc:f9:03:60: 91:09:d6:e4:cf:95:d2:23:03:22:36:ba:bc:24:4f: ee:63:4c:d8:09:96:7f:ec:79:54:e0:13:66:59:25: cf:a7:80:fa:4a:33:93:29:ca:4c:f7:aa:fc:9a:81: 0f:2f:5f:14:6e:45:06:16:83:15:a7:78:3e:e7:74: a3:ef:69:e9:9f:b4:d1:f3:81:d6:a8:b2:92:c4:92: 10:a7:86:ac:76:70:ac:9c:a2:49:b4:64:aa:8a:d5: ac:e1:d0:50:7c:8f:f9:34:59:8e:9c:73:a3:50:c4: 0a:e2:92:4f:53:7c:5e:f5:43:2c:00:35:fb:5f:eb: e8:0e:41:e3:ef:18:33:31:90:c5:41:91:cd:65:3b: d7:f4:39:ea:6e:30:dd:ff:72:6a:d8:6d:8d:66:70: 97:e9:c9:d4:b3:47:ea:b3:47:b6:47:9c:f9:54:fa: ac:80:ac:e0:77:46:2f:b5:6e:07:1d:4c:5e:37:8c: ef:fe:95:9e:ea:5c:e6:24:d1:28:88:8a:2e:0f:52: 26:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:3E:E4:97:F6:C7:EF:B9:23:F5:20:2A:58:66:38:B8:24:AD:08:48 X509v3 Authority Key Identifier: keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Oj7kl_bH77kj9SAqWGY4uCStCEg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 94.176.110.0/24 185.241.209.0/24 Signature Algorithm: sha256WithRSAEncryption 48:a7:61:63:1b:96:92:fd:9f:55:c7:32:18:a9:8e:f4:37:38: cb:84:8f:6f:c3:77:c6:f2:f2:f1:b0:30:22:2e:6c:a7:42:3f: e9:e3:49:e2:c7:05:ca:6a:45:d6:6b:fc:7f:0d:d5:ab:5c:ad: 68:a4:9c:76:fe:94:57:35:1b:dd:17:ad:03:87:f1:76:57:7d: 8c:03:1a:fa:c9:43:fa:7a:11:ca:07:42:aa:b1:9b:f4:d7:cb: 19:13:cd:90:05:f6:74:78:74:55:4f:b5:16:4c:79:ce:b2:d1: 6b:63:f0:ce:6d:7c:fb:89:89:8c:b1:7d:91:42:20:65:c1:61: 36:62:95:b1:b7:b6:25:d1:3a:59:ab:f0:aa:62:e1:34:20:f5: fa:f4:85:58:f8:19:e5:58:58:2f:63:60:a9:b3:f5:9e:de:61: 99:b1:bd:be:91:cc:c0:7c:65:8b:3f:8a:0b:05:ef:62:11:24: 4f:a4:5e:b3:15:ec:d3:63:f8:ee:aa:74:72:10:1b:19:46:9d: ab:e4:5a:b3:4c:d2:50:40:3f:1c:dc:8d:c5:24:75:60:d9:32: 87:15:3d:d4:30:65:7e:19:08:97:50:04:13:d8:0a:ac:26:b3: 70:1d:df:76:ab:2d:f7:02:cc:9a:a8:d5:45:6e:2a:56:d8:fd: e0:98:a7:69 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9XVAB8PPoF5GKANSEKYDRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw NWIwZTIwHhcNMjYwMTAyMDYyMDI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYTNlZTQ5N2Y2YzdlZmI5MjNmNTIwMmE1ODY2MzhiODI0YWQwODQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWyj1TIFmRvkigxviZ1ueO/nRE1M AvQH8+lBd9QB/2AzgahqF1vNKTON4Gq2XFDtYTVCH24VQ7z5A2CRCdbkz5XSIwMi Nrq8JE/uY0zYCZZ/7HlU4BNmWSXPp4D6SjOTKcpM96r8moEPL18UbkUGFoMVp3g+ 53Sj72npn7TR84HWqLKSxJIQp4asdnCsnKJJtGSqitWs4dBQfI/5NFmOnHOjUMQK 4pJPU3xe9UMsADX7X+voDkHj7xgzMZDFQZHNZTvX9DnqbjDd/3Jq2G2NZnCX6cnU s0fqs0e2R5z5VPqsgKzgd0YvtW4HHUxeN4zv/pWe6lzmJNEoiIouD1Im8wIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFDo+5Jf2x++5I/UgKlhmOLgkrQhIMB8GA1UdIwQY MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt MmNjZWRiOTY2YTU4LzEvT2o3a2xfYkg3N2tqOVNBcVdHWTR1Q1N0Q0VnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4 LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXrBuAwQA ufHRMA0GCSqGSIb3DQEBCwUAA4IBAQBIp2FjG5aS/Z9VxzIYqY70NzjLhI9vw3fG 8vLxsDAiLmynQj/p40nixwXKakXWa/x/DdWrXK1opJx2/pRXNRvdF60Dh/F2V32M Axr6yUP6ehHKB0KqsZv018sZE82QBfZ0eHRVT7UWTHnOstFrY/DObXz7iYmMsX2R QiBlwWE2YpWxt7Yl0TpZq/CqYuE0IPX69IVY+BnlWFgvY2Cps/We3mGZsb2+kczA fGWLP4oLBe9iESRPpF6zFezTY/juqnRyEBsZRp2r5FqzTNJQQD8c3I3FJHVg2TKH FT3UMGV+GQiXUAQT2AqsJrNwHd92qy33AsyaqNVFbipW2P3gmKdp -----END CERTIFICATE-----Generated at Mon Jan 19 19:59:16 2026 by rpki-client