This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/o26tz66Qnl_nWVcKAIStsKNmMxs.roa File: o26tz66Qnl_nWVcKAIStsKNmMxs.roa (raw, json) Hash identifier: xG4n60x4Df3n9eL9E/gzujNi05vD2HNWN4ambmzYUk8= Subject key identifier: A3:6E:AD:CF:AE:90:9E:5F:E7:59:57:0A:00:84:AD:B0:A3:66:33:1B Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Certificate serial: 019B7D5D39CC4D43F86D404FE83205AE7907 Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/o26tz66Qnl_nWVcKAIStsKNmMxs.roa Signing time: Fri 02 Jan 2026 06:20:20 +0000 ROA not before: Fri 02 Jan 2026 06:20:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 33801 IP address blocks: 178.239.196.0/24 maxlen: 24 178.239.206.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 11:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:39:cc:4d:43:f8:6d:40:4f:e8:32:05:ae:79:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Validity Not Before: Jan 2 06:20:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a36eadcfae909e5fe759570a0084adb0a366331b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:16:5e:db:43:8e:a1:4d:bd:ea:75:a2:81:7f: 73:eb:33:70:74:27:8c:ed:d9:e4:19:8f:a3:cc:85: ec:d5:d7:68:23:fd:53:5e:75:9b:c2:9f:ba:3a:ca: a2:39:19:61:f5:9f:77:e5:cd:4a:1b:d6:d3:67:c0: 26:c2:68:54:54:38:99:9f:bc:66:39:29:54:62:b3: 82:18:80:aa:81:71:02:82:4d:49:93:4b:70:c4:d1: 87:5a:f6:c4:88:8c:50:c7:2a:c7:64:54:76:21:eb: cb:90:12:6c:7c:f7:fc:4f:5c:be:15:fe:e6:6e:ec: 7c:c6:ee:e5:4f:e4:6c:1a:8a:d0:79:1a:b2:cb:0c: 5f:16:2f:b5:71:92:05:ac:6e:c5:39:0b:72:3e:01: 31:24:52:7c:ea:37:b2:82:01:e8:be:b3:9f:88:b4: 5c:44:a2:a2:a2:49:25:cf:b2:1f:da:1e:59:75:43: 16:0f:c5:3a:7a:c8:c3:71:66:bf:65:3d:e5:df:e0: 09:55:80:74:0e:48:c2:7d:28:12:7a:ad:0e:cf:18: b1:f7:2a:d0:4a:da:51:2d:e6:e4:3f:eb:ef:d6:50: db:ae:22:97:3f:8c:a0:b7:c4:ab:f0:d3:89:01:71: 34:bb:b2:4d:6a:5b:23:c0:6b:66:08:6f:a2:05:e0: 88:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:6E:AD:CF:AE:90:9E:5F:E7:59:57:0A:00:84:AD:B0:A3:66:33:1B X509v3 Authority Key Identifier: keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/o26tz66Qnl_nWVcKAIStsKNmMxs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 178.239.196.0/24 178.239.206.0/23 Signature Algorithm: sha256WithRSAEncryption 80:16:fa:4b:d2:a9:a9:73:93:cc:ac:fb:d4:74:33:03:a0:60: 32:a1:f6:94:18:36:15:ee:d5:a9:98:d6:98:85:48:ce:0f:dc: b1:16:ba:77:c9:30:03:25:11:c3:0d:5b:ef:8e:6b:8e:c0:57: ce:40:c5:df:ce:9f:8e:50:22:bd:da:fb:7b:b9:1e:3f:72:0d: 1b:a9:96:c6:61:bf:2d:1c:6e:ac:6b:0e:58:d8:96:1c:5e:ae: 88:c4:32:49:b0:3d:3f:3e:65:04:86:2b:44:2f:50:d3:39:9d: 78:d1:77:23:b7:6b:8a:0d:60:07:ac:e5:53:f3:d9:00:61:a1: 9e:70:49:80:79:41:bb:46:8e:47:41:f7:90:7f:fa:2c:6d:3b: 29:85:8a:38:1d:0e:12:e2:a9:d1:c5:95:e6:7e:44:1d:0e:be: 56:fd:c5:ea:d6:9e:6a:f9:46:85:05:e8:97:82:5c:4b:48:de: 5f:a8:c1:d7:49:f8:d2:a9:b3:97:13:7a:29:28:b4:a2:94:b3: 7f:66:b0:aa:3f:d1:36:74:3c:76:e9:e5:8d:9b:a4:97:27:0a: 12:c3:e2:84:d5:92:58:e7:84:d7:71:1f:09:d5:b4:c9:cb:9f: b0:14:4f:2e:9f:cf:b3:9f:12:ad:65:56:b1:d1:1b:30:f8:a8: 8e:30:07:41 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9XTnMTUP4bUBP6DIFrnkHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw NWIwZTIwHhcNMjYwMTAyMDYyMDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMzZlYWRjZmFlOTA5ZTVmZTc1OTU3MGEwMDg0YWRiMGEzNjYzMzFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhZe20OOoU296nWigX9z6zNwdCeM 7dnkGY+jzIXs1ddoI/1TXnWbwp+6OsqiORlh9Z935c1KG9bTZ8AmwmhUVDiZn7xm OSlUYrOCGICqgXECgk1Jk0twxNGHWvbEiIxQxyrHZFR2IevLkBJsfPf8T1y+Ff7m bux8xu7lT+RsGorQeRqyywxfFi+1cZIFrG7FOQtyPgExJFJ86jeyggHovrOfiLRc RKKiokklz7If2h5ZdUMWD8U6esjDcWa/ZT3l3+AJVYB0DkjCfSgSeq0Ozxix9yrQ StpRLebkP+vv1lDbriKXP4ygt8Sr8NOJAXE0u7JNalsjwGtmCG+iBeCIgQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFKNurc+ukJ5f51lXCgCErbCjZjMbMB8GA1UdIwQY MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt MmNjZWRiOTY2YTU4LzEvbzI2dHo2NlFubF9uV1ZjS0FJU3RzS05tTXhzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4 LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsu/EAwQB su/OMA0GCSqGSIb3DQEBCwUAA4IBAQCAFvpL0qmpc5PMrPvUdDMDoGAyofaUGDYV 7tWpmNaYhUjOD9yxFrp3yTADJRHDDVvvjmuOwFfOQMXfzp+OUCK92vt7uR4/cg0b qZbGYb8tHG6saw5Y2JYcXq6IxDJJsD0/PmUEhitEL1DTOZ140Xcjt2uKDWAHrOVT 89kAYaGecEmAeUG7Ro5HQfeQf/osbTsphYo4HQ4S4qnRxZXmfkQdDr5W/cXq1p5q +UaFBeiXglxLSN5fqMHXSfjSqbOXE3opKLSilLN/ZrCqP9E2dDx26eWNm6SXJwoS w+KE1ZJY54TXcR8J1bTJy5+wFE8un8+znxKtZVax0Rsw+KiOMAdB -----END CERTIFICATE-----Generated at Mon Jan 19 19:59:13 2026 by rpki-client