This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/o8-FdmPL5NIJQfIXzvBHdZOmBBY.roa File: o8-FdmPL5NIJQfIXzvBHdZOmBBY.roa (raw, json) Hash identifier: zfK8JpwX7yaFFA2M/UojibZ0zPC+Dd5eSj6oErIPWU8= Subject key identifier: A3:CF:85:76:63:CB:E4:D2:09:41:F2:17:CE:F0:47:75:93:A6:04:16 Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Certificate serial: 019B7D5D2581F230803C84B49FF4090DB8C6 Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/o8-FdmPL5NIJQfIXzvBHdZOmBBY.roa Signing time: Fri 02 Jan 2026 06:20:15 +0000 ROA not before: Fri 02 Jan 2026 06:20:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 4785 IP address blocks: 193.19.108.0/24 maxlen: 24 194.242.2.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 11:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:25:81:f2:30:80:3c:84:b4:9f:f4:09:0d:b8:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Validity Not Before: Jan 2 06:20:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a3cf857663cbe4d20941f217cef0477593a60416 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:78:89:3e:b2:95:5f:d5:23:24:c2:73:d3:3f: 7d:40:5f:d8:25:ef:f9:9a:17:c6:70:53:7d:9f:9d: 83:ee:a6:24:3f:3a:88:80:48:77:e7:c5:f3:c2:05: 49:28:2a:11:82:c0:03:f6:46:21:d0:5b:15:f3:28: ec:b9:9f:49:83:fa:4c:73:10:1d:74:bc:36:46:4f: 47:b0:c5:6b:b4:a4:c1:50:a5:c5:bc:b7:be:42:d4: 41:6d:30:cb:2a:24:b3:8d:e0:a2:3f:ef:bf:f4:90: ec:24:1f:24:db:db:40:0e:c3:02:b0:a5:5c:dd:ef: 83:74:99:97:01:82:bf:ba:07:58:8f:bf:ca:9a:9e: ea:bc:04:55:85:93:d9:7c:33:27:a7:d8:4e:08:9f: 32:9f:0b:78:8d:eb:7a:52:69:a0:c1:b9:5e:a9:7e: 05:35:5f:fb:b2:f7:25:07:ac:27:ca:f6:e3:cb:26: 3b:71:59:ba:0c:e3:72:71:db:f4:51:c9:a0:42:5e: 2a:32:2b:d1:0f:47:b1:ca:c2:c2:17:0d:3a:00:95: fd:90:74:73:15:19:13:fb:67:19:35:2f:47:c7:f1: 28:2b:27:4f:22:01:9d:c0:32:85:63:75:d1:59:90: 73:1d:e6:9f:87:b9:dc:2a:08:6a:7f:29:0e:9e:de: d9:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:CF:85:76:63:CB:E4:D2:09:41:F2:17:CE:F0:47:75:93:A6:04:16 X509v3 Authority Key Identifier: keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/o8-FdmPL5NIJQfIXzvBHdZOmBBY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.19.108.0/24 194.242.2.0/24 Signature Algorithm: sha256WithRSAEncryption 1b:f6:05:c5:f7:f8:8d:8f:7a:c6:54:bf:96:77:da:52:04:c3: 73:2f:f1:81:46:31:dc:34:7e:5d:b5:f3:5b:68:74:b0:38:e6: 97:98:99:f0:b9:4e:a8:64:f6:23:ef:ab:91:1c:58:5d:00:6f: 9d:02:fc:2d:a4:83:96:34:5c:46:90:ce:9d:0f:12:3e:a3:7e: 74:8e:18:a1:72:be:3e:f4:d2:d4:7d:79:4b:e4:26:1e:e7:5e: 71:19:85:c1:3a:08:f7:f0:91:19:7b:04:43:fd:03:4e:78:bb: 1e:c9:07:c9:e2:a0:85:c8:4c:e7:4b:84:db:ea:9f:17:f9:13: 32:42:33:da:bd:5f:c5:9b:47:15:7e:b6:6d:b3:11:e1:6c:26: 5b:b3:5f:6c:df:19:b2:c9:8e:ba:c6:c8:52:7d:b1:a3:06:d8: 84:ba:7f:d1:00:0d:bf:f4:25:82:37:6b:b0:28:53:97:65:c5: 1e:d6:35:2e:6c:9c:85:8f:ea:6d:32:72:9a:c1:86:88:f9:24: a3:99:bc:ed:f5:cf:3f:77:02:28:39:da:a6:0f:0a:73:13:d9: 88:e5:2e:a6:cd:26:30:9a:85:ef:6b:08:bc:5c:3d:57:02:bf: 08:81:dd:58:25:08:66:f8:61:9f:d3:37:51:30:b8:00:6c:45: 42:a1:77:0e -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9XSWB8jCAPIS0n/QJDbjGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw NWIwZTIwHhcNMjYwMTAyMDYyMDE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhM2NmODU3NjYzY2JlNGQyMDk0MWYyMTdjZWYwNDc3NTkzYTYwNDE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHiJPrKVX9UjJMJz0z99QF/YJe/5 mhfGcFN9n52D7qYkPzqIgEh358XzwgVJKCoRgsAD9kYh0FsV8yjsuZ9Jg/pMcxAd dLw2Rk9HsMVrtKTBUKXFvLe+QtRBbTDLKiSzjeCiP++/9JDsJB8k29tADsMCsKVc 3e+DdJmXAYK/ugdYj7/Kmp7qvARVhZPZfDMnp9hOCJ8ynwt4jet6UmmgwbleqX4F NV/7svclB6wnyvbjyyY7cVm6DONycdv0UcmgQl4qMivRD0exysLCFw06AJX9kHRz FRkT+2cZNS9Hx/EoKydPIgGdwDKFY3XRWZBzHeafh7ncKghqfykOnt7ZzwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFKPPhXZjy+TSCUHyF87wR3WTpgQWMB8GA1UdIwQY MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt MmNjZWRiOTY2YTU4LzEvbzgtRmRtUEw1TklKUWZJWHp2QkhkWk9tQkJZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4 LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwRNsAwQA wvICMA0GCSqGSIb3DQEBCwUAA4IBAQAb9gXF9/iNj3rGVL+Wd9pSBMNzL/GBRjHc NH5dtfNbaHSwOOaXmJnwuU6oZPYj76uRHFhdAG+dAvwtpIOWNFxGkM6dDxI+o350 jhihcr4+9NLUfXlL5CYe515xGYXBOgj38JEZewRD/QNOeLseyQfJ4qCFyEznS4Tb 6p8X+RMyQjPavV/Fm0cVfrZtsxHhbCZbs19s3xmyyY66xshSfbGjBtiEun/RAA2/ 9CWCN2uwKFOXZcUe1jUubJyFj+ptMnKawYaI+SSjmbzt9c8/dwIoOdqmDwpzE9mI 5S6mzSYwmoXvawi8XD1XAr8Igd1YJQhm+GGf0zdRMLgAbEVCoXcO -----END CERTIFICATE-----Generated at Mon Jan 19 19:57:13 2026 by rpki-client