This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/oCn4I0zsrLZoJRR3lwwIR9zI_sI.roa File: oCn4I0zsrLZoJRR3lwwIR9zI_sI.roa (raw, json) Hash identifier: g5tTM+0ouYYUdV23+bnfzmKBBKnTHSGQBaWUF0FAvsg= Subject key identifier: A0:29:F8:23:4C:EC:AC:B6:68:25:14:77:97:0C:08:47:DC:C8:FE:C2 Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Certificate serial: 019B984332246B34940E5B56EEE1FBCA76A0 Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/oCn4I0zsrLZoJRR3lwwIR9zI_sI.roa Signing time: Wed 07 Jan 2026 11:41:39 +0000 ROA not before: Wed 07 Jan 2026 11:41:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212238 IP address blocks: 2.58.148.0/24 maxlen: 24 2.58.149.0/24 maxlen: 24 2.58.150.0/24 maxlen: 24 2.58.151.0/24 maxlen: 24 37.46.149.0/24 maxlen: 24 45.91.149.0/24 maxlen: 24 45.129.132.0/24 maxlen: 24 45.129.133.0/24 maxlen: 24 45.135.184.0/24 maxlen: 24 45.135.187.0/24 maxlen: 24 45.143.53.0/24 maxlen: 24 45.145.44.0/24 maxlen: 24 45.145.45.0/24 maxlen: 24 45.145.47.0/24 maxlen: 24 62.197.144.0/24 maxlen: 24 62.197.147.0/24 maxlen: 24 62.197.148.0/24 maxlen: 24 62.197.150.0/24 maxlen: 24 62.197.151.0/24 maxlen: 24 62.197.152.0/24 maxlen: 24 62.197.159.0/24 maxlen: 24 84.247.25.0/24 maxlen: 24 84.247.26.0/24 maxlen: 24 89.33.84.0/24 maxlen: 24 89.36.22.0/24 maxlen: 24 89.37.62.0/24 maxlen: 24 89.37.63.0/24 maxlen: 24 89.43.199.0/24 maxlen: 24 89.46.92.0/24 maxlen: 24 92.62.121.0/24 maxlen: 24 93.115.254.0/24 maxlen: 24 93.115.255.0/24 maxlen: 24 94.103.249.0/24 maxlen: 24 94.103.250.0/24 maxlen: 24 185.121.121.0/24 maxlen: 24 185.121.122.0/24 maxlen: 24 185.121.123.0/24 maxlen: 24 185.184.134.0/24 maxlen: 24 185.205.190.0/24 maxlen: 24 185.239.241.0/24 maxlen: 24 185.239.243.0/24 maxlen: 24 185.244.137.0/24 maxlen: 24 185.245.5.0/24 maxlen: 24 188.212.132.0/24 maxlen: 24 188.240.68.0/24 maxlen: 24 188.240.74.0/24 maxlen: 24 193.19.108.0/24 maxlen: 24 193.218.32.0/24 maxlen: 24 193.239.164.0/24 maxlen: 24 193.239.165.0/24 maxlen: 24 194.169.169.0/24 maxlen: 24 212.119.34.0/24 maxlen: 24 2a11:140::/29 maxlen: 32 2a11:d40::/29 maxlen: 32 2a12:80::/29 maxlen: 32 2a12:680::/29 maxlen: 32 2a12:780::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 11:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:98:43:32:24:6b:34:94:0e:5b:56:ee:e1:fb:ca:76:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Validity Not Before: Jan 7 11:41:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a029f8234cecacb668251477970c0847dcc8fec2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:a9:85:29:36:f9:82:c6:e2:26:b8:10:3b:81: ab:c1:be:59:bb:5f:78:2d:b0:d5:98:29:e4:ff:2e: d1:08:36:f7:64:ca:62:53:d7:84:ca:26:c5:d6:5c: ad:67:1b:24:56:26:cf:70:5c:de:b2:d6:00:d7:16: 7f:b2:e6:58:83:c2:af:c3:b9:e9:98:e0:ce:21:d6: 30:24:2b:a6:63:15:03:f2:b0:f5:4d:1d:c3:5e:86: 00:a7:7b:d8:bd:a4:66:dc:9d:69:91:14:cf:44:d7: 30:0c:bd:39:d9:d1:9d:c7:d9:98:d6:de:2d:77:e7: a1:c6:f3:29:6a:01:26:e4:92:51:f1:38:cf:ab:a3: 59:12:80:1e:49:a3:e8:c9:32:c5:fa:5f:5c:aa:33: 6d:fc:83:0d:02:1b:c2:3b:d4:65:52:b1:d6:cf:7f: ff:36:08:67:a8:d2:c0:b1:b7:eb:08:38:fb:88:b8: e4:2d:eb:53:72:83:c1:74:e0:84:f8:93:19:39:5b: 67:e3:81:38:41:62:7f:3c:ee:dd:5e:fc:ef:72:c9: 58:52:8f:a0:1e:02:0f:35:6c:69:2f:70:59:71:ce: ad:2b:00:07:d3:2c:bb:f5:f9:af:d4:85:a6:37:a1: a7:fe:f5:fd:bf:8e:6e:a5:db:0f:b5:d6:3a:fe:e7: b5:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:29:F8:23:4C:EC:AC:B6:68:25:14:77:97:0C:08:47:DC:C8:FE:C2 X509v3 Authority Key Identifier: keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/oCn4I0zsrLZoJRR3lwwIR9zI_sI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.58.148.0/22 37.46.149.0/24 45.91.149.0/24 45.129.132.0/23 45.135.184.0/24 45.135.187.0/24 45.143.53.0/24 45.145.44.0/23 45.145.47.0/24 62.197.144.0/24 62.197.147.0-62.197.148.255 62.197.150.0-62.197.152.255 62.197.159.0/24 84.247.25.0-84.247.26.255 89.33.84.0/24 89.36.22.0/24 89.37.62.0/23 89.43.199.0/24 89.46.92.0/24 92.62.121.0/24 93.115.254.0/23 94.103.249.0-94.103.250.255 185.121.121.0-185.121.123.255 185.184.134.0/24 185.205.190.0/24 185.239.241.0/24 185.239.243.0/24 185.244.137.0/24 185.245.5.0/24 188.212.132.0/24 188.240.68.0/24 188.240.74.0/24 193.19.108.0/24 193.218.32.0/24 193.239.164.0/23 194.169.169.0/24 212.119.34.0/24 IPv6: 2a11:140::/29 2a11:d40::/29 2a12:80::/29 2a12:680::/29 2a12:780::/29 Signature Algorithm: sha256WithRSAEncryption 45:13:e4:5e:34:6d:e8:59:41:41:62:df:34:72:62:ba:5d:c6: 4b:a2:f2:c5:8b:d7:94:f4:26:d6:9d:ca:28:a3:d4:1f:71:ec: a7:0e:f6:4b:c8:ff:ed:77:9b:1d:ec:53:e7:ff:3a:58:f5:84: ba:a1:a1:f4:ac:77:89:dd:26:18:3d:b8:04:ac:41:5a:e7:51: 47:5d:6e:5a:83:f6:9a:58:70:d8:c5:05:41:cb:7d:6b:70:8e: 4c:bb:af:c6:18:00:45:29:c1:61:c2:c7:7e:70:7f:b0:78:89: ac:3b:1c:20:d0:f5:b0:00:f2:bf:89:22:11:4b:bf:07:11:a5: 64:29:39:6d:8e:8e:d0:11:5d:26:9e:f3:6a:3d:a2:ac:aa:9b: c6:b4:ec:f5:0b:21:9e:1e:f9:a4:5b:5e:99:3b:d8:82:97:fc: 8f:f6:03:b6:81:32:bd:60:c5:56:5a:a4:48:5a:22:c9:49:9a: f1:9a:be:75:c9:aa:90:d8:2f:88:61:98:b4:ec:2c:f8:db:39: 60:fa:81:13:a1:92:ac:00:38:8f:b1:fb:4c:88:48:8a:99:44: fc:33:99:fd:ee:88:81:fa:bc:1f:45:13:0e:dc:bb:15:b5:7d: 7b:7e:2b:91:d4:f1:11:7b:16:06:27:ad:b8:6c:c6:f6:cf:d9: fd:5f:0e:27 -----BEGIN CERTIFICATE----- MIIGMjCCBRqgAwIBAgISAZuYQzIkazSUDltW7uH7ynagMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw NWIwZTIwHhcNMjYwMTA3MTE0MTM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMDI5ZjgyMzRjZWNhY2I2NjgyNTE0Nzc5NzBjMDg0N2RjYzhmZWMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKmFKTb5gsbiJrgQO4Grwb5Zu194 LbDVmCnk/y7RCDb3ZMpiU9eEyibF1lytZxskVibPcFzestYA1xZ/suZYg8Kvw7np mODOIdYwJCumYxUD8rD1TR3DXoYAp3vYvaRm3J1pkRTPRNcwDL052dGdx9mY1t4t d+ehxvMpagEm5JJR8TjPq6NZEoAeSaPoyTLF+l9cqjNt/IMNAhvCO9RlUrHWz3// NghnqNLAsbfrCDj7iLjkLetTcoPBdOCE+JMZOVtn44E4QWJ/PO7dXvzvcslYUo+g HgIPNWxpL3BZcc6tKwAH0yy79fmv1IWmN6Gn/vX9v45updsPtdY6/ue1UwIDAQAB o4IDPjCCAzowHQYDVR0OBBYEFKAp+CNM7Ky2aCUUd5cMCEfcyP7CMB8GA1UdIwQY MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt MmNjZWRiOTY2YTU4LzEvb0NuNEkwenNyTFpvSlJSM2x3d0lSOXpJX3NJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4 LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIBUgYIKwYBBQUHAQcBAf8EggFBMIIBPTCCAQ4EAgABMIIB BgMEAgI6lAMEACUulQMEAC1blQMEAS2BhAMEAC2HuAMEAC2HuwMEAC2PNQMEAS2R LAMEAC2RLwMEAD7FkDAMAwQAPsWTAwQAPsWUMAwDBAE+xZYDBAA+xZgDBAA+xZ8w DAMEAFT3GQMEAFT3GgMEAFkhVAMEAFkkFgMEAVklPgMEAFkrxwMEAFkuXAMEAFw+ eQMEAV1z/jAMAwQAXmf5AwQAXmf6MAwDBAC5eXkDBAK5eXgDBAC5uIYDBAC5zb4D BAC57/EDBAC57/MDBAC59IkDBAC59QUDBAC81IQDBAC88EQDBAC88EoDBADBE2wD BADB2iADBAHB76QDBADCqakDBADUdyIwKQQCAAIwIwMFAyoRAUADBQMqEQ1AAwUD KhIAgAMFAyoSBoADBQMqEgeAMA0GCSqGSIb3DQEBCwUAA4IBAQBFE+ReNG3oWUFB Yt80cmK6XcZLovLFi9eU9CbWncooo9QfceynDvZLyP/td5sd7FPn/zpY9YS6oaH0 rHeJ3SYYPbgErEFa51FHXW5ag/aaWHDYxQVBy31rcI5Mu6/GGABFKcFhwsd+cH+w eImsOxwg0PWwAPK/iSIRS78HEaVkKTltjo7QEV0mnvNqPaKsqpvGtOz1CyGeHvmk W16ZO9iCl/yP9gO2gTK9YMVWWqRIWiLJSZrxmr51yaqQ2C+IYZi07Cz42zlg+oET oZKsADiPsftMiEiKmUT8M5n97oiB+rwfRRMO3LsVtX17fiuR1PERexYGJ624bMb2 z9n9Xw4n -----END CERTIFICATE-----Generated at Mon Jan 19 20:00:09 2026 by rpki-client