This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/OiGaIEub5jL1aTa5izfRirvLl84.roa File: OiGaIEub5jL1aTa5izfRirvLl84.roa (raw, json) Hash identifier: 5MTw6kZy61jYtllFdul+j1TTHjK6hYnhm2x4TtMTz2Q= Subject key identifier: 3A:21:9A:20:4B:9B:E6:32:F5:69:36:B9:8B:37:D1:8A:BB:CB:97:CE Certificate issuer: /CN=a0a154441df9623eeb5a196138d21bef5824b441 Certificate serial: 019B7F842B1FB62747D1A2A7F78A95C75ED3 Authority key identifier: A0:A1:54:44:1D:F9:62:3E:EB:5A:19:61:38:D2:1B:EF:58:24:B4:41 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKFURB35Yj7rWhlhONIb71gktEE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/OiGaIEub5jL1aTa5izfRirvLl84.roa Signing time: Fri 02 Jan 2026 16:22:06 +0000 ROA not before: Fri 02 Jan 2026 16:22:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 24641 IP address blocks: 77.240.176.0/20 maxlen: 24 81.19.0.0/20 maxlen: 24 85.132.144.0/20 maxlen: 24 95.129.96.0/21 maxlen: 21 185.146.4.0/22 maxlen: 22 2a02:e98::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/oKFURB35Yj7rWhlhONIb71gktEE.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/oKFURB35Yj7rWhlhONIb71gktEE.mft rsync://rpki.ripe.net/repository/DEFAULT/oKFURB35Yj7rWhlhONIb71gktEE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 16:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:2b:1f:b6:27:47:d1:a2:a7:f7:8a:95:c7:5e:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0a154441df9623eeb5a196138d21bef5824b441 Validity Not Before: Jan 2 16:22:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3a219a204b9be632f56936b98b37d18abbcb97ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:5a:bc:68:f3:fd:77:f3:27:9b:4a:e5:e8:a9: 98:74:92:ab:68:e7:77:80:28:0f:13:80:73:66:17: 32:8b:53:0d:24:88:91:f9:c5:c4:f6:e1:3b:ea:cb: 92:fa:13:23:e6:a5:6f:35:b4:1a:7c:07:8d:27:32: eb:c1:97:eb:ce:a3:ae:34:3e:68:b7:70:0f:0f:3e: 7c:d5:39:f1:57:b9:1d:0a:42:b6:f1:14:54:31:ef: ee:bb:2a:5a:31:dd:92:3c:05:22:d2:f2:8c:2f:b5: 92:6e:ea:2f:ae:1f:61:d9:88:a2:e1:f8:77:eb:e4: 9d:41:7a:fe:19:f9:a6:81:67:5e:66:c2:0f:31:16: ca:d6:09:f1:54:39:10:7a:44:4a:7c:12:85:cc:6a: b1:81:03:5b:0f:ff:ca:ab:0e:37:1c:f9:62:70:7e: d9:a5:44:be:28:37:f5:c2:fd:1f:6a:10:c0:7f:b8: 3c:0d:29:69:51:52:4c:b4:f7:ff:99:d2:38:df:80: e3:68:7b:08:79:4d:a3:88:6f:64:3b:d8:14:ed:38: ab:6b:26:a6:9c:cd:fd:68:f5:d0:30:2b:54:5f:4c: 81:09:72:93:4d:09:16:9c:67:78:91:1d:bc:0c:2d: df:93:47:14:a1:e6:c1:db:db:b5:e7:4c:ae:d8:ee: 62:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:21:9A:20:4B:9B:E6:32:F5:69:36:B9:8B:37:D1:8A:BB:CB:97:CE X509v3 Authority Key Identifier: keyid:A0:A1:54:44:1D:F9:62:3E:EB:5A:19:61:38:D2:1B:EF:58:24:B4:41 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKFURB35Yj7rWhlhONIb71gktEE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/OiGaIEub5jL1aTa5izfRirvLl84.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/oKFURB35Yj7rWhlhONIb71gktEE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.240.176.0/20 81.19.0.0/20 85.132.144.0/20 95.129.96.0/21 185.146.4.0/22 IPv6: 2a02:e98::/32 Signature Algorithm: sha256WithRSAEncryption 5d:43:48:b2:e6:a4:c2:3a:fa:33:31:f4:7e:ff:d5:38:91:67: 5c:4e:39:df:92:db:27:ae:04:e1:f1:cc:1b:7a:47:4a:c9:42: 69:60:3f:49:69:a1:c9:eb:3b:ec:cf:e2:a3:cc:fe:8e:77:35: 49:2e:4d:9d:eb:30:cd:91:7d:e9:e0:a7:46:dc:ec:8b:9d:53: b1:a8:78:ae:65:a8:0e:3d:a8:ae:85:4c:4b:20:f1:89:91:70: 41:5d:aa:93:21:9e:ba:4f:c9:cc:2c:cc:b0:7b:91:c2:a0:f3: 34:62:35:c1:a9:f3:bd:d5:7a:b7:03:a3:9d:33:61:38:dd:2e: 13:12:73:34:ba:66:62:22:27:3b:74:9b:6d:07:83:26:d0:d9: aa:aa:8c:e4:4b:6c:7a:46:46:74:0f:d8:e3:41:ec:ba:5d:bc: 7f:74:9d:34:33:5c:dc:6d:d6:29:11:38:d6:97:a9:32:43:a4: 7b:11:8f:28:0a:a9:22:85:30:d6:9a:dc:24:1e:a0:44:78:8a: c0:a1:74:eb:9b:85:03:b7:d5:11:53:5f:6c:45:8b:d1:29:89: 0e:27:b5:22:dc:65:5f:dc:3a:39:d8:3f:5c:54:f4:96:b1:5b: a6:e2:00:93:53:87:1e:bf:22:2a:1f:90:80:52:26:85:f1:ac: 3a:c4:fd:e3 -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZt/hCsftidH0aKn94qVx17TMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwYTE1NDQ0MWRmOTYyM2VlYjVhMTk2MTM4ZDIxYmVmNTgy NGI0NDEwHhcNMjYwMTAyMTYyMjA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYTIxOWEyMDRiOWJlNjMyZjU2OTM2Yjk4YjM3ZDE4YWJiY2I5N2NlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1q8aPP9d/Mnm0rl6KmYdJKraOd3 gCgPE4BzZhcyi1MNJIiR+cXE9uE76suS+hMj5qVvNbQafAeNJzLrwZfrzqOuND5o t3APDz581TnxV7kdCkK28RRUMe/uuypaMd2SPAUi0vKML7WSbuovrh9h2Yii4fh3 6+SdQXr+GfmmgWdeZsIPMRbK1gnxVDkQekRKfBKFzGqxgQNbD//Kqw43HPlicH7Z pUS+KDf1wv0fahDAf7g8DSlpUVJMtPf/mdI434DjaHsIeU2jiG9kO9gU7Tirayam nM39aPXQMCtUX0yBCXKTTQkWnGd4kR28DC3fk0cUoebB29u150yu2O5iWQIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFDohmiBLm+Yy9Wk2uYs30Yq7y5fOMB8GA1UdIwQY MBaAFKChVEQd+WI+61oZYTjSG+9YJLRBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0tGVVJCMzVZajdyV2hsaE9OSWI3MWdrdEVFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC81YjNkNmQtZTZmMS00N2FkLWI1MmIt OWQ5NDM2NzFhOGEzLzEvT2lHYUlFdWI1akwxYVRhNWl6ZlJpcnZMbDg0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC81YjNkNmQtZTZmMS00N2FkLWI1MmItOWQ5NDM2NzFhOGEz LzEvb0tGVVJCMzVZajdyV2hsaE9OSWI3MWdrdEVFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQETfCwAwQE URMAAwQEVYSQAwQDX4FgAwQCuZIEMA0EAgACMAcDBQAqAg6YMA0GCSqGSIb3DQEB CwUAA4IBAQBdQ0iy5qTCOvozMfR+/9U4kWdcTjnfktsnrgTh8cwbekdKyUJpYD9J aaHJ6zvsz+KjzP6OdzVJLk2d6zDNkX3p4KdG3OyLnVOxqHiuZagOPaiuhUxLIPGJ kXBBXaqTIZ66T8nMLMywe5HCoPM0YjXBqfO91Xq3A6OdM2E43S4TEnM0umZiIic7 dJttB4Mm0NmqqozkS2x6RkZ0D9jjQey6Xbx/dJ00M1zcbdYpETjWl6kyQ6R7EY8o CqkihTDWmtwkHqBEeIrAoXTrm4UDt9URU19sRYvRKYkOJ7Ui3GVf3Do52D9cVPSW sVum4gCTU4cevyIqH5CAUiaF8aw6xP3j -----END CERTIFICATE-----Generated at Tue Jan 27 02:07:14 2026 by rpki-client