This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/oiqTsN2hPB1Jr8i3uX5AbnG9Jqs.roa File: oiqTsN2hPB1Jr8i3uX5AbnG9Jqs.roa (raw, json) Hash identifier: vgJqEjeMdoUtrygtplyG9R9/l09GJRSHddlmpygHdA0= Subject key identifier: A2:2A:93:B0:DD:A1:3C:1D:49:AF:C8:B7:B9:7E:40:6E:71:BD:26:AB Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf Certificate serial: 019B7C1381B5049FFFC65C11DBBFFED72DC9 Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/oiqTsN2hPB1Jr8i3uX5AbnG9Jqs.roa Signing time: Fri 02 Jan 2026 00:20:11 +0000 ROA not before: Fri 02 Jan 2026 00:20:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200017 IP address blocks: 176.125.249.0/24 maxlen: 24 185.126.83.0/24 maxlen: 24 185.214.100.0/24 maxlen: 24 185.228.73.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 19:40:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:81:b5:04:9f:ff:c6:5c:11:db:bf:fe:d7:2d:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf Validity Not Before: Jan 2 00:20:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a22a93b0dda13c1d49afc8b7b97e406e71bd26ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:90:56:2c:5c:81:96:9c:5f:ee:8b:b2:19:5a: 4f:b5:3d:36:87:6f:dd:9b:20:16:4b:7c:d0:d0:bb: 12:79:f0:42:ab:24:22:5c:01:4c:4d:35:a2:7a:5a: 52:0a:33:56:95:0b:e4:81:66:d3:3b:7d:7b:91:78: 16:e9:8e:a9:48:2a:d8:9d:d1:c1:00:db:a0:a6:01: 19:ee:a1:04:3d:95:de:3f:0d:21:e5:dd:09:73:85: b7:de:4e:ea:79:51:94:65:d9:90:e8:03:77:ec:9a: a4:79:61:c6:d4:b9:37:d0:38:76:c0:07:03:8a:68: b3:df:cd:b4:7b:49:dd:63:82:dd:b3:a1:6f:32:c9: 75:e5:52:12:18:aa:59:8c:09:35:79:d1:df:8c:bb: 78:a5:0f:da:ed:42:f1:d4:cd:e7:8b:d6:24:1a:65: a8:ee:6f:f2:81:35:f8:77:5f:af:f8:85:d5:a1:b5: ab:2d:8c:2f:5b:d6:13:7e:ff:3f:92:03:99:3f:6e: d7:9a:4e:6a:7f:77:07:f6:af:f0:1b:f7:ff:65:b3: 33:d4:f9:06:95:16:ab:ee:54:9d:c3:07:3e:16:bf: f3:88:fd:65:4c:21:d0:53:f9:02:ab:87:5c:62:d9: 16:70:07:9e:0a:b2:d3:d1:5b:61:f5:b3:49:66:15: 7f:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:2A:93:B0:DD:A1:3C:1D:49:AF:C8:B7:B9:7E:40:6E:71:BD:26:AB X509v3 Authority Key Identifier: keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/oiqTsN2hPB1Jr8i3uX5AbnG9Jqs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.125.249.0/24 185.126.83.0/24 185.214.100.0/24 185.228.73.0/24 Signature Algorithm: sha256WithRSAEncryption 99:10:61:f8:df:aa:9d:a5:65:ee:72:8e:c1:81:67:1e:43:b4: 81:66:06:83:3c:3a:ff:83:20:3f:7e:bd:99:98:f7:f4:37:b6: c2:05:b0:be:f1:6d:4c:18:08:ad:48:27:81:56:c0:b2:f0:7c: 82:21:23:66:47:42:74:0c:ca:83:d7:1d:0e:aa:83:8e:af:f5: e1:ef:ae:1b:a0:38:29:6a:28:92:ea:73:86:42:74:b9:cd:33: 65:d4:f8:36:f1:ca:a0:0c:07:0f:33:5b:18:0e:28:a5:35:25: 02:93:be:9f:57:1f:ea:2b:a9:b8:5e:97:ac:12:6c:33:d3:9b: 27:f7:0c:44:8e:46:b3:e8:b9:ca:41:07:c0:1e:ad:37:f3:e0: 12:23:32:0b:52:44:18:48:8b:88:e4:47:f6:fb:96:c2:da:df: 99:ad:46:71:88:0b:63:14:ab:9c:b0:fe:1d:56:cc:c5:02:e2: 38:b9:33:99:79:c8:fc:9d:b1:7f:0e:88:96:bc:c9:fb:10:d0: 7d:de:ef:df:41:d1:c7:7d:61:9c:c0:46:1f:f5:a1:2b:c5:c4: 49:42:7f:d0:a3:3c:84:4e:6a:bf:c4:da:b9:02:92:98:3d:e5: 48:9d:1d:af:0a:47:b2:4f:c2:56:3e:6f:b4:bf:31:a7:37:53: 2c:79:d3:06 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt8E4G1BJ//xlwR27/+1y3JMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx MTRjYWYwHhcNMjYwMTAyMDAyMDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMjJhOTNiMGRkYTEzYzFkNDlhZmM4YjdiOTdlNDA2ZTcxYmQyNmFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJBWLFyBlpxf7ouyGVpPtT02h2/d myAWS3zQ0LsSefBCqyQiXAFMTTWielpSCjNWlQvkgWbTO317kXgW6Y6pSCrYndHB ANugpgEZ7qEEPZXePw0h5d0Jc4W33k7qeVGUZdmQ6AN37JqkeWHG1Lk30Dh2wAcD imiz3820e0ndY4Lds6FvMsl15VISGKpZjAk1edHfjLt4pQ/a7ULx1M3ni9YkGmWo 7m/ygTX4d1+v+IXVobWrLYwvW9YTfv8/kgOZP27Xmk5qf3cH9q/wG/f/ZbMz1PkG lRar7lSdwwc+Fr/ziP1lTCHQU/kCq4dcYtkWcAeeCrLT0Vth9bNJZhV/SQIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFKIqk7DdoTwdSa/It7l+QG5xvSarMB8GA1UdIwQY MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt YjQzNDJiYTkxYWJjLzEvb2lxVHNOMmhQQjFKcjhpM3VYNUFibkc5SnFzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAsH35AwQA uX5TAwQAudZkAwQAueRJMA0GCSqGSIb3DQEBCwUAA4IBAQCZEGH436qdpWXuco7B gWceQ7SBZgaDPDr/gyA/fr2ZmPf0N7bCBbC+8W1MGAitSCeBVsCy8HyCISNmR0J0 DMqD1x0OqoOOr/Xh764boDgpaiiS6nOGQnS5zTNl1Pg28cqgDAcPM1sYDiilNSUC k76fVx/qK6m4XpesEmwz05sn9wxEjkaz6LnKQQfAHq038+ASIzILUkQYSIuI5Ef2 +5bC2t+ZrUZxiAtjFKucsP4dVszFAuI4uTOZecj8nbF/DoiWvMn7ENB93u/fQdHH fWGcwEYf9aErxcRJQn/QozyETmq/xNq5ApKYPeVInR2vCkeyT8JWPm+0vzGnN1Ms edMG -----END CERTIFICATE-----Generated at Fri Jan 2 23:48:14 2026 by rpki-client