This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/oKYAA5pB1BVMSS94qWBDs30hCZg.roa File: oKYAA5pB1BVMSS94qWBDs30hCZg.roa (raw, json) Hash identifier: AelJXpIg2PixL0qimI9Ss0ePEmN+U5/bBUBeSnAZYyg= Subject key identifier: A0:A6:00:03:9A:41:D4:15:4C:49:2F:78:A9:60:43:B3:7D:21:09:98 Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb Certificate serial: 019B7758FA7EE01BDD48768FC90D6CEB0429 Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/oKYAA5pB1BVMSS94qWBDs30hCZg.roa Signing time: Thu 01 Jan 2026 02:17:58 +0000 ROA not before: Thu 01 Jan 2026 02:17:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215258 IP address blocks: 2a09:e1c1:f020::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.mft rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:fa:7e:e0:1b:dd:48:76:8f:c9:0d:6c:eb:04:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb Validity Not Before: Jan 1 02:17:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a0a600039a41d4154c492f78a96043b37d210998 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:46:e3:41:fb:a3:46:40:d0:3d:78:4d:6f:4f: 10:ae:67:32:fa:e8:2b:39:45:e5:53:20:aa:76:43: ee:1a:e5:c6:e8:eb:48:c9:52:73:e9:b3:c8:81:82: 1b:e9:85:22:b3:c7:17:7a:a3:b5:f1:fb:70:09:e9: 9d:9c:84:0b:9c:bc:42:13:8f:17:54:c1:47:d5:ad: 28:09:d0:93:f6:90:65:f2:11:51:d6:53:c7:c8:80: 76:2f:6f:73:64:e9:c8:9e:47:2b:06:7b:1b:53:06: a2:5d:14:7d:89:b2:34:90:f1:b8:b4:3f:24:a1:54: a5:7f:a9:28:c9:1a:c0:35:ab:37:c5:b4:23:09:11: 59:54:83:8c:ed:e1:49:33:0d:4f:3f:07:55:72:30: a3:0b:e4:86:2f:a2:9c:a0:ab:ad:58:bf:ab:31:31: ca:c3:bb:6d:d6:20:89:5d:84:71:39:3a:35:15:0d: 4e:bc:54:70:72:5a:e4:f4:da:b2:c3:35:e5:3e:6e: f8:59:37:52:f8:cb:7c:20:4f:58:33:c1:07:bc:b3: 0a:81:e0:1b:72:7b:1c:b4:ec:9a:ab:87:d0:de:d6: 0d:4f:06:94:ef:bf:14:5f:45:f8:42:1d:ce:43:34: 94:d9:e6:65:6f:55:ce:6e:6a:8c:ee:50:9d:23:cc: ef:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:A6:00:03:9A:41:D4:15:4C:49:2F:78:A9:60:43:B3:7D:21:09:98 X509v3 Authority Key Identifier: keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/oKYAA5pB1BVMSS94qWBDs30hCZg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a09:e1c1:f020::/44 Signature Algorithm: sha256WithRSAEncryption 6c:00:11:56:3c:95:66:d8:54:38:8a:a8:62:71:e8:7d:ba:79: 4e:13:7e:0f:09:d7:0d:b8:2e:97:ae:60:10:6e:60:c7:f2:79: a8:97:eb:b9:df:25:8e:fa:8b:2a:dc:1b:b8:f9:60:7f:9f:b8: 3b:9f:49:5e:1b:54:d5:ed:cb:0e:e7:e9:c4:8e:8a:77:90:65: 4b:73:9f:d4:b6:9e:d1:d1:71:c4:b2:41:af:81:a3:c6:21:ad: 8e:63:50:c3:a5:07:cd:0e:53:a6:46:ad:fa:17:48:be:d9:2c: a3:c2:99:2d:d8:e2:af:4f:ec:db:ab:40:8a:0a:b3:ad:3a:e5: 64:05:4c:01:27:09:9c:88:b9:14:3c:7e:16:9c:ad:d9:3d:8b: 3f:bf:92:60:06:e5:d0:ec:d1:ab:6b:4f:0d:b0:6c:b3:49:21: 7e:a2:4c:36:84:d0:d9:30:c5:d6:a7:ef:b9:b2:b3:16:1d:10: 65:2c:a2:45:68:44:14:b1:0a:11:64:26:d6:94:ea:a4:0b:98: 9d:ee:44:97:07:52:da:05:ff:9c:59:d8:cf:92:17:9d:45:01: 9f:12:4f:a8:55:4d:fe:5f:3f:f2:81:e8:bb:c4:56:af:2f:1c: de:ba:98:d0:5a:68:68:fc:37:ce:b0:e7:8b:ad:f4:33:8e:0b: 98:ed:cc:82 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt3WPp+4BvdSHaPyQ1s6wQpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi MGZhZGIwHhcNMjYwMTAxMDIxNzU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMGE2MDAwMzlhNDFkNDE1NGM0OTJmNzhhOTYwNDNiMzdkMjEwOTk4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0bjQfujRkDQPXhNb08Qrmcy+ugr OUXlUyCqdkPuGuXG6OtIyVJz6bPIgYIb6YUis8cXeqO18ftwCemdnIQLnLxCE48X VMFH1a0oCdCT9pBl8hFR1lPHyIB2L29zZOnInkcrBnsbUwaiXRR9ibI0kPG4tD8k oVSlf6koyRrANas3xbQjCRFZVIOM7eFJMw1PPwdVcjCjC+SGL6KcoKutWL+rMTHK w7tt1iCJXYRxOTo1FQ1OvFRwclrk9NqywzXlPm74WTdS+Mt8IE9YM8EHvLMKgeAb cnsctOyaq4fQ3tYNTwaU778UX0X4Qh3OQzSU2eZlb1XObmqM7lCdI8zvfQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFKCmAAOaQdQVTEkveKlgQ7N9IQmYMB8GA1UdIwQY MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt NThiMzhmNWFjODBiLzEvb0tZQUE1cEIxQlZNU1M5NHFXQkRzMzBoQ1pnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgnhwfAg MA0GCSqGSIb3DQEBCwUAA4IBAQBsABFWPJVm2FQ4iqhiceh9unlOE34PCdcNuC6X rmAQbmDH8nmol+u53yWO+osq3Bu4+WB/n7g7n0leG1TV7csO5+nEjop3kGVLc5/U tp7R0XHEskGvgaPGIa2OY1DDpQfNDlOmRq36F0i+2Syjwpkt2OKvT+zbq0CKCrOt OuVkBUwBJwmciLkUPH4WnK3ZPYs/v5JgBuXQ7NGra08NsGyzSSF+okw2hNDZMMXW p++5srMWHRBlLKJFaEQUsQoRZCbWlOqkC5id7kSXB1LaBf+cWdjPkhedRQGfEk+o VU3+Xz/ygei7xFavLxzeupjQWmho/DfOsOeLrfQzjguY7cyC -----END CERTIFICATE-----Generated at Sun Jan 18 12:08:44 2026 by rpki-client