This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/o0zFW0tgu0SNCajq1-Pj04reASE.roa File: o0zFW0tgu0SNCajq1-Pj04reASE.roa (raw, json) Hash identifier: XI8Y+MP7U7GXabQcnglenR9AR3VDKkEoKmwdTMvnwSA= Subject key identifier: A3:4C:C5:5B:4B:60:BB:44:8D:09:A8:EA:D7:E3:E3:D3:8A:DE:01:21 Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10 Certificate serial: 019B7F84E920D84E95B481197795F1FC1629 Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/o0zFW0tgu0SNCajq1-Pj04reASE.roa Signing time: Fri 02 Jan 2026 16:22:55 +0000 ROA not before: Fri 02 Jan 2026 16:22:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202243 IP address blocks: 80.85.48.0/21 maxlen: 24 92.52.220.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 15:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:e9:20:d8:4e:95:b4:81:19:77:95:f1:fc:16:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10 Validity Not Before: Jan 2 16:22:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a34cc55b4b60bb448d09a8ead7e3e3d38ade0121 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:f1:66:dd:c1:1e:54:d1:d8:6d:3e:fc:cc:c0: 35:60:aa:ea:e7:ce:49:43:f3:d6:19:10:9e:94:43: 69:a0:e2:cf:f0:03:1b:49:fb:bd:e3:d8:0c:69:2f: a9:f6:3c:3f:3f:fc:f6:38:f3:c9:1b:1a:ae:32:cd: 65:2c:29:b8:40:31:6a:bd:bb:3e:24:df:55:3c:3f: f1:48:c8:b9:22:9f:fe:ce:1b:47:5b:87:cc:8d:1e: 79:7e:e9:46:b4:53:9e:09:bb:22:30:f6:16:4a:6b: 18:b5:f6:23:2e:ce:c7:a9:cb:a8:cb:9e:dd:f4:63: f0:fd:ed:6b:8b:13:e3:39:6e:c5:db:e8:b1:6b:b4: cd:22:74:ca:a1:5d:be:b9:82:16:f8:76:1b:a4:7e: 59:96:3a:3a:60:27:3f:3e:1f:91:db:c7:54:c8:a7: bb:ff:c0:33:9f:fc:5a:96:b9:c8:3d:bf:e9:09:ad: a7:8a:da:49:dc:66:5f:16:98:43:f6:51:a9:bd:24: 21:0e:e3:74:8e:ca:1c:44:18:bf:b9:93:bd:21:c6: c3:8b:5f:da:b7:0f:9f:7f:81:39:d1:71:1a:80:b3: 38:90:0e:1f:96:a1:2d:bb:f1:90:45:85:7d:a8:21: c8:8a:47:02:ab:3a:21:d1:e4:e3:11:de:f7:76:94: d8:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:4C:C5:5B:4B:60:BB:44:8D:09:A8:EA:D7:E3:E3:D3:8A:DE:01:21 X509v3 Authority Key Identifier: keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/o0zFW0tgu0SNCajq1-Pj04reASE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.85.48.0/21 92.52.220.0/24 Signature Algorithm: sha256WithRSAEncryption 64:48:b4:ad:41:7f:a0:f4:37:fe:a6:51:a8:ed:37:55:f3:f0: 10:12:58:ce:86:0c:91:28:58:af:b7:81:20:d9:d7:85:e4:bf: 1c:0b:ac:fe:36:ce:94:e4:48:0f:5a:a9:35:02:40:27:ea:77: 2e:79:a5:bc:c8:cc:00:61:69:b1:90:eb:4d:61:e6:f9:3d:61: df:28:af:89:5b:d1:96:93:39:46:bc:61:d8:ce:20:68:fd:e1: 5c:8c:c8:a0:70:de:39:da:85:4a:de:ae:e0:2d:60:7f:26:4a: aa:31:c7:25:89:36:63:16:c8:81:a2:1c:bc:1a:90:a4:7d:ee: 31:49:e9:e7:53:f3:64:91:d3:b8:6a:55:92:13:8e:d8:fe:9c: cc:e0:7f:db:3b:c0:23:29:5b:da:1b:d8:de:21:54:8d:72:2a: 5d:5e:ad:18:33:12:fa:b8:10:ba:e7:59:3d:a4:10:03:c0:4b: d7:7a:31:b0:33:08:0a:1a:a8:6b:d6:98:a5:2b:e1:b8:e9:b5: a5:33:19:29:45:1c:83:24:20:7c:a1:53:93:a8:90:51:cd:dd: f0:63:fd:57:3e:ed:d8:95:1b:e9:a3:21:66:ba:cd:51:73:14: 08:70:f8:85:1e:01:c2:73:26:c6:80:6f:58:8b:f7:e5:5b:f2: 66:e9:3f:36 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/hOkg2E6VtIEZd5Xx/BYpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx MWRhMTAwHhcNMjYwMTAyMTYyMjU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMzRjYzU1YjRiNjBiYjQ0OGQwOWE4ZWFkN2UzZTNkMzhhZGUwMTIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/Fm3cEeVNHYbT78zMA1YKrq585J Q/PWGRCelENpoOLP8AMbSfu949gMaS+p9jw/P/z2OPPJGxquMs1lLCm4QDFqvbs+ JN9VPD/xSMi5Ip/+zhtHW4fMjR55fulGtFOeCbsiMPYWSmsYtfYjLs7Hqcuoy57d 9GPw/e1rixPjOW7F2+ixa7TNInTKoV2+uYIW+HYbpH5Zljo6YCc/Ph+R28dUyKe7 /8Azn/xalrnIPb/pCa2nitpJ3GZfFphD9lGpvSQhDuN0jsocRBi/uZO9IcbDi1/a tw+ff4E50XEagLM4kA4flqEtu/GQRYV9qCHIikcCqzoh0eTjEd73dpTYyQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFKNMxVtLYLtEjQmo6tfj49OK3gEhMB8GA1UdIwQY MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt N2U0ZDZmNmY2ZTY2LzEvbzB6RlcwdGd1MFNOQ2FqcTEtUGowNHJlQVNFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2 LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDUFUwAwQA XDTcMA0GCSqGSIb3DQEBCwUAA4IBAQBkSLStQX+g9Df+plGo7TdV8/AQEljOhgyR KFivt4Eg2deF5L8cC6z+Ns6U5EgPWqk1AkAn6ncueaW8yMwAYWmxkOtNYeb5PWHf KK+JW9GWkzlGvGHYziBo/eFcjMigcN452oVK3q7gLWB/JkqqMccliTZjFsiBohy8 GpCkfe4xSennU/NkkdO4alWSE47Y/pzM4H/bO8AjKVvaG9jeIVSNcipdXq0YMxL6 uBC651k9pBADwEvXejGwMwgKGqhr1pilK+G46bWlMxkpRRyDJCB8oVOTqJBRzd3w Y/1XPu3YlRvpoyFmus1RcxQIcPiFHgHCcybGgG9Yi/flW/Jm6T82 -----END CERTIFICATE-----Generated at Mon Jan 19 20:01:03 2026 by rpki-client