This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/okpXovGo8Qws_PPRtlsVVUmZZzA.roa File: okpXovGo8Qws_PPRtlsVVUmZZzA.roa (raw, json) Hash identifier: 4oR/V429uTC5kWQN94QEJqxEv4CSp9VQuHnF9qGLwmM= Subject key identifier: A2:4A:57:A2:F1:A8:F1:0C:2C:FC:F3:D1:B6:5B:15:55:49:99:67:30 Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370 Certificate serial: 019B7F15D24D1588734657BD47CAAF2ADD19 Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/okpXovGo8Qws_PPRtlsVVUmZZzA.roa Signing time: Fri 02 Jan 2026 14:21:35 +0000 ROA not before: Fri 02 Jan 2026 14:21:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214851 IP address blocks: 192.144.33.0/24 maxlen: 24 2a09:ff00:8000::/37 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.mft rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 03:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:d2:4d:15:88:73:46:57:bd:47:ca:af:2a:dd:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370 Validity Not Before: Jan 2 14:21:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a24a57a2f1a8f10c2cfcf3d1b65b155549996730 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:c7:aa:e8:86:18:53:f9:31:3d:65:54:6c:60: ed:cc:a0:5b:61:0c:6f:59:54:de:89:32:dc:5a:0a: 76:52:5e:f6:5c:60:f7:4c:2e:1a:1e:0e:8e:b9:79: 01:b8:d2:38:52:0f:15:4b:d0:bf:d9:7b:61:22:1e: ea:5c:c8:16:48:e4:97:48:04:d7:79:26:db:0a:7c: 4e:83:29:dc:16:08:f3:ba:73:17:15:84:f8:e2:19: cc:1a:fc:a1:41:d4:80:25:f7:f1:77:7b:f4:56:6b: 2d:19:2e:03:2d:d9:d8:22:36:eb:5d:ae:31:10:c4: 8d:98:e5:a7:df:d4:26:17:c3:6b:fe:30:cf:17:e7: 3c:b4:88:34:c4:c1:23:59:da:9f:1c:5a:16:db:ec: be:1c:04:07:f3:d8:63:56:d9:6c:7a:79:22:dd:1e: 92:06:bc:89:ee:17:6a:6f:ad:38:f1:bc:bd:68:cb: 3f:1b:9d:4c:97:25:21:1c:36:0f:55:ce:b8:9b:ed: 5c:71:b7:9a:fc:14:3c:40:8a:06:fa:a2:6d:5b:c9: 27:28:39:9d:70:e7:fe:11:a5:0a:dd:ff:eb:51:e5: 41:1c:70:bc:dd:8e:57:db:90:56:5a:bd:f3:96:b1: b0:4e:3b:eb:c2:25:87:2f:a9:e9:48:de:43:e1:b9: 9e:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:4A:57:A2:F1:A8:F1:0C:2C:FC:F3:D1:B6:5B:15:55:49:99:67:30 X509v3 Authority Key Identifier: keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/okpXovGo8Qws_PPRtlsVVUmZZzA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.144.33.0/24 IPv6: 2a09:ff00:8000::/37 Signature Algorithm: sha256WithRSAEncryption 9e:81:e0:b8:08:ad:99:40:8c:59:56:ce:00:99:8b:39:6e:f3: 09:dd:ba:c1:6a:6c:6c:a5:76:b5:a7:e8:87:6d:55:37:0f:f0: 91:1a:05:bd:3a:6a:1e:00:7d:32:77:21:6a:80:55:22:7a:ba: e4:e7:6d:81:e6:5d:5f:f8:21:a6:51:4d:70:84:f8:e8:c6:54: aa:1d:79:85:50:c2:e4:3c:10:9c:14:2f:41:58:52:b9:26:b8: a7:a1:01:43:45:c3:2a:2b:f0:e6:db:41:4c:26:4d:39:5a:04: b8:33:e2:2f:d3:db:75:6b:b1:e9:1d:d4:18:85:4c:93:11:cb: 04:e0:0e:d2:81:c1:76:8f:ca:c6:eb:42:80:ca:44:24:ae:1c: 4e:73:63:62:53:77:b8:af:5f:a8:a0:c4:61:ae:f4:d1:f2:8a: b9:df:fe:1d:12:65:bc:27:ea:69:82:bb:cd:51:10:78:2b:5a: 6a:b5:0e:8e:88:8a:05:f0:69:b9:25:03:17:10:e7:5e:5a:03: 92:7f:74:f6:bc:59:da:ab:13:5d:e1:4f:d5:e1:1a:4f:85:44: e7:33:6c:5a:6e:13:c7:13:39:32:46:5e:f7:b6:02:1f:22:af: 3c:f7:1e:ab:ea:96:41:f8:89:fb:a1:be:f8:31:12:62:3d:ea: a4:0f:e0:9a -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgISAZt/FdJNFYhzRle9R8qvKt0ZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk YTEzNzAwHhcNMjYwMTAyMTQyMTM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMjRhNTdhMmYxYThmMTBjMmNmY2YzZDFiNjViMTU1NTQ5OTk2NzMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Meq6IYYU/kxPWVUbGDtzKBbYQxv WVTeiTLcWgp2Ul72XGD3TC4aHg6OuXkBuNI4Ug8VS9C/2XthIh7qXMgWSOSXSATX eSbbCnxOgyncFgjzunMXFYT44hnMGvyhQdSAJffxd3v0VmstGS4DLdnYIjbrXa4x EMSNmOWn39QmF8Nr/jDPF+c8tIg0xMEjWdqfHFoW2+y+HAQH89hjVtlsenki3R6S BryJ7hdqb6048by9aMs/G51MlyUhHDYPVc64m+1ccbea/BQ8QIoG+qJtW8knKDmd cOf+EaUK3f/rUeVBHHC83Y5X25BWWr3zlrGwTjvrwiWHL6npSN5D4bme/QIDAQAB o4ICGTCCAhUwHQYDVR0OBBYEFKJKV6LxqPEMLPzz0bZbFVVJmWcwMB8GA1UdIwQY MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt NjA4MDk1MmYwZTA0LzEvb2twWG92R284UXdzX1BQUnRsc1ZWVW1aWnpBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0 LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAwJAhMA4E AgACMAgDBgMqCf8AgDANBgkqhkiG9w0BAQsFAAOCAQEAnoHguAitmUCMWVbOAJmL OW7zCd26wWpsbKV2tafoh21VNw/wkRoFvTpqHgB9MnchaoBVInq65OdtgeZdX/gh plFNcIT46MZUqh15hVDC5DwQnBQvQVhSuSa4p6EBQ0XDKivw5ttBTCZNOVoEuDPi L9PbdWux6R3UGIVMkxHLBOAO0oHBdo/KxutCgMpEJK4cTnNjYlN3uK9fqKDEYa70 0fKKud/+HRJlvCfqaYK7zVEQeCtaarUOjoiKBfBpuSUDFxDnXloDkn909rxZ2qsT XeFP1eEaT4VE5zNsWm4TxxM5MkZe97YCHyKvPPceq+qWQfiJ+6G++DESYj3qpA/g mg== -----END CERTIFICATE-----Generated at Sun Jan 18 12:03:50 2026 by rpki-client