This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/7c2e07-6cf2-4122-99f4-9c6bea4cd5b5/1/OZ-4bdLigPBsZcaqqgq1vun0WQw.roa File: OZ-4bdLigPBsZcaqqgq1vun0WQw.roa (raw, json) Hash identifier: pGYKvg2Oo9KoFiiz7qQh+48XYCnScT9nFS878Hx3KLE= Subject key identifier: 39:9F:B8:6D:D2:E2:80:F0:6C:65:C6:AA:AA:0A:B5:BE:E9:F4:59:0C Certificate issuer: /CN=07ac64191435789995bc5a67f5b51d9685002815 Certificate serial: 019B79ECE8996357D4DBCAE0D5A175E8261D Authority key identifier: 07:AC:64:19:14:35:78:99:95:BC:5A:67:F5:B5:1D:96:85:00:28:15 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B6xkGRQ1eJmVvFpn9bUdloUAKBU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/7c2e07-6cf2-4122-99f4-9c6bea4cd5b5/1/OZ-4bdLigPBsZcaqqgq1vun0WQw.roa Signing time: Thu 01 Jan 2026 14:18:47 +0000 ROA not before: Thu 01 Jan 2026 14:18:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34049 IP address blocks: 185.137.124.0/22 maxlen: 22 2a07:3c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/7c2e07-6cf2-4122-99f4-9c6bea4cd5b5/1/B6xkGRQ1eJmVvFpn9bUdloUAKBU.crl rsync://rpki.ripe.net/repository/DEFAULT/ee/7c2e07-6cf2-4122-99f4-9c6bea4cd5b5/1/B6xkGRQ1eJmVvFpn9bUdloUAKBU.mft rsync://rpki.ripe.net/repository/DEFAULT/B6xkGRQ1eJmVvFpn9bUdloUAKBU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:e8:99:63:57:d4:db:ca:e0:d5:a1:75:e8:26:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=07ac64191435789995bc5a67f5b51d9685002815 Validity Not Before: Jan 1 14:18:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=399fb86dd2e280f06c65c6aaaa0ab5bee9f4590c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:f4:76:4e:7f:24:8d:29:d0:6e:bf:08:7a:8f: 12:d2:2c:df:e0:1c:81:eb:99:79:5c:ea:a2:38:b3: 06:b1:1c:be:d0:7c:b3:62:44:95:b4:de:e2:e7:ec: d8:00:c8:7a:b1:ea:81:13:6e:87:d2:99:5a:cf:77: f8:67:eb:8f:eb:18:dc:c0:c2:ac:be:22:e0:dc:f9: d0:a5:c6:8d:73:6c:6c:39:51:d6:8a:ed:62:63:ff: d5:02:81:1c:94:34:37:8c:e7:0f:7b:45:fd:d6:84: 7b:bd:ac:f0:21:db:b9:ec:e0:09:46:a3:bb:31:d8: 60:67:a5:37:74:a8:2a:05:c5:c8:51:db:53:ae:1b: c8:a9:33:f0:81:42:d4:49:56:35:3e:e1:2c:e9:3b: 4e:5d:34:99:dc:29:2b:c1:d8:1a:b4:d1:a5:2b:13: 09:e9:17:61:d8:b7:7c:8b:32:d0:82:7a:3e:89:15: fd:18:e3:7e:c7:7a:e1:c6:83:26:d5:00:42:aa:1b: 90:c5:8c:47:6b:39:3d:19:8b:ec:8b:11:7a:a8:23: 5b:41:4b:e2:ef:66:68:9c:03:6b:bd:2e:53:d6:f8: 42:dc:14:2a:7c:61:1e:19:3f:9b:b7:59:a3:0c:c2: 26:d1:3d:9e:01:b6:06:1a:1c:25:2b:31:8f:69:54: 8f:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:9F:B8:6D:D2:E2:80:F0:6C:65:C6:AA:AA:0A:B5:BE:E9:F4:59:0C X509v3 Authority Key Identifier: keyid:07:AC:64:19:14:35:78:99:95:BC:5A:67:F5:B5:1D:96:85:00:28:15 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B6xkGRQ1eJmVvFpn9bUdloUAKBU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/7c2e07-6cf2-4122-99f4-9c6bea4cd5b5/1/OZ-4bdLigPBsZcaqqgq1vun0WQw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/7c2e07-6cf2-4122-99f4-9c6bea4cd5b5/1/B6xkGRQ1eJmVvFpn9bUdloUAKBU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.137.124.0/22 IPv6: 2a07:3c0::/29 Signature Algorithm: sha256WithRSAEncryption b2:81:30:7e:3d:3d:5e:da:09:22:db:08:3d:32:27:a5:49:22: 29:1c:83:d4:f0:96:71:a2:a3:75:b7:0a:ae:28:40:ed:2e:56: 82:e3:cd:57:e2:f3:ac:3f:f6:0a:f2:ef:b7:d3:1b:01:2a:ac: cf:d2:d6:76:f6:a3:e9:95:bc:27:6c:16:b2:97:49:5e:68:e2: 63:98:0a:8b:37:dd:ed:c1:08:d9:4c:30:15:c8:21:fd:9b:8c: 6a:45:5d:e9:34:3c:cf:73:ea:ef:58:39:50:0f:0a:42:31:54: 9c:42:3f:1a:8e:db:f4:3e:55:9d:57:c7:b3:f2:2b:d7:65:b9: 9a:b2:d4:ac:8f:3e:c0:96:31:2b:7c:70:98:bd:b6:c3:c7:ce: f2:37:f5:ce:0d:e1:19:10:e7:51:31:6f:0d:4c:36:03:9d:2f: 06:2a:32:d9:53:c2:7d:da:57:5b:06:ab:ed:49:79:8f:e5:f3: 7f:90:06:02:3f:3f:33:14:7b:3d:08:f8:98:28:92:bc:86:92: 91:07:2e:16:ae:7f:2f:5a:cc:f9:af:aa:da:2e:f4:cb:a5:3e: 5a:8f:ec:96:dc:27:bd:41:02:ae:b3:09:74:be:84:2b:22:67: b8:30:c9:16:66:14:38:7c:57:97:87:e3:88:f5:39:99:ce:e7: 66:e6:59:7e -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt57OiZY1fU28rg1aF16CYdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA3YWM2NDE5MTQzNTc4OTk5NWJjNWE2N2Y1YjUxZDk2ODUw MDI4MTUwHhcNMjYwMTAxMTQxODQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzOTlmYjg2ZGQyZTI4MGYwNmM2NWM2YWFhYTBhYjViZWU5ZjQ1OTBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfR2Tn8kjSnQbr8Ieo8S0izf4ByB 65l5XOqiOLMGsRy+0HyzYkSVtN7i5+zYAMh6seqBE26H0plaz3f4Z+uP6xjcwMKs viLg3PnQpcaNc2xsOVHWiu1iY//VAoEclDQ3jOcPe0X91oR7vazwIdu57OAJRqO7 MdhgZ6U3dKgqBcXIUdtTrhvIqTPwgULUSVY1PuEs6TtOXTSZ3CkrwdgatNGlKxMJ 6Rdh2Ld8izLQgno+iRX9GON+x3rhxoMm1QBCqhuQxYxHazk9GYvsixF6qCNbQUvi 72ZonANrvS5T1vhC3BQqfGEeGT+bt1mjDMIm0T2eAbYGGhwlKzGPaVSPAwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFDmfuG3S4oDwbGXGqqoKtb7p9FkMMB8GA1UdIwQY MBaAFAesZBkUNXiZlbxaZ/W1HZaFACgVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQjZ4a0dSUTFlSm1WdkZwbjliVWRsb1VBS0JVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS83YzJlMDctNmNmMi00MTIyLTk5ZjQt OWM2YmVhNGNkNWI1LzEvT1otNGJkTGlnUEJzWmNhcXFncTF2dW4wV1F3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZS83YzJlMDctNmNmMi00MTIyLTk5ZjQtOWM2YmVhNGNkNWI1 LzEvQjZ4a0dSUTFlSm1WdkZwbjliVWRsb1VBS0JVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYl8MA0E AgACMAcDBQMqBwPAMA0GCSqGSIb3DQEBCwUAA4IBAQCygTB+PT1e2gki2wg9Miel SSIpHIPU8JZxoqN1twquKEDtLlaC481X4vOsP/YK8u+30xsBKqzP0tZ29qPplbwn bBayl0leaOJjmAqLN93twQjZTDAVyCH9m4xqRV3pNDzPc+rvWDlQDwpCMVScQj8a jtv0PlWdV8ez8ivXZbmastSsjz7AljErfHCYvbbDx87yN/XODeEZEOdRMW8NTDYD nS8GKjLZU8J92ldbBqvtSXmP5fN/kAYCPz8zFHs9CPiYKJK8hpKRBy4Wrn8vWsz5 r6raLvTLpT5aj+yW3Ce9QQKuswl0voQrIme4MMkWZhQ4fFeXh+OI9TmZzudm5ll+ -----END CERTIFICATE-----Generated at Tue Feb 10 03:10:30 2026 by rpki-client