This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/ObD_iT1UqS396-qKzynzvOWcYVE.roa File: ObD_iT1UqS396-qKzynzvOWcYVE.roa (raw, json) Hash identifier: MME3dtO0blR3+hlzFcjbnhAzp7Vz9ov/p94b+hvW8jw= Subject key identifier: 39:B0:FF:89:3D:54:A9:2D:FD:EB:EA:8A:CF:29:F3:BC:E5:9C:61:51 Certificate issuer: /CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7 Certificate serial: 019B7EA732B86F289758B866AB0438168697 Authority key identifier: 2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/ObD_iT1UqS396-qKzynzvOWcYVE.roa Signing time: Fri 02 Jan 2026 12:20:45 +0000 ROA not before: Fri 02 Jan 2026 12:20:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34602 IP address blocks: 77.50.0.0/16 maxlen: 16 77.50.0.0/23 maxlen: 23 77.50.2.0/23 maxlen: 23 77.50.4.0/22 maxlen: 22 77.50.8.0/21 maxlen: 21 77.50.16.0/20 maxlen: 20 77.50.32.0/19 maxlen: 19 77.50.53.0/24 maxlen: 24 77.50.64.0/18 maxlen: 24 77.50.128.0/17 maxlen: 24 77.50.192.0/18 maxlen: 24 77.233.192.0/19 maxlen: 19 77.233.192.0/20 maxlen: 20 77.233.208.0/22 maxlen: 22 77.233.216.0/22 maxlen: 22 77.243.96.0/20 maxlen: 20 81.17.144.0/20 maxlen: 24 81.17.144.0/21 maxlen: 21 81.17.155.0/24 maxlen: 24 81.17.156.0/23 maxlen: 23 91.204.128.0/23 maxlen: 23 91.204.130.0/24 maxlen: 24 94.141.162.0/23 maxlen: 23 94.141.163.0/24 maxlen: 24 94.141.164.0/22 maxlen: 22 94.141.168.0/22 maxlen: 22 94.141.172.0/22 maxlen: 22 94.141.176.0/20 maxlen: 20 185.185.140.0/24 maxlen: 24 2a00:e78::/31 maxlen: 36 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/LHHJYAXhOoSj8x7x2ZF3f0tuMac.crl rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/LHHJYAXhOoSj8x7x2ZF3f0tuMac.mft rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 06:01:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:32:b8:6f:28:97:58:b8:66:ab:04:38:16:86:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7 Validity Not Before: Jan 2 12:20:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=39b0ff893d54a92dfdebea8acf29f3bce59c6151 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:fa:57:7e:2d:b8:69:e3:96:fe:81:12:9c:b9: ae:3c:b1:60:46:c0:f8:5f:03:0b:cd:a2:d7:e9:21: 1c:96:89:af:2d:d5:0e:79:70:3e:69:75:a7:3f:b8: ff:31:ce:8b:5d:12:7f:69:81:c4:f2:f2:d0:11:bf: 70:56:ab:a7:65:00:23:6b:f3:82:3c:9e:37:5f:37: a7:c4:f6:e6:4d:5d:96:7c:cc:b0:1f:24:40:4d:4a: 5f:89:53:67:2e:fe:93:a5:f7:2a:2d:0f:e5:78:87: 91:ce:25:4a:72:b1:a5:67:1f:09:c0:68:f1:9f:23: d3:dc:6c:87:a4:d4:f1:0b:bc:65:80:69:ca:b6:89: e5:22:c0:95:53:51:d2:fc:51:ea:f6:ce:75:12:d1: c4:27:ff:8c:c7:24:d0:d9:31:03:65:2a:df:92:8e: bf:dd:91:ac:0b:90:f0:ca:21:f8:fd:db:bd:94:f0: 64:53:00:8e:e6:30:41:76:7c:b9:fc:62:ab:d2:5d: 6c:e4:02:aa:56:62:9a:ff:bc:d1:32:13:5d:49:2e: d2:0a:57:e1:46:2a:43:04:d1:12:23:3c:cb:ac:3b: 2d:20:c8:53:9d:93:b4:eb:03:fa:68:ea:aa:0a:c0: fc:6d:32:a1:c7:a8:05:34:fc:80:dd:1b:00:8e:54: 1f:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:B0:FF:89:3D:54:A9:2D:FD:EB:EA:8A:CF:29:F3:BC:E5:9C:61:51 X509v3 Authority Key Identifier: keyid:2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/ObD_iT1UqS396-qKzynzvOWcYVE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/LHHJYAXhOoSj8x7x2ZF3f0tuMac.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.50.0.0/16 77.233.192.0/19 77.243.96.0/20 81.17.144.0/20 91.204.128.0-91.204.130.255 94.141.162.0-94.141.191.255 185.185.140.0/24 IPv6: 2a00:e78::/31 Signature Algorithm: sha256WithRSAEncryption 8a:eb:2b:be:cf:60:20:9c:1a:c5:6a:99:32:37:21:31:11:5f: 50:60:10:89:aa:3a:5d:d9:19:66:2e:d5:6e:db:9d:91:9c:05: e9:c4:c9:cb:8e:10:f2:08:2f:9c:d4:cd:49:53:df:13:03:2d: fa:36:79:1c:a3:f4:9b:41:cd:0e:c3:c5:f1:a0:2e:71:4b:c9: 7a:83:d6:0a:43:a8:f3:9f:0e:d2:6d:39:18:83:fb:7d:ef:93: 30:2e:cf:cb:44:c9:bd:83:a5:2d:2a:77:64:cf:d1:58:fb:28: 0c:f8:25:ab:c8:c3:77:d5:ab:7f:d1:59:78:4d:e0:55:60:95: b6:01:a9:39:8e:62:97:42:12:40:0c:8e:1f:d3:77:cd:18:12: 94:6d:e0:79:e5:f3:51:64:63:b1:a7:d0:ca:da:96:d9:3a:3a: 21:e3:11:51:2d:c1:6f:c9:76:a3:12:8d:ed:72:ed:89:e6:f4: c3:9d:53:30:a5:99:f2:ae:fa:40:6a:89:ee:77:bc:79:18:8c: f4:28:4f:d3:f3:33:44:d7:a0:a0:84:f6:b9:92:6c:aa:86:82: d7:d7:a8:c1:21:f8:ec:c5:5d:18:32:42:10:f0:04:8b:cb:6d: fe:f6:fa:43:5f:2c:86:39:70:44:94:19:11:24:f6:ac:6d:9a: 5f:6c:53:31 -----BEGIN CERTIFICATE----- MIIFPzCCBCegAwIBAgISAZt+pzK4byiXWLhmqwQ4FoaXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJjNzFjOTYwMDVlMTNhODRhM2YzMWVmMWQ5OTE3NzdmNGI2 ZTMxYTcwHhcNMjYwMTAyMTIyMDQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzOWIwZmY4OTNkNTRhOTJkZmRlYmVhOGFjZjI5ZjNiY2U1OWM2MTUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfpXfi24aeOW/oESnLmuPLFgRsD4 XwMLzaLX6SEclomvLdUOeXA+aXWnP7j/Mc6LXRJ/aYHE8vLQEb9wVqunZQAja/OC PJ43XzenxPbmTV2WfMywHyRATUpfiVNnLv6TpfcqLQ/leIeRziVKcrGlZx8JwGjx nyPT3GyHpNTxC7xlgGnKtonlIsCVU1HS/FHq9s51EtHEJ/+MxyTQ2TEDZSrfko6/ 3ZGsC5DwyiH4/du9lPBkUwCO5jBBdny5/GKr0l1s5AKqVmKa/7zRMhNdSS7SClfh RipDBNESIzzLrDstIMhTnZO06wP6aOqqCsD8bTKhx6gFNPyA3RsAjlQfAQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDmw/4k9VKkt/evqis8p87zlnGFRMB8GA1UdIwQY MBaAFCxxyWAF4TqEo/Me8dmRd39LbjGnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTEhISllBWGhPb1NqOHg3eDJaRjNmMHR1TWFjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mYTM1NDQtMTAyNS00ZThmLWE4ZmUt N2EyOGFmMjljZGMyLzEvT2JEX2lUMVVxUzM5Ni1xS3p5bnp2T1djWVZFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZi9mYTM1NDQtMTAyNS00ZThmLWE4ZmUtN2EyOGFmMjljZGMy LzEvTEhISllBWGhPb1NqOHg3eDJaRjNmMHR1TWFjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDA/BAIAATA5AwMATTIDBAVN 6cADBARN82ADBARREZAwDAMEB1vMgAMEAFvMgjAMAwQBXo2iAwQGXo2AAwQAubmM MA0EAgACMAcDBQEqAA54MA0GCSqGSIb3DQEBCwUAA4IBAQCK6yu+z2AgnBrFapky NyExEV9QYBCJqjpd2RlmLtVu252RnAXpxMnLjhDyCC+c1M1JU98TAy36Nnkco/Sb Qc0Ow8XxoC5xS8l6g9YKQ6jznw7SbTkYg/t975MwLs/LRMm9g6UtKndkz9FY+ygM +CWryMN31at/0Vl4TeBVYJW2Aak5jmKXQhJADI4f03fNGBKUbeB55fNRZGOxp9DK 2pbZOjoh4xFRLcFvyXajEo3tcu2J5vTDnVMwpZnyrvpAaonud7x5GIz0KE/T8zNE 16CghPa5kmyqhoLX16jBIfjsxV0YMkIQ8ASLy23+9vpDXyyGOXBElBkRJPasbZpf bFMx -----END CERTIFICATE-----Generated at Wed Jan 21 14:10:55 2026 by rpki-client