This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/o3XtkSdw3aKJG2sRUhkSBnXsAtg.roa File: o3XtkSdw3aKJG2sRUhkSBnXsAtg.roa (raw, json) Hash identifier: xUAHGYxE9dwSZ85RWRaN4oQ+XDM/Xaw4ialmewEiRi8= Subject key identifier: A3:75:ED:91:27:70:DD:A2:89:1B:6B:11:52:19:12:06:75:EC:02:D8 Certificate issuer: /CN=12fd558a64e97586a43dc7ee50a8d6b292365b60 Certificate serial: 019B7B35E8FF60AC960F774A3B5B2B9BEED6 Authority key identifier: 12:FD:55:8A:64:E9:75:86:A4:3D:C7:EE:50:A8:D6:B2:92:36:5B:60 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ev1VimTpdYakPcfuUKjWspI2W2A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/o3XtkSdw3aKJG2sRUhkSBnXsAtg.roa Signing time: Thu 01 Jan 2026 20:18:09 +0000 ROA not before: Thu 01 Jan 2026 20:18:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211373 IP address blocks: 193.222.111.0/24 maxlen: 24 193.222.139.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/Ev1VimTpdYakPcfuUKjWspI2W2A.crl rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/Ev1VimTpdYakPcfuUKjWspI2W2A.mft rsync://rpki.ripe.net/repository/DEFAULT/Ev1VimTpdYakPcfuUKjWspI2W2A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 23:01:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:e8:ff:60:ac:96:0f:77:4a:3b:5b:2b:9b:ee:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=12fd558a64e97586a43dc7ee50a8d6b292365b60 Validity Not Before: Jan 1 20:18:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a375ed912770dda2891b6b115219120675ec02d8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:08:6c:09:c9:a0:5c:14:ac:1e:77:89:67:f4: 55:9e:59:46:67:ca:e7:5f:d4:1f:3b:43:bf:27:f9: 2d:50:19:6b:40:ff:b7:fb:2d:e2:4f:48:b7:74:03: 05:28:dc:59:10:01:18:7a:76:3d:ba:84:f5:db:e7: 30:9c:5c:28:00:c6:f0:df:95:7f:2a:1c:da:00:83: a5:46:1d:2c:59:2f:63:e1:2b:d5:56:b7:33:b7:8d: 5c:42:aa:9d:3f:cc:44:cc:da:bd:4f:93:a3:81:9c: 47:98:23:49:b2:44:c0:58:0a:6b:af:94:06:ec:f9: f8:ae:a2:09:87:b7:72:a9:9c:b7:b0:95:65:b0:c0: 8c:c2:bb:ae:1b:12:cf:50:4a:f9:5d:7c:d7:81:56: fa:83:a6:d4:5f:d8:e4:42:64:54:49:6f:5a:2a:bb: 1d:8a:3f:78:ce:67:3c:ca:db:0d:4c:16:f4:5a:18: 92:b8:40:7b:a2:0e:b7:3a:bd:51:30:f0:33:46:14: 59:45:00:e8:4e:f8:21:02:7b:06:6b:56:cd:02:dd: 46:3a:30:7d:10:f3:7b:df:83:ec:ac:e5:44:f5:5e: 25:70:08:45:87:a7:72:6c:cf:95:d6:d6:17:21:17: 43:24:f5:bc:d8:e2:0e:b1:41:b9:29:35:2c:c3:30: 08:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:75:ED:91:27:70:DD:A2:89:1B:6B:11:52:19:12:06:75:EC:02:D8 X509v3 Authority Key Identifier: keyid:12:FD:55:8A:64:E9:75:86:A4:3D:C7:EE:50:A8:D6:B2:92:36:5B:60 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ev1VimTpdYakPcfuUKjWspI2W2A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/o3XtkSdw3aKJG2sRUhkSBnXsAtg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/Ev1VimTpdYakPcfuUKjWspI2W2A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.222.111.0/24 193.222.139.0/24 Signature Algorithm: sha256WithRSAEncryption 99:8b:07:cc:02:99:f2:53:b1:e1:9d:e1:06:59:48:85:38:7d: a3:f8:3c:55:84:e5:0e:d7:e6:19:ce:a0:8c:c1:7e:1e:56:b7: 69:17:85:c9:07:d1:a6:0e:f0:aa:9a:5e:39:5f:e3:68:51:d7: f3:82:cc:4b:ec:89:68:70:ba:62:f2:68:bb:66:38:6b:3b:37: 22:f1:6c:11:c6:b7:30:74:d0:0a:80:77:a0:fd:55:ac:e3:25: 23:b8:e7:91:50:b2:f2:a2:c3:cd:a2:12:18:71:b0:50:0e:35: 96:0a:7b:15:13:c8:5d:19:c5:f8:ee:ea:0d:4b:2d:76:32:da: 50:57:8a:3e:7c:b8:a9:25:73:2a:0b:1f:02:66:7b:cf:89:b0: 9b:d0:02:0d:c4:78:ef:81:aa:8e:3e:8d:68:a7:12:30:08:5d: fd:fe:03:59:16:06:6b:2e:c3:37:3d:88:e9:d9:68:13:8b:b5: f9:32:e5:dc:39:49:65:9c:fe:26:69:07:59:a4:4d:05:21:f2: ac:57:d4:b0:df:86:14:84:78:7f:50:6f:a8:6f:7b:7a:35:ae: 13:7e:38:d8:e8:45:0a:9f:4b:30:fd:a4:b9:6d:ca:98:b2:c2: 00:42:b5:88:6c:a0:91:9b:f5:76:9f:30:85:f1:97:a9:21:34: e3:3e:d8:6b -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt7Nej/YKyWD3dKO1srm+7WMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEyZmQ1NThhNjRlOTc1ODZhNDNkYzdlZTUwYThkNmIyOTIz NjViNjAwHhcNMjYwMTAxMjAxODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMzc1ZWQ5MTI3NzBkZGEyODkxYjZiMTE1MjE5MTIwNjc1ZWMwMmQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ghsCcmgXBSsHneJZ/RVnllGZ8rn X9QfO0O/J/ktUBlrQP+3+y3iT0i3dAMFKNxZEAEYenY9uoT12+cwnFwoAMbw35V/ KhzaAIOlRh0sWS9j4SvVVrczt41cQqqdP8xEzNq9T5OjgZxHmCNJskTAWAprr5QG 7Pn4rqIJh7dyqZy3sJVlsMCMwruuGxLPUEr5XXzXgVb6g6bUX9jkQmRUSW9aKrsd ij94zmc8ytsNTBb0WhiSuEB7og63Or1RMPAzRhRZRQDoTvghAnsGa1bNAt1GOjB9 EPN734PsrOVE9V4lcAhFh6dybM+V1tYXIRdDJPW82OIOsUG5KTUswzAI+QIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFKN17ZEncN2iiRtrEVIZEgZ17ALYMB8GA1UdIwQY MBaAFBL9VYpk6XWGpD3H7lCo1rKSNltgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRXYxVmltVHBkWWFrUGNmdVVLaldzcEkyVzJBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9hZjk2ZGYtYTRkNS00OGY5LWFjMGMt MjRkOGU3NDdjMzhmLzEvbzNYdGtTZHczYUtKRzJzUlVoa1NCblhzQXRnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNS9hZjk2ZGYtYTRkNS00OGY5LWFjMGMtMjRkOGU3NDdjMzhm LzEvRXYxVmltVHBkWWFrUGNmdVVLaldzcEkyVzJBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwd5vAwQA wd6LMA0GCSqGSIb3DQEBCwUAA4IBAQCZiwfMApnyU7HhneEGWUiFOH2j+DxVhOUO 1+YZzqCMwX4eVrdpF4XJB9GmDvCqml45X+NoUdfzgsxL7IlocLpi8mi7ZjhrOzci 8WwRxrcwdNAKgHeg/VWs4yUjuOeRULLyosPNohIYcbBQDjWWCnsVE8hdGcX47uoN Sy12MtpQV4o+fLipJXMqCx8CZnvPibCb0AINxHjvgaqOPo1opxIwCF39/gNZFgZr LsM3PYjp2WgTi7X5MuXcOUllnP4maQdZpE0FIfKsV9Sw34YUhHh/UG+ob3t6Na4T fjjY6EUKn0sw/aS5bcqYssIAQrWIbKCRm/V2nzCF8ZepITTjPthr -----END CERTIFICATE-----Generated at Fri Jan 9 08:22:21 2026 by rpki-client