This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/474f65-fe29-4822-ba14-ce8214cef6b5/1/28OK2J3AhlsvkP5KX5FGL4PLk4k.roa File: 28OK2J3AhlsvkP5KX5FGL4PLk4k.roa (raw, json) Hash identifier: sLJmlSxlUCogmrsIa1DupMYliLkoDK/6nUhbL0KQoh8= Subject key identifier: DB:C3:8A:D8:9D:C0:86:5B:2F:90:FE:4A:5F:91:46:2F:83:CB:93:89 Certificate issuer: /CN=c50e0801823f19d51b962ab6d4ebbbc27dd4ed96 Certificate serial: 019B7CEE41FAEBE1EC67152DC091607ACA7C Authority key identifier: C5:0E:08:01:82:3F:19:D5:1B:96:2A:B6:D4:EB:BB:C2:7D:D4:ED:96 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xQ4IAYI_GdUbliq21Ou7wn3U7ZY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/474f65-fe29-4822-ba14-ce8214cef6b5/1/28OK2J3AhlsvkP5KX5FGL4PLk4k.roa Signing time: Fri 02 Jan 2026 04:19:07 +0000 ROA not before: Fri 02 Jan 2026 04:19:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210917 IP address blocks: 167.94.24.0/24 maxlen: 24 193.30.116.0/24 maxlen: 24 2a13:4b00::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/474f65-fe29-4822-ba14-ce8214cef6b5/1/xQ4IAYI_GdUbliq21Ou7wn3U7ZY.crl rsync://rpki.ripe.net/repository/DEFAULT/f6/474f65-fe29-4822-ba14-ce8214cef6b5/1/xQ4IAYI_GdUbliq21Ou7wn3U7ZY.mft rsync://rpki.ripe.net/repository/DEFAULT/xQ4IAYI_GdUbliq21Ou7wn3U7ZY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ee:41:fa:eb:e1:ec:67:15:2d:c0:91:60:7a:ca:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c50e0801823f19d51b962ab6d4ebbbc27dd4ed96 Validity Not Before: Jan 2 04:19:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dbc38ad89dc0865b2f90fe4a5f91462f83cb9389 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:42:59:12:a8:a0:cd:51:43:b5:ea:a4:a7:c6: 11:66:4c:ef:23:e2:59:62:21:17:2c:fd:68:74:64: ef:ea:6e:a2:f1:dc:8e:b5:6c:2b:3c:b1:ec:b5:52: f3:f4:77:03:f8:cf:e2:5a:fe:41:6e:66:a8:e7:a5: 6e:15:32:ce:20:a4:91:95:43:ff:76:42:26:3b:87: 69:f4:98:8a:fc:eb:28:65:84:27:64:8a:0f:0a:4c: 71:0e:2d:a6:32:d8:8f:7b:41:00:47:8d:11:b5:5b: 6f:cb:3f:c1:63:ce:af:71:2b:b1:ad:19:f0:71:dd: 04:af:5b:e2:82:c9:09:73:8e:84:5e:4b:f8:34:af: 85:c6:a0:30:32:98:e1:78:7e:fd:83:0f:e6:82:d3: a9:1f:97:df:07:c9:43:31:2c:7d:02:e6:40:a9:06: 79:36:11:a3:e5:5f:6c:4e:d4:30:1c:11:ad:94:b5: 07:69:e7:f3:08:97:f0:81:ce:ec:8b:a3:c7:ee:6e: 73:09:11:c9:cf:99:b9:54:92:c2:a9:0f:8a:c3:54: 50:b1:41:a3:b6:06:89:11:0a:be:0c:a3:ac:05:00: 28:52:7b:d0:c4:12:e6:de:15:cb:fb:73:0e:6a:2b: 86:1c:5f:9b:23:33:13:a1:ff:12:c5:e4:73:47:5b: 94:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:C3:8A:D8:9D:C0:86:5B:2F:90:FE:4A:5F:91:46:2F:83:CB:93:89 X509v3 Authority Key Identifier: keyid:C5:0E:08:01:82:3F:19:D5:1B:96:2A:B6:D4:EB:BB:C2:7D:D4:ED:96 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xQ4IAYI_GdUbliq21Ou7wn3U7ZY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/474f65-fe29-4822-ba14-ce8214cef6b5/1/28OK2J3AhlsvkP5KX5FGL4PLk4k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/474f65-fe29-4822-ba14-ce8214cef6b5/1/xQ4IAYI_GdUbliq21Ou7wn3U7ZY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 167.94.24.0/24 193.30.116.0/24 IPv6: 2a13:4b00::/29 Signature Algorithm: sha256WithRSAEncryption 34:22:8e:dd:50:f6:92:02:a4:fe:c6:e1:cf:0f:49:e5:be:76: de:9c:f8:02:40:26:2c:2f:fe:38:5d:1b:73:73:9b:d9:71:f9: b2:8a:25:1b:ea:5c:2b:cb:19:71:11:0d:e6:2e:ca:30:5f:ba: 52:9d:23:7a:89:77:b6:37:9c:c8:4e:b7:34:c5:13:3a:24:0c: 7a:0c:6a:aa:d3:ea:79:b1:8b:45:c0:ef:f4:29:32:0b:9e:f3: 8d:99:69:70:6d:02:e9:03:df:f6:24:0e:55:40:91:a3:4d:b2: ed:09:1d:f6:f3:0c:03:50:9b:b1:ea:98:42:b8:af:89:8e:da: 7f:57:ba:4b:9b:af:ea:48:24:3d:1a:34:de:e6:b3:a9:e9:42: 8c:ff:66:e5:b1:ee:30:c2:c8:e7:ed:5e:a0:1d:73:e6:c1:0c: 85:14:42:1a:5b:a1:3e:f4:e9:5d:76:d8:e7:36:6c:00:31:70: fa:ae:20:cd:e3:4c:32:6f:69:ac:9c:6a:6c:c4:73:bb:8b:3b: 09:d3:ec:8f:b9:cb:b9:63:65:f1:31:cb:d7:ae:ee:24:05:e5: 01:01:77:db:5b:26:ac:61:c0:65:40:11:13:7f:fa:16:29:86: d5:40:43:dc:f2:73:2c:12:ea:a7:a7:89:d1:0c:3f:60:7c:6a: 42:56:e4:d4 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt87kH66+HsZxUtwJFgesp8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1MGUwODAxODIzZjE5ZDUxYjk2MmFiNmQ0ZWJiYmMyN2Rk NGVkOTYwHhcNMjYwMTAyMDQxOTA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYmMzOGFkODlkYzA4NjViMmY5MGZlNGE1ZjkxNDYyZjgzY2I5Mzg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1kJZEqigzVFDteqkp8YRZkzvI+JZ YiEXLP1odGTv6m6i8dyOtWwrPLHstVLz9HcD+M/iWv5Bbmao56VuFTLOIKSRlUP/ dkImO4dp9JiK/OsoZYQnZIoPCkxxDi2mMtiPe0EAR40RtVtvyz/BY86vcSuxrRnw cd0Er1vigskJc46EXkv4NK+FxqAwMpjheH79gw/mgtOpH5ffB8lDMSx9AuZAqQZ5 NhGj5V9sTtQwHBGtlLUHaefzCJfwgc7si6PH7m5zCRHJz5m5VJLCqQ+Kw1RQsUGj tgaJEQq+DKOsBQAoUnvQxBLm3hXL+3MOaiuGHF+bIzMTof8SxeRzR1uUDQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFNvDitidwIZbL5D+Sl+RRi+Dy5OJMB8GA1UdIwQY MBaAFMUOCAGCPxnVG5YqttTru8J91O2WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveFE0SUFZSV9HZFVibGlxMjFPdTd3bjNVN1pZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi80NzRmNjUtZmUyOS00ODIyLWJhMTQt Y2U4MjE0Y2VmNmI1LzEvMjhPSzJKM0FobHN2a1A1S1g1RkdMNFBMazRrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNi80NzRmNjUtZmUyOS00ODIyLWJhMTQtY2U4MjE0Y2VmNmI1 LzEveFE0SUFZSV9HZFVibGlxMjFPdTd3bjNVN1pZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAp14YAwQA wR50MA0EAgACMAcDBQMqE0sAMA0GCSqGSIb3DQEBCwUAA4IBAQA0Io7dUPaSAqT+ xuHPD0nlvnbenPgCQCYsL/44XRtzc5vZcfmyiiUb6lwryxlxEQ3mLsowX7pSnSN6 iXe2N5zITrc0xRM6JAx6DGqq0+p5sYtFwO/0KTILnvONmWlwbQLpA9/2JA5VQJGj TbLtCR328wwDUJux6phCuK+Jjtp/V7pLm6/qSCQ9GjTe5rOp6UKM/2blse4wwsjn 7V6gHXPmwQyFFEIaW6E+9OlddtjnNmwAMXD6riDN40wyb2msnGpsxHO7izsJ0+yP ucu5Y2XxMcvXru4kBeUBAXfbWyasYcBlQBETf/oWKYbVQEPc8nMsEuqnp4nRDD9g fGpCVuTU -----END CERTIFICATE-----Generated at Tue Feb 10 00:02:13 2026 by rpki-client