This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/oThTE8S4AKWs_cv4js9YFnkYj6Q.roa File: oThTE8S4AKWs_cv4js9YFnkYj6Q.roa (raw, json) Hash identifier: j9Gng740ytFbdOYHs6LN3E+VE8qqMmVSVj/HOO8DCHI= Subject key identifier: A1:38:53:13:C4:B8:00:A5:AC:FD:CB:F8:8E:CF:58:16:79:18:8F:A4 Certificate issuer: /CN=4b98127943e7175734964010c89ef821416a31b3 Certificate serial: 019B7AC87CDDF787B3A7B6EDCE0BDCCDFA19 Authority key identifier: 4B:98:12:79:43:E7:17:57:34:96:40:10:C8:9E:F8:21:41:6A:31:B3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/oThTE8S4AKWs_cv4js9YFnkYj6Q.roa Signing time: Thu 01 Jan 2026 18:18:38 +0000 ROA not before: Thu 01 Jan 2026 18:18:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 2856 IP address blocks: 2.24.0.0/13 maxlen: 13 31.64.0.0/12 maxlen: 12 31.90.0.0/15 maxlen: 15 31.92.0.0/15 maxlen: 15 31.94.0.0/16 maxlen: 16 31.96.0.0/16 maxlen: 16 31.100.0.0/14 maxlen: 14 31.104.0.0/16 maxlen: 16 31.106.0.0/15 maxlen: 15 31.112.0.0/14 maxlen: 14 31.116.0.0/14 maxlen: 14 31.116.0.0/16 maxlen: 16 31.117.0.0/16 maxlen: 16 31.118.0.0/16 maxlen: 16 31.119.0.0/16 maxlen: 16 31.120.0.0/16 maxlen: 16 31.121.0.0/16 maxlen: 16 31.122.0.0/15 maxlen: 15 31.124.0.0/16 maxlen: 16 31.126.0.0/15 maxlen: 15 46.68.0.0/15 maxlen: 15 46.68.66.0/24 maxlen: 24 82.192.112.0/20 maxlen: 20 91.110.0.0/16 maxlen: 16 91.111.0.0/16 maxlen: 16 95.144.0.0/13 maxlen: 13 109.180.0.0/15 maxlen: 15 178.98.0.0/15 maxlen: 15 178.100.0.0/14 maxlen: 14 178.107.128.0/17 maxlen: 17 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/S5gSeUPnF1c0lkAQyJ74IUFqMbM.crl rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/S5gSeUPnF1c0lkAQyJ74IUFqMbM.mft rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 09:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:7c:dd:f7:87:b3:a7:b6:ed:ce:0b:dc:cd:fa:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4b98127943e7175734964010c89ef821416a31b3 Validity Not Before: Jan 1 18:18:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a1385313c4b800a5acfdcbf88ecf581679188fa4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:ca:39:43:d3:9a:2a:f9:a8:96:2a:fa:3c:73: 4d:a7:d9:2c:c9:c1:4d:26:45:22:6c:7d:e8:c7:93: 3c:82:23:08:cd:fa:5d:9d:0c:0c:fc:78:6c:d7:77: 6a:b6:b2:67:43:b1:42:fb:94:20:c8:b3:b9:d2:19: 1d:60:7b:95:5a:4a:7b:17:07:2c:ba:fe:e3:de:79: 5f:b3:97:25:4b:46:1a:56:2e:04:a1:ba:5c:17:aa: eb:c6:df:9d:49:39:b8:c7:95:d2:bc:51:f0:35:11: e5:ce:b6:64:4e:77:26:55:98:2a:08:77:d3:20:39: 0f:ea:6e:45:72:72:c3:83:b2:7f:fc:8f:9e:51:df: 8c:0e:2d:11:5d:33:89:69:a9:bb:6b:a5:b4:a1:8c: 17:5e:24:5a:63:bc:92:88:f3:b5:cb:39:76:a7:95: 4a:2a:8b:7f:c1:c0:e7:2e:43:32:2a:21:2e:39:37: 8a:89:86:8c:be:13:18:93:47:62:7b:17:15:51:7c: 27:77:4d:85:60:54:4f:45:40:b0:11:39:87:b9:26: 34:35:68:b1:f9:28:de:28:72:d4:4b:a4:6b:1c:49: 19:e7:35:bc:3e:91:eb:84:8c:cb:42:7e:2e:85:3a: 35:45:bc:a6:12:fe:c5:72:2e:b8:87:63:e7:14:6d: 55:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:38:53:13:C4:B8:00:A5:AC:FD:CB:F8:8E:CF:58:16:79:18:8F:A4 X509v3 Authority Key Identifier: keyid:4B:98:12:79:43:E7:17:57:34:96:40:10:C8:9E:F8:21:41:6A:31:B3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/oThTE8S4AKWs_cv4js9YFnkYj6Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/S5gSeUPnF1c0lkAQyJ74IUFqMbM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.24.0.0/13 31.64.0.0/12 31.90.0.0-31.94.255.255 31.96.0.0/16 31.100.0.0-31.104.255.255 31.106.0.0/15 31.112.0.0-31.124.255.255 31.126.0.0/15 46.68.0.0/15 82.192.112.0/20 91.110.0.0/15 95.144.0.0/13 109.180.0.0/15 178.98.0.0-178.103.255.255 178.107.128.0/17 Signature Algorithm: sha256WithRSAEncryption 30:f0:66:51:9a:1a:12:b3:09:e2:da:86:f9:ab:a1:c7:60:74: bb:38:12:c4:0f:ff:fe:d0:8e:39:47:37:75:14:f5:4e:a5:97: 7f:5e:9e:a9:85:86:be:59:46:ec:68:19:48:27:cf:78:b2:6e: 50:55:3f:ac:8d:80:18:8d:ab:02:e5:3a:77:8c:a6:ab:bc:e1: b7:ad:d8:0f:df:13:2b:99:0b:3c:4c:77:2c:f3:34:ff:4a:9c: 53:af:7f:2e:7d:a2:ed:2c:28:61:4d:5e:9a:00:e4:b0:0d:d2: d4:ac:65:37:a8:57:0b:2f:20:72:3f:40:e4:00:13:35:bd:04: 5f:3a:81:9c:d0:48:af:92:02:e1:93:f0:f5:cd:e0:86:ee:ff: 74:0a:d2:41:1d:c1:47:33:c1:fb:bd:8f:2a:d5:ad:10:f9:27: 32:39:ea:a2:07:67:49:6e:93:dc:3f:87:43:7b:2a:9c:f9:2b: 8e:5b:63:76:85:64:75:11:47:0f:35:2c:c4:5c:46:b6:ce:cf: 5a:6a:b1:24:a9:5d:b8:af:b7:d3:f6:af:d5:a2:81:d2:57:5e: b6:d5:c7:73:10:8c:24:99:61:36:e5:db:a3:4d:4c:c3:36:74: bb:89:b4:79:bd:08:8d:8f:a7:98:b8:77:21:50:aa:80:30:b6: cc:a5:a8:cc -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgISAZt6yHzd94ezp7btzgvczfoZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRiOTgxMjc5NDNlNzE3NTczNDk2NDAxMGM4OWVmODIxNDE2 YTMxYjMwHhcNMjYwMTAxMTgxODM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMTM4NTMxM2M0YjgwMGE1YWNmZGNiZjg4ZWNmNTgxNjc5MTg4ZmE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMo5Q9OaKvmolir6PHNNp9ksycFN JkUibH3ox5M8giMIzfpdnQwM/Hhs13dqtrJnQ7FC+5QgyLO50hkdYHuVWkp7Fwcs uv7j3nlfs5clS0YaVi4EobpcF6rrxt+dSTm4x5XSvFHwNRHlzrZkTncmVZgqCHfT IDkP6m5FcnLDg7J//I+eUd+MDi0RXTOJaam7a6W0oYwXXiRaY7ySiPO1yzl2p5VK Kot/wcDnLkMyKiEuOTeKiYaMvhMYk0diexcVUXwnd02FYFRPRUCwETmHuSY0NWix +SjeKHLUS6RrHEkZ5zW8PpHrhIzLQn4uhTo1RbymEv7Fci64h2PnFG1VtwIDAQAB o4ICbTCCAmkwHQYDVR0OBBYEFKE4UxPEuAClrP3L+I7PWBZ5GI+kMB8GA1UdIwQY MBaAFEuYEnlD5xdXNJZAEMie+CFBajGzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUzVnU2VVUG5GMWMwbGtBUXlKNzRJVUZxTWJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mMjBkZjMtMjc1My00MzUzLWE2Njgt NjIxNzkyZjdlNTZhLzEvb1RoVEU4UzRBS1dzX2N2NGpzOVlGbmtZajZRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOC9mMjBkZjMtMjc1My00MzUzLWE2NjgtNjIxNzkyZjdlNTZh LzEvUzVnU2VVUG5GMWMwbGtBUXlKNzRJVUZxTWJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwbwQCAAEwaQMDAwIYAwME H0AwCgMDAR9aAwMAH14DAwAfYDAKAwMCH2QDAwAfaAMDAR9qMAoDAwQfcAMDAB98 AwMBH34DAwEuRAMEBFLAcAMDAVtuAwMDX5ADAwFttDAKAwMBsmIDAwOyYAMEB7Jr gDANBgkqhkiG9w0BAQsFAAOCAQEAMPBmUZoaErMJ4tqG+auhx2B0uzgSxA///tCO OUc3dRT1TqWXf16eqYWGvllG7GgZSCfPeLJuUFU/rI2AGI2rAuU6d4ymq7zht63Y D98TK5kLPEx3LPM0/0qcU69/Ln2i7SwoYU1emgDksA3S1KxlN6hXCy8gcj9A5AAT Nb0EXzqBnNBIr5IC4ZPw9c3ghu7/dArSQR3BRzPB+72PKtWtEPknMjnqogdnSW6T 3D+HQ3sqnPkrjltjdoVkdRFHDzUsxFxGts7PWmqxJKlduK+30/av1aKB0ldettXH cxCMJJlhNuXbo01MwzZ0u4m0eb0IjY+nmLh3IVCqgDC2zKWozA== -----END CERTIFICATE-----Generated at Thu Jan 8 17:33:59 2026 by rpki-client