This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/ddda5e-feef-4763-88da-8bc825c3a324/1/oDAIMmsPNjznaLqs-y75V6Uxrnc.roa File: oDAIMmsPNjznaLqs-y75V6Uxrnc.roa (raw, json) Hash identifier: nlz5Q/gjZfKdHUo0CIE8J3lGJc1Nyyo84EZlom9+GQQ= Subject key identifier: A0:30:08:32:6B:0F:36:3C:E7:68:BA:AC:FB:2E:F9:57:A5:31:AE:77 Certificate issuer: /CN=541fc54762cfe92d76c2f4c6af8999cbccf6bb67 Certificate serial: 019B7B368925BF2802D917F3DB8D8046EAA9 Authority key identifier: 54:1F:C5:47:62:CF:E9:2D:76:C2:F4:C6:AF:89:99:CB:CC:F6:BB:67 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VB_FR2LP6S12wvTGr4mZy8z2u2c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/ddda5e-feef-4763-88da-8bc825c3a324/1/oDAIMmsPNjznaLqs-y75V6Uxrnc.roa Signing time: Thu 01 Jan 2026 20:18:50 +0000 ROA not before: Thu 01 Jan 2026 20:18:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205809 IP address blocks: 66.203.126.0/23 maxlen: 24 94.24.36.0/23 maxlen: 24 162.208.16.0/24 maxlen: 24 185.206.24.0/22 maxlen: 24 2a0b:e40::/29 maxlen: 48 2a0b:e43::/40 maxlen: 40 2a0b:e44::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/ddda5e-feef-4763-88da-8bc825c3a324/1/VB_FR2LP6S12wvTGr4mZy8z2u2c.crl rsync://rpki.ripe.net/repository/DEFAULT/f9/ddda5e-feef-4763-88da-8bc825c3a324/1/VB_FR2LP6S12wvTGr4mZy8z2u2c.mft rsync://rpki.ripe.net/repository/DEFAULT/VB_FR2LP6S12wvTGr4mZy8z2u2c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:89:25:bf:28:02:d9:17:f3:db:8d:80:46:ea:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=541fc54762cfe92d76c2f4c6af8999cbccf6bb67 Validity Not Before: Jan 1 20:18:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a03008326b0f363ce768baacfb2ef957a531ae77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:66:bd:de:32:5d:64:07:de:a8:f1:f3:58:dc: 64:55:19:13:fe:2d:c4:ae:f1:ad:4b:41:b8:37:96: 3f:76:97:ff:1d:ac:a1:3e:a9:5d:8b:d0:19:b3:7f: 52:e8:74:2c:36:d5:61:cc:f0:92:14:4e:b2:b1:9a: b9:ce:ae:8b:05:97:6e:b6:80:f5:24:77:88:eb:7b: 8c:23:1b:49:3a:5f:3a:e7:3c:ab:12:5f:e8:ef:da: 3b:38:e4:47:ad:93:83:7d:cb:69:f5:ae:43:87:a5: fe:41:3a:c8:99:8b:3c:dd:e5:61:5a:1c:05:ca:b8: 44:78:94:a9:32:0b:be:73:af:03:fa:88:7d:72:90: 41:2d:c2:7d:58:b6:14:ed:4a:c1:e8:5d:b8:30:49: ff:98:79:2a:15:bd:e9:8e:40:9a:5b:09:01:96:cc: f5:69:01:a6:d1:9f:e7:58:28:2f:0f:4a:e3:6c:db: e4:ca:92:a1:34:aa:22:90:d0:20:9a:29:ff:5f:de: a1:9f:61:04:4d:3c:b3:b3:a8:56:96:e3:e9:0e:ff: 13:43:e1:7a:fd:c8:fd:5c:04:bb:22:6d:58:64:3d: da:67:40:23:ea:fa:dc:fb:20:c3:48:3e:be:3a:a8: f6:0c:43:90:d4:df:fe:d5:9a:f4:80:bf:e9:81:da: 98:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:30:08:32:6B:0F:36:3C:E7:68:BA:AC:FB:2E:F9:57:A5:31:AE:77 X509v3 Authority Key Identifier: keyid:54:1F:C5:47:62:CF:E9:2D:76:C2:F4:C6:AF:89:99:CB:CC:F6:BB:67 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VB_FR2LP6S12wvTGr4mZy8z2u2c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/ddda5e-feef-4763-88da-8bc825c3a324/1/oDAIMmsPNjznaLqs-y75V6Uxrnc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/ddda5e-feef-4763-88da-8bc825c3a324/1/VB_FR2LP6S12wvTGr4mZy8z2u2c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 66.203.126.0/23 94.24.36.0/23 162.208.16.0/24 185.206.24.0/22 IPv6: 2a0b:e40::/29 Signature Algorithm: sha256WithRSAEncryption 75:52:76:2b:50:9d:67:55:7f:0d:81:a1:c3:44:1b:27:80:0c: 9a:58:c7:e3:07:a3:01:54:aa:92:f9:49:c6:ad:a3:1c:71:82: 72:5c:29:b6:0e:db:2b:6e:af:66:b6:35:00:e9:38:dd:c7:11: d2:10:8c:04:4d:c6:34:4d:97:4f:20:63:44:02:41:67:51:95: b0:e8:a5:32:3a:11:32:b0:00:20:51:9c:45:b1:f3:fb:81:fb: 7c:7d:47:e5:63:3c:05:55:54:03:08:7a:25:7c:ad:b5:e7:64: 07:fd:62:3e:91:0d:8b:41:7f:0d:30:87:49:8c:86:cb:e2:bf: 6c:64:44:ae:66:73:aa:82:27:b9:24:c2:b8:5d:59:5a:be:f5: 91:a7:08:a9:60:60:81:4a:c5:a6:fe:d9:91:e8:f4:f4:81:a9: 04:1e:9a:68:27:36:af:35:47:de:a6:f3:1f:61:f9:92:94:d2: a2:04:1b:e7:55:98:69:6c:be:10:0d:50:a0:42:96:45:57:f5: 44:f7:d7:49:66:b2:a9:34:f9:7d:8a:f6:d7:a8:73:cb:54:21: 96:20:83:b9:36:58:e6:64:ce:df:9e:46:a1:08:1c:23:7a:02: ad:d9:89:c1:f3:8f:7e:12:f6:f0:c4:fe:19:d3:94:ed:8b:8a: 0d:6a:a1:08 -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt7NoklvygC2Rfz242ARuqpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU0MWZjNTQ3NjJjZmU5MmQ3NmMyZjRjNmFmODk5OWNiY2Nm NmJiNjcwHhcNMjYwMTAxMjAxODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMDMwMDgzMjZiMGYzNjNjZTc2OGJhYWNmYjJlZjk1N2E1MzFhZTc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWa93jJdZAfeqPHzWNxkVRkT/i3E rvGtS0G4N5Y/dpf/HayhPqldi9AZs39S6HQsNtVhzPCSFE6ysZq5zq6LBZdutoD1 JHeI63uMIxtJOl865zyrEl/o79o7OORHrZODfctp9a5Dh6X+QTrImYs83eVhWhwF yrhEeJSpMgu+c68D+oh9cpBBLcJ9WLYU7UrB6F24MEn/mHkqFb3pjkCaWwkBlsz1 aQGm0Z/nWCgvD0rjbNvkypKhNKoikNAgmin/X96hn2EETTyzs6hWluPpDv8TQ+F6 /cj9XAS7Im1YZD3aZ0Aj6vrc+yDDSD6+Oqj2DEOQ1N/+1Zr0gL/pgdqYhQIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFKAwCDJrDzY852i6rPsu+VelMa53MB8GA1UdIwQY MBaAFFQfxUdiz+ktdsL0xq+JmcvM9rtnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVkJfRlIyTFA2UzEyd3ZUR3I0bVp5OHoydTJjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9kZGRhNWUtZmVlZi00NzYzLTg4ZGEt OGJjODI1YzNhMzI0LzEvb0RBSU1tc1BOanpuYUxxcy15NzVWNlV4cm5jLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOS9kZGRhNWUtZmVlZi00NzYzLTg4ZGEtOGJjODI1YzNhMzI0 LzEvVkJfRlIyTFA2UzEyd3ZUR3I0bVp5OHoydTJjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBQst+AwQB XhgkAwQAotAQAwQCuc4YMA0EAgACMAcDBQMqCw5AMA0GCSqGSIb3DQEBCwUAA4IB AQB1UnYrUJ1nVX8NgaHDRBsngAyaWMfjB6MBVKqS+UnGraMccYJyXCm2Dtsrbq9m tjUA6TjdxxHSEIwETcY0TZdPIGNEAkFnUZWw6KUyOhEysAAgUZxFsfP7gft8fUfl YzwFVVQDCHolfK2152QH/WI+kQ2LQX8NMIdJjIbL4r9sZESuZnOqgie5JMK4XVla vvWRpwipYGCBSsWm/tmR6PT0gakEHppoJzavNUfepvMfYfmSlNKiBBvnVZhpbL4Q DVCgQpZFV/VE99dJZrKpNPl9ivbXqHPLVCGWIIO5NljmZM7fnkahCBwjegKt2YnB 849+EvbwxP4Z05Tti4oNaqEI -----END CERTIFICATE-----Generated at Sun Jan 18 11:04:04 2026 by rpki-client