This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/975912-fd0c-4318-b0b0-6e056b617d2a/1/ocZPY67okT9wcZzWFKWfg9AUJ1M.roa File: ocZPY67okT9wcZzWFKWfg9AUJ1M.roa (raw, json) Hash identifier: iDAiG1YKPh6kU5IMftBrjc5iYiPA+UXefNbDPt+Am8w= Subject key identifier: A1:C6:4F:63:AE:E8:91:3F:70:71:9C:D6:14:A5:9F:83:D0:14:27:53 Certificate issuer: /CN=f0cf4963357ddb9855f9bac4c7d995adc89a372a Certificate serial: 019B797E2F1BCA0DDB78104274E9B8EF018C Authority key identifier: F0:CF:49:63:35:7D:DB:98:55:F9:BA:C4:C7:D9:95:AD:C8:9A:37:2A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8M9JYzV925hV-brEx9mVrciaNyo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/975912-fd0c-4318-b0b0-6e056b617d2a/1/ocZPY67okT9wcZzWFKWfg9AUJ1M.roa Signing time: Thu 01 Jan 2026 12:17:51 +0000 ROA not before: Thu 01 Jan 2026 12:17:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202454 IP address blocks: 185.152.0.0/23 maxlen: 23 185.152.0.0/24 maxlen: 24 185.152.1.0/24 maxlen: 24 185.152.3.0/24 maxlen: 24 193.28.36.0/22 maxlen: 22 193.28.36.0/24 maxlen: 24 193.28.37.0/24 maxlen: 24 193.28.38.0/24 maxlen: 24 193.28.39.0/24 maxlen: 24 2a0a:2700::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/975912-fd0c-4318-b0b0-6e056b617d2a/1/8M9JYzV925hV-brEx9mVrciaNyo.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/975912-fd0c-4318-b0b0-6e056b617d2a/1/8M9JYzV925hV-brEx9mVrciaNyo.mft rsync://rpki.ripe.net/repository/DEFAULT/8M9JYzV925hV-brEx9mVrciaNyo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:2f:1b:ca:0d:db:78:10:42:74:e9:b8:ef:01:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f0cf4963357ddb9855f9bac4c7d995adc89a372a Validity Not Before: Jan 1 12:17:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a1c64f63aee8913f70719cd614a59f83d0142753 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:0c:12:45:fe:ca:6b:49:5c:d8:d8:53:0e:b9: 92:18:d7:fe:85:23:52:92:d9:9e:3f:fc:87:d5:84: 0f:42:4f:d2:d2:c7:af:a7:c4:58:dc:a0:6a:46:6d: 52:0a:3d:fa:b1:ba:5f:35:57:40:b0:89:c2:29:49: f4:c5:96:5b:a3:8a:56:4a:97:94:ee:c7:e2:24:06: cf:f5:2c:35:20:51:f2:09:02:01:9b:3c:d2:4f:05: c9:7b:9a:15:52:4f:b4:b6:ad:4f:f7:7a:4d:11:db: 29:01:5b:12:8d:dc:27:10:6d:6e:80:8d:92:74:26: 16:14:6e:5e:9a:77:25:9b:93:03:b7:94:14:fa:7b: 60:94:50:16:19:d8:08:c7:e6:1b:57:00:26:3d:45: f5:5c:ef:a0:e2:e1:7d:d3:60:ac:03:b7:aa:29:98: 51:ed:2f:98:38:96:df:e3:9e:65:c3:c1:ad:86:6c: f1:d9:02:14:da:0d:cf:6b:13:35:2a:d1:f6:e4:66: 97:b7:a6:18:e9:28:93:1f:7d:85:4b:b2:6a:9a:51: 48:f2:67:f1:ba:88:8a:c9:0e:c7:a9:37:da:59:c1: 61:b5:5f:57:11:e7:3e:19:d7:78:ae:21:9d:0d:87: c5:68:07:8f:60:bd:6b:3e:55:a2:b9:a9:2c:e7:c5: f8:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:C6:4F:63:AE:E8:91:3F:70:71:9C:D6:14:A5:9F:83:D0:14:27:53 X509v3 Authority Key Identifier: keyid:F0:CF:49:63:35:7D:DB:98:55:F9:BA:C4:C7:D9:95:AD:C8:9A:37:2A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8M9JYzV925hV-brEx9mVrciaNyo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/975912-fd0c-4318-b0b0-6e056b617d2a/1/ocZPY67okT9wcZzWFKWfg9AUJ1M.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/975912-fd0c-4318-b0b0-6e056b617d2a/1/8M9JYzV925hV-brEx9mVrciaNyo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.152.0.0/23 185.152.3.0/24 193.28.36.0/22 IPv6: 2a0a:2700::/29 Signature Algorithm: sha256WithRSAEncryption 0d:2c:3a:dd:d6:2c:69:95:bd:56:17:e9:0a:0b:29:70:c6:d9: b7:31:69:93:23:91:a3:55:82:4c:ac:ed:bb:f3:c4:98:c9:14: 7c:c1:aa:03:f3:a8:3b:15:34:be:01:e8:8b:f3:d7:fb:aa:4c: 5f:49:33:40:c8:7d:b7:55:79:9b:31:2a:36:44:c5:70:2b:18: 00:8a:79:14:b7:6e:da:6e:41:64:7e:d6:60:63:92:86:d5:6c: 9a:db:60:db:1b:c5:5c:57:76:39:c1:f2:39:1a:29:8a:47:34: 14:21:ee:43:a8:3a:ae:fe:f7:19:ad:c3:3c:bc:d8:a9:a7:97: f0:51:7a:86:b0:f7:e5:4f:97:0f:85:60:fe:84:64:99:5c:45: 5a:c6:48:8c:5c:1d:64:ab:75:f2:e2:58:d5:38:50:ca:b7:04: 32:7a:6e:c2:8f:1e:a6:57:1a:d9:62:b1:ec:95:5c:ff:c7:35: d0:bb:cd:e3:57:91:ff:e5:5b:62:c8:89:e7:15:14:60:3e:fb: 55:64:13:fe:8d:1c:73:43:ca:49:f2:3b:06:26:62:23:ac:20: 0d:5c:88:58:1c:90:3a:7e:f2:33:ca:f1:c2:12:e7:cd:89:5a: 80:a5:b1:da:77:88:05:47:cb:3a:cb:b9:7b:c2:ac:1f:5d:6b: a1:fa:18:66 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt5fi8byg3beBBCdOm47wGMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwY2Y0OTYzMzU3ZGRiOTg1NWY5YmFjNGM3ZDk5NWFkYzg5 YTM3MmEwHhcNMjYwMTAxMTIxNzUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMWM2NGY2M2FlZTg5MTNmNzA3MTljZDYxNGE1OWY4M2QwMTQyNzUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQwSRf7Ka0lc2NhTDrmSGNf+hSNS ktmeP/yH1YQPQk/S0sevp8RY3KBqRm1SCj36sbpfNVdAsInCKUn0xZZbo4pWSpeU 7sfiJAbP9Sw1IFHyCQIBmzzSTwXJe5oVUk+0tq1P93pNEdspAVsSjdwnEG1ugI2S dCYWFG5emnclm5MDt5QU+ntglFAWGdgIx+YbVwAmPUX1XO+g4uF902CsA7eqKZhR 7S+YOJbf455lw8Gthmzx2QIU2g3PaxM1KtH25GaXt6YY6SiTH32FS7JqmlFI8mfx uoiKyQ7HqTfaWcFhtV9XEec+Gdd4riGdDYfFaAePYL1rPlWiuaks58X4LwIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFKHGT2Ou6JE/cHGc1hSln4PQFCdTMB8GA1UdIwQY MBaAFPDPSWM1fduYVfm6xMfZla3ImjcqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOE05Sll6VjkyNWhWLWJyRXg5bVZyY2lhTnlvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS85NzU5MTItZmQwYy00MzE4LWIwYjAt NmUwNTZiNjE3ZDJhLzEvb2NaUFk2N29rVDl3Y1p6V0ZLV2ZnOUFVSjFNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS85NzU5MTItZmQwYy00MzE4LWIwYjAtNmUwNTZiNjE3ZDJh LzEvOE05Sll6VjkyNWhWLWJyRXg5bVZyY2lhTnlvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBuZgAAwQA uZgDAwQCwRwkMA0EAgACMAcDBQMqCicAMA0GCSqGSIb3DQEBCwUAA4IBAQANLDrd 1ixplb1WF+kKCylwxtm3MWmTI5GjVYJMrO2788SYyRR8waoD86g7FTS+AeiL89f7 qkxfSTNAyH23VXmbMSo2RMVwKxgAinkUt27abkFkftZgY5KG1Wya22DbG8VcV3Y5 wfI5GimKRzQUIe5DqDqu/vcZrcM8vNipp5fwUXqGsPflT5cPhWD+hGSZXEVaxkiM XB1kq3Xy4ljVOFDKtwQyem7Cjx6mVxrZYrHslVz/xzXQu83jV5H/5VtiyInnFRRg PvtVZBP+jRxzQ8pJ8jsGJmIjrCANXIhYHJA6fvIzyvHCEufNiVqApbHad4gFR8s6 y7l7wqwfXWuh+hhm -----END CERTIFICATE-----Generated at Tue Feb 10 00:09:56 2026 by rpki-client