This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/oOhDRpFOR5JraODgtWxrIqn03So.roa File: oOhDRpFOR5JraODgtWxrIqn03So.roa (raw, json) Hash identifier: eigDmTWjWV0xucfp3vjonLKwok/Ysn+jhYRmXORf2+8= Subject key identifier: A0:E8:43:46:91:4E:47:92:6B:68:E0:E0:B5:6C:6B:22:A9:F4:DD:2A Certificate issuer: /CN=d9f9fa7b944f7e7c60d73ef10b776fc27995a4ed Certificate serial: 019B7F832624D5CFCDB06A6851EEF28EBE5B Authority key identifier: D9:F9:FA:7B:94:4F:7E:7C:60:D7:3E:F1:0B:77:6F:C2:79:95:A4:ED Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fn6e5RPfnxg1z7xC3dvwnmVpO0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/oOhDRpFOR5JraODgtWxrIqn03So.roa Signing time: Fri 02 Jan 2026 16:20:59 +0000 ROA not before: Fri 02 Jan 2026 16:20:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20661 IP address blocks: 95.85.96.0/19 maxlen: 24 95.85.96.0/24 maxlen: 24 95.85.98.0/24 maxlen: 24 95.85.99.0/24 maxlen: 24 95.85.100.0/22 maxlen: 22 95.85.100.0/24 maxlen: 24 95.85.101.0/24 maxlen: 24 95.85.104.0/22 maxlen: 22 95.85.104.0/24 maxlen: 24 95.85.121.0/24 maxlen: 24 103.220.0.0/22 maxlen: 22 119.235.112.0/20 maxlen: 20 177.93.143.0/24 maxlen: 24 185.69.184.0/24 maxlen: 24 216.250.8.0/21 maxlen: 21 217.174.224.0/20 maxlen: 24 217.174.224.0/24 maxlen: 24 217.174.225.0/24 maxlen: 24 217.174.227.0/24 maxlen: 24 2a05:2180::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/2fn6e5RPfnxg1z7xC3dvwnmVpO0.crl rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/2fn6e5RPfnxg1z7xC3dvwnmVpO0.mft rsync://rpki.ripe.net/repository/DEFAULT/2fn6e5RPfnxg1z7xC3dvwnmVpO0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:26:24:d5:cf:cd:b0:6a:68:51:ee:f2:8e:be:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d9f9fa7b944f7e7c60d73ef10b776fc27995a4ed Validity Not Before: Jan 2 16:20:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a0e84346914e47926b68e0e0b56c6b22a9f4dd2a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:62:35:ae:de:2a:78:23:93:03:26:77:8f:cd: 8a:8a:e6:9a:e1:ba:79:d9:ea:94:f8:5a:55:af:ce: 11:d5:e5:54:e4:63:a9:10:2b:95:57:aa:d7:8c:54: c5:f5:de:eb:2a:a9:04:41:46:d8:12:76:e1:6c:63: bc:fd:c5:25:ce:56:47:09:8c:55:22:24:a3:a0:ad: 15:14:8b:6d:27:dd:18:6b:c9:d5:69:76:82:76:56: 9f:3c:ef:c1:38:0b:ac:09:91:95:05:de:9d:2f:db: 68:77:be:f4:1e:47:60:2c:ca:bd:68:98:84:bd:69: 68:88:0a:3d:90:e1:54:c5:6e:87:6a:0a:a0:50:8c: 0a:8c:ca:b3:9b:89:e7:b1:22:42:6f:7f:3d:de:7b: 9d:8d:cc:90:53:18:54:5f:20:69:d1:74:54:05:15: 00:94:63:a4:86:37:ad:16:b5:72:ec:64:a0:a3:09: 7c:01:3b:4a:26:53:90:fc:32:41:d5:78:d6:a1:24: 57:f6:8f:cc:bc:6c:73:f2:67:9c:c5:45:9f:60:40: 16:f6:d5:2f:b6:31:6b:bf:86:95:9b:e9:46:8e:23: 5f:96:84:7e:f3:db:68:c5:8e:09:7f:0e:1b:09:3a: 49:b8:37:e6:7c:3c:75:9b:95:4f:b5:62:35:0e:f8: 9e:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:E8:43:46:91:4E:47:92:6B:68:E0:E0:B5:6C:6B:22:A9:F4:DD:2A X509v3 Authority Key Identifier: keyid:D9:F9:FA:7B:94:4F:7E:7C:60:D7:3E:F1:0B:77:6F:C2:79:95:A4:ED X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fn6e5RPfnxg1z7xC3dvwnmVpO0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/oOhDRpFOR5JraODgtWxrIqn03So.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/2fn6e5RPfnxg1z7xC3dvwnmVpO0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 95.85.96.0/19 103.220.0.0/22 119.235.112.0/20 177.93.143.0/24 185.69.184.0/24 216.250.8.0/21 217.174.224.0/20 IPv6: 2a05:2180::/29 Signature Algorithm: sha256WithRSAEncryption 87:65:f1:43:56:2c:65:d3:56:ff:ca:45:e7:62:70:55:f4:67: 54:aa:92:23:dc:0f:0b:c2:96:db:a1:58:35:03:a4:af:b1:05: 56:27:c3:c5:ed:d3:3f:4f:7a:f2:1c:cb:85:fd:e6:9e:5a:6d: 3c:8a:70:b4:e8:47:55:5e:4d:e5:20:e2:f3:1a:a4:7d:85:2a: 32:99:23:19:8a:df:7b:62:69:3c:f2:a3:65:1c:66:17:f3:e6: 0e:23:0c:cc:ce:e1:78:80:04:48:3f:1f:29:0e:17:ea:d2:9c: ba:10:d2:71:3f:7a:48:e6:96:c5:46:4e:e2:e7:c2:a2:c8:19: 5b:06:a5:b4:4a:29:dd:4a:ad:df:05:8c:57:2b:85:72:d8:e9: 34:78:20:b8:26:4a:bd:b2:81:41:0b:b3:d3:52:53:6c:05:fb: 2b:33:df:dd:0e:70:c3:7c:f8:3e:1d:2b:7c:8a:3f:26:01:fc: 27:98:bb:57:0b:95:e6:57:00:58:f8:d4:f0:35:95:f1:d4:bb: b5:e7:c9:18:f1:eb:dd:ab:6c:40:69:70:70:a0:4d:e9:41:3e: c5:f8:e0:5b:29:07:e6:66:94:dd:80:df:c5:e8:f5:f5:08:c1: 8a:25:eb:ee:af:80:ef:1a:5e:e7:8b:e6:ec:7b:22:68:76:53: 5f:a0:c7:0c -----BEGIN CERTIFICATE----- MIIFMDCCBBigAwIBAgISAZt/gyYk1c/NsGpoUe7yjr5bMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5ZjlmYTdiOTQ0ZjdlN2M2MGQ3M2VmMTBiNzc2ZmMyNzk5 NWE0ZWQwHhcNMjYwMTAyMTYyMDU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMGU4NDM0NjkxNGU0NzkyNmI2OGUwZTBiNTZjNmIyMmE5ZjRkZDJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2I1rt4qeCOTAyZ3j82Kiuaa4bp5 2eqU+FpVr84R1eVU5GOpECuVV6rXjFTF9d7rKqkEQUbYEnbhbGO8/cUlzlZHCYxV IiSjoK0VFIttJ90Ya8nVaXaCdlafPO/BOAusCZGVBd6dL9tod770HkdgLMq9aJiE vWloiAo9kOFUxW6HagqgUIwKjMqzm4nnsSJCb3893nudjcyQUxhUXyBp0XRUBRUA lGOkhjetFrVy7GSgowl8ATtKJlOQ/DJB1XjWoSRX9o/MvGxz8mecxUWfYEAW9tUv tjFrv4aVm+lGjiNfloR+89toxY4Jfw4bCTpJuDfmfDx1m5VPtWI1Dvie5QIDAQAB o4ICPDCCAjgwHQYDVR0OBBYEFKDoQ0aRTkeSa2jg4LVsayKp9N0qMB8GA1UdIwQY MBaAFNn5+nuUT358YNc+8Qt3b8J5laTtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmZuNmU1UlBmbnhnMXo3eEMzZHZ3bm1WcE8wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85ZDQyMDMtMmVlZS00MWRlLThkODUt MDhiZjIyZjY0MDk3LzEvb09oRFJwRk9SNUpyYU9EZ3RXeHJJcW4wM1NvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOC85ZDQyMDMtMmVlZS00MWRlLThkODUtMDhiZjIyZjY0MDk3 LzEvMmZuNmU1UlBmbnhnMXo3eEMzZHZ3bm1WcE8wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQFX1VgAwQC Z9wAAwQEd+twAwQAsV2PAwQAuUW4AwQD2PoIAwQE2a7gMA0EAgACMAcDBQMqBSGA MA0GCSqGSIb3DQEBCwUAA4IBAQCHZfFDVixl01b/ykXnYnBV9GdUqpIj3A8Lwpbb oVg1A6SvsQVWJ8PF7dM/T3ryHMuF/eaeWm08inC06EdVXk3lIOLzGqR9hSoymSMZ it97Ymk88qNlHGYX8+YOIwzMzuF4gARIPx8pDhfq0py6ENJxP3pI5pbFRk7i58Ki yBlbBqW0SindSq3fBYxXK4Vy2Ok0eCC4Jkq9soFBC7PTUlNsBfsrM9/dDnDDfPg+ HSt8ij8mAfwnmLtXC5XmVwBY+NTwNZXx1Lu158kY8evdq2xAaXBwoE3pQT7F+OBb KQfmZpTdgN/F6PX1CMGKJevur4DvGl7ni+bseyJodlNfoMcM -----END CERTIFICATE-----Generated at Mon Jan 26 07:23:25 2026 by rpki-client