This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/2e95e7-5644-46f2-8fa3-398c045189eb/1/OzmaqdbQnEvHxy-Ju3BWJk8RR4A.roa File: OzmaqdbQnEvHxy-Ju3BWJk8RR4A.roa (raw, json) Hash identifier: yuFXsdpmAkFe7AvZipGRLoE1oL8vDwU9WfUvdebaJCQ= Subject key identifier: 3B:39:9A:A9:D6:D0:9C:4B:C7:C7:2F:89:BB:70:56:26:4F:11:47:80 Certificate issuer: /CN=f541d46893aaa164fe2673990d07aa6c071003c0 Certificate serial: 019B7759706B5080DB665E0AD14074F637FA Authority key identifier: F5:41:D4:68:93:AA:A1:64:FE:26:73:99:0D:07:AA:6C:07:10:03:C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9UHUaJOqoWT-JnOZDQeqbAcQA8A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/2e95e7-5644-46f2-8fa3-398c045189eb/1/OzmaqdbQnEvHxy-Ju3BWJk8RR4A.roa Signing time: Thu 01 Jan 2026 02:18:28 +0000 ROA not before: Thu 01 Jan 2026 02:18:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44084 IP address blocks: 45.67.124.0/22 maxlen: 24 217.115.16.0/20 maxlen: 24 2a09:6240::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/2e95e7-5644-46f2-8fa3-398c045189eb/1/9UHUaJOqoWT-JnOZDQeqbAcQA8A.crl rsync://rpki.ripe.net/repository/DEFAULT/0a/2e95e7-5644-46f2-8fa3-398c045189eb/1/9UHUaJOqoWT-JnOZDQeqbAcQA8A.mft rsync://rpki.ripe.net/repository/DEFAULT/9UHUaJOqoWT-JnOZDQeqbAcQA8A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 05:01:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:70:6b:50:80:db:66:5e:0a:d1:40:74:f6:37:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f541d46893aaa164fe2673990d07aa6c071003c0 Validity Not Before: Jan 1 02:18:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3b399aa9d6d09c4bc7c72f89bb7056264f114780 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:de:eb:97:19:e1:b8:d6:63:b9:59:ab:ec:35: 18:56:bc:00:11:13:db:ef:9e:15:3c:a8:78:16:d9: ee:af:92:b1:2d:9c:8c:ed:dc:c3:a0:3a:be:fb:51: 27:4d:be:78:9b:e3:ee:5e:aa:31:a2:77:1b:83:28: bb:10:cf:97:65:b5:b7:3a:de:24:1f:ac:4b:4b:51: 8c:ee:e7:90:03:0f:1c:f4:46:7b:27:23:d6:e2:32: 0d:6f:89:2f:a1:6d:d5:f5:29:5a:25:f4:85:49:7d: 68:b2:6d:28:7f:e7:44:6c:6c:32:2f:66:e0:5e:6c: 7c:77:ca:56:a4:cd:ec:88:c1:4f:8e:8e:15:94:a0: b7:a1:a4:09:4f:a6:f6:99:5e:d1:d2:ab:5e:54:43: db:c2:fa:0e:c1:6a:2c:fb:66:4b:41:cf:fb:f2:c3: cb:c6:6d:6f:fd:45:dd:40:2c:db:90:89:8f:a3:d4: 9a:30:d4:d7:3e:eb:43:50:e6:70:f1:27:3a:c9:ac: 3e:c1:14:4f:59:cb:f4:3f:e3:ca:a9:e8:10:8b:87: 93:ac:85:df:60:cd:a6:f3:e9:50:b5:b0:41:e3:53: 11:f3:1a:dd:d2:bb:1c:b9:69:59:7f:b8:55:9a:87: 04:e6:43:a6:8a:49:33:f0:9e:4d:58:c3:43:33:4b: 0a:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:39:9A:A9:D6:D0:9C:4B:C7:C7:2F:89:BB:70:56:26:4F:11:47:80 X509v3 Authority Key Identifier: keyid:F5:41:D4:68:93:AA:A1:64:FE:26:73:99:0D:07:AA:6C:07:10:03:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9UHUaJOqoWT-JnOZDQeqbAcQA8A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2e95e7-5644-46f2-8fa3-398c045189eb/1/OzmaqdbQnEvHxy-Ju3BWJk8RR4A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2e95e7-5644-46f2-8fa3-398c045189eb/1/9UHUaJOqoWT-JnOZDQeqbAcQA8A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.67.124.0/22 217.115.16.0/20 IPv6: 2a09:6240::/29 Signature Algorithm: sha256WithRSAEncryption 0b:47:24:2c:87:28:20:e1:20:e2:6a:ad:22:47:cb:0a:92:d4: d8:60:16:18:41:9d:06:b0:06:c7:4e:12:3c:d3:c6:55:fe:8c: 42:f0:b1:9c:3a:7a:cf:c7:4f:3b:7f:e6:ec:18:15:0a:17:24: b4:7a:57:d3:e5:e8:cf:4d:d9:ab:09:a9:09:22:d8:e3:b6:ec: a2:92:b5:f5:cf:90:57:cd:7c:12:8c:3a:f8:fc:39:88:e6:30: 3c:74:74:43:7d:46:06:53:f0:28:5c:b0:11:e8:03:32:f5:88: 36:7c:c7:ff:4d:7a:95:f7:16:b7:8c:00:52:1d:c3:8f:71:24: a9:d2:1f:36:39:c0:b7:b4:40:94:20:a5:75:a0:f3:76:3d:94: 8d:9e:bd:d2:c4:32:c2:5b:b3:29:71:69:6e:fe:44:7f:91:51: 6d:06:26:2a:8e:01:73:d2:85:e6:d0:72:60:c2:f5:40:ee:f5: 78:1a:ed:8f:67:3e:eb:3e:36:38:98:40:53:09:29:a5:23:31: 55:fb:d1:c9:b3:ce:f4:99:e0:93:fd:74:58:b3:46:44:e8:85: e1:9c:c7:9e:fe:26:2d:9d:f1:de:e0:e4:7d:85:8f:83:6f:aa: 78:9a:36:ac:c0:6b:de:ab:04:2d:82:7a:40:65:c2:da:d5:da: b1:5d:97:fb -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt3WXBrUIDbZl4K0UB09jf6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY1NDFkNDY4OTNhYWExNjRmZTI2NzM5OTBkMDdhYTZjMDcx MDAzYzAwHhcNMjYwMTAxMDIxODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYjM5OWFhOWQ2ZDA5YzRiYzdjNzJmODliYjcwNTYyNjRmMTE0NzgwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmd7rlxnhuNZjuVmr7DUYVrwAERPb 754VPKh4Ftnur5KxLZyM7dzDoDq++1EnTb54m+PuXqoxoncbgyi7EM+XZbW3Ot4k H6xLS1GM7ueQAw8c9EZ7JyPW4jINb4kvoW3V9SlaJfSFSX1osm0of+dEbGwyL2bg Xmx8d8pWpM3siMFPjo4VlKC3oaQJT6b2mV7R0qteVEPbwvoOwWos+2ZLQc/78sPL xm1v/UXdQCzbkImPo9SaMNTXPutDUOZw8Sc6yaw+wRRPWcv0P+PKqegQi4eTrIXf YM2m8+lQtbBB41MR8xrd0rscuWlZf7hVmocE5kOmikkz8J5NWMNDM0sKmQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFDs5mqnW0JxLx8cvibtwViZPEUeAMB8GA1UdIwQY MBaAFPVB1GiTqqFk/iZzmQ0HqmwHEAPAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOVVIVWFKT3FvV1QtSm5PWkRRZXFiQWNRQThBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yZTk1ZTctNTY0NC00NmYyLThmYTMt Mzk4YzA0NTE4OWViLzEvT3ptYXFkYlFuRXZIeHktSnUzQldKazhSUjRBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYS8yZTk1ZTctNTY0NC00NmYyLThmYTMtMzk4YzA0NTE4OWVi LzEvOVVIVWFKT3FvV1QtSm5PWkRRZXFiQWNRQThBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLUN8AwQE 2XMQMA0EAgACMAcDBQMqCWJAMA0GCSqGSIb3DQEBCwUAA4IBAQALRyQshygg4SDi aq0iR8sKktTYYBYYQZ0GsAbHThI808ZV/oxC8LGcOnrPx087f+bsGBUKFyS0elfT 5ejPTdmrCakJItjjtuyikrX1z5BXzXwSjDr4/DmI5jA8dHRDfUYGU/AoXLAR6AMy 9Yg2fMf/TXqV9xa3jABSHcOPcSSp0h82OcC3tECUIKV1oPN2PZSNnr3SxDLCW7Mp cWlu/kR/kVFtBiYqjgFz0oXm0HJgwvVA7vV4Gu2PZz7rPjY4mEBTCSmlIzFV+9HJ s870meCT/XRYs0ZE6IXhnMee/iYtnfHe4OR9hY+Db6p4mjaswGveqwQtgnpAZcLa 1dqxXZf7 -----END CERTIFICATE-----Generated at Mon Jan 26 15:01:57 2026 by rpki-client