This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/72faed-a8f8-4a33-8ddc-5cef04b79737/1/oVjc2gbj8Z3HA7eAzKIRnl2lQMA.roa File: oVjc2gbj8Z3HA7eAzKIRnl2lQMA.roa (raw, json) Hash identifier: zAAZk1U4VBtTI0cONSxWT3e4cbR3Hkt4vRra+VHSqCk= Subject key identifier: A1:58:DC:DA:06:E3:F1:9D:C7:03:B7:80:CC:A2:11:9E:5D:A5:40:C0 Certificate issuer: /CN=0d23064e3c27ec92b7eab667649d204e5673838e Certificate serial: 019BB30B814047FD5A6F0987E569D05D132C Authority key identifier: 0D:23:06:4E:3C:27:EC:92:B7:EA:B6:67:64:9D:20:4E:56:73:83:8E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSMGTjwn7JK36rZnZJ0gTlZzg44.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/72faed-a8f8-4a33-8ddc-5cef04b79737/1/oVjc2gbj8Z3HA7eAzKIRnl2lQMA.roa Signing time: Mon 12 Jan 2026 16:30:34 +0000 ROA not before: Mon 12 Jan 2026 16:30:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20811 IP address blocks: 147.189.208.0/24 maxlen: 24 147.189.209.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/72faed-a8f8-4a33-8ddc-5cef04b79737/1/DSMGTjwn7JK36rZnZJ0gTlZzg44.crl rsync://rpki.ripe.net/repository/DEFAULT/21/72faed-a8f8-4a33-8ddc-5cef04b79737/1/DSMGTjwn7JK36rZnZJ0gTlZzg44.mft rsync://rpki.ripe.net/repository/DEFAULT/DSMGTjwn7JK36rZnZJ0gTlZzg44.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 19:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b3:0b:81:40:47:fd:5a:6f:09:87:e5:69:d0:5d:13:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0d23064e3c27ec92b7eab667649d204e5673838e Validity Not Before: Jan 12 16:30:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a158dcda06e3f19dc703b780cca2119e5da540c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:55:98:a4:2c:70:22:ad:aa:11:1e:32:c2:3b: 65:87:a3:06:57:05:40:d0:c9:d4:bb:52:1d:12:c7: d9:3d:ce:2e:b5:e9:43:c7:84:c0:52:ac:e4:42:d2: 27:0b:db:06:e1:dd:aa:cd:4d:13:dc:65:a3:e0:09: 8e:fc:92:9f:8a:cd:fe:49:30:37:40:2d:4d:05:30: 88:a0:83:7e:7b:3d:33:90:08:d4:64:d5:93:1d:b3: 7d:35:84:32:94:f5:2e:4f:50:4d:85:0f:34:83:23: 3d:9a:aa:2c:35:79:70:af:b6:dc:55:80:27:50:8f: 38:7e:a9:8d:fb:bf:b5:93:1a:63:cc:b3:32:70:5c: 67:f6:ad:6e:48:2f:20:82:a1:c6:7f:bc:18:65:f9: 1b:e4:dd:28:2f:09:87:68:9b:d9:3f:9c:92:68:4a: ba:8f:0a:dc:4b:c4:8c:06:e0:af:ce:a6:30:bc:88: fa:46:c6:14:62:a7:ed:44:35:30:b7:7e:4c:9e:24: e2:58:48:b4:31:f9:88:a4:db:97:cb:37:b3:db:a5: b8:9e:6e:6b:88:a8:19:ef:5e:8f:49:59:5b:0a:a9: c6:b1:72:0f:f3:33:4c:75:5c:ba:18:d2:31:3a:0d: aa:12:ff:14:66:f0:21:83:ea:87:45:fd:f8:c9:96: e8:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:58:DC:DA:06:E3:F1:9D:C7:03:B7:80:CC:A2:11:9E:5D:A5:40:C0 X509v3 Authority Key Identifier: keyid:0D:23:06:4E:3C:27:EC:92:B7:EA:B6:67:64:9D:20:4E:56:73:83:8E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSMGTjwn7JK36rZnZJ0gTlZzg44.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/72faed-a8f8-4a33-8ddc-5cef04b79737/1/oVjc2gbj8Z3HA7eAzKIRnl2lQMA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/72faed-a8f8-4a33-8ddc-5cef04b79737/1/DSMGTjwn7JK36rZnZJ0gTlZzg44.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 147.189.208.0/23 Signature Algorithm: sha256WithRSAEncryption 05:7b:83:63:6f:f8:bd:7d:20:80:d8:3e:f5:3e:3c:87:ad:7a: 07:49:0a:c7:8f:10:b6:75:7b:3a:3c:6f:22:c8:ed:49:d8:65: 14:d2:f7:59:cf:19:b4:e7:d4:3f:6a:08:a1:e5:ac:60:d3:8c: 24:4e:50:ab:3f:54:89:26:bd:95:37:e7:03:c0:f2:af:c6:fb: 13:e1:0b:4e:5b:bf:42:fb:47:49:63:cb:08:fa:d2:67:75:6d: f7:d0:73:00:8f:b0:9c:2a:b8:60:a2:17:a1:c8:c0:f2:45:4c: 46:88:54:45:91:9f:a6:e3:17:fd:71:e1:7b:d2:3e:16:8e:9b: 7c:9f:cc:bf:50:fa:44:a4:34:17:6e:72:b1:e6:07:d2:fa:fc: ee:6a:3a:eb:6c:2f:af:06:ba:8a:ff:b6:f8:a7:df:27:a0:3c: e6:90:d0:68:9b:24:47:09:07:e8:b2:a8:b9:a0:ef:f1:8b:3c: 47:2f:de:53:3b:66:76:42:d6:42:d4:e8:76:24:b6:58:cb:0a: 9b:00:e5:86:d6:ec:c6:e7:a0:51:fb:d5:d3:f8:af:3e:84:dd: ab:bf:a0:42:d8:ab:2b:cb:78:15:e6:fd:bc:3b:92:38:6d:1d: 75:f1:b0:b0:c9:11:3e:f9:a9:a7:bd:08:c8:24:19:54:2d:a0: 2d:2e:2b:0e -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZuzC4FAR/1abwmH5WnQXRMsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkMjMwNjRlM2MyN2VjOTJiN2VhYjY2NzY0OWQyMDRlNTY3 MzgzOGUwHhcNMjYwMTEyMTYzMDM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMTU4ZGNkYTA2ZTNmMTlkYzcwM2I3ODBjY2EyMTE5ZTVkYTU0MGMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1WYpCxwIq2qER4ywjtlh6MGVwVA 0MnUu1IdEsfZPc4utelDx4TAUqzkQtInC9sG4d2qzU0T3GWj4AmO/JKfis3+STA3 QC1NBTCIoIN+ez0zkAjUZNWTHbN9NYQylPUuT1BNhQ80gyM9mqosNXlwr7bcVYAn UI84fqmN+7+1kxpjzLMycFxn9q1uSC8ggqHGf7wYZfkb5N0oLwmHaJvZP5ySaEq6 jwrcS8SMBuCvzqYwvIj6RsYUYqftRDUwt35MniTiWEi0MfmIpNuXyzez26W4nm5r iKgZ716PSVlbCqnGsXIP8zNMdVy6GNIxOg2qEv8UZvAhg+qHRf34yZbouQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFKFY3NoG4/GdxwO3gMyiEZ5dpUDAMB8GA1UdIwQY MBaAFA0jBk48J+ySt+q2Z2SdIE5Wc4OOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRFNNR1Rqd243SkszNnJablpKMGdUbFp6ZzQ0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83MmZhZWQtYThmOC00YTMzLThkZGMt NWNlZjA0Yjc5NzM3LzEvb1ZqYzJnYmo4WjNIQTdlQXpLSVJubDJsUU1BLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS83MmZhZWQtYThmOC00YTMzLThkZGMtNWNlZjA0Yjc5NzM3 LzEvRFNNR1Rqd243SkszNnJablpKMGdUbFp6ZzQ0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBk73QMA0G CSqGSIb3DQEBCwUAA4IBAQAFe4Njb/i9fSCA2D71PjyHrXoHSQrHjxC2dXs6PG8i yO1J2GUU0vdZzxm059Q/agih5axg04wkTlCrP1SJJr2VN+cDwPKvxvsT4QtOW79C +0dJY8sI+tJndW330HMAj7CcKrhgohehyMDyRUxGiFRFkZ+m4xf9ceF70j4Wjpt8 n8y/UPpEpDQXbnKx5gfS+vzuajrrbC+vBrqK/7b4p98noDzmkNBomyRHCQfosqi5 oO/xizxHL95TO2Z2QtZC1Oh2JLZYywqbAOWG1uzG56BR+9XT+K8+hN2rv6BC2Ksr y3gV5v28O5I4bR118bCwyRE++amnvQjIJBlULaAtLisO -----END CERTIFICATE-----Generated at Mon Jan 26 05:48:44 2026 by rpki-client