This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/3879dd-ef95-45e6-8767-e681ebba4a4a/1/1-ojtBFfG2H1rWqjbXk4N7WD3PpY.roa File: 1-ojtBFfG2H1rWqjbXk4N7WD3PpY.roa (raw, json) Hash identifier: 33NVVlGbTWQg3lb1uDpxYt5Pr6SGR6CWL3Kw3mH/dfw= Subject key identifier: FA:88:ED:04:57:C6:D8:7D:6B:5A:A8:DB:5E:4E:0D:ED:60:F7:3E:96 Certificate issuer: /CN=40d933e82474650c6aa3e9cbf0574d27286592e7 Certificate serial: 019B7CEE1A0C76981EB826C4A895CC9502E9 Authority key identifier: 40:D9:33:E8:24:74:65:0C:6A:A3:E9:CB:F0:57:4D:27:28:65:92:E7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QNkz6CR0ZQxqo-nL8FdNJyhlkuc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/3879dd-ef95-45e6-8767-e681ebba4a4a/1/1-ojtBFfG2H1rWqjbXk4N7WD3PpY.roa Signing time: Fri 02 Jan 2026 04:18:57 +0000 ROA not before: Fri 02 Jan 2026 04:18:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207044 IP address blocks: 87.120.240.0/22 maxlen: 24 87.120.248.0/22 maxlen: 24 87.121.252.0/22 maxlen: 24 88.151.24.0/21 maxlen: 24 89.184.36.0/22 maxlen: 24 89.184.60.0/22 maxlen: 24 91.92.28.0/22 maxlen: 24 185.167.196.0/22 maxlen: 24 213.133.64.0/21 maxlen: 24 2a0b:ae00::/29 maxlen: 29 2a0b:ae00:1000::/38 maxlen: 38 2a0b:ae00:1400::/38 maxlen: 38 2a0b:ae00:1800::/38 maxlen: 38 2a0b:ae00:2000::/38 maxlen: 38 2a0b:ae00:2400::/38 maxlen: 38 2a0b:ae00:2800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/3879dd-ef95-45e6-8767-e681ebba4a4a/1/QNkz6CR0ZQxqo-nL8FdNJyhlkuc.crl rsync://rpki.ripe.net/repository/DEFAULT/22/3879dd-ef95-45e6-8767-e681ebba4a4a/1/QNkz6CR0ZQxqo-nL8FdNJyhlkuc.mft rsync://rpki.ripe.net/repository/DEFAULT/QNkz6CR0ZQxqo-nL8FdNJyhlkuc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ee:1a:0c:76:98:1e:b8:26:c4:a8:95:cc:95:02:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40d933e82474650c6aa3e9cbf0574d27286592e7 Validity Not Before: Jan 2 04:18:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fa88ed0457c6d87d6b5aa8db5e4e0ded60f73e96 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:99:8d:59:f7:de:ab:71:4a:37:ea:2f:c0:8e: 32:cb:fc:a2:09:9b:28:41:90:d8:09:14:5d:9d:7c: d1:7b:21:c7:a9:83:d3:1a:9d:5b:86:f1:a0:f0:29: b3:1b:d9:9a:b9:d7:3c:67:6c:9e:44:05:37:55:41: f5:e6:a1:45:1a:5b:87:e9:8e:1d:6d:87:6a:06:e6: 09:16:71:33:49:e0:b5:28:4d:3d:2b:53:9e:1e:f2: cc:dc:4a:5c:ff:25:09:e1:d1:9c:3c:d9:c4:f1:16: 46:c4:cc:b0:50:65:52:d0:03:13:ec:5b:37:b0:60: af:8d:5d:10:4c:dd:4c:5e:a8:44:73:d8:66:75:1a: a5:d4:88:74:86:8a:09:75:f1:cc:53:e6:b5:d1:5b: fa:85:4f:da:4e:00:76:42:39:8d:5e:2c:80:eb:29: ff:b2:30:84:0e:13:56:9d:c4:f2:67:58:31:7f:d4: 58:01:70:8f:1c:e7:f6:17:72:eb:0e:ee:cf:f7:41: 2b:cb:dd:dd:71:83:52:d6:6b:43:c3:76:2e:1d:0f: 3d:6a:7f:39:c7:cd:9b:52:32:77:1f:3a:1b:f4:fd: e5:37:9e:19:2c:33:7a:cf:91:60:a4:00:86:b5:74: 79:8d:0f:ea:3f:e1:ae:58:27:cd:3a:de:44:ef:91: 49:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:88:ED:04:57:C6:D8:7D:6B:5A:A8:DB:5E:4E:0D:ED:60:F7:3E:96 X509v3 Authority Key Identifier: keyid:40:D9:33:E8:24:74:65:0C:6A:A3:E9:CB:F0:57:4D:27:28:65:92:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QNkz6CR0ZQxqo-nL8FdNJyhlkuc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3879dd-ef95-45e6-8767-e681ebba4a4a/1/1-ojtBFfG2H1rWqjbXk4N7WD3PpY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3879dd-ef95-45e6-8767-e681ebba4a4a/1/QNkz6CR0ZQxqo-nL8FdNJyhlkuc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 87.120.240.0/22 87.120.248.0/22 87.121.252.0/22 88.151.24.0/21 89.184.36.0/22 89.184.60.0/22 91.92.28.0/22 185.167.196.0/22 213.133.64.0/21 IPv6: 2a0b:ae00::/29 Signature Algorithm: sha256WithRSAEncryption 95:48:c6:8a:11:00:65:ea:83:26:08:4e:a7:e8:9a:27:1d:b0: d4:65:67:7a:cf:ad:76:32:14:57:87:a2:78:71:4a:07:d6:1b: 9a:77:6b:98:2c:08:da:7a:85:1c:18:d2:f0:38:57:c6:2e:57: 70:df:2b:3c:08:79:69:0d:38:3d:cc:af:b3:0c:5b:97:7e:17: c0:f4:bd:7f:04:d5:ad:ab:9b:f3:ee:3e:a6:2f:19:7f:31:0b: cb:38:b0:83:55:13:48:fc:9a:9e:2a:89:b6:fe:59:db:67:97: 94:b1:f1:71:7f:ec:f7:31:f8:19:c8:48:80:33:8e:0a:40:88: 55:b4:62:ee:13:6b:20:0b:91:79:8e:f9:ae:d0:0a:91:73:10: 0b:38:a0:38:43:83:08:df:4f:45:eb:72:13:a2:93:46:96:9d: e3:aa:73:3b:fd:5a:e9:80:d8:e8:a8:e7:2c:4f:ae:41:9b:29: c5:bc:e4:5d:fa:55:ba:8a:fa:c7:a0:54:cb:05:b5:97:33:a3: bf:82:66:0d:ee:76:99:c8:09:f2:2b:c3:7a:e8:20:72:e6:f4: 3e:ab:db:32:66:f7:41:70:f0:19:8a:c0:bd:d7:29:56:1b:09: 31:b9:ba:d6:90:0e:4c:2b:f8:11:f9:04:d1:29:70:cd:c8:14: 4d:84:46:8a -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgISAZt87hoMdpgeuCbEqJXMlQLpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwZDkzM2U4MjQ3NDY1MGM2YWEzZTljYmYwNTc0ZDI3Mjg2 NTkyZTcwHhcNMjYwMTAyMDQxODU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmYTg4ZWQwNDU3YzZkODdkNmI1YWE4ZGI1ZTRlMGRlZDYwZjczZTk2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5JmNWffeq3FKN+ovwI4yy/yiCZso QZDYCRRdnXzReyHHqYPTGp1bhvGg8CmzG9maudc8Z2yeRAU3VUH15qFFGluH6Y4d bYdqBuYJFnEzSeC1KE09K1OeHvLM3Epc/yUJ4dGcPNnE8RZGxMywUGVS0AMT7Fs3 sGCvjV0QTN1MXqhEc9hmdRql1Ih0hooJdfHMU+a10Vv6hU/aTgB2QjmNXiyA6yn/ sjCEDhNWncTyZ1gxf9RYAXCPHOf2F3LrDu7P90Ery93dcYNS1mtDw3YuHQ89an85 x82bUjJ3Hzob9P3lN54ZLDN6z5FgpACGtXR5jQ/qP+GuWCfNOt5E75FJDQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFPqI7QRXxth9a1qo215ODe1g9z6WMB8GA1UdIwQY MBaAFEDZM+gkdGUMaqPpy/BXTScoZZLnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUU5rejZDUjBaUXhxby1uTDhGZE5KeWhsa3VjLmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zODc5ZGQtZWY5NS00NWU2LTg3Njct ZTY4MWViYmE0YTRhLzEvMS1vanRCRmZHMkgxcldxamJYazRON1dEM1BwWS5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvMjIvMzg3OWRkLWVmOTUtNDVlNi04NzY3LWU2ODFlYmJhNGE0 YS8xL1FOa3o2Q1IwWlF4cW8tbkw4RmROSnlobGt1Yy5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjBeBggrBgEFBQcBBwEB/wRPME0wPAQCAAEwNgMEAld48AME Ald4+AMEAld5/AMEA1iXGAMEAlm4JAMEAlm4PAMEAltcHAMEArmnxAMEA9WFQDAN BAIAAjAHAwUDKguuADANBgkqhkiG9w0BAQsFAAOCAQEAlUjGihEAZeqDJghOp+ia Jx2w1GVnes+tdjIUV4eieHFKB9YbmndrmCwI2nqFHBjS8DhXxi5XcN8rPAh5aQ04 Pcyvswxbl34XwPS9fwTVraub8+4+pi8ZfzELyziwg1UTSPyaniqJtv5Z22eXlLHx cX/s9zH4GchIgDOOCkCIVbRi7hNrIAuReY75rtAKkXMQCzigOEODCN9PRetyE6KT Rpad46pzO/1a6YDY6KjnLE+uQZspxbzkXfpVuor6x6BUywW1lzOjv4JmDe52mcgJ 8ivDeuggcub0PqvbMmb3QXDwGYrAvdcpVhsJMbm61pAOTCv4EfkE0SlwzcgUTYRG ig== -----END CERTIFICATE-----Generated at Sun Jan 25 15:13:29 2026 by rpki-client