This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/OhWThktj48EUIYn2fVW8CwYiXbE.roa File: OhWThktj48EUIYn2fVW8CwYiXbE.roa (raw, json) Hash identifier: j7gtFtcC+qjAh5QQYd0IhZzzftpdFZnGir6AdEzMusg= Subject key identifier: 3A:15:93:86:4B:63:E3:C1:14:21:89:F6:7D:55:BC:0B:06:22:5D:B1 Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16 Certificate serial: 019BF49F7A53C2755D8DB4A77145D38F2195 Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/OhWThktj48EUIYn2fVW8CwYiXbE.roa Signing time: Sun 25 Jan 2026 10:07:30 +0000 ROA not before: Sun 25 Jan 2026 10:07:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21859 IP address blocks: 89.23.66.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.mft rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f4:9f:7a:53:c2:75:5d:8d:b4:a7:71:45:d3:8f:21:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16 Validity Not Before: Jan 25 10:07:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3a1593864b63e3c1142189f67d55bc0b06225db1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:dd:cd:5f:5b:20:36:89:08:ea:8f:5b:99:31: e5:84:28:93:cb:a8:91:5e:6d:31:d9:62:a7:fd:fd: 52:67:e3:58:bd:03:ce:1a:66:88:74:f1:d1:db:7c: c0:9b:b0:cb:cf:f5:fc:42:e9:86:a5:74:1b:94:65: 36:2e:a0:5e:d9:ef:1a:db:bb:62:87:71:f5:92:e4: f1:17:29:ab:5e:41:95:bf:9b:f5:40:be:87:30:e9: 06:66:0c:e2:e2:08:3a:cc:77:87:28:20:a5:07:5a: 70:e5:fd:c3:cc:23:77:75:bc:0c:a4:eb:56:19:48: 2d:a2:79:57:09:b4:34:53:de:85:c1:64:b2:bd:7e: eb:21:9f:36:27:57:9e:47:7f:29:54:2b:e0:07:b3: 53:65:e7:9a:df:fb:6b:e9:2c:34:aa:6d:44:45:5c: 30:42:20:d5:67:c6:50:a0:9e:f2:22:e4:88:e4:66: c0:47:ec:81:bf:4b:40:0a:e0:0b:54:30:60:fb:f0: bf:1e:24:6d:c7:85:83:38:77:75:26:bd:dc:b8:71: 5a:0c:09:32:9c:9c:bc:00:ce:f4:39:35:0e:23:25: b6:70:60:a7:b0:df:53:e1:ad:7a:1c:05:02:a3:9f: 87:44:11:1c:50:f2:97:fe:83:c0:70:f4:a4:28:3c: a4:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:15:93:86:4B:63:E3:C1:14:21:89:F6:7D:55:BC:0B:06:22:5D:B1 X509v3 Authority Key Identifier: keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/OhWThktj48EUIYn2fVW8CwYiXbE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.23.66.0/24 Signature Algorithm: sha256WithRSAEncryption 66:10:91:13:73:fc:e1:46:6b:e2:75:0c:28:24:e7:07:23:22: 8d:d7:94:f5:fb:03:58:71:cb:ea:b2:1b:fd:61:4d:72:96:e4: 09:6d:27:10:67:07:23:ae:f4:62:41:71:1d:b0:f2:ba:c0:4b: a3:45:e2:5c:74:e3:ea:64:23:35:81:8a:b2:10:28:2a:8d:4c: 7a:92:f0:77:eb:08:21:30:73:96:07:8c:f6:b2:86:ce:55:67: a7:47:e6:f0:77:de:30:8a:93:41:5d:5b:cd:58:65:62:00:0b: 3b:5e:60:af:c4:68:99:bc:cf:87:b5:e9:8b:c1:c4:0e:e7:45: 6a:19:ed:cf:f4:7c:c9:4b:e2:69:0c:45:76:5e:d8:46:cc:c8: 47:45:b2:36:df:b8:15:3a:06:c9:ee:3e:bb:72:22:74:b6:c7: 1c:39:3d:b4:75:f9:9c:5b:70:d6:92:df:15:fa:87:d3:ae:be: b6:72:8d:b8:33:45:2d:56:29:db:c6:22:21:14:ab:40:f2:a7: f6:5d:3f:f1:c3:19:3c:ec:fb:d9:9c:50:2d:5a:b4:96:fb:3b: 64:8b:39:59:8a:29:cf:39:be:5a:86:f5:84:bc:c1:8c:f8:5d: fb:6c:12:63:c4:56:3c:0f:91:ad:ec:b4:0f:27:76:bb:9a:a0: e1:3d:6d:f4 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZv0n3pTwnVdjbSncUXTjyGVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk OWNlMTYwHhcNMjYwMTI1MTAwNzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYTE1OTM4NjRiNjNlM2MxMTQyMTg5ZjY3ZDU1YmMwYjA2MjI1ZGIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwN3NX1sgNokI6o9bmTHlhCiTy6iR Xm0x2WKn/f1SZ+NYvQPOGmaIdPHR23zAm7DLz/X8QumGpXQblGU2LqBe2e8a27ti h3H1kuTxFymrXkGVv5v1QL6HMOkGZgzi4gg6zHeHKCClB1pw5f3DzCN3dbwMpOtW GUgtonlXCbQ0U96FwWSyvX7rIZ82J1eeR38pVCvgB7NTZeea3/tr6Sw0qm1ERVww QiDVZ8ZQoJ7yIuSI5GbAR+yBv0tACuALVDBg+/C/HiRtx4WDOHd1Jr3cuHFaDAky nJy8AM70OTUOIyW2cGCnsN9T4a16HAUCo5+HRBEcUPKX/oPAcPSkKDykuQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFDoVk4ZLY+PBFCGJ9n1VvAsGIl2xMB8GA1UdIwQY MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt MGY2NmMxODg3OTE2LzEvT2hXVGhrdGo0OEVVSVluMmZWVzhDd1lpWGJFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2 LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRdCMA0G CSqGSIb3DQEBCwUAA4IBAQBmEJETc/zhRmvidQwoJOcHIyKN15T1+wNYccvqshv9 YU1yluQJbScQZwcjrvRiQXEdsPK6wEujReJcdOPqZCM1gYqyECgqjUx6kvB36wgh MHOWB4z2sobOVWenR+bwd94wipNBXVvNWGViAAs7XmCvxGiZvM+HtemLwcQO50Vq Ge3P9HzJS+JpDEV2XthGzMhHRbI237gVOgbJ7j67ciJ0tsccOT20dfmcW3DWkt8V +ofTrr62co24M0UtVinbxiIhFKtA8qf2XT/xwxk87PvZnFAtWrSW+ztkizlZiinP Ob5ahvWEvMGM+F37bBJjxFY8D5Gt7LQPJ3a7mqDhPW30 -----END CERTIFICATE-----Generated at Sun Jan 25 16:39:55 2026 by rpki-client