This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/d5d2b3-7c42-4785-9596-517481d0f850/1/oX2MuFZ8yaRVQjpSCUgD1HiKoUg.roa File: oX2MuFZ8yaRVQjpSCUgD1HiKoUg.roa (raw, json) Hash identifier: gdua3nJQKjVmAVvDW1nuoRrLS6iVbV5h3laEz26kzUQ= Subject key identifier: A1:7D:8C:B8:56:7C:C9:A4:55:42:3A:52:09:48:03:D4:78:8A:A1:48 Certificate issuer: /CN=5ff7352d47db9785f49118092de8704a67f6520d Certificate serial: 019B78A2D90F050CCE687B047CCE052B249D Authority key identifier: 5F:F7:35:2D:47:DB:97:85:F4:91:18:09:2D:E8:70:4A:67:F6:52:0D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X_c1LUfbl4X0kRgJLehwSmf2Ug0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/d5d2b3-7c42-4785-9596-517481d0f850/1/oX2MuFZ8yaRVQjpSCUgD1HiKoUg.roa Signing time: Thu 01 Jan 2026 08:18:16 +0000 ROA not before: Thu 01 Jan 2026 08:18:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43366 IP address blocks: 45.154.8.0/24 maxlen: 24 185.241.188.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/d5d2b3-7c42-4785-9596-517481d0f850/1/X_c1LUfbl4X0kRgJLehwSmf2Ug0.crl rsync://rpki.ripe.net/repository/DEFAULT/29/d5d2b3-7c42-4785-9596-517481d0f850/1/X_c1LUfbl4X0kRgJLehwSmf2Ug0.mft rsync://rpki.ripe.net/repository/DEFAULT/X_c1LUfbl4X0kRgJLehwSmf2Ug0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:d9:0f:05:0c:ce:68:7b:04:7c:ce:05:2b:24:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5ff7352d47db9785f49118092de8704a67f6520d Validity Not Before: Jan 1 08:18:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a17d8cb8567cc9a455423a52094803d4788aa148 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:4f:e3:0e:39:eb:6c:6a:da:41:68:fb:d8:67: e6:31:cb:53:f0:f9:33:33:3b:76:f5:88:4c:67:31: b3:42:41:1a:37:b8:0e:24:0b:ad:98:6f:dd:2a:12: be:e3:94:dc:2d:a1:61:de:33:48:71:45:47:7e:a1: f3:37:b8:93:17:6b:93:7e:e2:0d:7c:00:08:cc:b0: 0c:ce:8a:b1:1a:59:59:3b:d8:42:00:27:ce:27:6d: 70:1e:45:38:21:b8:a6:19:d2:ef:ef:e4:14:80:e9: c7:2c:45:23:a7:f8:1d:80:86:7b:68:73:d8:9c:ec: 5a:93:85:b1:05:ed:72:8d:73:a9:84:c4:bd:58:61: 8e:89:c1:f2:6a:7b:5b:6e:12:5e:84:11:bc:c7:81: 25:36:83:6e:1c:74:54:c5:c9:f1:2c:80:64:95:be: ab:49:10:32:8d:94:48:37:9c:dd:99:d3:55:79:18: be:01:9b:60:30:2b:ae:e8:42:67:1c:60:a3:b6:99: 44:7f:9c:d1:c5:bc:9e:10:00:77:b0:e2:16:b0:e4: 7a:75:e8:34:56:75:16:44:b7:d8:ff:b3:34:e5:df: 9d:5d:99:a3:63:45:9e:8a:84:24:03:6f:58:26:ed: 2f:5e:c8:97:4e:9c:f4:8c:3d:78:af:fa:89:fc:95: 1f:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:7D:8C:B8:56:7C:C9:A4:55:42:3A:52:09:48:03:D4:78:8A:A1:48 X509v3 Authority Key Identifier: keyid:5F:F7:35:2D:47:DB:97:85:F4:91:18:09:2D:E8:70:4A:67:F6:52:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X_c1LUfbl4X0kRgJLehwSmf2Ug0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d5d2b3-7c42-4785-9596-517481d0f850/1/oX2MuFZ8yaRVQjpSCUgD1HiKoUg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d5d2b3-7c42-4785-9596-517481d0f850/1/X_c1LUfbl4X0kRgJLehwSmf2Ug0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.154.8.0/24 185.241.188.0/22 Signature Algorithm: sha256WithRSAEncryption 21:1e:c6:c4:7b:18:99:9e:0c:9e:10:b8:03:ea:90:46:64:4d: b1:78:22:39:ec:a4:90:8f:8a:02:1f:7d:e6:fe:63:9c:3b:b9: 50:d5:46:94:50:35:07:1e:db:86:d5:3d:c1:32:96:18:4e:9d: 11:fc:47:fa:ac:68:6e:ee:76:71:13:fc:3f:10:6f:3f:da:4f: be:41:bd:7a:d7:a0:93:de:2c:d4:bd:7e:f4:7d:48:2c:a5:6c: c5:7a:b0:24:17:40:3f:bc:77:a1:34:2b:20:a8:eb:22:50:7a: d5:48:8a:91:d5:d3:27:2f:9e:47:33:6f:ec:cb:ad:99:1a:11: 2c:1a:d8:be:1d:40:ea:d4:9b:f7:d7:8f:6a:18:b2:3e:cc:2f: 5e:ab:78:a9:b2:cc:63:59:37:4c:6e:fb:a8:fd:00:41:ab:9c: 3e:23:66:70:29:f1:3b:56:a1:da:20:6a:a9:0c:20:86:dc:0e: 08:f7:7b:cb:50:6f:80:0f:9e:fd:fb:78:ef:53:dc:d6:00:8d: c7:d5:93:82:7f:40:cb:0b:49:49:0d:86:e3:d5:95:82:8d:e8: 58:91:9b:e9:a6:d1:b6:42:6b:c5:11:bd:48:a4:ff:47:cc:0a: 86:fe:4a:77:11:76:3b:57:28:18:e4:08:d7:41:94:18:d8:82: 90:e0:58:d6 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt4otkPBQzOaHsEfM4FKySdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVmZjczNTJkNDdkYjk3ODVmNDkxMTgwOTJkZTg3MDRhNjdm NjUyMGQwHhcNMjYwMTAxMDgxODE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMTdkOGNiODU2N2NjOWE0NTU0MjNhNTIwOTQ4MDNkNDc4OGFhMTQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0U/jDjnrbGraQWj72GfmMctT8Pkz Mzt29YhMZzGzQkEaN7gOJAutmG/dKhK+45TcLaFh3jNIcUVHfqHzN7iTF2uTfuIN fAAIzLAMzoqxGllZO9hCACfOJ21wHkU4IbimGdLv7+QUgOnHLEUjp/gdgIZ7aHPY nOxak4WxBe1yjXOphMS9WGGOicHyantbbhJehBG8x4ElNoNuHHRUxcnxLIBklb6r SRAyjZRIN5zdmdNVeRi+AZtgMCuu6EJnHGCjtplEf5zRxbyeEAB3sOIWsOR6deg0 VnUWRLfY/7M05d+dXZmjY0WeioQkA29YJu0vXsiXTpz0jD14r/qJ/JUfLwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFKF9jLhWfMmkVUI6UglIA9R4iqFIMB8GA1UdIwQY MBaAFF/3NS1H25eF9JEYCS3ocEpn9lINMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWF9jMUxVZmJsNFgwa1JnSkxlaHdTbWYyVWcwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9kNWQyYjMtN2M0Mi00Nzg1LTk1OTYt NTE3NDgxZDBmODUwLzEvb1gyTXVGWjh5YVJWUWpwU0NVZ0QxSGlLb1VnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS9kNWQyYjMtN2M0Mi00Nzg1LTk1OTYtNTE3NDgxZDBmODUw LzEvWF9jMUxVZmJsNFgwa1JnSkxlaHdTbWYyVWcwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZoIAwQC ufG8MA0GCSqGSIb3DQEBCwUAA4IBAQAhHsbEexiZngyeELgD6pBGZE2xeCI57KSQ j4oCH33m/mOcO7lQ1UaUUDUHHtuG1T3BMpYYTp0R/Ef6rGhu7nZxE/w/EG8/2k++ Qb1616CT3izUvX70fUgspWzFerAkF0A/vHehNCsgqOsiUHrVSIqR1dMnL55HM2/s y62ZGhEsGti+HUDq1Jv3149qGLI+zC9eq3ipssxjWTdMbvuo/QBBq5w+I2ZwKfE7 VqHaIGqpDCCG3A4I93vLUG+AD579+3jvU9zWAI3H1ZOCf0DLC0lJDYbj1ZWCjehY kZvpptG2QmvFEb1IpP9HzAqG/kp3EXY7VygY5AjXQZQY2IKQ4FjW -----END CERTIFICATE-----Generated at Mon Jan 26 05:48:52 2026 by rpki-client