This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/O-5YbSnsrHJq6CYXfN6lS0bXHtU.roa File: O-5YbSnsrHJq6CYXfN6lS0bXHtU.roa (raw, json) Hash identifier: m5fRexPWtu8YYbrVFGnW8/Uexvsppoei1HeT805HRHA= Subject key identifier: 3B:EE:58:6D:29:EC:AC:72:6A:E8:26:17:7C:DE:A5:4B:46:D7:1E:D5 Certificate issuer: /CN=90c00137ee6dfaeb4ea4823bc173c3bc00031df9 Certificate serial: 019B78A3051E6DCC1A2A63246CA74276527E Authority key identifier: 90:C0:01:37:EE:6D:FA:EB:4E:A4:82:3B:C1:73:C3:BC:00:03:1D:F9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kMABN-5t-utOpII7wXPDvAADHfk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/O-5YbSnsrHJq6CYXfN6lS0bXHtU.roa Signing time: Thu 01 Jan 2026 08:18:28 +0000 ROA not before: Thu 01 Jan 2026 08:18:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12479 IP address blocks: 80.251.64.0/20 maxlen: 24 185.124.20.0/22 maxlen: 24 217.173.112.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.crl rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.mft rsync://rpki.ripe.net/repository/DEFAULT/kMABN-5t-utOpII7wXPDvAADHfk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:05:1e:6d:cc:1a:2a:63:24:6c:a7:42:76:52:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90c00137ee6dfaeb4ea4823bc173c3bc00031df9 Validity Not Before: Jan 1 08:18:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3bee586d29ecac726ae826177cdea54b46d71ed5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:7c:ff:bc:ad:78:13:c2:4a:12:99:80:87:a8: 00:c7:87:11:a7:2d:13:c0:4f:1a:96:8a:e2:99:d2: ac:e3:c8:fc:17:90:e9:88:19:f5:21:c4:f3:fb:a9: 08:36:d1:82:d9:47:39:d0:94:b6:43:ef:c2:c0:fb: 65:5a:58:02:23:95:98:77:1c:9b:e7:c1:1d:52:6b: c4:f5:2a:92:64:f9:b5:f2:0b:51:9e:a8:bd:1b:e5: bd:e4:44:c3:3c:61:7f:23:41:ff:67:80:3b:87:e1: 41:c9:78:07:6c:fa:f5:11:12:3a:ef:64:17:42:88: 2c:97:78:73:0b:a3:c3:1d:f3:32:51:84:a7:84:3d: 33:3a:99:5c:bb:e2:9e:77:eb:53:6a:4f:8a:37:5d: 84:c6:3d:e5:21:68:a6:ef:e1:c9:71:5e:40:7e:b3: e7:e5:22:88:fe:ca:19:a9:ca:b1:5d:75:31:b5:59: aa:47:5c:1c:5c:bf:3f:cc:87:e9:ed:c3:6e:c1:45: 8f:53:13:1c:bf:00:e9:d1:e5:66:22:d5:68:12:64: f1:a1:59:82:1f:95:eb:21:24:1c:f2:3d:cd:fd:3b: d3:13:b8:6b:e7:c6:81:c5:a9:46:02:c5:9f:c4:76: a0:e1:39:7f:fb:97:bf:0d:d1:f0:9d:02:6c:4b:ef: 7c:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:EE:58:6D:29:EC:AC:72:6A:E8:26:17:7C:DE:A5:4B:46:D7:1E:D5 X509v3 Authority Key Identifier: keyid:90:C0:01:37:EE:6D:FA:EB:4E:A4:82:3B:C1:73:C3:BC:00:03:1D:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kMABN-5t-utOpII7wXPDvAADHfk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/O-5YbSnsrHJq6CYXfN6lS0bXHtU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.251.64.0/20 185.124.20.0/22 217.173.112.0/20 Signature Algorithm: sha256WithRSAEncryption 8c:6e:c3:e0:9a:29:99:d0:c4:4f:63:db:17:38:d7:46:f7:6e: 65:a4:d3:11:80:5b:b0:47:9e:5c:9e:db:50:01:98:bb:96:d9: c4:2d:60:b8:64:28:af:73:b0:04:2a:74:52:fb:64:ee:8b:28: da:cf:ea:0e:99:d4:6c:75:24:64:3f:f4:08:c3:be:75:83:bd: 75:1a:cd:26:9f:92:cf:39:e8:56:4b:f4:1d:f2:16:60:5a:b1: ea:f1:89:2b:fb:0c:e9:2b:59:b8:dc:ca:49:93:41:0c:59:8b: e3:0b:50:b6:b5:fd:0f:d7:cc:ae:f7:48:e5:30:aa:6a:67:f3: b5:f0:de:a8:02:bb:db:96:2f:35:dc:53:27:16:a0:d0:f3:4f: 4d:22:8b:2b:da:6c:69:74:82:55:c6:25:f3:10:e2:77:1c:31: 69:9b:8b:78:26:4b:13:39:99:6b:73:1c:59:88:1b:b3:f7:d0: 4b:30:e4:70:47:43:9e:f5:b7:5d:69:f5:85:90:be:72:82:ba: c0:f9:bb:72:55:f0:13:f7:8a:9e:6d:16:3f:9d:e2:04:7c:16: 34:7a:e0:0e:7c:d5:c3:1b:61:f8:15:e0:7a:97:a4:fe:74:3a: a7:89:60:1e:4e:d9:70:4a:51:b4:65:47:74:9d:d7:6e:75:e5: 4d:35:f4:b1 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt4owUebcwaKmMkbKdCdlJ+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwYzAwMTM3ZWU2ZGZhZWI0ZWE0ODIzYmMxNzNjM2JjMDAw MzFkZjkwHhcNMjYwMTAxMDgxODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYmVlNTg2ZDI5ZWNhYzcyNmFlODI2MTc3Y2RlYTU0YjQ2ZDcxZWQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXz/vK14E8JKEpmAh6gAx4cRpy0T wE8alorimdKs48j8F5DpiBn1IcTz+6kINtGC2Uc50JS2Q+/CwPtlWlgCI5WYdxyb 58EdUmvE9SqSZPm18gtRnqi9G+W95ETDPGF/I0H/Z4A7h+FByXgHbPr1ERI672QX Qogsl3hzC6PDHfMyUYSnhD0zOplcu+Ked+tTak+KN12Exj3lIWim7+HJcV5AfrPn 5SKI/soZqcqxXXUxtVmqR1wcXL8/zIfp7cNuwUWPUxMcvwDp0eVmItVoEmTxoVmC H5XrISQc8j3N/TvTE7hr58aBxalGAsWfxHag4Tl/+5e/DdHwnQJsS+98oQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFDvuWG0p7KxyaugmF3zepUtG1x7VMB8GA1UdIwQY MBaAFJDAATfubfrrTqSCO8Fzw7wAAx35MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva01BQk4tNXQtdXRPcElJN3dYUER2QUFESGZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iZTM3MGUtNjcyOS00ZGY3LWFhYmUt MGE1MjViNjlkYjhmLzEvTy01WWJTbnNySEpxNkNZWGZONmxTMGJYSHRVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9iZTM3MGUtNjcyOS00ZGY3LWFhYmUtMGE1MjViNjlkYjhm LzEva01BQk4tNXQtdXRPcElJN3dYUER2QUFESGZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEUPtAAwQC uXwUAwQE2a1wMA0GCSqGSIb3DQEBCwUAA4IBAQCMbsPgmimZ0MRPY9sXONdG925l pNMRgFuwR55cnttQAZi7ltnELWC4ZCivc7AEKnRS+2Tuiyjaz+oOmdRsdSRkP/QI w751g711Gs0mn5LPOehWS/Qd8hZgWrHq8Ykr+wzpK1m43MpJk0EMWYvjC1C2tf0P 18yu90jlMKpqZ/O18N6oArvbli813FMnFqDQ809NIosr2mxpdIJVxiXzEOJ3HDFp m4t4JksTOZlrcxxZiBuz99BLMORwR0Oe9bddafWFkL5ygrrA+btyVfAT94qebRY/ neIEfBY0euAOfNXDG2H4FeB6l6T+dDqniWAeTtlwSlG0ZUd0nddudeVNNfSx -----END CERTIFICATE-----Generated at Sun Jan 25 23:32:41 2026 by rpki-client