This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/oaVbg7S2dT4vt1IkHxC33Mu_qH4.roa File: oaVbg7S2dT4vt1IkHxC33Mu_qH4.roa (raw, json) Hash identifier: RfJ62bVkfh06/EBRDj6SLXcrlgx4WIItAmq/GhdbOv0= Subject key identifier: A1:A5:5B:83:B4:B6:75:3E:2F:B7:52:24:1F:10:B7:DC:CB:BF:A8:7E Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e Certificate serial: 019B77C693FB5936DC965B7B92F50C9D078E Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/oaVbg7S2dT4vt1IkHxC33Mu_qH4.roa Signing time: Thu 01 Jan 2026 04:17:41 +0000 ROA not before: Thu 01 Jan 2026 04:17:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202658 IP address blocks: 88.148.49.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:93:fb:59:36:dc:96:5b:7b:92:f5:0c:9d:07:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e Validity Not Before: Jan 1 04:17:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a1a55b83b4b6753e2fb752241f10b7dccbbfa87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:14:23:5b:1f:37:3e:f8:35:55:de:85:d6:fc: 0a:5b:2c:02:cd:40:fa:bf:6d:1d:05:9c:10:21:6e: 88:5b:f1:de:a4:2b:05:64:db:04:d6:84:46:24:01: 82:fd:a0:a2:5a:31:5a:e3:3b:c8:54:69:c2:98:32: cc:c9:12:f7:46:8d:7c:c1:ac:b3:e1:15:a3:e6:6b: 7d:8e:cd:43:96:d5:1e:1c:a9:26:21:37:43:2a:89: f0:fe:a9:1d:51:f5:57:41:d5:fb:4f:f2:bb:0b:8e: e8:1b:0d:e1:85:3b:22:12:4c:da:b9:eb:6b:db:79: ce:c3:a2:f0:6e:dc:bf:38:1d:bc:9c:3d:98:c5:f2: 61:03:7c:06:02:bb:b4:1d:8b:16:68:a1:eb:59:52: b5:d3:a4:b2:1f:98:24:3c:83:c5:12:d1:67:30:7b: fb:9a:f2:ad:64:a6:4a:f5:4f:a0:3d:fc:23:e5:5a: ef:a5:df:0e:62:98:f3:f4:bf:42:db:1a:32:c2:9e: a0:ee:48:f1:f3:d6:7e:74:e1:b9:b3:a3:9e:76:4d: a5:1e:8a:83:84:04:11:47:62:98:ff:7b:62:c7:42: 92:c4:0d:0d:0f:75:e5:fb:35:4e:56:ae:4c:9f:45: 44:5e:1b:6c:7f:70:41:87:e4:46:60:6a:a7:94:0c: 5d:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:A5:5B:83:B4:B6:75:3E:2F:B7:52:24:1F:10:B7:DC:CB:BF:A8:7E X509v3 Authority Key Identifier: keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/oaVbg7S2dT4vt1IkHxC33Mu_qH4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 88.148.49.0/24 Signature Algorithm: sha256WithRSAEncryption a2:ed:36:ff:aa:e2:b7:19:89:e8:2a:b0:76:f4:79:cd:2c:9e: c2:b5:3d:ed:c6:3d:f2:14:a7:9f:0a:a4:26:69:1a:39:51:6a: 62:9d:9a:16:73:3e:89:d4:4a:49:67:e0:27:16:cb:da:22:78: e5:ac:e8:83:1a:57:52:57:8a:43:9d:c3:89:2a:a4:1f:5d:82: 76:7c:77:ea:c2:cd:a6:c0:51:9e:07:05:5e:2c:59:73:8a:45: 14:dd:b9:f0:75:b4:02:b1:88:3b:d2:35:d5:e0:a0:90:99:38: 75:fb:14:9a:29:01:26:43:d8:86:c2:12:05:10:9f:70:1f:40: 79:54:8a:e6:41:d9:e7:47:ca:86:be:67:ab:5e:ad:b8:16:7b: 67:7a:fb:b9:21:fc:84:ea:05:3a:c6:38:a6:b8:83:83:1f:17: 59:ee:8e:f8:f8:68:9f:4b:43:3d:f3:51:71:92:3a:95:e4:ec: 42:3c:ac:2a:2d:05:9c:5d:1a:68:59:cf:02:6a:d9:29:6a:72: 07:b9:67:1b:c5:4a:e4:13:45:63:a0:cf:97:7f:4e:53:cc:17: 00:71:30:be:8f:f7:6b:d9:8e:93:f3:d8:0f:9e:81:c4:ad:7b: 80:a2:5d:ef:62:cc:ef:57:c1:f8:09:89:99:1b:53:f4:81:21: 59:e1:4a:6d -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3xpP7WTbcllt7kvUMnQeOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy MGI3M2UwHhcNMjYwMTAxMDQxNzQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMWE1NWI4M2I0YjY3NTNlMmZiNzUyMjQxZjEwYjdkY2NiYmZhODdlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBQjWx83Pvg1Vd6F1vwKWywCzUD6 v20dBZwQIW6IW/HepCsFZNsE1oRGJAGC/aCiWjFa4zvIVGnCmDLMyRL3Ro18wayz 4RWj5mt9js1DltUeHKkmITdDKonw/qkdUfVXQdX7T/K7C47oGw3hhTsiEkzauetr 23nOw6Lwbty/OB28nD2YxfJhA3wGAru0HYsWaKHrWVK106SyH5gkPIPFEtFnMHv7 mvKtZKZK9U+gPfwj5Vrvpd8OYpjz9L9C2xoywp6g7kjx89Z+dOG5s6Oedk2lHoqD hAQRR2KY/3tix0KSxA0ND3Xl+zVOVq5Mn0VEXhtsf3BBh+RGYGqnlAxdswIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFKGlW4O0tnU+L7dSJB8Qt9zLv6h+MB8GA1UdIwQY MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt Y2YwNmQxOTgzYmExLzEvb2FWYmc3UzJkVDR2dDFJa0h4QzMzTXVfcUg0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWJQxMA0G CSqGSIb3DQEBCwUAA4IBAQCi7Tb/quK3GYnoKrB29HnNLJ7CtT3txj3yFKefCqQm aRo5UWpinZoWcz6J1EpJZ+AnFsvaInjlrOiDGldSV4pDncOJKqQfXYJ2fHfqws2m wFGeBwVeLFlzikUU3bnwdbQCsYg70jXV4KCQmTh1+xSaKQEmQ9iGwhIFEJ9wH0B5 VIrmQdnnR8qGvmerXq24Fntnevu5IfyE6gU6xjimuIODHxdZ7o74+GifS0M981Fx kjqV5OxCPKwqLQWcXRpoWc8CatkpanIHuWcbxUrkE0VjoM+Xf05TzBcAcTC+j/dr 2Y6T89gPnoHErXuAol3vYszvV8H4CYmZG1P0gSFZ4Upt -----END CERTIFICATE-----Generated at Sun Jan 25 10:08:49 2026 by rpki-client