This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/olLdwLXWVH3ELSAhFdT35PigaNQ.roa File: olLdwLXWVH3ELSAhFdT35PigaNQ.roa (raw, json) Hash identifier: clBN6SiwsZTw39xELWuLI9WUeSBXqCInED288IoGNco= Subject key identifier: A2:52:DD:C0:B5:D6:54:7D:C4:2D:20:21:15:D4:F7:E4:F8:A0:68:D4 Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d Certificate serial: 019BE5E29664F2D1201F7E94493D06A82156 Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/olLdwLXWVH3ELSAhFdT35PigaNQ.roa Signing time: Thu 22 Jan 2026 13:26:30 +0000 ROA not before: Thu 22 Jan 2026 13:26:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48678 IP address blocks: 109.236.49.0/24 maxlen: 24 109.236.51.0/24 maxlen: 24 160.20.111.0/24 maxlen: 24 185.85.236.0/24 maxlen: 24 185.254.28.0/24 maxlen: 24 185.254.29.0/24 maxlen: 24 193.35.152.0/24 maxlen: 24 193.35.155.0/24 maxlen: 24 194.62.55.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:e5:e2:96:64:f2:d1:20:1f:7e:94:49:3d:06:a8:21:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d Validity Not Before: Jan 22 13:26:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a252ddc0b5d6547dc42d202115d4f7e4f8a068d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:59:1e:7b:17:f1:e7:91:3b:fb:4b:ea:36:6c: b5:97:40:8a:82:95:30:43:f9:73:b3:3c:63:72:01: 8e:e4:41:67:be:4f:35:4c:fb:c4:3e:9d:2a:2a:cd: b9:fc:5c:8e:91:25:5a:48:d7:c2:38:7d:2f:9a:72: dd:53:47:6a:3f:90:7e:18:50:d4:8f:89:da:80:89: 31:c3:61:19:bd:0d:67:da:bf:72:c8:2a:7e:e4:39: 10:1f:39:bf:28:1d:e1:1a:5a:c0:4e:85:6e:64:cb: 90:ba:bc:d4:ee:2a:4c:46:35:42:90:f9:7d:a3:46: 80:4d:c6:aa:e4:a1:92:4b:f6:06:83:48:da:4f:5c: 32:db:37:be:12:e7:8f:e1:4b:6a:8a:8f:59:b0:c8: 3b:71:b4:c5:3f:7a:00:92:db:a1:ad:2d:02:4e:07: d6:bb:51:88:21:92:a5:ee:2b:7f:5c:4c:8d:4d:e0: 7e:12:18:d4:71:08:73:60:f0:f5:b1:d7:f6:0a:1c: 87:c8:1c:af:ad:0d:8d:47:e1:fb:c8:da:c0:78:41: 36:67:ac:23:24:17:8f:6c:f5:15:4e:13:98:5f:08: 12:c1:2a:c3:77:24:c8:62:a6:8f:eb:c1:95:22:70: 16:37:17:b4:87:b3:09:38:df:e6:1e:52:9c:d0:0a: 2c:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:52:DD:C0:B5:D6:54:7D:C4:2D:20:21:15:D4:F7:E4:F8:A0:68:D4 X509v3 Authority Key Identifier: keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/olLdwLXWVH3ELSAhFdT35PigaNQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.236.49.0/24 109.236.51.0/24 160.20.111.0/24 185.85.236.0/24 185.254.28.0/23 193.35.152.0/24 193.35.155.0/24 194.62.55.0/24 Signature Algorithm: sha256WithRSAEncryption 41:10:aa:09:fd:e3:c3:70:c6:d9:28:a6:20:e8:56:9f:da:e7: 95:3a:e0:88:80:6d:8e:7d:af:8a:b2:3e:5d:89:0c:c6:57:ff: 50:74:58:f3:a2:dd:9e:70:1e:b4:c9:81:ca:4a:be:29:92:47: 64:d8:fc:48:19:c7:59:41:de:e1:4c:39:1c:30:b3:69:48:28: 30:cd:65:5a:ff:32:19:11:22:a2:86:fb:4c:ad:76:74:70:a5: 34:81:a6:da:d6:ac:7e:03:25:61:23:25:fa:26:eb:bb:e8:24: 2d:c1:98:ee:d7:f7:9d:1d:fc:23:ec:5c:7f:8a:a7:4e:e4:39: 90:cb:a0:b4:57:8d:a6:90:ef:d1:8d:ee:b5:f0:e1:e8:c5:14: 3f:74:10:7a:ed:5b:10:39:fa:95:50:15:fa:fc:fc:2a:00:83: 1e:b6:d7:1c:bf:48:22:3d:52:d3:1f:14:af:50:ab:04:21:81: df:60:d4:45:b0:be:ea:6d:c0:42:12:19:da:0e:e8:92:10:06: d5:17:c2:29:bc:28:61:2a:f6:de:a2:41:cf:67:52:62:51:13: 5d:c7:e5:28:50:49:44:d6:76:bb:19:b3:2f:c6:02:dd:88:b0: e9:33:d0:18:c0:5c:3a:35:5b:7d:a9:08:ef:3d:33:0e:21:6a: ea:b8:de:40 -----BEGIN CERTIFICATE----- MIIFJzCCBA+gAwIBAgISAZvl4pZk8tEgH36UST0GqCFWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw OTBlNGQwHhcNMjYwMTIyMTMyNjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMjUyZGRjMGI1ZDY1NDdkYzQyZDIwMjExNWQ0ZjdlNGY4YTA2OGQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Vkeexfx55E7+0vqNmy1l0CKgpUw Q/lzszxjcgGO5EFnvk81TPvEPp0qKs25/FyOkSVaSNfCOH0vmnLdU0dqP5B+GFDU j4nagIkxw2EZvQ1n2r9yyCp+5DkQHzm/KB3hGlrAToVuZMuQurzU7ipMRjVCkPl9 o0aATcaq5KGSS/YGg0jaT1wy2ze+EueP4Utqio9ZsMg7cbTFP3oAktuhrS0CTgfW u1GIIZKl7it/XEyNTeB+EhjUcQhzYPD1sdf2ChyHyByvrQ2NR+H7yNrAeEE2Z6wj JBePbPUVThOYXwgSwSrDdyTIYqaP68GVInAWNxe0h7MJON/mHlKc0Aos8QIDAQAB o4ICMzCCAi8wHQYDVR0OBBYEFKJS3cC11lR9xC0gIRXU9+T4oGjUMB8GA1UdIwQY MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt MzlmZGI5ODZmMDU5LzEvb2xMZHdMWFdWSDNFTFNBaEZkVDM1UGlnYU5RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5 LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAbewxAwQA bewzAwQAoBRvAwQAuVXsAwQBuf4cAwQAwSOYAwQAwSObAwQAwj43MA0GCSqGSIb3 DQEBCwUAA4IBAQBBEKoJ/ePDcMbZKKYg6Faf2ueVOuCIgG2Ofa+Ksj5diQzGV/9Q dFjzot2ecB60yYHKSr4pkkdk2PxIGcdZQd7hTDkcMLNpSCgwzWVa/zIZESKihvtM rXZ0cKU0gaba1qx+AyVhIyX6Juu76CQtwZju1/edHfwj7Fx/iqdO5DmQy6C0V42m kO/Rje618OHoxRQ/dBB67VsQOfqVUBX6/PwqAIMettccv0giPVLTHxSvUKsEIYHf YNRFsL7qbcBCEhnaDuiSEAbVF8IpvChhKvbeokHPZ1JiURNdx+UoUElE1na7GbMv xgLdiLDpM9AYwFw6NVt9qQjvPTMOIWrquN5A -----END CERTIFICATE-----Generated at Sun Jan 25 16:11:21 2026 by rpki-client