This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/9d5fdc-66b2-4718-8b24-11daf170d7cd/1/Oon2IIrGkbnZaP-hb1ZNPn5crpM.roa File: Oon2IIrGkbnZaP-hb1ZNPn5crpM.roa (raw, json) Hash identifier: aV6nVsAigskV1T2EnkJOb7mIfcRM6nE2dCNvULEtGlA= Subject key identifier: 3A:89:F6:20:8A:C6:91:B9:D9:68:FF:A1:6F:56:4D:3E:7E:5C:AE:93 Certificate issuer: /CN=6e3e501d2513e5aed4423d7eb265e60822a8e78d Certificate serial: 019B7C117B0EEA4494F42875CE43970337BA Authority key identifier: 6E:3E:50:1D:25:13:E5:AE:D4:42:3D:7E:B2:65:E6:08:22:A8:E7:8D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bj5QHSUT5a7UQj1-smXmCCKo540.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/9d5fdc-66b2-4718-8b24-11daf170d7cd/1/Oon2IIrGkbnZaP-hb1ZNPn5crpM.roa Signing time: Fri 02 Jan 2026 00:17:58 +0000 ROA not before: Fri 02 Jan 2026 00:17:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60893 IP address blocks: 185.220.108.0/22 maxlen: 24 2a0b:efc0::/32 maxlen: 32 2a0b:efc0:400::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/9d5fdc-66b2-4718-8b24-11daf170d7cd/1/bj5QHSUT5a7UQj1-smXmCCKo540.crl rsync://rpki.ripe.net/repository/DEFAULT/4c/9d5fdc-66b2-4718-8b24-11daf170d7cd/1/bj5QHSUT5a7UQj1-smXmCCKo540.mft rsync://rpki.ripe.net/repository/DEFAULT/bj5QHSUT5a7UQj1-smXmCCKo540.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 00:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:11:7b:0e:ea:44:94:f4:28:75:ce:43:97:03:37:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6e3e501d2513e5aed4423d7eb265e60822a8e78d Validity Not Before: Jan 2 00:17:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3a89f6208ac691b9d968ffa16f564d3e7e5cae93 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:2d:3b:35:a6:ab:19:3b:51:1d:b5:9e:50:45: 81:a3:5c:c4:e5:23:6e:9f:34:71:9b:a4:c3:d2:72: 16:b6:f5:84:ad:ac:9a:c5:6a:a9:4f:94:54:bf:a1: d6:d2:bd:2c:ab:ea:5f:92:37:cf:c9:d1:79:64:f4: f9:8e:94:62:b1:88:4d:09:d1:93:74:39:d3:02:1b: ac:06:47:11:28:e7:9a:dd:a2:c8:d4:b5:03:f2:43: a6:63:13:3c:1c:a6:09:54:8a:24:63:bb:48:6b:ee: ab:20:85:33:22:de:50:d3:34:77:bd:2d:7b:29:1e: 96:38:51:30:53:80:b1:a4:3f:4a:f3:c0:73:cb:6d: 57:86:39:a3:53:b3:8f:d1:67:3b:12:9d:cc:de:b1: 8b:b5:89:d7:46:3f:dc:bb:cb:30:11:b0:1f:bc:39: 93:bb:fd:ff:90:94:d4:13:86:62:84:ca:97:a5:c6: d9:05:e0:3c:36:b1:37:e6:21:a3:b4:27:09:dd:8c: f3:c5:5a:3b:fa:5f:ba:db:79:ec:12:96:9e:c0:2f: 3d:6f:dd:c6:e5:b4:dd:16:1d:8f:b5:f5:f1:e2:41: 1d:6a:33:6b:90:52:29:2e:05:0d:3f:81:b8:47:10: ca:56:8b:80:50:a5:a4:1a:17:d3:d7:a1:4b:6c:05: 84:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:89:F6:20:8A:C6:91:B9:D9:68:FF:A1:6F:56:4D:3E:7E:5C:AE:93 X509v3 Authority Key Identifier: keyid:6E:3E:50:1D:25:13:E5:AE:D4:42:3D:7E:B2:65:E6:08:22:A8:E7:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bj5QHSUT5a7UQj1-smXmCCKo540.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/9d5fdc-66b2-4718-8b24-11daf170d7cd/1/Oon2IIrGkbnZaP-hb1ZNPn5crpM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/9d5fdc-66b2-4718-8b24-11daf170d7cd/1/bj5QHSUT5a7UQj1-smXmCCKo540.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.220.108.0/22 IPv6: 2a0b:efc0::/32 Signature Algorithm: sha256WithRSAEncryption 16:24:53:72:c2:10:73:67:3e:a7:db:f0:81:74:d1:20:c5:5e: 2c:10:bd:fc:db:72:75:cd:d7:a1:b4:4b:8b:d8:b3:68:3f:82: 10:9f:21:47:32:4a:5b:3f:83:bc:8b:62:d1:5f:ad:e7:7a:41: 7c:e5:4f:cd:fb:1b:5d:62:d7:e6:c5:a5:65:4d:f8:ac:a2:62: ee:6d:0c:94:84:fb:8b:02:88:5b:2f:60:ac:73:e0:42:39:05: 3b:05:d9:b2:38:a5:c9:62:9a:88:07:51:5e:59:71:1c:cd:df: 5e:ca:84:60:b6:74:6b:60:88:1b:55:3e:0e:74:87:77:25:e9: 46:e4:8b:98:d1:0a:83:de:dd:66:12:24:26:9c:fc:8b:6e:4e: 81:42:b2:eb:ec:34:ab:7a:52:25:e0:c7:32:97:61:c9:b4:f2: 25:b7:44:43:0a:ed:36:19:4a:83:c8:a3:10:96:2d:b7:2c:5d: 8b:2b:61:0f:54:a1:7d:c1:af:eb:3c:79:d5:4e:ab:f4:f0:52: 05:4c:7b:c3:3b:5e:49:8a:ed:b7:f2:8a:ea:d7:65:7b:a8:71: 56:ae:49:1a:11:ce:2d:d4:0c:9f:9f:db:97:8d:47:3a:36:f1: 16:85:b2:10:d0:0b:0d:66:1c:0c:d0:56:f5:c9:76:27:7e:ed: c8:bb:8b:6e -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt8EXsO6kSU9Ch1zkOXAze6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZlM2U1MDFkMjUxM2U1YWVkNDQyM2Q3ZWIyNjVlNjA4MjJh OGU3OGQwHhcNMjYwMTAyMDAxNzU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYTg5ZjYyMDhhYzY5MWI5ZDk2OGZmYTE2ZjU2NGQzZTdlNWNhZTkzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAii07NaarGTtRHbWeUEWBo1zE5SNu nzRxm6TD0nIWtvWErayaxWqpT5RUv6HW0r0sq+pfkjfPydF5ZPT5jpRisYhNCdGT dDnTAhusBkcRKOea3aLI1LUD8kOmYxM8HKYJVIokY7tIa+6rIIUzIt5Q0zR3vS17 KR6WOFEwU4CxpD9K88Bzy21XhjmjU7OP0Wc7Ep3M3rGLtYnXRj/cu8swEbAfvDmT u/3/kJTUE4ZihMqXpcbZBeA8NrE35iGjtCcJ3YzzxVo7+l+623nsEpaewC89b93G 5bTdFh2PtfXx4kEdajNrkFIpLgUNP4G4RxDKVouAUKWkGhfT16FLbAWEuQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFDqJ9iCKxpG52Wj/oW9WTT5+XK6TMB8GA1UdIwQY MBaAFG4+UB0lE+Wu1EI9frJl5ggiqOeNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYmo1UUhTVVQ1YTdVUWoxLXNtWG1DQ0tvNTQwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy85ZDVmZGMtNjZiMi00NzE4LThiMjQt MTFkYWYxNzBkN2NkLzEvT29uMklJckdrYm5aYVAtaGIxWk5QbjVjcnBNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yy85ZDVmZGMtNjZiMi00NzE4LThiMjQtMTFkYWYxNzBkN2Nk LzEvYmo1UUhTVVQ1YTdVUWoxLXNtWG1DQ0tvNTQwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudxsMA0E AgACMAcDBQAqC+/AMA0GCSqGSIb3DQEBCwUAA4IBAQAWJFNywhBzZz6n2/CBdNEg xV4sEL3823J1zdehtEuL2LNoP4IQnyFHMkpbP4O8i2LRX63nekF85U/N+xtdYtfm xaVlTfisomLubQyUhPuLAohbL2Csc+BCOQU7BdmyOKXJYpqIB1FeWXEczd9eyoRg tnRrYIgbVT4OdId3JelG5IuY0QqD3t1mEiQmnPyLbk6BQrLr7DSrelIl4Mcyl2HJ tPIlt0RDCu02GUqDyKMQli23LF2LK2EPVKF9wa/rPHnVTqv08FIFTHvDO15Jiu23 8orq12V7qHFWrkkaEc4t1Ayfn9uXjUc6NvEWhbIQ0AsNZhwM0Fb1yXYnfu3Iu4tu -----END CERTIFICATE-----Generated at Mon Jan 26 11:05:02 2026 by rpki-client