This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/OxhwppLGol158lCsq2yWJNLf_NE.roa File: OxhwppLGol158lCsq2yWJNLf_NE.roa (raw, json) Hash identifier: MmzmN0W/m1dLKAb2mybZa7hE2FPBvGD3tTttqagSblg= Subject key identifier: 3B:18:70:A6:92:C6:A2:5D:79:F2:50:AC:AB:6C:96:24:D2:DF:FC:D1 Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e Certificate serial: 019B7CED5FBE16BBF41E38386C3D8F68BA3A Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/OxhwppLGol158lCsq2yWJNLf_NE.roa Signing time: Fri 02 Jan 2026 04:18:09 +0000 ROA not before: Fri 02 Jan 2026 04:18:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205262 IP address blocks: 37.122.216.0/22 maxlen: 24 89.40.74.0/24 maxlen: 24 185.84.204.0/22 maxlen: 24 185.205.252.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.mft rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:5f:be:16:bb:f4:1e:38:38:6c:3d:8f:68:ba:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e Validity Not Before: Jan 2 04:18:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3b1870a692c6a25d79f250acab6c9624d2dffcd1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:a4:1d:21:f3:b9:bf:21:2e:a7:ee:c5:20:b4: be:97:f6:aa:3b:3a:93:cf:10:49:93:4e:f3:0e:bc: f9:60:8b:37:95:3e:7f:3a:aa:dc:a2:f9:b5:c2:b4: 74:3f:2d:ad:d9:14:77:f6:68:f8:a5:f0:ca:90:63: af:a8:5e:db:8c:96:47:69:ae:90:5f:3c:47:88:85: b0:57:ec:5e:e5:b8:ce:0a:80:25:fc:5d:06:26:52: cd:ba:96:28:cd:24:ad:6d:6f:66:cb:da:87:fe:85: ae:e6:04:be:3f:20:a8:9b:82:0a:1c:98:f4:a3:b9: 75:c1:c9:77:2a:aa:d2:1e:50:d9:76:13:50:42:fd: c8:ab:63:13:92:c1:41:88:81:8b:3a:35:03:8a:79: 43:f2:83:d5:49:53:c4:f0:a5:91:92:b1:37:c5:ae: 24:b4:46:3c:76:33:59:c2:96:6e:0a:eb:8b:af:e7: 67:8f:90:58:b7:ad:76:10:5a:f6:60:ad:58:24:ec: 92:11:5a:22:51:ef:65:d5:d9:6c:cd:f3:3c:97:3d: 5c:18:03:d9:6e:f8:8f:71:72:ec:04:0a:39:30:8f: 92:e6:c2:3f:7e:a4:bc:8b:f6:0f:a4:13:78:f6:5d: f6:0e:f6:5f:c2:f7:ad:8e:a8:2b:7b:17:49:2a:26: 89:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:18:70:A6:92:C6:A2:5D:79:F2:50:AC:AB:6C:96:24:D2:DF:FC:D1 X509v3 Authority Key Identifier: keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/OxhwppLGol158lCsq2yWJNLf_NE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.122.216.0/22 89.40.74.0/24 185.84.204.0/22 185.205.252.0/22 Signature Algorithm: sha256WithRSAEncryption 09:cd:8e:dc:06:91:ef:d7:42:c6:b6:c3:90:c9:79:15:44:ec: 92:d6:42:6d:86:f3:4f:3a:ad:19:69:c1:d1:73:f7:b5:98:bb: 0f:89:45:3a:4a:5d:72:2f:92:29:6d:fb:9d:19:61:e6:8d:88: 7f:36:a2:31:c6:bb:45:d6:f2:b3:66:a6:da:49:ed:88:3d:eb: 53:cd:55:56:ac:f3:56:b1:58:3d:f8:a6:0e:8f:60:f0:7a:e2: dd:c5:d3:9f:8e:86:a4:42:10:84:71:c4:8b:e9:60:32:41:3b: 66:00:93:8e:9d:34:d7:86:20:e7:c7:43:83:aa:a9:23:31:49: 20:23:06:ea:19:13:4c:3d:5a:15:f3:d2:3d:88:39:7c:6e:da: 9b:87:5b:3d:a9:43:67:16:7b:ee:a3:0e:39:33:52:e7:79:e4: b5:00:52:a6:92:fb:2a:99:4a:a3:29:04:67:70:ea:d4:b7:03: c6:41:6b:51:65:a3:e8:6a:c2:7d:2d:4f:4b:9f:24:cb:8c:00: 6a:d5:44:68:c2:e8:a8:8b:48:9d:14:48:d1:07:41:a2:0f:33: 3d:1a:e3:d8:35:aa:4e:b9:d1:62:77:fd:31:e3:90:d8:f8:b1: ea:6e:61:ac:fa:89:39:3c:04:e6:b8:18:00:d7:b2:e2:12:b6: 2a:71:04:8a -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt87V++Frv0Hjg4bD2PaLo6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0 NjVjMmUwHhcNMjYwMTAyMDQxODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYjE4NzBhNjkyYzZhMjVkNzlmMjUwYWNhYjZjOTYyNGQyZGZmY2QxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaQdIfO5vyEup+7FILS+l/aqOzqT zxBJk07zDrz5YIs3lT5/Oqrcovm1wrR0Py2t2RR39mj4pfDKkGOvqF7bjJZHaa6Q XzxHiIWwV+xe5bjOCoAl/F0GJlLNupYozSStbW9my9qH/oWu5gS+PyCom4IKHJj0 o7l1wcl3KqrSHlDZdhNQQv3Iq2MTksFBiIGLOjUDinlD8oPVSVPE8KWRkrE3xa4k tEY8djNZwpZuCuuLr+dnj5BYt612EFr2YK1YJOySEVoiUe9l1dlszfM8lz1cGAPZ bviPcXLsBAo5MI+S5sI/fqS8i/YPpBN49l32DvZfwvetjqgrexdJKiaJnwIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFDsYcKaSxqJdefJQrKtsliTS3/zRMB8GA1UdIwQY MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt OTE2NDZiZjAxNTNkLzEvT3hod3BwTEdvbDE1OGxDc3EyeVdKTkxmX05FLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCJXrYAwQA WShKAwQCuVTMAwQCuc38MA0GCSqGSIb3DQEBCwUAA4IBAQAJzY7cBpHv10LGtsOQ yXkVROyS1kJthvNPOq0ZacHRc/e1mLsPiUU6Sl1yL5IpbfudGWHmjYh/NqIxxrtF 1vKzZqbaSe2IPetTzVVWrPNWsVg9+KYOj2DweuLdxdOfjoakQhCEccSL6WAyQTtm AJOOnTTXhiDnx0ODqqkjMUkgIwbqGRNMPVoV89I9iDl8btqbh1s9qUNnFnvuow45 M1LneeS1AFKmkvsqmUqjKQRncOrUtwPGQWtRZaPoasJ9LU9LnyTLjABq1URowuio i0idFEjRB0GiDzM9GuPYNapOudFid/0x45DY+LHqbmGs+ok5PATmuBgA17LiErYq cQSK -----END CERTIFICATE-----Generated at Mon Jan 26 01:15:58 2026 by rpki-client