This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/oIIbuj2FHcGESIdrcnZdquUCmAw.roa File: oIIbuj2FHcGESIdrcnZdquUCmAw.roa (raw, json) Hash identifier: IYUyIGj5ktu8xidYz/ZKK6vrmLnBBGD3Tn1bdnoOMEY= Subject key identifier: A0:82:1B:BA:3D:85:1D:C1:84:48:87:6B:72:76:5D:AA:E5:02:98:0C Certificate issuer: /CN=d07d7573aacae821c87d6d36431cfe4b2801ab41 Certificate serial: 019B7E3888AA8DADDF20661725C03C8DFE4C Authority key identifier: D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/oIIbuj2FHcGESIdrcnZdquUCmAw.roa Signing time: Fri 02 Jan 2026 10:19:52 +0000 ROA not before: Fri 02 Jan 2026 10:19:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49737 IP address blocks: 89.25.32.0/24 maxlen: 24 89.25.48.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.crl rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.mft rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:88:aa:8d:ad:df:20:66:17:25:c0:3c:8d:fe:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d07d7573aacae821c87d6d36431cfe4b2801ab41 Validity Not Before: Jan 2 10:19:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a0821bba3d851dc18448876b72765daae502980c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:ce:18:2e:81:6b:b6:5c:5a:31:12:e8:54:e0: 06:d6:0f:41:fd:f4:37:a3:11:8f:3f:92:87:58:f6: 06:9b:ba:0b:91:36:aa:99:d2:a9:97:b9:5d:69:0f: 35:e9:e7:b4:ba:f7:86:f5:51:39:63:a3:a4:ef:ee: 8e:27:b9:db:fd:3a:6f:72:da:18:6d:11:fb:ef:55: 40:2a:66:89:ea:b3:b2:81:05:7c:61:a6:c4:6c:40: 32:98:79:1f:3e:4e:5c:f4:63:51:ee:a3:bd:6d:c6: bd:c7:87:71:7c:96:cf:09:85:fd:7e:5f:46:a9:a7: ab:eb:6b:e4:b9:8f:7b:c5:b4:81:2e:a5:3c:ae:cf: 2a:c7:04:b0:4a:08:55:6d:92:03:65:00:12:f3:23: eb:29:a9:c5:3c:85:f2:9d:d9:3a:3b:26:df:09:f9: e9:8c:9d:98:d4:d8:e1:ee:1f:6c:86:48:0c:4c:3a: f3:a0:ea:3a:ba:db:b0:a9:7c:65:43:23:38:2f:77: 26:07:f0:52:28:ff:76:da:65:cb:b9:62:da:76:ff: 4d:cf:0f:57:51:76:01:c7:d0:8c:3d:8a:e3:92:c2: d0:15:95:1b:08:4a:db:36:73:de:86:de:ea:30:f6: 3d:f1:9e:cf:e6:95:d0:da:1e:65:0b:a0:f5:6a:56: 64:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:82:1B:BA:3D:85:1D:C1:84:48:87:6B:72:76:5D:AA:E5:02:98:0C X509v3 Authority Key Identifier: keyid:D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/oIIbuj2FHcGESIdrcnZdquUCmAw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.25.32.0/24 89.25.48.0/24 Signature Algorithm: sha256WithRSAEncryption bb:4e:b6:bf:5e:d8:91:4d:8c:5c:ed:6e:a3:47:90:e8:8a:5d: e3:2d:8d:7b:38:62:04:73:0a:fd:63:d8:71:27:97:a9:42:17: 33:37:7b:10:55:9e:33:68:6c:a9:9c:66:df:5b:e5:19:63:3d: 73:dc:96:28:33:82:59:00:c2:4f:cc:1a:15:80:6b:18:11:93: 43:67:e0:e6:3c:e0:44:3a:c0:37:91:35:6c:c6:a0:85:bf:10: 90:2c:9c:ac:46:31:e3:3d:3a:f8:7e:50:ec:e1:95:c0:c7:3d: f0:f4:87:b6:b8:b6:fb:16:e0:a8:49:e6:36:c7:1e:4e:59:d9: e7:79:35:61:21:67:fb:fc:13:37:40:56:b0:3e:6c:38:70:84: 90:4f:d0:a1:2a:cf:19:86:03:ba:5e:15:77:74:52:46:00:86: a1:40:59:1a:a6:c9:7d:89:61:63:e9:2c:41:c2:c9:ca:6d:58: 30:31:32:b1:d9:e7:7f:2d:c2:f0:93:4f:bb:e1:84:32:64:f3: 6c:74:18:b7:ef:74:18:3e:8c:f5:23:4f:cf:e4:12:5f:2f:64: de:f6:7d:eb:97:e5:29:4b:1b:59:09:3f:bc:49:a0:85:c9:60: b5:e6:be:b0:5b:b6:75:11:ce:4e:dc:33:c7:b5:f9:ee:30:51: 8f:98:7a:01 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+OIiqja3fIGYXJcA8jf5MMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwN2Q3NTczYWFjYWU4MjFjODdkNmQzNjQzMWNmZTRiMjgw MWFiNDEwHhcNMjYwMTAyMTAxOTUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMDgyMWJiYTNkODUxZGMxODQ0ODg3NmI3Mjc2NWRhYWU1MDI5ODBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlc4YLoFrtlxaMRLoVOAG1g9B/fQ3 oxGPP5KHWPYGm7oLkTaqmdKpl7ldaQ816ee0uveG9VE5Y6Ok7+6OJ7nb/TpvctoY bRH771VAKmaJ6rOygQV8YabEbEAymHkfPk5c9GNR7qO9bca9x4dxfJbPCYX9fl9G qaer62vkuY97xbSBLqU8rs8qxwSwSghVbZIDZQAS8yPrKanFPIXyndk6OybfCfnp jJ2Y1Njh7h9shkgMTDrzoOo6utuwqXxlQyM4L3cmB/BSKP922mXLuWLadv9Nzw9X UXYBx9CMPYrjksLQFZUbCErbNnPeht7qMPY98Z7P5pXQ2h5lC6D1alZkFQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFKCCG7o9hR3BhEiHa3J2XarlApgMMB8GA1UdIwQY MBaAFNB9dXOqyughyH1tNkMc/ksoAatBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjIt Y2Y5ZGM1YmFhYTc5LzEvb0lJYnVqMkZIY0dFU0lkcmNuWmRxdVVDbUF3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjItY2Y5ZGM1YmFhYTc5 LzEvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWRkgAwQA WRkwMA0GCSqGSIb3DQEBCwUAA4IBAQC7Tra/XtiRTYxc7W6jR5Doil3jLY17OGIE cwr9Y9hxJ5epQhczN3sQVZ4zaGypnGbfW+UZYz1z3JYoM4JZAMJPzBoVgGsYEZND Z+DmPOBEOsA3kTVsxqCFvxCQLJysRjHjPTr4flDs4ZXAxz3w9Ie2uLb7FuCoSeY2 xx5OWdnneTVhIWf7/BM3QFawPmw4cISQT9ChKs8ZhgO6XhV3dFJGAIahQFkapsl9 iWFj6SxBwsnKbVgwMTKx2ed/LcLwk0+74YQyZPNsdBi373QYPoz1I0/P5BJfL2Te 9n3rl+UpSxtZCT+8SaCFyWC15r6wW7Z1Ec5O3DPHtfnuMFGPmHoB -----END CERTIFICATE-----Generated at Mon Jan 26 00:14:06 2026 by rpki-client