This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/af0a2a-7ebf-4dc0-a319-819b7a7ec434/1/oGOv0O1ixZRdG92zwrspojU0VwY.roa File: oGOv0O1ixZRdG92zwrspojU0VwY.roa (raw, json) Hash identifier: IjgFyfvL9U08ADh5P0ZxxkAaF6oStHyHq7QR+Yuo9FU= Subject key identifier: A0:63:AF:D0:ED:62:C5:94:5D:1B:DD:B3:C2:BB:29:A2:35:34:57:06 Certificate issuer: /CN=ffca997d390cd6e46e0128e50d70b84e7ab6740f Certificate serial: 019B7AC84072314F7C8A1C3BAD0715C510FE Authority key identifier: FF:CA:99:7D:39:0C:D6:E4:6E:01:28:E5:0D:70:B8:4E:7A:B6:74:0F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_8qZfTkM1uRuASjlDXC4Tnq2dA8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/af0a2a-7ebf-4dc0-a319-819b7a7ec434/1/oGOv0O1ixZRdG92zwrspojU0VwY.roa Signing time: Thu 01 Jan 2026 18:18:22 +0000 ROA not before: Thu 01 Jan 2026 18:18:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214509 IP address blocks: 103.132.131.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/af0a2a-7ebf-4dc0-a319-819b7a7ec434/1/_8qZfTkM1uRuASjlDXC4Tnq2dA8.crl rsync://rpki.ripe.net/repository/DEFAULT/57/af0a2a-7ebf-4dc0-a319-819b7a7ec434/1/_8qZfTkM1uRuASjlDXC4Tnq2dA8.mft rsync://rpki.ripe.net/repository/DEFAULT/_8qZfTkM1uRuASjlDXC4Tnq2dA8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:40:72:31:4f:7c:8a:1c:3b:ad:07:15:c5:10:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ffca997d390cd6e46e0128e50d70b84e7ab6740f Validity Not Before: Jan 1 18:18:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a063afd0ed62c5945d1bddb3c2bb29a235345706 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:8c:38:01:84:f6:d3:d0:b6:4f:71:f2:7a:87: 77:ee:a5:92:8d:bb:b3:4c:74:76:44:c8:72:54:be: 99:cf:81:45:3b:bd:db:24:a2:4c:41:cf:7d:e7:33: c4:a7:bb:37:a4:21:0b:dc:81:83:f3:a9:0b:dc:9b: 67:aa:ec:3a:10:c2:84:00:1c:84:36:35:d3:84:95: 94:16:1e:8e:8b:3d:58:0a:f6:26:92:09:02:08:3d: 56:99:93:af:71:ec:49:24:82:46:e8:1b:4c:8d:1e: f6:74:23:03:1c:3a:97:94:36:4a:2c:38:2c:c3:d6: 44:e0:f2:f0:54:35:29:dd:20:6d:4a:d3:ff:70:e8: bd:00:73:54:d8:66:b0:7d:3c:e7:45:91:98:be:27: 2e:21:6b:19:1c:9f:4c:e8:b1:91:b5:ec:dc:9f:64: f8:6c:57:99:06:a3:6c:02:f8:e9:23:31:5c:90:4b: 72:97:e8:04:20:74:59:f2:7f:32:c9:36:42:2f:4d: 44:9c:1c:fd:72:f2:b9:a0:7d:62:51:63:8e:27:2f: 23:b1:95:8a:ac:7e:3c:ea:62:81:eb:c0:8b:fc:22: 7a:f6:71:4c:39:e3:50:c9:0b:c5:8b:cf:38:36:5b: 93:12:25:05:ad:84:08:ac:54:ec:41:7c:96:54:f4: 07:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:63:AF:D0:ED:62:C5:94:5D:1B:DD:B3:C2:BB:29:A2:35:34:57:06 X509v3 Authority Key Identifier: keyid:FF:CA:99:7D:39:0C:D6:E4:6E:01:28:E5:0D:70:B8:4E:7A:B6:74:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_8qZfTkM1uRuASjlDXC4Tnq2dA8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/af0a2a-7ebf-4dc0-a319-819b7a7ec434/1/oGOv0O1ixZRdG92zwrspojU0VwY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/af0a2a-7ebf-4dc0-a319-819b7a7ec434/1/_8qZfTkM1uRuASjlDXC4Tnq2dA8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.132.131.0/24 Signature Algorithm: sha256WithRSAEncryption 83:ed:e0:36:a2:2b:46:75:10:a1:55:6f:c0:0c:4d:08:43:81: 64:fa:5d:fc:9a:1a:b9:90:a3:7f:df:ea:06:e3:53:1c:f9:ea: 36:dc:43:c3:36:fc:67:e1:65:7e:d1:2c:d8:e5:c6:3c:06:1a: a9:fa:8c:21:23:ae:d4:49:90:74:a8:f9:9b:d5:5c:06:a3:da: d6:74:2a:b4:85:b3:a3:36:4f:19:0c:fb:3d:74:55:b6:38:e0: fa:15:fd:9a:9b:ae:50:3f:28:60:4c:0f:ff:9d:e9:e7:d1:2b: da:ac:76:07:2e:0b:bc:ad:18:8f:de:2d:7c:a6:6e:9f:85:57: e4:bd:08:f3:f7:e9:f7:b3:65:5b:10:62:26:6f:fc:ad:bd:5a: 27:a5:e4:7b:6c:ac:d6:18:77:01:bf:aa:43:d8:54:b2:a9:d0: 66:37:ee:6f:45:24:4f:88:c8:dc:99:e1:ac:6e:6c:5a:92:3e: a5:28:33:ee:79:27:43:68:a4:c6:33:7d:3b:60:f8:80:88:74: 96:e4:26:ad:89:26:e0:67:84:d0:3d:50:9f:c5:5d:61:f3:c9: 6f:38:6c:f3:c4:06:b9:0f:32:cb:ac:a3:9c:49:4e:b9:a9:e6: 49:53:e3:6e:ef:4e:7f:af:9f:34:ee:91:e1:78:71:4d:bd:6f: 58:1e:cd:de -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6yEByMU98ihw7rQcVxRD+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZmY2E5OTdkMzkwY2Q2ZTQ2ZTAxMjhlNTBkNzBiODRlN2Fi Njc0MGYwHhcNMjYwMTAxMTgxODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMDYzYWZkMGVkNjJjNTk0NWQxYmRkYjNjMmJiMjlhMjM1MzQ1NzA2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIw4AYT209C2T3Hyeod37qWSjbuz THR2RMhyVL6Zz4FFO73bJKJMQc995zPEp7s3pCEL3IGD86kL3Jtnquw6EMKEAByE NjXThJWUFh6Oiz1YCvYmkgkCCD1WmZOvcexJJIJG6BtMjR72dCMDHDqXlDZKLDgs w9ZE4PLwVDUp3SBtStP/cOi9AHNU2GawfTznRZGYvicuIWsZHJ9M6LGRtezcn2T4 bFeZBqNsAvjpIzFckEtyl+gEIHRZ8n8yyTZCL01EnBz9cvK5oH1iUWOOJy8jsZWK rH486mKB68CL/CJ69nFMOeNQyQvFi884NluTEiUFrYQIrFTsQXyWVPQH7QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFKBjr9DtYsWUXRvds8K7KaI1NFcGMB8GA1UdIwQY MBaAFP/KmX05DNbkbgEo5Q1wuE56tnQPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvXzhxWmZUa00xdVJ1QVNqbERYQzRUbnEyZEE4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9hZjBhMmEtN2ViZi00ZGMwLWEzMTkt ODE5YjdhN2VjNDM0LzEvb0dPdjBPMWl4WlJkRzkyendyc3BvalUwVndZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny9hZjBhMmEtN2ViZi00ZGMwLWEzMTktODE5YjdhN2VjNDM0 LzEvXzhxWmZUa00xdVJ1QVNqbERYQzRUbnEyZEE4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ4SDMA0G CSqGSIb3DQEBCwUAA4IBAQCD7eA2oitGdRChVW/ADE0IQ4Fk+l38mhq5kKN/3+oG 41Mc+eo23EPDNvxn4WV+0SzY5cY8Bhqp+owhI67USZB0qPmb1VwGo9rWdCq0hbOj Nk8ZDPs9dFW2OOD6Ff2am65QPyhgTA//nenn0SvarHYHLgu8rRiP3i18pm6fhVfk vQjz9+n3s2VbEGImb/ytvVonpeR7bKzWGHcBv6pD2FSyqdBmN+5vRSRPiMjcmeGs bmxakj6lKDPueSdDaKTGM307YPiAiHSW5CatiSbgZ4TQPVCfxV1h88lvOGzzxAa5 DzLLrKOcSU65qeZJU+Nu705/r5807pHheHFNvW9YHs3e -----END CERTIFICATE-----Generated at Mon Jan 26 10:24:42 2026 by rpki-client