This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/OrnUiGaAfgoX-LuOUbvnk6uPbH4.roa File: OrnUiGaAfgoX-LuOUbvnk6uPbH4.roa (raw, json) Hash identifier: vcOnRHWoru5B6kfcxHP5t0EEOsXRGZHYwZLGuEiEtsg= Subject key identifier: 3A:B9:D4:88:66:80:7E:0A:17:F8:BB:8E:51:BB:E7:93:AB:8F:6C:7E Certificate issuer: /CN=b0ef19bcb23a2f04c586ac1311a91bc7ca2a9765 Certificate serial: 019B79EC2476D6AE764D6A276091954CB926 Authority key identifier: B0:EF:19:BC:B2:3A:2F:04:C5:86:AC:13:11:A9:1B:C7:CA:2A:97:65 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sO8ZvLI6LwTFhqwTEakbx8oql2U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/OrnUiGaAfgoX-LuOUbvnk6uPbH4.roa Signing time: Thu 01 Jan 2026 14:17:57 +0000 ROA not before: Thu 01 Jan 2026 14:17:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212238 IP address blocks: 91.213.4.0/24 maxlen: 24 91.214.171.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/sO8ZvLI6LwTFhqwTEakbx8oql2U.crl rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/sO8ZvLI6LwTFhqwTEakbx8oql2U.mft rsync://rpki.ripe.net/repository/DEFAULT/sO8ZvLI6LwTFhqwTEakbx8oql2U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 05:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:24:76:d6:ae:76:4d:6a:27:60:91:95:4c:b9:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b0ef19bcb23a2f04c586ac1311a91bc7ca2a9765 Validity Not Before: Jan 1 14:17:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3ab9d48866807e0a17f8bb8e51bbe793ab8f6c7e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:b2:b0:e0:9e:e5:78:4b:5a:6a:cf:3a:d0:c0: e6:56:df:fe:79:57:07:14:e9:f3:76:ae:2c:d2:31: b5:0b:98:e6:c5:9a:e3:0a:4e:3a:92:9b:cf:85:9b: 00:e9:c7:7b:c5:e3:6d:0f:19:8e:50:f7:30:e3:a7: 62:4c:5b:59:54:48:d6:d4:ef:5a:33:b0:15:94:fe: 0c:c5:5f:b3:da:bd:55:3c:0c:6e:dc:e0:3b:47:7c: a7:12:85:37:3e:c9:53:03:ef:99:96:89:2c:08:20: 8d:7c:4a:8b:21:12:02:db:47:0d:3a:61:a0:95:7c: 6b:cc:60:30:e7:73:4f:e8:9a:ca:74:b8:6f:ef:9d: 78:00:ef:a9:46:64:bb:09:aa:2d:ea:dd:20:8e:96: 01:d2:14:54:e2:f9:2f:21:b7:03:25:6a:b0:01:a4: fe:a9:4c:90:b9:51:e5:d0:6b:52:8f:fe:4d:38:06: b5:82:cd:53:dc:34:e4:df:c0:47:58:30:49:7f:b7: 70:a6:95:4c:13:be:da:26:df:0c:6e:bb:df:54:f4: fa:54:c1:27:b0:54:88:cc:c0:cd:fc:f4:2e:93:56: fb:43:55:e7:15:32:6f:40:59:0d:40:ed:37:e5:53: ee:54:90:a3:ef:e2:f1:37:67:4c:76:32:a6:27:c7: dc:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:B9:D4:88:66:80:7E:0A:17:F8:BB:8E:51:BB:E7:93:AB:8F:6C:7E X509v3 Authority Key Identifier: keyid:B0:EF:19:BC:B2:3A:2F:04:C5:86:AC:13:11:A9:1B:C7:CA:2A:97:65 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sO8ZvLI6LwTFhqwTEakbx8oql2U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/OrnUiGaAfgoX-LuOUbvnk6uPbH4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/sO8ZvLI6LwTFhqwTEakbx8oql2U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.213.4.0/24 91.214.171.0/24 Signature Algorithm: sha256WithRSAEncryption 4a:0b:52:09:b1:31:96:d4:20:34:fd:6b:ab:fc:cf:f0:da:7e: 03:50:6c:8c:e5:9c:1d:ea:b0:89:e7:b8:37:3a:7f:b2:b3:d4: 4a:66:e4:b8:1e:7d:d7:a0:e1:3c:a9:0c:82:39:3c:d9:5f:e1: 0c:62:05:b3:57:9c:0d:07:80:71:79:ae:27:d1:14:de:98:94: 70:38:cd:83:50:ce:3f:1b:09:7f:9c:24:a8:a0:5f:2e:69:90: ad:a9:73:02:c4:9c:54:d7:68:f0:f3:15:34:e8:3d:36:4b:b5: da:cd:2e:55:c3:b0:c1:b1:1d:7e:11:65:48:d5:d6:10:26:b4: 47:c9:69:ab:be:a6:64:bd:3c:5a:a2:76:53:5a:e4:9f:43:76: 89:15:eb:e0:da:e7:c9:fa:b3:7c:08:80:e7:f5:92:36:3e:30: 3d:8a:6a:e3:07:cf:2a:6a:34:d4:9e:21:ec:ca:26:36:30:0f: b3:36:31:cb:47:31:a0:7e:75:f8:fa:e0:67:cf:6c:e1:e3:b1: 14:04:3f:ab:aa:64:ae:50:45:ea:b7:e0:27:97:e2:a9:55:fe: 6e:04:ea:1f:aa:a6:30:bb:fe:72:c8:c9:54:83:84:32:ed:cd: 39:0a:4e:35:c0:fb:e4:28:49:b5:53:e0:fd:2c:e0:f9:15:76: b2:ac:3b:2a -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt57CR21q52TWonYJGVTLkmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIwZWYxOWJjYjIzYTJmMDRjNTg2YWMxMzExYTkxYmM3Y2Ey YTk3NjUwHhcNMjYwMTAxMTQxNzU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYWI5ZDQ4ODY2ODA3ZTBhMTdmOGJiOGU1MWJiZTc5M2FiOGY2YzdlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrKw4J7leEtaas860MDmVt/+eVcH FOnzdq4s0jG1C5jmxZrjCk46kpvPhZsA6cd7xeNtDxmOUPcw46diTFtZVEjW1O9a M7AVlP4MxV+z2r1VPAxu3OA7R3ynEoU3PslTA++ZloksCCCNfEqLIRIC20cNOmGg lXxrzGAw53NP6JrKdLhv7514AO+pRmS7Caot6t0gjpYB0hRU4vkvIbcDJWqwAaT+ qUyQuVHl0GtSj/5NOAa1gs1T3DTk38BHWDBJf7dwppVME77aJt8MbrvfVPT6VMEn sFSIzMDN/PQuk1b7Q1XnFTJvQFkNQO035VPuVJCj7+LxN2dMdjKmJ8fcIwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFDq51IhmgH4KF/i7jlG755Orj2x+MB8GA1UdIwQY MBaAFLDvGbyyOi8ExYasExGpG8fKKpdlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc084WnZMSTZMd1RGaHF3VEVha2J4OG9xbDJVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZjNlNTEtNzlkNi00MDc4LWE1Njkt ZDAwMDNhNmI1MjI0LzEvT3JuVWlHYUFmZ29YLUx1T1Vidm5rNnVQYkg0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Zi9hZjNlNTEtNzlkNi00MDc4LWE1NjktZDAwMDNhNmI1MjI0 LzEvc084WnZMSTZMd1RGaHF3VEVha2J4OG9xbDJVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9UEAwQA W9arMA0GCSqGSIb3DQEBCwUAA4IBAQBKC1IJsTGW1CA0/Wur/M/w2n4DUGyM5Zwd 6rCJ57g3On+ys9RKZuS4Hn3XoOE8qQyCOTzZX+EMYgWzV5wNB4Bxea4n0RTemJRw OM2DUM4/Gwl/nCSooF8uaZCtqXMCxJxU12jw8xU06D02S7XazS5Vw7DBsR1+EWVI 1dYQJrRHyWmrvqZkvTxaonZTWuSfQ3aJFevg2ufJ+rN8CIDn9ZI2PjA9imrjB88q ajTUniHsyiY2MA+zNjHLRzGgfnX4+uBnz2zh47EUBD+rqmSuUEXqt+Anl+KpVf5u BOofqqYwu/5yyMlUg4Qy7c05Ck41wPvkKEm1U+D9LOD5FXayrDsq -----END CERTIFICATE-----Generated at Sun Jan 25 15:15:06 2026 by rpki-client