This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2f1264-23e8-42e0-8364-4f382cbb59f2/1/OJzGcjKcWBttWOSEl00EzIw2eSo.roa File: OJzGcjKcWBttWOSEl00EzIw2eSo.roa (raw, json) Hash identifier: WpkGS5n3qr7ItAnomtxJOBjcvjZ+Y7UVUlP7YBtoJOg= Subject key identifier: 38:9C:C6:72:32:9C:58:1B:6D:58:E4:84:97:4D:04:CC:8C:36:79:2A Certificate issuer: /CN=7e904bd71d6fe74a67168fd913e828722755b494 Certificate serial: 019B79ED04665723E895D7F1B8BC77ECEA8F Authority key identifier: 7E:90:4B:D7:1D:6F:E7:4A:67:16:8F:D9:13:E8:28:72:27:55:B4:94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fpBL1x1v50pnFo_ZE-gocidVtJQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2f1264-23e8-42e0-8364-4f382cbb59f2/1/OJzGcjKcWBttWOSEl00EzIw2eSo.roa Signing time: Thu 01 Jan 2026 14:18:54 +0000 ROA not before: Thu 01 Jan 2026 14:18:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62159 IP address blocks: 185.133.56.0/22 maxlen: 24 2a06:e3c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/2f1264-23e8-42e0-8364-4f382cbb59f2/1/fpBL1x1v50pnFo_ZE-gocidVtJQ.crl rsync://rpki.ripe.net/repository/DEFAULT/68/2f1264-23e8-42e0-8364-4f382cbb59f2/1/fpBL1x1v50pnFo_ZE-gocidVtJQ.mft rsync://rpki.ripe.net/repository/DEFAULT/fpBL1x1v50pnFo_ZE-gocidVtJQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ed:04:66:57:23:e8:95:d7:f1:b8:bc:77:ec:ea:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7e904bd71d6fe74a67168fd913e828722755b494 Validity Not Before: Jan 1 14:18:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=389cc672329c581b6d58e484974d04cc8c36792a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:4b:1a:a7:e4:fd:c6:91:f9:c0:fa:00:84:f7: 73:a0:9e:17:8e:b6:c7:c9:a3:f6:98:b2:b0:70:7e: e2:fb:e4:aa:09:c4:13:49:cb:2a:20:26:6e:1e:c5: 6f:3b:db:06:23:c9:90:ff:5d:d3:b1:0f:12:2a:8a: 11:ec:92:44:e6:7a:6d:10:a7:76:5e:2b:78:92:0f: 91:f8:43:68:84:2e:7f:66:db:71:96:23:83:fd:d8: f3:3e:3b:70:92:ee:24:e8:5e:10:1c:ac:e3:67:ba: 79:e4:be:47:70:48:46:7e:35:33:7d:c9:84:c0:86: 8d:e1:d2:b0:f8:da:06:cc:4c:13:20:b9:01:3b:6b: 7f:62:32:95:b0:92:7f:e8:ae:90:91:a4:57:18:da: 94:1c:c3:a0:0b:6a:13:4f:ff:12:6c:8c:1a:46:a9: 7c:00:f3:d9:6b:4d:c9:61:a4:04:71:f4:9e:24:7b: f3:6e:3d:69:30:7a:fa:79:09:fc:90:99:bf:01:1d: 74:f9:8f:13:c9:ac:9f:a3:97:b2:2a:f5:92:08:ca: 5b:f2:fc:f3:87:d0:28:01:88:15:93:97:a0:cd:5c: 7e:37:62:4b:dd:26:8a:35:c9:23:25:6e:70:45:40: fc:65:b2:e4:50:73:66:b2:d6:fc:82:79:dc:17:d2: be:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:9C:C6:72:32:9C:58:1B:6D:58:E4:84:97:4D:04:CC:8C:36:79:2A X509v3 Authority Key Identifier: keyid:7E:90:4B:D7:1D:6F:E7:4A:67:16:8F:D9:13:E8:28:72:27:55:B4:94 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fpBL1x1v50pnFo_ZE-gocidVtJQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2f1264-23e8-42e0-8364-4f382cbb59f2/1/OJzGcjKcWBttWOSEl00EzIw2eSo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2f1264-23e8-42e0-8364-4f382cbb59f2/1/fpBL1x1v50pnFo_ZE-gocidVtJQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.133.56.0/22 IPv6: 2a06:e3c0::/29 Signature Algorithm: sha256WithRSAEncryption 41:52:e1:22:f1:f6:3f:f9:72:ca:72:7f:0d:52:e0:2c:ee:e2: ea:2d:f8:0d:f3:db:f2:30:c7:32:38:10:3b:75:95:23:aa:1b: 2d:89:87:55:2b:fa:ae:f8:bc:21:80:1e:58:87:1b:8a:f5:a0: d0:c7:5e:80:04:80:a8:17:3f:f3:fd:ca:83:d7:91:0b:84:b5: 12:50:f0:11:d9:5f:14:74:f7:1f:6e:b3:dd:43:01:ad:c4:33: 14:fe:9f:09:7a:8b:95:84:4a:13:da:3d:39:75:8f:25:dc:1f: 6c:cc:8e:0b:14:04:22:fd:10:2b:0d:f8:80:ba:b5:95:6b:ed: dc:c7:b1:06:1b:93:12:97:60:a2:38:96:fe:2b:51:11:98:72: 10:fa:6f:eb:b6:95:04:4a:ae:74:d8:8c:85:c3:f5:29:44:95: db:a1:7b:b1:17:26:22:34:00:9b:20:00:1d:36:b7:74:4a:63: ad:65:45:7f:d3:18:e5:94:02:25:ba:4e:a0:2e:56:a1:8b:c9: 1e:46:a0:43:21:57:fe:26:ab:ff:2f:47:3b:7b:f6:bd:3b:ce: 16:e1:34:06:a8:ae:9e:a4:0e:2e:9d:82:07:44:0e:f7:ad:8d: 9d:98:28:d1:50:08:7d:2f:65:4d:41:be:34:a6:58:a8:a6:47: e1:87:57:d1 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt57QRmVyPoldfxuLx37OqPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdlOTA0YmQ3MWQ2ZmU3NGE2NzE2OGZkOTEzZTgyODcyMjc1 NWI0OTQwHhcNMjYwMTAxMTQxODU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzODljYzY3MjMyOWM1ODFiNmQ1OGU0ODQ5NzRkMDRjYzhjMzY3OTJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuEsap+T9xpH5wPoAhPdzoJ4XjrbH yaP2mLKwcH7i++SqCcQTScsqICZuHsVvO9sGI8mQ/13TsQ8SKooR7JJE5nptEKd2 Xit4kg+R+ENohC5/ZttxliOD/djzPjtwku4k6F4QHKzjZ7p55L5HcEhGfjUzfcmE wIaN4dKw+NoGzEwTILkBO2t/YjKVsJJ/6K6QkaRXGNqUHMOgC2oTT/8SbIwaRql8 APPZa03JYaQEcfSeJHvzbj1pMHr6eQn8kJm/AR10+Y8Tyayfo5eyKvWSCMpb8vzz h9AoAYgVk5egzVx+N2JL3SaKNckjJW5wRUD8ZbLkUHNmstb8gnncF9K+UQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFDicxnIynFgbbVjkhJdNBMyMNnkqMB8GA1UdIwQY MBaAFH6QS9cdb+dKZxaP2RPoKHInVbSUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZnBCTDF4MXY1MHBuRm9fWkUtZ29jaWRWdEpRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yZjEyNjQtMjNlOC00MmUwLTgzNjQt NGYzODJjYmI1OWYyLzEvT0p6R2NqS2NXQnR0V09TRWwwMEV6SXcyZVNvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC8yZjEyNjQtMjNlOC00MmUwLTgzNjQtNGYzODJjYmI1OWYy LzEvZnBCTDF4MXY1MHBuRm9fWkUtZ29jaWRWdEpRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYU4MA0E AgACMAcDBQMqBuPAMA0GCSqGSIb3DQEBCwUAA4IBAQBBUuEi8fY/+XLKcn8NUuAs 7uLqLfgN89vyMMcyOBA7dZUjqhstiYdVK/qu+LwhgB5YhxuK9aDQx16ABICoFz/z /cqD15ELhLUSUPAR2V8UdPcfbrPdQwGtxDMU/p8JeouVhEoT2j05dY8l3B9szI4L FAQi/RArDfiAurWVa+3cx7EGG5MSl2CiOJb+K1ERmHIQ+m/rtpUESq502IyFw/Up RJXboXuxFyYiNACbIAAdNrd0SmOtZUV/0xjllAIluk6gLlahi8keRqBDIVf+Jqv/ L0c7e/a9O84W4TQGqK6epA4unYIHRA73rY2dmCjRUAh9L2VNQb40pliopkfhh1fR -----END CERTIFICATE-----Generated at Sun Jan 25 19:35:24 2026 by rpki-client