This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/OkZNatL0CZcasdS1QchlfFaCmYM.roa File: OkZNatL0CZcasdS1QchlfFaCmYM.roa (raw, json) Hash identifier: WtzrJAZOI5FNmu/nOi9O9na8eMtU2ywPxEf9eC+A7LA= Subject key identifier: 3A:46:4D:6A:D2:F4:09:97:1A:B1:D4:B5:41:C8:65:7C:56:82:99:83 Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e Certificate serial: 019B7AC7E3CFBB328E02C1BBE2F796EE2044 Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/OkZNatL0CZcasdS1QchlfFaCmYM.roa Signing time: Thu 01 Jan 2026 18:17:58 +0000 ROA not before: Thu 01 Jan 2026 18:17:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 1124 IP address blocks: 145.18.0.0/16 maxlen: 16 145.109.0.0/17 maxlen: 17 145.109.128.0/17 maxlen: 17 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.mft rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:e3:cf:bb:32:8e:02:c1:bb:e2:f7:96:ee:20:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e Validity Not Before: Jan 1 18:17:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3a464d6ad2f409971ab1d4b541c8657c56829983 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:14:03:8f:4b:4c:9a:18:a2:a1:6e:ff:d4:2c: 54:93:1f:bc:8c:31:61:f2:e8:3c:23:a9:4c:82:9e: 2d:53:15:eb:0a:10:52:b7:d4:23:a3:5e:7e:22:64: 32:42:59:14:11:91:aa:bc:b5:23:74:5c:50:18:28: a5:1c:f5:c8:8a:69:47:47:df:b2:9f:53:06:21:8d: 05:6b:d3:56:3c:85:61:e0:d0:8a:3c:df:bd:26:da: 1a:ae:7a:0c:83:1c:d4:76:1f:86:12:32:5f:57:92: ae:95:b8:61:83:b6:3c:73:5c:ca:7d:0c:b2:d9:e1: d5:1d:4b:5a:47:91:08:f8:da:38:fb:2a:ee:ba:1e: 27:cc:c0:a7:c5:a3:c4:a4:33:73:b8:9a:e3:9b:6c: 21:89:66:fa:20:32:84:a5:5a:39:97:5c:ee:28:1e: 17:fa:8b:63:a5:aa:a5:99:96:e0:1b:18:d6:5d:d7: 9b:09:27:45:73:f4:2f:35:d0:55:07:1e:61:fe:8f: 82:9c:32:5e:00:3b:8e:97:c4:72:c3:af:14:0c:3d: 4c:b3:7d:71:24:ee:a8:44:1f:f1:d1:d5:82:f5:09: 3a:4e:c0:e0:4f:2d:66:90:f3:ad:d5:20:94:bb:00: 08:94:cd:2c:ab:51:5d:b1:b2:8a:98:dc:a4:8b:d4: 79:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:46:4D:6A:D2:F4:09:97:1A:B1:D4:B5:41:C8:65:7C:56:82:99:83 X509v3 Authority Key Identifier: keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/OkZNatL0CZcasdS1QchlfFaCmYM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 145.18.0.0/16 145.109.0.0/16 Signature Algorithm: sha256WithRSAEncryption 34:82:42:4a:c9:a6:17:26:f9:3f:ff:74:0f:bb:e0:fb:d8:49: 0e:45:14:6d:65:da:56:b0:a0:01:b2:a8:50:76:84:ee:d0:3f: 39:42:75:60:c0:59:cb:32:85:c9:1e:a3:40:63:fa:5c:91:d9: 36:02:db:42:11:6e:da:7d:98:42:c7:49:6e:ce:a4:58:55:20: 93:9b:80:f5:7d:c4:50:5b:3c:fd:7f:22:25:b9:13:33:26:73: 9d:4f:56:79:aa:fd:96:36:a8:40:ad:b0:0e:ac:cc:3c:4a:85: 4e:12:7e:b4:55:c7:e5:92:7a:84:97:a0:87:8d:10:35:79:18: c2:35:29:fd:fe:c7:b2:2b:8e:5e:64:7f:7a:9a:bd:dd:5f:41: d5:19:a0:4c:06:c9:a0:12:07:84:06:21:00:05:d9:5a:64:a2: f8:0f:7d:6d:10:e0:3e:d6:d0:e8:23:52:1e:8c:64:ec:02:b0: 95:fd:01:25:8b:95:9a:f7:d0:bb:63:d7:33:d2:94:f3:52:88: 74:b3:10:08:be:d6:b3:90:b9:d4:39:be:66:d7:df:00:92:27: 5d:de:de:d9:19:c5:43:95:d4:46:a7:59:d3:d3:32:3a:27:97: 47:f7:23:6e:cf:5e:6d:1e:51:eb:09:ef:93:90:58:c1:18:d8: 34:47:f6:29 -----BEGIN CERTIFICATE----- MIIFATCCA+mgAwIBAgISAZt6x+PPuzKOAsG74veW7iBEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm NDUyM2UwHhcNMjYwMTAxMTgxNzU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYTQ2NGQ2YWQyZjQwOTk3MWFiMWQ0YjU0MWM4NjU3YzU2ODI5OTgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhQDj0tMmhiioW7/1CxUkx+8jDFh 8ug8I6lMgp4tUxXrChBSt9Qjo15+ImQyQlkUEZGqvLUjdFxQGCilHPXIimlHR9+y n1MGIY0Fa9NWPIVh4NCKPN+9JtoarnoMgxzUdh+GEjJfV5Kulbhhg7Y8c1zKfQyy 2eHVHUtaR5EI+No4+yruuh4nzMCnxaPEpDNzuJrjm2whiWb6IDKEpVo5l1zuKB4X +otjpaqlmZbgGxjWXdebCSdFc/QvNdBVBx5h/o+CnDJeADuOl8Ryw68UDD1Ms31x JO6oRB/x0dWC9Qk6TsDgTy1mkPOt1SCUuwAIlM0sq1FdsbKKmNyki9R5mQIDAQAB o4ICDTCCAgkwHQYDVR0OBBYEFDpGTWrS9AmXGrHUtUHIZXxWgpmDMB8GA1UdIwQY MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt NTQ4NjFmMjMyNDlkLzEvT2taTmF0TDBDWmNhc2RTMVFjaGxmRmFDbVlNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCMGCCsGAQUFBwEHAQH/BBQwEjAQBAIAATAKAwMAkRIDAwCR bTANBgkqhkiG9w0BAQsFAAOCAQEANIJCSsmmFyb5P/90D7vg+9hJDkUUbWXaVrCg AbKoUHaE7tA/OUJ1YMBZyzKFyR6jQGP6XJHZNgLbQhFu2n2YQsdJbs6kWFUgk5uA 9X3EUFs8/X8iJbkTMyZznU9Wear9ljaoQK2wDqzMPEqFThJ+tFXH5ZJ6hJegh40Q NXkYwjUp/f7HsiuOXmR/epq93V9B1RmgTAbJoBIHhAYhAAXZWmSi+A99bRDgPtbQ 6CNSHoxk7AKwlf0BJYuVmvfQu2PXM9KU81KIdLMQCL7Ws5C51Dm+ZtffAJInXd7e 2RnFQ5XURqdZ09MyOieXR/cjbs9ebR5R6wnvk5BYwRjYNEf2KQ== -----END CERTIFICATE-----Generated at Sun Jan 25 12:17:33 2026 by rpki-client