This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/OiHi4XdG_nsVHJ-IGiDHCI1Ql8U.roa File: OiHi4XdG_nsVHJ-IGiDHCI1Ql8U.roa (raw, json) Hash identifier: grLRhHnueZh7gzEQiA6eYsh+YGNS0SKjSwsxs5fjsw8= Subject key identifier: 3A:21:E2:E1:77:46:FE:7B:15:1C:9F:88:1A:20:C7:08:8D:50:97:C5 Certificate issuer: /CN=94d98e8fec680775a157266e0c6b78b141a34f5e Certificate serial: 019B7AC8ADDC0E7127DABE7E03F2A500C873 Authority key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/OiHi4XdG_nsVHJ-IGiDHCI1Ql8U.roa Signing time: Thu 01 Jan 2026 18:18:50 +0000 ROA not before: Thu 01 Jan 2026 18:18:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8254 IP address blocks: 5.34.178.0/23 maxlen: 23 46.28.71.0/24 maxlen: 24 82.117.252.0/23 maxlen: 23 82.117.254.0/24 maxlen: 24 85.90.197.0/24 maxlen: 24 85.90.198.0/24 maxlen: 24 193.238.154.0/24 maxlen: 24 217.12.204.0/24 maxlen: 24 2a05:9405::/32 maxlen: 32 2a12:6fc3::/32 maxlen: 32 2a12:6fc4::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.mft rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 09:01:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:ad:dc:0e:71:27:da:be:7e:03:f2:a5:00:c8:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94d98e8fec680775a157266e0c6b78b141a34f5e Validity Not Before: Jan 1 18:18:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3a21e2e17746fe7b151c9f881a20c7088d5097c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:26:92:5f:ce:81:5c:75:45:c3:7f:d4:f7:27: 8b:80:98:50:77:6c:71:51:48:3d:fd:a5:36:ef:77: c4:39:2d:a7:e3:0c:05:ca:6b:af:9d:5c:ee:7a:7e: 13:20:57:4e:58:5c:07:61:0a:bd:7a:5f:e2:97:c2: 53:ef:fc:01:b4:93:31:2a:1e:6e:75:d8:9d:38:e7: bf:df:4e:cd:92:3d:f7:22:57:3a:0d:54:2c:d1:c6: 5d:40:57:63:fe:09:c6:3d:b0:05:28:00:c3:10:f3: 36:3d:9c:39:c9:1e:12:3e:54:bb:e8:a8:11:85:2b: 79:c7:11:40:1d:1f:a7:6a:d1:25:06:32:99:60:d0: 64:a4:f7:66:7f:85:fe:3f:17:8b:68:bc:59:03:71: ef:15:12:3e:db:b3:4c:59:53:9e:e1:bc:de:51:cf: 97:bd:1c:56:75:da:f7:e3:c8:c8:7a:1b:f3:3c:17: 5d:ac:c9:17:3b:54:c1:da:6c:b9:14:b2:be:e5:22: bc:fc:bd:f8:4b:76:4b:0c:5c:03:a1:c2:37:6e:87: 3d:6c:ef:48:4c:d2:f9:a3:20:9f:3f:b0:39:ac:c4: 60:8b:1d:51:fb:08:f5:82:7a:19:9e:db:ca:71:57: ab:25:4e:59:c1:b7:ca:b2:6d:79:91:74:4b:6c:e3: 07:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:21:E2:E1:77:46:FE:7B:15:1C:9F:88:1A:20:C7:08:8D:50:97:C5 X509v3 Authority Key Identifier: keyid:94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/OiHi4XdG_nsVHJ-IGiDHCI1Ql8U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.34.178.0/23 46.28.71.0/24 82.117.252.0-82.117.254.255 85.90.197.0-85.90.198.255 193.238.154.0/24 217.12.204.0/24 IPv6: 2a05:9405::/32 2a12:6fc3::-2a12:6fc4:ffff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 3b:dd:e6:20:77:d8:0e:ca:90:56:ca:63:1f:c7:7c:a3:a7:2b: f7:67:cb:ad:58:23:3c:34:0c:ff:2e:c9:71:a5:cd:b5:53:83: f7:e8:74:1f:a8:da:83:5e:a7:f2:d6:1a:59:ff:ed:5e:0f:a9: db:0f:78:0d:bf:76:2b:8f:46:09:68:34:30:69:4f:66:d1:36: c2:1a:59:12:b3:0d:f4:b6:78:c6:d2:e6:92:55:5d:5a:f3:e7: d9:16:d2:98:8c:92:79:aa:02:7c:8d:94:8f:4b:e7:6f:39:06: b8:16:29:4c:d2:89:0f:b9:80:79:00:3f:81:98:59:d5:62:1f: e9:dd:82:0e:49:e8:1c:52:0c:c8:87:cb:b8:26:08:a2:e1:42: 65:3a:5d:04:9c:5e:d7:24:bd:26:b9:b8:d1:2c:3b:6b:59:22: 85:63:df:03:8f:63:56:2c:d9:a7:17:b1:fd:b7:f1:cc:d6:db: c1:94:b8:37:cd:d8:ed:53:65:06:40:63:32:ec:8e:ce:3a:4d: f5:e8:a9:1f:56:1f:e3:a4:25:68:8c:8b:2e:0f:eb:0c:ee:81: 98:9d:53:d3:0c:9e:1d:8e:76:c9:59:8a:ee:07:69:e8:51:b1: 48:e6:95:38:9f:eb:f2:b1:66:45:16:8e:ff:2b:3a:9b:0c:10: fc:98:7c:ec -----BEGIN CERTIFICATE----- MIIFSjCCBDKgAwIBAgISAZt6yK3cDnEn2r5+A/KlAMhzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0ZDk4ZThmZWM2ODA3NzVhMTU3MjY2ZTBjNmI3OGIxNDFh MzRmNWUwHhcNMjYwMTAxMTgxODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYTIxZTJlMTc3NDZmZTdiMTUxYzlmODgxYTIwYzcwODhkNTA5N2M1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCaSX86BXHVFw3/U9yeLgJhQd2xx UUg9/aU273fEOS2n4wwFymuvnVzuen4TIFdOWFwHYQq9el/il8JT7/wBtJMxKh5u ddidOOe/307Nkj33Ilc6DVQs0cZdQFdj/gnGPbAFKADDEPM2PZw5yR4SPlS76KgR hSt5xxFAHR+natElBjKZYNBkpPdmf4X+PxeLaLxZA3HvFRI+27NMWVOe4bzeUc+X vRxWddr348jIehvzPBddrMkXO1TB2my5FLK+5SK8/L34S3ZLDFwDocI3boc9bO9I TNL5oyCfP7A5rMRgix1R+wj1gnoZntvKcVerJU5ZwbfKsm15kXRLbOMH2QIDAQAB o4ICVjCCAlIwHQYDVR0OBBYEFDoh4uF3Rv57FRyfiBogxwiNUJfFMB8GA1UdIwQY MBaAFJTZjo/saAd1oVcmbgxreLFBo09eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzkt ODdkMTdkZjc0YzdlLzEvT2lIaTRYZEdfbnNWSEotSUdpREhDSTFRbDhVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0Yzdl LzEvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzA6BAIAATA0AwQBBSKyAwQA LhxHMAwDBAJSdfwDBABSdf4wDAMEAFVaxQMEAFVaxgMEAMHumgMEANkMzDAdBAIA AjAXAwUAKgWUBTAOAwUAKhJvwwMFACoSb8QwDQYJKoZIhvcNAQELBQADggEBADvd 5iB32A7KkFbKYx/HfKOnK/dny61YIzw0DP8uyXGlzbVTg/fodB+o2oNep/LWGln/ 7V4PqdsPeA2/diuPRgloNDBpT2bRNsIaWRKzDfS2eMbS5pJVXVrz59kW0piMknmq AnyNlI9L5285BrgWKUzSiQ+5gHkAP4GYWdViH+ndgg5J6BxSDMiHy7gmCKLhQmU6 XQScXtckvSa5uNEsO2tZIoVj3wOPY1Ys2acXsf238czW28GUuDfN2O1TZQZAYzLs js46TfXoqR9WH+OkJWiMiy4P6wzugZidU9MMnh2OdslZiu4HaehRsUjmlTif6/Kx ZkUWjv8rOpsMEPyYfOw= -----END CERTIFICATE-----Generated at Sun Jan 25 20:36:07 2026 by rpki-client