This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/o8qBYm0XB-DKW0l9z4LxLJjVMt8.roa File: o8qBYm0XB-DKW0l9z4LxLJjVMt8.roa (raw, json) Hash identifier: 6+/jpm9f+1fc/q145oBtk8Pmiq4grW2fLOR+zKT6VOc= Subject key identifier: A3:CA:81:62:6D:17:07:E0:CA:5B:49:7D:CF:82:F1:2C:98:D5:32:DF Certificate issuer: /CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3 Certificate serial: 019B78A2509CF321EEFB2C2F716BF74741F2 Authority key identifier: F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/o8qBYm0XB-DKW0l9z4LxLJjVMt8.roa Signing time: Thu 01 Jan 2026 08:17:41 +0000 ROA not before: Thu 01 Jan 2026 08:17:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209565 IP address blocks: 131.117.224.0/24 maxlen: 24 131.117.225.0/24 maxlen: 24 131.117.228.0/24 maxlen: 24 131.117.233.0/24 maxlen: 24 185.21.136.0/24 maxlen: 24 185.21.137.0/24 maxlen: 24 185.21.138.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.crl rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.mft rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:50:9c:f3:21:ee:fb:2c:2f:71:6b:f7:47:41:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3 Validity Not Before: Jan 1 08:17:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a3ca81626d1707e0ca5b497dcf82f12c98d532df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:c2:c3:bc:30:d4:87:92:61:55:3f:92:33:3d: f8:33:94:fb:43:21:b1:7c:cc:b8:05:f1:4d:3e:1e: 4a:bd:9b:24:8e:aa:89:44:04:f6:ee:bf:bc:1c:00: 4d:92:f0:6c:f1:d6:e8:fd:ba:97:b9:07:3a:8c:42: ba:5b:be:9e:31:95:c1:7e:93:4b:07:f3:aa:3b:dc: ff:ca:5d:e0:3f:6a:e3:81:a6:3c:c9:bd:2d:11:41: 6e:ed:e1:48:f3:dc:e0:b0:80:b2:a1:08:4c:90:2d: 02:65:e8:a0:26:5b:6c:c1:34:8e:b0:29:d6:bc:4a: ba:24:6b:de:fc:f7:b1:95:f8:1c:4d:29:bd:97:06: ed:4e:12:6f:7a:c4:94:4a:cc:f3:c2:41:b8:cc:ee: d3:73:0c:33:d7:97:89:20:ee:18:2d:f5:16:98:2c: 52:6d:80:12:32:86:04:bc:ce:79:2c:23:82:4e:ec: 75:8a:7d:c0:7a:5e:65:0e:cf:2f:df:12:41:dd:89: 4c:b0:cd:f6:5d:42:b1:2c:4a:f0:58:e4:66:7a:6d: 71:14:40:98:68:a7:1f:db:1b:f6:7a:0f:cf:df:4e: a7:fa:fb:7f:65:a4:70:1d:d2:3b:9f:7d:32:48:9f: 28:da:ca:7e:d0:0c:59:61:f3:8c:79:a4:b6:3a:b8: c9:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:CA:81:62:6D:17:07:E0:CA:5B:49:7D:CF:82:F1:2C:98:D5:32:DF X509v3 Authority Key Identifier: keyid:F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/o8qBYm0XB-DKW0l9z4LxLJjVMt8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 131.117.224.0/23 131.117.228.0/24 131.117.233.0/24 185.21.136.0-185.21.138.255 Signature Algorithm: sha256WithRSAEncryption 0a:35:38:7d:a6:07:f4:3d:71:ad:61:a4:24:3b:8c:61:cd:a6: b3:74:27:66:32:3e:60:91:a1:0b:34:c6:d7:59:60:de:c2:d7: c2:8d:ef:0a:27:7a:b6:a0:04:ba:7c:db:7b:90:b4:42:18:da: f1:67:dd:d3:de:c7:d1:2d:cb:f6:7d:0f:4e:cb:93:37:f8:79: f1:b2:d7:34:01:8e:12:27:c1:c8:5f:2e:31:d8:59:8a:d1:db: 2d:69:dc:ef:ba:9d:ca:35:55:16:c7:39:23:dd:c3:47:94:2a: a2:f1:69:2c:6d:c2:66:4d:33:68:64:23:4c:e2:77:42:9d:88: 92:7f:b9:c5:9a:f6:5c:95:1a:99:60:a3:4f:63:01:42:6b:e9: ff:dd:19:82:ef:11:0b:ce:14:2a:b2:d9:2a:96:87:42:aa:81: f7:c9:74:2d:f6:e5:81:02:05:28:ec:90:b8:df:9d:9f:3b:c7: 4e:02:e8:20:7a:e8:a1:1c:19:ef:e9:2f:51:f9:45:fe:f3:92: f5:64:dd:63:87:b1:99:2f:01:f7:92:f9:1a:96:43:20:98:48: a0:65:e4:69:dc:fa:84:b3:05:ca:86:4e:48:b0:79:ac:af:a9: ed:dd:6f:7f:ff:d2:8a:01:d5:70:5f:6a:e8:da:d2:4c:91:bb: 9e:2c:9b:88 -----BEGIN CERTIFICATE----- MIIFGTCCBAGgAwIBAgISAZt4olCc8yHu+ywvcWv3R0HyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY5OGEwMmQyMGM2YjdkZTM1NzEyNWYzOGIxNzM1Y2ExYjkx Zjg3YjMwHhcNMjYwMTAxMDgxNzQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhM2NhODE2MjZkMTcwN2UwY2E1YjQ5N2RjZjgyZjEyYzk4ZDUzMmRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28LDvDDUh5JhVT+SMz34M5T7QyGx fMy4BfFNPh5KvZskjqqJRAT27r+8HABNkvBs8dbo/bqXuQc6jEK6W76eMZXBfpNL B/OqO9z/yl3gP2rjgaY8yb0tEUFu7eFI89zgsICyoQhMkC0CZeigJltswTSOsCnW vEq6JGve/PexlfgcTSm9lwbtThJvesSUSszzwkG4zO7Tcwwz15eJIO4YLfUWmCxS bYASMoYEvM55LCOCTux1in3Ael5lDs8v3xJB3YlMsM32XUKxLErwWORmem1xFECY aKcf2xv2eg/P306n+vt/ZaRwHdI7n30ySJ8o2sp+0AxZYfOMeaS2OrjJ4wIDAQAB o4ICJTCCAiEwHQYDVR0OBBYEFKPKgWJtFwfgyltJfc+C8SyY1TLfMB8GA1UdIwQY MBaAFPmKAtIMa33jVxJfOLFzXKG5H4ezMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS1Zb0MwZ3hyZmVOWEVsODRzWE5jb2JrZmg3TS5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMz LWFjZTNkNjc1ZDNjZC8xL284cUJZbTBYQi1ES1cwbDl6NEx4TEpqVk10OC5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMzLWFjZTNkNjc1ZDNj ZC8xLzEtWW9DMGd4cmZlTlhFbDg0c1hOY29ia2ZoN00uY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwOQYIKwYBBQUHAQcBAf8EKjAoMCYEAgABMCADBAGDdeAD BACDdeQDBACDdekwDAMEA7kViAMEALkVijANBgkqhkiG9w0BAQsFAAOCAQEACjU4 faYH9D1xrWGkJDuMYc2ms3QnZjI+YJGhCzTG11lg3sLXwo3vCid6tqAEunzbe5C0 Qhja8Wfd097H0S3L9n0PTsuTN/h58bLXNAGOEifByF8uMdhZitHbLWnc77qdyjVV Fsc5I93DR5QqovFpLG3CZk0zaGQjTOJ3Qp2Ikn+5xZr2XJUamWCjT2MBQmvp/90Z gu8RC84UKrLZKpaHQqqB98l0LfblgQIFKOyQuN+dnzvHTgLoIHrooRwZ7+kvUflF /vOS9WTdY4exmS8B95L5GpZDIJhIoGXkadz6hLMFyoZOSLB5rK+p7d1vf//SigHV cF9q6NrSTJG7niybiA== -----END CERTIFICATE-----Generated at Sun Jan 25 10:21:08 2026 by rpki-client