This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/OQzv-VnaVoUaemq98kXrP_sXKa8.roa File: OQzv-VnaVoUaemq98kXrP_sXKa8.roa (raw, json) Hash identifier: 0UtFVm4divpIKSWLm6cbL2r77Cn14CFuHmjdZonPbwc= Subject key identifier: 39:0C:EF:F9:59:DA:56:85:1A:7A:6A:BD:F2:45:EB:3F:FB:17:29:AF Certificate issuer: /CN=643e1ba91c569a8b21a6d2d67f5dbbd6c04e43ea Certificate serial: 019B7F8199B9FEDE3760DC655B3A6E178D16 Authority key identifier: 64:3E:1B:A9:1C:56:9A:8B:21:A6:D2:D6:7F:5D:BB:D6:C0:4E:43:EA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/OQzv-VnaVoUaemq98kXrP_sXKa8.roa Signing time: Fri 02 Jan 2026 16:19:18 +0000 ROA not before: Fri 02 Jan 2026 16:19:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34432 IP address blocks: 2a0d:f9c1::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/ZD4bqRxWmoshptLWf1271sBOQ-o.crl rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/ZD4bqRxWmoshptLWf1271sBOQ-o.mft rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:81:99:b9:fe:de:37:60:dc:65:5b:3a:6e:17:8d:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=643e1ba91c569a8b21a6d2d67f5dbbd6c04e43ea Validity Not Before: Jan 2 16:19:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=390ceff959da56851a7a6abdf245eb3ffb1729af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:b3:05:3a:d5:8f:3f:24:28:ae:5a:eb:36:50: d7:fb:f9:ed:0b:fd:8c:6f:e2:df:cb:9f:48:ed:c7: 07:82:ea:3e:ca:7f:6f:c8:72:7e:f8:50:5c:25:7a: c4:f3:15:23:ec:cd:aa:65:71:89:05:d5:d4:12:b4: 33:5c:0c:25:8b:2d:d1:48:38:30:d2:f1:72:ad:2f: bd:89:e3:9a:89:54:d4:db:ca:9d:00:bc:fe:30:53: 41:a8:81:e5:90:44:3c:71:6a:66:a5:a3:93:33:b2: 46:ff:43:55:2a:34:72:d0:ed:69:18:6f:56:45:dd: 85:bd:f8:4b:ae:53:82:06:10:22:6c:6e:ba:48:49: 31:e1:33:85:9d:87:e0:bb:be:44:de:1f:ea:00:8d: 90:67:a8:4f:a3:27:46:0e:55:7d:1c:cd:08:c5:78: 29:71:47:0e:f8:35:69:27:cf:e5:70:89:4b:da:e3: d5:85:c6:8e:37:48:f2:00:40:87:6c:7d:1d:73:0f: d5:40:72:58:ff:da:c9:77:29:52:59:da:18:61:2b: 78:12:f2:fb:6a:d8:f3:89:a6:36:28:ac:df:71:d2: 20:1a:d1:f4:d6:06:71:64:dc:73:2d:54:75:2e:e5: bc:a5:b4:52:c3:a9:f3:c3:68:6c:f1:30:41:ca:55: 91:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:0C:EF:F9:59:DA:56:85:1A:7A:6A:BD:F2:45:EB:3F:FB:17:29:AF X509v3 Authority Key Identifier: keyid:64:3E:1B:A9:1C:56:9A:8B:21:A6:D2:D6:7F:5D:BB:D6:C0:4E:43:EA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/OQzv-VnaVoUaemq98kXrP_sXKa8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/ZD4bqRxWmoshptLWf1271sBOQ-o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0d:f9c1::/32 Signature Algorithm: sha256WithRSAEncryption 29:07:ed:85:58:b7:8f:96:1d:00:a3:4a:9f:9e:a3:6b:0d:b2: c5:c6:77:3c:f2:29:6d:f3:d3:a7:e9:4c:22:c8:40:2d:4c:52: 9e:ad:bb:6f:85:00:93:3a:55:a9:98:d4:70:51:c3:70:4c:08: e9:e9:11:06:03:15:e1:47:7a:a6:86:44:84:5e:88:b9:4d:76: 3d:66:6b:23:89:6d:af:d6:a0:cc:79:75:f0:5e:e8:45:ab:83: fb:63:4e:c8:a5:df:ed:4f:1f:e7:91:22:ae:67:3a:e1:9f:24: c6:c1:9f:fe:da:41:09:db:ad:a8:1d:bc:a5:6a:de:bc:56:5a: 0c:01:8d:b3:01:a9:cd:d4:4e:a1:4b:58:7d:7f:de:1f:44:9d: 9e:de:c6:9a:45:61:4c:62:09:07:6e:c8:e4:97:fc:ea:98:be: b7:2a:e3:cd:e4:44:0c:a3:94:71:13:6e:7f:35:80:ec:6b:33: 66:06:27:5e:1c:d4:66:32:cf:e4:73:f5:a3:08:51:e5:f6:e5: e1:5b:68:dc:1e:d0:44:10:2b:20:22:6f:f0:32:e8:8e:90:82: bf:a6:9c:64:8c:3c:92:d4:f5:cc:0e:20:ae:ef:99:65:00:d2: 56:c3:5b:0c:13:ea:56:a7:bb:e4:f9:77:f7:90:a2:84:21:0f: a8:35:0e:71 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt/gZm5/t43YNxlWzpuF40WMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY0M2UxYmE5MWM1NjlhOGIyMWE2ZDJkNjdmNWRiYmQ2YzA0 ZTQzZWEwHhcNMjYwMTAyMTYxOTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzOTBjZWZmOTU5ZGE1Njg1MWE3YTZhYmRmMjQ1ZWIzZmZiMTcyOWFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7MFOtWPPyQorlrrNlDX+/ntC/2M b+Lfy59I7ccHguo+yn9vyHJ++FBcJXrE8xUj7M2qZXGJBdXUErQzXAwliy3RSDgw 0vFyrS+9ieOaiVTU28qdALz+MFNBqIHlkEQ8cWpmpaOTM7JG/0NVKjRy0O1pGG9W Rd2FvfhLrlOCBhAibG66SEkx4TOFnYfgu75E3h/qAI2QZ6hPoydGDlV9HM0IxXgp cUcO+DVpJ8/lcIlL2uPVhcaON0jyAECHbH0dcw/VQHJY/9rJdylSWdoYYSt4EvL7 atjziaY2KKzfcdIgGtH01gZxZNxzLVR1LuW8pbRSw6nzw2hs8TBBylWRCQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFDkM7/lZ2laFGnpqvfJF6z/7FymvMB8GA1UdIwQY MBaAFGQ+G6kcVpqLIabS1n9du9bATkPqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWkQ0YnFSeFdtb3NocHRMV2YxMjcxc0JPUS1vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9hY2E5MTItOWU4ZC00NzQ5LTk1ZTAt ZmVhMGFmZjM1OWY1LzEvT1F6di1WbmFWb1VhZW1xOThrWHJQX3NYS2E4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84My9hY2E5MTItOWU4ZC00NzQ5LTk1ZTAtZmVhMGFmZjM1OWY1 LzEvWkQ0YnFSeFdtb3NocHRMV2YxMjcxc0JPUS1vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg35wTAN BgkqhkiG9w0BAQsFAAOCAQEAKQfthVi3j5YdAKNKn56jaw2yxcZ3PPIpbfPTp+lM IshALUxSnq27b4UAkzpVqZjUcFHDcEwI6ekRBgMV4Ud6poZEhF6IuU12PWZrI4lt r9agzHl18F7oRauD+2NOyKXf7U8f55Eirmc64Z8kxsGf/tpBCdutqB28pWrevFZa DAGNswGpzdROoUtYfX/eH0Sdnt7GmkVhTGIJB27I5Jf86pi+tyrjzeREDKOUcRNu fzWA7GszZgYnXhzUZjLP5HP1owhR5fbl4Vto3B7QRBArICJv8DLojpCCv6acZIw8 ktT1zA4gru+ZZQDSVsNbDBPqVqe75Pl395CihCEPqDUOcQ== -----END CERTIFICATE-----Generated at Mon Jan 26 05:33:31 2026 by rpki-client