This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/OvmTgUIhh_9t9vJEPoXypMFbwHo.roa File: OvmTgUIhh_9t9vJEPoXypMFbwHo.roa (raw, json) Hash identifier: ljOxdf4HiiTsksJZ7EMHV+kRnsod4sBa3jvJ2TuvVag= Subject key identifier: 3A:F9:93:81:42:21:87:FF:6D:F6:F2:44:3E:85:F2:A4:C1:5B:C0:7A Certificate issuer: /CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018 Certificate serial: 019B77C6F49EB66CEB5F007B30D28514221C Authority key identifier: 4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/OvmTgUIhh_9t9vJEPoXypMFbwHo.roa Signing time: Thu 01 Jan 2026 04:18:06 +0000 ROA not before: Thu 01 Jan 2026 04:18:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50532 IP address blocks: 85.234.102.0/23 maxlen: 24 85.234.114.0/23 maxlen: 24 2a0a:6f40:2::/47 maxlen: 48 2a0a:6f40:4::/47 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/TCuJw8V6PilqpAYelihAvnro8Bg.crl rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/TCuJw8V6PilqpAYelihAvnro8Bg.mft rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:f4:9e:b6:6c:eb:5f:00:7b:30:d2:85:14:22:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018 Validity Not Before: Jan 1 04:18:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3af99381422187ff6df6f2443e85f2a4c15bc07a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:96:78:61:e3:b9:ae:f0:fb:3c:e1:fd:16:d0: 21:1a:59:e5:08:92:c3:87:82:d4:9c:7a:12:05:1c: 3d:72:92:c6:20:b6:cc:7b:f0:35:70:10:ce:57:a4: b2:75:2f:99:6a:50:81:cf:63:f5:5d:5a:4b:7d:99: ad:8f:29:4c:2c:95:8c:2c:cd:ac:1a:ca:64:0f:ed: eb:87:83:12:30:7f:3e:3e:ae:a3:26:aa:5c:fc:c3: 3f:b0:ee:37:43:eb:8b:b8:00:13:8d:a7:9e:c1:db: 60:20:05:a0:c6:62:92:6a:59:7b:bf:8a:55:a6:1d: 51:45:7d:7e:46:d8:17:cf:35:a1:78:83:22:37:9f: 0f:c6:c0:6c:a7:74:33:95:f8:8c:53:af:42:61:75: e7:56:a7:c5:83:ce:7f:1d:d9:88:71:03:17:3f:83: fc:64:b1:f8:62:b4:6f:da:d5:7b:1b:95:5e:2b:54: 3e:bf:31:88:39:ce:55:99:62:8f:54:f0:e0:f2:1e: ce:69:14:ad:a6:38:aa:97:b8:59:7b:c0:35:61:45: 0f:b2:a8:87:d3:41:52:1c:0d:2a:44:61:5b:11:42: 12:de:9e:f6:51:a5:1c:18:ee:2d:ef:63:9f:f2:7c: aa:f8:c0:7f:62:9c:3d:a7:18:5e:67:1a:7a:f8:c0: 97:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:F9:93:81:42:21:87:FF:6D:F6:F2:44:3E:85:F2:A4:C1:5B:C0:7A X509v3 Authority Key Identifier: keyid:4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/OvmTgUIhh_9t9vJEPoXypMFbwHo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/TCuJw8V6PilqpAYelihAvnro8Bg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.234.102.0/23 85.234.114.0/23 IPv6: 2a0a:6f40:2::-2a0a:6f40:5:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 22:87:72:76:4d:97:23:f4:50:65:a4:d1:00:37:2a:bc:09:fb: e6:8d:ac:f0:3e:ae:98:3b:7e:01:9e:05:2a:e2:70:d7:c9:9f: 91:8f:fe:0f:cc:f9:41:a9:bd:7f:1e:53:c8:c5:ff:11:a8:ae: 8b:ad:75:05:aa:19:f6:2b:3b:f3:a2:b5:de:f7:d7:cc:15:19: c2:56:59:bf:c6:47:53:b6:b8:0d:4b:9c:16:99:b9:df:47:c4: 9f:a4:8d:6b:d9:79:f4:30:27:24:87:46:d7:d8:3c:e0:06:70: 2a:1b:56:ca:56:46:6a:52:a3:b8:50:e3:c4:84:0b:fa:01:99: 3f:1a:40:06:cf:24:94:c0:95:b6:74:d7:67:5a:b7:97:90:2b: 8b:5b:1d:38:17:b5:bf:4b:b6:8d:7f:c1:de:b8:56:26:58:35: 0d:36:1c:54:4c:2b:66:c0:32:a1:8a:ed:97:62:0c:4f:7f:de: ff:36:63:dd:c1:05:46:79:9b:65:dd:34:40:32:d1:ea:ed:b1: 50:2a:f3:31:49:8e:77:96:9e:0d:f6:aa:99:e8:a7:44:b0:bb: 02:b8:50:51:fc:70:b6:d8:7e:be:3e:12:7a:f7:8a:15:08:45: de:70:8c:db:84:b0:73:54:a1:c0:b2:b4:35:11:7f:e5:a4:e5: c4:8b:0c:6d -----BEGIN CERTIFICATE----- MIIFHzCCBAegAwIBAgISAZt3xvSetmzrXwB7MNKFFCIcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjMmI4OWMzYzU3YTNlMjk2YWE0MDYxZTk2Mjg0MGJlN2Fl OGYwMTgwHhcNMjYwMTAxMDQxODA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYWY5OTM4MTQyMjE4N2ZmNmRmNmYyNDQzZTg1ZjJhNGMxNWJjMDdhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJZ4YeO5rvD7POH9FtAhGlnlCJLD h4LUnHoSBRw9cpLGILbMe/A1cBDOV6SydS+ZalCBz2P1XVpLfZmtjylMLJWMLM2s GspkD+3rh4MSMH8+Pq6jJqpc/MM/sO43Q+uLuAATjaeewdtgIAWgxmKSall7v4pV ph1RRX1+RtgXzzWheIMiN58PxsBsp3QzlfiMU69CYXXnVqfFg85/HdmIcQMXP4P8 ZLH4YrRv2tV7G5VeK1Q+vzGIOc5VmWKPVPDg8h7OaRStpjiql7hZe8A1YUUPsqiH 00FSHA0qRGFbEUIS3p72UaUcGO4t72Of8nyq+MB/Ypw9pxheZxp6+MCXtQIDAQAB o4ICKzCCAicwHQYDVR0OBBYEFDr5k4FCIYf/bfbyRD6F8qTBW8B6MB8GA1UdIwQY MBaAFEwricPFej4paqQGHpYoQL566PAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQt MTEyOGU1Y2U2YTViLzEvT3ZtVGdVSWhoXzl0OXZKRVBvWHlwTUZid0hvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQtMTEyOGU1Y2U2YTVi LzEvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDASBAIAATAMAwQBVepmAwQB VepyMBoEAgACMBQwEgMHASoKb0AAAgMHASoKb0AABDANBgkqhkiG9w0BAQsFAAOC AQEAIodydk2XI/RQZaTRADcqvAn75o2s8D6umDt+AZ4FKuJw18mfkY/+D8z5Qam9 fx5TyMX/Eaiui611BaoZ9is786K13vfXzBUZwlZZv8ZHU7a4DUucFpm530fEn6SN a9l59DAnJIdG19g84AZwKhtWylZGalKjuFDjxIQL+gGZPxpABs8klMCVtnTXZ1q3 l5Ari1sdOBe1v0u2jX/B3rhWJlg1DTYcVEwrZsAyoYrtl2IMT3/e/zZj3cEFRnmb Zd00QDLR6u2xUCrzMUmOd5aeDfaqmeinRLC7ArhQUfxwtth+vj4SeveKFQhF3nCM 24Swc1ShwLK0NRF/5aTlxIsMbQ== -----END CERTIFICATE-----Generated at Sun Jan 25 19:35:12 2026 by rpki-client