This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/oBqkwnj05lVwlwGOkOtelMXi290.roa File: oBqkwnj05lVwlwGOkOtelMXi290.roa (raw, json) Hash identifier: KWxt3/pFpWp3KL1iplFsqb9jfnpqg64kOikp0uiyOdM= Subject key identifier: A0:1A:A4:C2:78:F4:E6:55:70:97:01:8E:90:EB:5E:94:C5:E2:DB:DD Certificate issuer: /CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212 Certificate serial: 019B7E39191DE35C4D6379DED5CD1BF4575A Authority key identifier: 6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/oBqkwnj05lVwlwGOkOtelMXi290.roa Signing time: Fri 02 Jan 2026 10:20:29 +0000 ROA not before: Fri 02 Jan 2026 10:20:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8870 IP address blocks: 185.237.72.0/24 maxlen: 24 185.237.73.0/24 maxlen: 24 185.237.74.0/24 maxlen: 24 185.237.75.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.mft rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:19:1d:e3:5c:4d:63:79:de:d5:cd:1b:f4:57:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212 Validity Not Before: Jan 2 10:20:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a01aa4c278f4e6557097018e90eb5e94c5e2dbdd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:02:59:19:64:ad:f2:6b:85:ca:f2:00:1f:98: 12:49:9e:6f:68:40:58:59:33:bc:9b:31:8b:94:05: 13:15:36:1c:fc:00:7f:7b:8d:2c:3b:37:29:3b:6e: 61:98:ac:91:4b:b2:b3:2b:f8:c3:e1:14:d7:f1:f6: da:2d:3d:94:4f:e2:6c:60:35:6d:cd:54:ec:03:6d: 1c:fa:25:73:61:58:ba:02:1e:d0:32:e5:51:3d:e2: a6:a9:a5:67:ed:ac:fc:03:e0:fa:23:42:85:5d:dd: db:1c:02:6d:1c:69:f4:0b:5b:07:28:ad:7d:15:39: 64:bc:96:f6:9a:17:19:d7:68:18:18:88:dc:1a:8c: 92:48:f0:3a:b5:ce:84:4c:02:a7:cf:c0:1e:dd:f4: 07:82:64:5a:98:66:18:32:3e:b2:1b:93:bb:e7:89: 9f:49:64:23:7c:85:d1:84:0c:63:c0:da:5c:4c:34: ca:7b:e2:48:67:9d:0a:69:5b:0f:19:c3:46:25:34: d9:2e:bf:33:f6:2a:f1:e6:29:c5:ed:13:5b:99:c7: b6:4b:a1:34:28:ca:0f:ad:a2:94:5a:31:31:b1:7a: 20:b7:c6:d6:16:e0:e9:79:01:39:e7:49:91:52:c7: 2c:07:dd:fd:3e:1a:fc:71:3c:5d:7d:2f:35:41:da: 32:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:1A:A4:C2:78:F4:E6:55:70:97:01:8E:90:EB:5E:94:C5:E2:DB:DD X509v3 Authority Key Identifier: keyid:6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/oBqkwnj05lVwlwGOkOtelMXi290.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.237.72.0/22 Signature Algorithm: sha256WithRSAEncryption 90:d7:74:7c:30:3b:6f:c5:e3:25:ca:3d:c8:3e:3c:43:ce:00: de:59:06:35:1d:67:ac:11:a0:e6:31:b2:74:63:05:ec:fd:8e: d9:66:6c:14:66:3e:95:60:ce:c6:23:c0:1d:7f:5a:75:e2:d4: 56:91:d8:45:1e:ff:77:7a:af:df:58:b3:57:b1:18:51:32:d4: 48:55:4c:86:09:63:3b:e1:56:f2:d2:16:f4:53:dd:93:46:13: 20:2c:3e:af:cd:95:0d:fc:bb:e3:ee:68:ef:45:f2:ed:54:73: bb:e1:3a:74:65:36:35:f3:07:23:b4:b5:70:2a:f0:3d:db:66: 65:6f:d4:cc:0d:43:9b:5b:dc:29:12:98:03:a1:f2:8a:03:10: 2c:c3:ad:32:f2:12:b0:70:5c:24:40:32:7a:8d:c2:59:08:94: f0:f0:84:a1:1f:d9:52:c5:46:f4:ea:29:d8:f4:45:02:78:8a: e9:2d:34:dd:7a:ad:c9:ad:8a:09:96:1e:2b:e0:6e:8e:08:43: 54:1d:a3:05:df:dc:5c:5b:07:80:c1:5d:69:36:21:ff:06:12: 64:bd:a5:b5:fb:c0:5e:ba:d1:68:a1:fd:e6:d7:39:e1:59:bc: 2a:74:1b:10:2f:39:46:ab:c6:1f:88:46:f0:61:2b:8f:18:e1: fb:c2:9a:02 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+ORkd41xNY3ne1c0b9FdaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjZTk3Y2Y0ZDhkMGJjMTdiM2FmMWQ2MmM0ZDcxNDg4NjYx YmQyMTIwHhcNMjYwMTAyMTAyMDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMDFhYTRjMjc4ZjRlNjU1NzA5NzAxOGU5MGViNWU5NGM1ZTJkYmRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9QJZGWSt8muFyvIAH5gSSZ5vaEBY WTO8mzGLlAUTFTYc/AB/e40sOzcpO25hmKyRS7KzK/jD4RTX8fbaLT2UT+JsYDVt zVTsA20c+iVzYVi6Ah7QMuVRPeKmqaVn7az8A+D6I0KFXd3bHAJtHGn0C1sHKK19 FTlkvJb2mhcZ12gYGIjcGoySSPA6tc6ETAKnz8Ae3fQHgmRamGYYMj6yG5O754mf SWQjfIXRhAxjwNpcTDTKe+JIZ50KaVsPGcNGJTTZLr8z9irx5inF7RNbmce2S6E0 KMoPraKUWjExsXogt8bWFuDpeQE550mRUscsB939Phr8cTxdfS81QdoyXQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFKAapMJ49OZVcJcBjpDrXpTF4tvdMB8GA1UdIwQY MBaAFGzpfPTY0LwXs68dYsTXFIhmG9ISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMt Mzk5M2FhMzI0ZTFmLzEvb0Jxa3duajA1bFZ3bHdHT2tPdGVsTVhpMjkwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMtMzk5M2FhMzI0ZTFm LzEvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue1IMA0G CSqGSIb3DQEBCwUAA4IBAQCQ13R8MDtvxeMlyj3IPjxDzgDeWQY1HWesEaDmMbJ0 YwXs/Y7ZZmwUZj6VYM7GI8Adf1p14tRWkdhFHv93eq/fWLNXsRhRMtRIVUyGCWM7 4Vby0hb0U92TRhMgLD6vzZUN/Lvj7mjvRfLtVHO74Tp0ZTY18wcjtLVwKvA922Zl b9TMDUObW9wpEpgDofKKAxAsw60y8hKwcFwkQDJ6jcJZCJTw8IShH9lSxUb06inY 9EUCeIrpLTTdeq3JrYoJlh4r4G6OCENUHaMF39xcWweAwV1pNiH/BhJkvaW1+8Be utFoof3m1znhWbwqdBsQLzlGq8YfiEbwYSuPGOH7wpoC -----END CERTIFICATE-----Generated at Sun Jan 25 22:14:04 2026 by rpki-client