This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/oomUoRc8kAeXbJ8Vact092RPz5A.roa File: oomUoRc8kAeXbJ8Vact092RPz5A.roa (raw, json) Hash identifier: +kRKbGJLzWAadibg+zB0y/8pWSdZTuvX7OD3gBOEtzw= Subject key identifier: A2:89:94:A1:17:3C:90:07:97:6C:9F:15:69:CB:74:F7:64:4F:CF:90 Certificate issuer: /CN=cfeace714c29568ef197007b141d12758cc415d5 Certificate serial: 019B7BA377238385BD3197E099ADB5521452 Authority key identifier: CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/oomUoRc8kAeXbJ8Vact092RPz5A.roa Signing time: Thu 01 Jan 2026 22:17:48 +0000 ROA not before: Thu 01 Jan 2026 22:17:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49419 IP address blocks: 84.19.128.0/20 maxlen: 24 84.19.144.0/21 maxlen: 24 185.224.56.0/22 maxlen: 24 2a0b:fd80::/32 maxlen: 48 2a0b:fd81::/32 maxlen: 48 2a0b:fd87::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.mft rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:77:23:83:85:bd:31:97:e0:99:ad:b5:52:14:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cfeace714c29568ef197007b141d12758cc415d5 Validity Not Before: Jan 1 22:17:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a28994a1173c9007976c9f1569cb74f7644fcf90 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:ff:2f:09:1f:74:a1:bc:ca:47:83:05:84:3c: aa:84:9f:44:1a:c9:44:c1:33:4a:6d:23:e6:65:0b: a1:15:cb:ab:f4:db:d0:0a:9d:bc:80:01:51:b0:72: 4f:3d:63:b3:42:ac:56:f8:c0:f7:bf:58:71:9a:aa: e9:54:2c:e9:b4:41:75:5f:bd:04:4c:13:2c:c3:bd: 9d:3f:ac:94:fa:67:3a:5f:32:f2:50:12:a0:ad:56: 68:d0:06:3c:0c:46:dd:6d:67:e1:0b:e7:77:ce:f1: 29:a8:49:95:a9:ed:42:c7:40:71:60:f7:a8:b2:a5: d6:02:f0:2a:1b:d6:b5:57:52:ed:fa:f5:8d:53:4f: 1b:d4:50:83:a0:b0:be:63:e0:03:01:a5:00:74:77: 1e:6f:82:06:e0:c1:b5:4d:91:59:91:23:83:01:25: 97:4d:a3:d8:e9:97:53:97:10:15:49:0c:cf:df:f9: 7f:69:2c:2c:38:f6:01:7c:7c:e4:b2:48:53:18:35: 6e:99:42:38:70:53:dd:61:67:45:36:ff:04:8f:a8: cd:44:24:eb:50:9e:30:c5:56:8e:fd:8d:77:27:b7: 5d:b3:84:9e:b2:34:9f:f6:c4:e6:43:e4:8d:a1:0d: e5:9c:0e:f1:71:5e:72:c1:eb:b6:65:f4:e5:a3:3f: 88:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:89:94:A1:17:3C:90:07:97:6C:9F:15:69:CB:74:F7:64:4F:CF:90 X509v3 Authority Key Identifier: keyid:CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/oomUoRc8kAeXbJ8Vact092RPz5A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 84.19.128.0-84.19.151.255 185.224.56.0/22 IPv6: 2a0b:fd80::/31 2a0b:fd87::/32 Signature Algorithm: sha256WithRSAEncryption 4b:46:95:7f:e9:fa:5e:2c:2e:8c:6f:7d:92:87:e2:95:ee:56: f9:ae:b0:9a:1b:40:fc:f7:a8:ee:e4:1a:dc:c1:44:0a:ca:25: 14:d2:70:19:9a:82:50:c0:8d:79:33:eb:a4:6b:e3:e6:a9:65: c0:ad:77:94:83:1b:1c:93:ba:a2:c2:46:1e:f8:46:8c:79:9c: 91:53:34:cb:ca:b2:2c:2e:b1:ed:49:8e:42:bf:9c:84:f2:82: 68:26:92:89:d0:a0:de:25:e6:2a:bb:fd:3b:cd:97:d8:38:74: 25:52:35:e0:6c:fd:24:82:00:45:da:2f:06:eb:09:e5:16:be: fe:25:11:85:81:c8:0b:ce:b8:c4:7d:2c:74:99:1c:09:7f:c0: 8f:75:eb:8f:65:69:fb:c8:0f:43:f3:af:bd:8f:87:9c:92:d8: 5d:f6:fc:46:a5:f2:f9:6a:61:e1:8e:61:78:23:c3:af:48:a4: a5:ca:35:bd:21:62:59:10:5b:f5:32:da:59:2f:00:b2:a8:ee: fb:eb:59:d1:0b:43:62:33:2b:10:33:7e:7b:4b:7a:b2:3f:d2: a9:5f:24:e8:8e:df:2e:e2:70:79:79:8a:1e:47:2c:01:d1:51: d8:0d:22:66:65:02:44:6d:9b:8d:a8:04:0b:8b:0e:3c:0e:7e: 3b:5e:0c:dc -----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgISAZt7o3cjg4W9MZfgma21UhRSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmZWFjZTcxNGMyOTU2OGVmMTk3MDA3YjE0MWQxMjc1OGNj NDE1ZDUwHhcNMjYwMTAxMjIxNzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMjg5OTRhMTE3M2M5MDA3OTc2YzlmMTU2OWNiNzRmNzY0NGZjZjkwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/8vCR90obzKR4MFhDyqhJ9EGslE wTNKbSPmZQuhFcur9NvQCp28gAFRsHJPPWOzQqxW+MD3v1hxmqrpVCzptEF1X70E TBMsw72dP6yU+mc6XzLyUBKgrVZo0AY8DEbdbWfhC+d3zvEpqEmVqe1Cx0BxYPeo sqXWAvAqG9a1V1Lt+vWNU08b1FCDoLC+Y+ADAaUAdHceb4IG4MG1TZFZkSODASWX TaPY6ZdTlxAVSQzP3/l/aSwsOPYBfHzkskhTGDVumUI4cFPdYWdFNv8Ej6jNRCTr UJ4wxVaO/Y13J7dds4SesjSf9sTmQ+SNoQ3lnA7xcV5yweu2ZfTloz+I5QIDAQAB o4ICLTCCAikwHQYDVR0OBBYEFKKJlKEXPJAHl2yfFWnLdPdkT8+QMB8GA1UdIwQY MBaAFM/qznFMKVaO8ZcAexQdEnWMxBXVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMt OGZkMzk0YjUzNTdjLzEvb29tVW9SYzhrQWVYYko4VmFjdDA5MlJQejVBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMtOGZkMzk0YjUzNTdj LzEvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAaBAIAATAUMAwDBAdUE4AD BANUE5ADBAK54DgwFAQCAAIwDgMFASoL/YADBQAqC/2HMA0GCSqGSIb3DQEBCwUA A4IBAQBLRpV/6fpeLC6Mb32Sh+KV7lb5rrCaG0D896ju5BrcwUQKyiUU0nAZmoJQ wI15M+uka+PmqWXArXeUgxsck7qiwkYe+EaMeZyRUzTLyrIsLrHtSY5Cv5yE8oJo JpKJ0KDeJeYqu/07zZfYOHQlUjXgbP0kggBF2i8G6wnlFr7+JRGFgcgLzrjEfSx0 mRwJf8CPdeuPZWn7yA9D86+9j4eckthd9vxGpfL5amHhjmF4I8OvSKSlyjW9IWJZ EFv1MtpZLwCyqO7761nRC0NiMysQM357S3qyP9KpXyTojt8u4nB5eYoeRywB0VHY DSJmZQJEbZuNqAQLiw48Dn47Xgzc -----END CERTIFICATE-----Generated at Sun Jan 25 18:05:29 2026 by rpki-client