This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e14ebe-45dd-44db-b9b7-1a1f936454ec/1/otTbYOYedxsaU18vozv7H0qaULY.roa File: otTbYOYedxsaU18vozv7H0qaULY.roa (raw, json) Hash identifier: 0z94Z3PKNajsqszNsKqEJ/uzjuVZiI+UT7U7HnELbf8= Subject key identifier: A2:D4:DB:60:E6:1E:77:1B:1A:53:5F:2F:A3:3B:FB:1F:4A:9A:50:B6 Certificate issuer: /CN=bfd786b24b4b30275bcc8d5244e34ee00481d790 Certificate serial: 019B7D5CF38C63335D423BCFDDFFB266925F Authority key identifier: BF:D7:86:B2:4B:4B:30:27:5B:CC:8D:52:44:E3:4E:E0:04:81:D7:90 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v9eGsktLMCdbzI1SRONO4ASB15A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e14ebe-45dd-44db-b9b7-1a1f936454ec/1/otTbYOYedxsaU18vozv7H0qaULY.roa Signing time: Fri 02 Jan 2026 06:20:02 +0000 ROA not before: Fri 02 Jan 2026 06:20:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 6831 IP address blocks: 188.94.190.0/24 maxlen: 24 193.238.100.0/22 maxlen: 24 195.178.28.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/e14ebe-45dd-44db-b9b7-1a1f936454ec/1/v9eGsktLMCdbzI1SRONO4ASB15A.crl rsync://rpki.ripe.net/repository/DEFAULT/8d/e14ebe-45dd-44db-b9b7-1a1f936454ec/1/v9eGsktLMCdbzI1SRONO4ASB15A.mft rsync://rpki.ripe.net/repository/DEFAULT/v9eGsktLMCdbzI1SRONO4ASB15A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:f3:8c:63:33:5d:42:3b:cf:dd:ff:b2:66:92:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bfd786b24b4b30275bcc8d5244e34ee00481d790 Validity Not Before: Jan 2 06:20:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a2d4db60e61e771b1a535f2fa33bfb1f4a9a50b6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:41:1f:9f:4e:5c:69:45:56:4d:f6:aa:02:ee: 6d:63:74:14:5f:bd:fc:d3:4e:d5:f9:08:0c:4c:92: 0c:08:4e:69:9b:90:88:07:3b:7a:79:bc:11:33:36: 24:47:fe:d5:b1:e1:46:39:89:09:ae:e2:ae:19:e2: 54:50:bf:1e:a8:ec:df:7e:b4:c5:ad:8e:f6:88:71: 20:00:76:a0:aa:f5:56:17:66:69:76:fe:b8:c7:df: 4e:de:32:06:c1:61:c1:76:19:30:6e:36:b1:32:2c: d0:e1:fb:ee:d9:90:fc:78:9d:2a:eb:df:ca:41:1d: a4:ee:4c:2f:9e:27:50:fd:15:07:70:19:57:25:99: 28:01:59:ae:d5:ca:06:42:aa:cc:cb:88:d7:50:2d: a6:c4:75:36:53:65:24:43:ef:b7:a1:44:7a:f7:61: 34:ca:11:db:e6:44:19:82:47:a9:10:db:db:aa:6d: 08:f4:47:e2:82:ef:f7:54:2a:ef:cc:b3:1f:97:b9: 50:94:00:6c:64:3f:b7:be:f1:ec:4b:6e:a3:36:a0: 02:37:1e:10:4c:45:3d:6e:ef:78:91:9b:91:27:0a: 2d:a7:35:81:7c:ba:f7:76:4e:de:55:4b:27:ae:f8: 21:03:fe:77:ed:ab:17:ff:1c:75:11:8f:77:af:39: 02:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:D4:DB:60:E6:1E:77:1B:1A:53:5F:2F:A3:3B:FB:1F:4A:9A:50:B6 X509v3 Authority Key Identifier: keyid:BF:D7:86:B2:4B:4B:30:27:5B:CC:8D:52:44:E3:4E:E0:04:81:D7:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v9eGsktLMCdbzI1SRONO4ASB15A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e14ebe-45dd-44db-b9b7-1a1f936454ec/1/otTbYOYedxsaU18vozv7H0qaULY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e14ebe-45dd-44db-b9b7-1a1f936454ec/1/v9eGsktLMCdbzI1SRONO4ASB15A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 188.94.190.0/24 193.238.100.0/22 195.178.28.0/23 Signature Algorithm: sha256WithRSAEncryption 80:64:f5:b1:0f:a0:96:39:aa:d6:cc:33:38:ad:2c:9c:08:0e: 2a:ac:98:51:3f:12:71:54:b9:1b:32:0c:9d:4e:c0:ab:e8:16: da:de:31:ab:40:52:a5:f9:00:9d:4f:18:09:92:40:37:7f:93: be:36:5b:55:c1:c8:33:85:95:0f:dd:cf:f9:45:22:30:65:e1: 3f:be:8e:35:61:af:03:9e:91:91:f2:e0:9f:19:48:8c:72:c7: c5:22:c9:5c:8a:48:da:4f:74:38:97:dc:9c:a0:26:76:b4:3b: 12:d7:7c:d3:64:35:21:8a:17:8b:82:74:db:63:ef:4e:ee:7f: 72:2e:7b:df:5d:35:71:b3:e7:b1:d0:7a:19:00:b2:8d:52:66: 7c:70:f5:5c:4f:14:19:e5:79:14:8b:54:37:9e:1b:8f:6f:b4: af:66:ab:16:a6:7b:a2:0a:73:b9:48:d9:e1:5a:cf:40:5c:26: 3f:55:8e:17:0f:ae:a9:66:38:d5:b9:20:9b:5e:41:90:4b:df: 4e:87:03:cb:de:0b:52:d1:80:fa:23:a8:88:df:c8:a4:f6:91: 16:b3:79:b7:64:b5:36:2d:d2:8a:c0:fe:77:03:65:36:95:c3: cf:67:91:4f:29:76:b6:d0:18:35:c6:91:05:ae:b6:7d:58:bd: 6a:d3:64:c6 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt9XPOMYzNdQjvP3f+yZpJfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJmZDc4NmIyNGI0YjMwMjc1YmNjOGQ1MjQ0ZTM0ZWUwMDQ4 MWQ3OTAwHhcNMjYwMTAyMDYyMDAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMmQ0ZGI2MGU2MWU3NzFiMWE1MzVmMmZhMzNiZmIxZjRhOWE1MGI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UEfn05caUVWTfaqAu5tY3QUX738 007V+QgMTJIMCE5pm5CIBzt6ebwRMzYkR/7VseFGOYkJruKuGeJUUL8eqOzffrTF rY72iHEgAHagqvVWF2Zpdv64x99O3jIGwWHBdhkwbjaxMizQ4fvu2ZD8eJ0q69/K QR2k7kwvnidQ/RUHcBlXJZkoAVmu1coGQqrMy4jXUC2mxHU2U2UkQ++3oUR692E0 yhHb5kQZgkepENvbqm0I9Efigu/3VCrvzLMfl7lQlABsZD+3vvHsS26jNqACNx4Q TEU9bu94kZuRJwotpzWBfLr3dk7eVUsnrvghA/537asX/xx1EY93rzkCywIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFKLU22DmHncbGlNfL6M7+x9KmlC2MB8GA1UdIwQY MBaAFL/XhrJLSzAnW8yNUkTjTuAEgdeQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdjllR3NrdExNQ2RiekkxU1JPTk80QVNCMTVBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lMTRlYmUtNDVkZC00NGRiLWI5Yjct MWExZjkzNjQ1NGVjLzEvb3RUYllPWWVkeHNhVTE4dm96djdIMHFhVUxZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZC9lMTRlYmUtNDVkZC00NGRiLWI5YjctMWExZjkzNjQ1NGVj LzEvdjllR3NrdExNQ2RiekkxU1JPTk80QVNCMTVBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAvF6+AwQC we5kAwQBw7IcMA0GCSqGSIb3DQEBCwUAA4IBAQCAZPWxD6CWOarWzDM4rSycCA4q rJhRPxJxVLkbMgydTsCr6Bba3jGrQFKl+QCdTxgJkkA3f5O+NltVwcgzhZUP3c/5 RSIwZeE/vo41Ya8DnpGR8uCfGUiMcsfFIslcikjaT3Q4l9ycoCZ2tDsS13zTZDUh iheLgnTbY+9O7n9yLnvfXTVxs+ex0HoZALKNUmZ8cPVcTxQZ5XkUi1Q3nhuPb7Sv ZqsWpnuiCnO5SNnhWs9AXCY/VY4XD66pZjjVuSCbXkGQS99OhwPL3gtS0YD6I6iI 38ik9pEWs3m3ZLU2LdKKwP53A2U2lcPPZ5FPKXa20Bg1xpEFrrZ9WL1q02TG -----END CERTIFICATE-----Generated at Sun Jan 25 22:49:28 2026 by rpki-client