This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/ONeqkPnIGoNNtO8mGjFbkXmPWcw.roa File: ONeqkPnIGoNNtO8mGjFbkXmPWcw.roa (raw, json) Hash identifier: kYO1wyTB/f6FZFDGDpkcy3vl9zMFVUkU3iINvS8pdJw= Subject key identifier: 38:D7:AA:90:F9:C8:1A:83:4D:B4:EF:26:1A:31:5B:91:79:8F:59:CC Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b Certificate serial: 019B7D5D1DFF8DFC34F8BE8C1DA2A05BC53C Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/ONeqkPnIGoNNtO8mGjFbkXmPWcw.roa Signing time: Fri 02 Jan 2026 06:20:13 +0000 ROA not before: Fri 02 Jan 2026 06:20:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44768 IP address blocks: 91.120.29.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.mft rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:1d:ff:8d:fc:34:f8:be:8c:1d:a2:a0:5b:c5:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b Validity Not Before: Jan 2 06:20:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=38d7aa90f9c81a834db4ef261a315b91798f59cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:2e:38:2c:b6:e6:5b:69:af:54:97:ec:13:ce: fa:9b:ae:cb:d2:e5:0b:cc:42:0d:da:0e:81:49:0c: c3:43:5f:a3:12:69:65:ef:b0:e8:4e:b5:7a:1a:73: df:98:8e:2d:9d:8c:b3:4e:74:d0:65:c5:72:01:3c: 29:3b:b6:d1:a3:61:18:9f:c6:2c:6f:05:c3:ea:1a: 6a:bf:62:3b:c2:96:08:ac:b9:1f:1f:57:0f:13:7a: 55:7b:5b:08:73:2d:11:b1:8d:5b:0d:de:2e:94:fd: 97:97:98:d5:92:59:87:c0:25:d6:c9:b5:c1:61:bd: a6:49:d6:b2:18:e9:3a:12:a9:f1:1f:33:60:59:af: 7e:08:5b:9c:a0:38:11:60:be:69:eb:cb:f6:c9:f7: 8f:ad:c2:ba:39:53:42:c7:d2:6a:a6:74:21:d1:2f: e6:13:d5:4f:a9:88:8d:5e:f4:96:f8:95:d2:bb:7a: 38:f9:bf:ba:55:40:a7:5f:a3:bd:bc:32:67:82:5a: 74:6f:26:46:4d:e0:90:65:b5:7c:a9:4e:f8:58:18: cc:24:21:dd:8a:c5:d4:d7:73:f6:6a:7f:a5:0c:38: 5e:62:fb:e4:a4:29:90:4e:95:71:9c:75:5e:22:6f: 8c:85:23:6e:90:40:a1:1b:fd:91:75:b0:99:24:60: 58:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:D7:AA:90:F9:C8:1A:83:4D:B4:EF:26:1A:31:5B:91:79:8F:59:CC X509v3 Authority Key Identifier: keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/ONeqkPnIGoNNtO8mGjFbkXmPWcw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.120.29.0/24 Signature Algorithm: sha256WithRSAEncryption 1c:da:b7:d7:1e:dc:02:ef:99:56:72:d3:2b:69:3b:22:0f:a1: 62:2e:b6:e1:f9:88:97:41:8b:63:d9:e6:fa:a1:d3:74:4b:65: c3:28:b8:de:ca:7b:ba:10:6c:da:6c:a8:a6:ad:a6:8c:0b:2e: 4a:a5:8c:15:33:46:85:fd:6e:ac:9a:65:0c:52:1e:f0:af:e4: 34:79:8f:59:fe:fa:ed:2b:56:23:85:0a:6f:c6:40:75:8c:1e: 5e:1c:98:e3:34:d3:69:eb:7a:cd:67:e3:b2:6a:35:60:29:d2: 91:c6:d1:cf:ff:1d:2c:54:44:73:dc:8f:2b:aa:51:db:f7:44: 82:76:83:fc:fe:66:2b:9d:f7:ff:0e:4a:b5:b1:68:ce:ed:c0: 46:08:d3:d3:6f:9b:4b:8d:97:a1:4c:68:bb:3b:85:26:ea:52: f9:87:86:5f:0f:e7:6a:ed:0f:bb:8d:d7:a2:7e:c8:b7:ed:4f: 59:fc:ef:98:9f:96:75:07:2f:1f:91:cd:93:4c:fd:a3:de:ab: 09:1e:e8:c3:5d:43:65:48:b6:97:ca:0e:c1:7c:ff:6b:05:90: da:03:cb:4c:2b:cf:4a:aa:df:d2:d9:96:4d:c2:0c:6c:6c:8e: e3:8f:70:90:2f:15:eb:a0:57:9b:11:dc:cc:8d:8a:f5:fb:0c: 7c:43:e6:57 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9XR3/jfw0+L6MHaKgW8U8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4 YWFlN2IwHhcNMjYwMTAyMDYyMDEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzOGQ3YWE5MGY5YzgxYTgzNGRiNGVmMjYxYTMxNWI5MTc5OGY1OWNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlC44LLbmW2mvVJfsE876m67L0uUL zEIN2g6BSQzDQ1+jEmll77DoTrV6GnPfmI4tnYyzTnTQZcVyATwpO7bRo2EYn8Ys bwXD6hpqv2I7wpYIrLkfH1cPE3pVe1sIcy0RsY1bDd4ulP2Xl5jVklmHwCXWybXB Yb2mSdayGOk6EqnxHzNgWa9+CFucoDgRYL5p68v2yfePrcK6OVNCx9JqpnQh0S/m E9VPqYiNXvSW+JXSu3o4+b+6VUCnX6O9vDJnglp0byZGTeCQZbV8qU74WBjMJCHd isXU13P2an+lDDheYvvkpCmQTpVxnHVeIm+MhSNukEChG/2RdbCZJGBYvwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFDjXqpD5yBqDTbTvJhoxW5F5j1nMMB8GA1UdIwQY MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt MjkyYWU0NmU2MzAyLzEvT05lcWtQbklHb05OdE84bUdqRmJrWG1QV2N3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW3gdMA0G CSqGSIb3DQEBCwUAA4IBAQAc2rfXHtwC75lWctMraTsiD6FiLrbh+YiXQYtj2eb6 odN0S2XDKLjeynu6EGzabKimraaMCy5KpYwVM0aF/W6smmUMUh7wr+Q0eY9Z/vrt K1YjhQpvxkB1jB5eHJjjNNNp63rNZ+OyajVgKdKRxtHP/x0sVERz3I8rqlHb90SC doP8/mYrnff/Dkq1sWjO7cBGCNPTb5tLjZehTGi7O4Um6lL5h4ZfD+dq7Q+7jdei fsi37U9Z/O+Yn5Z1By8fkc2TTP2j3qsJHujDXUNlSLaXyg7BfP9rBZDaA8tMK89K qt/S2ZZNwgxsbI7jj3CQLxXroFebEdzMjYr1+wx8Q+ZX -----END CERTIFICATE-----Generated at Sun Jan 25 16:54:33 2026 by rpki-client