This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/oqIJeArD_rDRIaKFE5ZCwfVtbKM.roa File: oqIJeArD_rDRIaKFE5ZCwfVtbKM.roa (raw, json) Hash identifier: QLySj4PfBawBaiRwkXPwmQcC7pjl5ceIYMcgCRUpvZQ= Subject key identifier: A2:A2:09:78:0A:C3:FE:B0:D1:21:A2:85:13:96:42:C1:F5:6D:6C:A3 Certificate issuer: /CN=2b4e2d34ccee4576b5ce7605a084e6c08522c228 Certificate serial: 019B7CECC8A645B6B13FBE1CE0B72C695C3A Authority key identifier: 2B:4E:2D:34:CC:EE:45:76:B5:CE:76:05:A0:84:E6:C0:85:22:C2:28 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K04tNMzuRXa1znYFoITmwIUiwig.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/oqIJeArD_rDRIaKFE5ZCwfVtbKM.roa Signing time: Fri 02 Jan 2026 04:17:31 +0000 ROA not before: Fri 02 Jan 2026 04:17:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60501 IP address blocks: 45.129.160.0/22 maxlen: 22 81.16.220.0/22 maxlen: 22 2a0d:2640::/29 maxlen: 29 2a0e:4cc0::/29 maxlen: 29 2a0f:c2c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/K04tNMzuRXa1znYFoITmwIUiwig.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/K04tNMzuRXa1znYFoITmwIUiwig.mft rsync://rpki.ripe.net/repository/DEFAULT/K04tNMzuRXa1znYFoITmwIUiwig.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 13:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ec:c8:a6:45:b6:b1:3f:be:1c:e0:b7:2c:69:5c:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2b4e2d34ccee4576b5ce7605a084e6c08522c228 Validity Not Before: Jan 2 04:17:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a2a209780ac3feb0d121a285139642c1f56d6ca3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:43:01:5f:b9:a1:b2:56:f2:a8:b5:65:48:fc: 70:3c:be:2b:47:8b:6a:7a:02:2c:8d:bd:45:d6:23: d7:a2:05:39:29:d4:6d:04:ab:3a:2d:35:37:e5:97: 25:da:a2:71:3a:7e:d9:64:58:d0:f6:6d:b9:92:03: 03:d8:a1:74:5f:7d:00:b4:7b:a5:6a:03:f4:2b:48: 31:e3:4a:54:1e:ee:fa:72:17:ec:c8:47:ca:34:dd: 88:06:58:5e:8c:58:0b:b1:ab:aa:ab:41:ac:eb:4f: 68:f2:6c:9a:a7:6c:2f:b0:8d:ff:51:7c:de:e4:9e: c0:91:ed:d7:ea:90:31:ab:70:93:f3:40:e3:02:c6: e1:06:8f:62:50:e0:a9:4d:18:8a:b2:57:86:e4:1b: 9f:04:15:67:c9:a2:8d:6f:ab:53:a4:66:6b:43:36: 22:fc:1d:62:a2:10:1b:3c:9b:19:b5:99:6c:4b:08: 4a:df:2f:cb:9c:20:74:67:ac:b2:78:35:50:02:b6: 76:72:3a:d6:45:68:78:dc:83:19:44:d0:54:d7:04: d8:da:a5:b1:84:90:df:85:18:b8:e8:a9:7a:c0:83: 71:a6:c4:b7:4e:47:df:b5:95:8a:2a:cf:2f:ca:6f: 20:0f:5a:a1:c3:da:67:46:9b:63:df:6c:39:f2:8b: a6:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:A2:09:78:0A:C3:FE:B0:D1:21:A2:85:13:96:42:C1:F5:6D:6C:A3 X509v3 Authority Key Identifier: keyid:2B:4E:2D:34:CC:EE:45:76:B5:CE:76:05:A0:84:E6:C0:85:22:C2:28 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K04tNMzuRXa1znYFoITmwIUiwig.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/oqIJeArD_rDRIaKFE5ZCwfVtbKM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/K04tNMzuRXa1znYFoITmwIUiwig.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.129.160.0/22 81.16.220.0/22 IPv6: 2a0d:2640::/29 2a0e:4cc0::/29 2a0f:c2c0::/29 Signature Algorithm: sha256WithRSAEncryption 2d:bc:7e:8a:88:b5:ab:d9:53:1b:88:e8:da:34:7b:a1:e6:b3: 42:b4:e0:3e:51:c8:7c:4c:30:91:f6:6c:5c:be:4d:ad:30:1e: 23:1b:8b:5b:8f:43:17:40:31:96:7f:3d:0f:f8:78:45:f4:0f: 42:e5:34:6b:97:8b:1d:b9:09:b1:ac:64:43:d2:a1:b0:3b:e2: 89:67:76:b8:00:98:c3:00:ae:4f:6f:fe:22:c6:02:de:d4:6b: f7:b9:92:05:1a:fe:a3:a0:a5:76:08:67:7b:aa:0c:ad:27:8b: 11:aa:45:b2:e5:7f:17:f0:f9:a2:68:44:92:c9:94:eb:16:e1: c0:cd:9b:d5:17:a0:4e:53:b3:e4:c6:63:27:36:06:c5:9a:d7: 76:34:b2:c1:b6:2e:fa:06:da:d5:dd:6b:f9:86:d2:4c:ee:24: 86:ae:c1:c1:08:c6:12:5c:27:4e:f5:9c:a0:f3:ea:a6:a5:b6: b8:92:7a:c3:d1:ad:98:8d:13:1a:3e:f0:3f:fd:40:ff:ce:f8: 17:dc:37:b2:b8:f2:c7:5d:72:b1:0b:3e:e4:84:d8:1d:eb:28: 89:1b:d3:12:cb:f6:0e:5e:df:71:ba:9c:25:df:fd:b5:4b:47: 83:31:85:21:f1:dd:17:d5:fb:ee:cc:17:de:ef:ac:a9:56:81: 58:e4:b5:17 -----BEGIN CERTIFICATE----- MIIFIDCCBAigAwIBAgISAZt87MimRbaxP74c4LcsaVw6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJiNGUyZDM0Y2NlZTQ1NzZiNWNlNzYwNWEwODRlNmMwODUy MmMyMjgwHhcNMjYwMTAyMDQxNzMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMmEyMDk3ODBhYzNmZWIwZDEyMWEyODUxMzk2NDJjMWY1NmQ2Y2EzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUMBX7mhslbyqLVlSPxwPL4rR4tq egIsjb1F1iPXogU5KdRtBKs6LTU35Zcl2qJxOn7ZZFjQ9m25kgMD2KF0X30AtHul agP0K0gx40pUHu76chfsyEfKNN2IBlhejFgLsauqq0Gs609o8myap2wvsI3/UXze 5J7Ake3X6pAxq3CT80DjAsbhBo9iUOCpTRiKsleG5BufBBVnyaKNb6tTpGZrQzYi /B1iohAbPJsZtZlsSwhK3y/LnCB0Z6yyeDVQArZ2cjrWRWh43IMZRNBU1wTY2qWx hJDfhRi46Kl6wINxpsS3TkfftZWKKs8vym8gD1qhw9pnRptj32w58oumwQIDAQAB o4ICLDCCAigwHQYDVR0OBBYEFKKiCXgKw/6w0SGihROWQsH1bWyjMB8GA1UdIwQY MBaAFCtOLTTM7kV2tc52BaCE5sCFIsIoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSzA0dE5NenVSWGExem5ZRm9JVG13SVVpd2lnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kODk5Y2MtNTM1Ny00NzFhLWJjMWMt MDc3YmM4YmExZTVkLzEvb3FJSmVBckRfckRSSWFLRkU1WkN3ZlZ0YktNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS9kODk5Y2MtNTM1Ny00NzFhLWJjMWMtMDc3YmM4YmExZTVk LzEvSzA0dE5NenVSWGExem5ZRm9JVG13SVVpd2lnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTASBAIAATAMAwQCLYGgAwQC URDcMBsEAgACMBUDBQMqDSZAAwUDKg5MwAMFAyoPwsAwDQYJKoZIhvcNAQELBQAD ggEBAC28foqItavZUxuI6No0e6Hms0K04D5RyHxMMJH2bFy+Ta0wHiMbi1uPQxdA MZZ/PQ/4eEX0D0LlNGuXix25CbGsZEPSobA74olndrgAmMMArk9v/iLGAt7Ua/e5 kgUa/qOgpXYIZ3uqDK0nixGqRbLlfxfw+aJoRJLJlOsW4cDNm9UXoE5Ts+TGYyc2 BsWa13Y0ssG2LvoG2tXda/mG0kzuJIauwcEIxhJcJ071nKDz6qaltriSesPRrZiN Exo+8D/9QP/O+BfcN7K48sddcrELPuSE2B3rKIkb0xLL9g5e33G6nCXf/bVLR4Mx hSHx3RfV++7MF97vrKlWgVjktRc= -----END CERTIFICATE-----Generated at Mon Jan 26 20:24:33 2026 by rpki-client