This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/1-OkpooCR750DOU3KO4Q0Au9Ls5A.roa File: 1-OkpooCR750DOU3KO4Q0Au9Ls5A.roa (raw, json) Hash identifier: Dj+AT1jX9rfVhJFGXz9XaLtPSZgqG/nTfTCrODe4StE= Subject key identifier: F8:E9:29:A2:80:91:EF:9D:03:39:4D:CA:3B:84:34:02:EF:4B:B3:90 Certificate issuer: /CN=d9ff0cc853554bddf9099aa3ceebd35246b928f5 Certificate serial: 019BA7004FD9CFE62A5F2D76C58CC0C4312C Authority key identifier: D9:FF:0C:C8:53:55:4B:DD:F9:09:9A:A3:CE:EB:D3:52:46:B9:28:F5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2f8MyFNVS935CZqjzuvTUka5KPU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/1-OkpooCR750DOU3KO4Q0Au9Ls5A.roa Signing time: Sat 10 Jan 2026 08:22:54 +0000 ROA not before: Sat 10 Jan 2026 08:22:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206735 IP address blocks: 2a06:5200:a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.crl rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.mft rsync://rpki.ripe.net/repository/DEFAULT/2f8MyFNVS935CZqjzuvTUka5KPU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:a7:00:4f:d9:cf:e6:2a:5f:2d:76:c5:8c:c0:c4:31:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d9ff0cc853554bddf9099aa3ceebd35246b928f5 Validity Not Before: Jan 10 08:22:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f8e929a28091ef9d03394dca3b843402ef4bb390 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:15:63:96:f5:76:ba:c3:ed:af:a2:fa:f8:8f: 38:41:75:b1:2e:3c:06:25:74:af:18:af:1f:7f:6b: 14:9e:89:81:3d:e4:ac:8b:93:07:92:f2:98:7f:44: 65:9c:8b:df:d7:84:65:96:6f:5c:13:17:91:92:c5: 21:5c:c6:7b:2f:48:b3:2c:bb:54:64:b1:82:c5:79: 2d:eb:b2:07:e3:21:8f:61:88:9c:23:30:49:88:db: c8:1f:30:8d:d3:d8:1b:57:b8:b5:5b:51:41:ce:b3: b7:2e:d0:ed:aa:ec:2a:77:50:e8:1c:39:8d:f2:c6: 5e:bd:f1:1d:5a:21:20:64:9a:20:a1:fb:ea:92:0b: ce:56:90:cd:52:89:2a:b2:82:1a:9b:b2:7b:81:ea: 05:81:79:96:27:f8:78:16:3d:a4:ab:5e:e7:2e:3e: f2:73:96:6b:6b:e3:dd:e1:1e:b3:b9:11:04:b9:fa: 83:06:91:df:ef:a0:15:ea:f4:10:fd:d7:14:24:fd: d1:56:66:66:fd:5d:0d:95:4f:6e:40:b0:62:0a:00: f2:eb:ce:ff:52:36:34:c2:47:95:fa:35:78:fd:df: c3:c7:f9:1c:7f:87:90:b0:59:55:82:dc:5e:dd:f1: 9b:44:3b:5c:4f:5c:54:72:e1:66:25:d1:b4:4b:ec: 0c:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:E9:29:A2:80:91:EF:9D:03:39:4D:CA:3B:84:34:02:EF:4B:B3:90 X509v3 Authority Key Identifier: keyid:D9:FF:0C:C8:53:55:4B:DD:F9:09:9A:A3:CE:EB:D3:52:46:B9:28:F5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f8MyFNVS935CZqjzuvTUka5KPU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/1-OkpooCR750DOU3KO4Q0Au9Ls5A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a06:5200:a::/48 Signature Algorithm: sha256WithRSAEncryption 2e:3e:e9:bb:2b:13:79:24:9a:8e:53:52:fb:dc:05:8c:bc:7e: 76:33:bf:4c:2b:29:ae:68:eb:bf:8c:6e:12:a7:49:af:bd:22: 68:06:8a:7c:ae:37:66:dc:e5:c9:f5:27:2e:f6:59:48:0a:a2: b7:4c:42:8a:ee:2e:95:b3:c4:cb:52:43:b1:29:d3:ab:86:72: c4:79:7e:08:8f:e5:9f:23:37:92:ab:ce:fa:bf:bc:af:be:02: 2c:4f:46:f6:10:cf:7c:48:d9:7f:59:29:0f:08:31:0b:15:38: 9a:3c:5c:86:b5:3a:ca:32:3a:45:66:6b:36:6c:9b:ef:75:fa: 60:36:ab:ff:d6:b6:a4:44:93:27:9d:b9:53:fb:43:e4:6d:46: 05:44:1c:38:6e:08:d7:eb:cd:56:39:df:69:e1:f3:f6:a7:86: f9:ca:50:c8:4c:46:b6:2d:3d:cc:0f:b6:04:da:f1:41:57:82: 6c:2a:f7:34:ab:f7:d2:32:15:1d:8b:d3:07:a5:d4:91:78:b5: f3:e9:be:f3:34:d9:62:fa:09:e8:f0:ba:c5:2a:3b:64:f5:c4: 6b:80:23:9c:59:3e:41:42:c3:50:bf:b6:31:5f:90:13:28:60: 9a:77:83:46:39:bb:3c:a5:4f:25:00:30:dd:2e:f5:70:50:02: f5:e7:ad:11 -----BEGIN CERTIFICATE----- MIIFATCCA+mgAwIBAgISAZunAE/Zz+YqXy12xYzAxDEsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5ZmYwY2M4NTM1NTRiZGRmOTA5OWFhM2NlZWJkMzUyNDZi OTI4ZjUwHhcNMjYwMTEwMDgyMjU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmOGU5MjlhMjgwOTFlZjlkMDMzOTRkY2EzYjg0MzQwMmVmNGJiMzkwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRVjlvV2usPtr6L6+I84QXWxLjwG JXSvGK8ff2sUnomBPeSsi5MHkvKYf0RlnIvf14Rllm9cExeRksUhXMZ7L0izLLtU ZLGCxXkt67IH4yGPYYicIzBJiNvIHzCN09gbV7i1W1FBzrO3LtDtquwqd1DoHDmN 8sZevfEdWiEgZJogofvqkgvOVpDNUokqsoIam7J7geoFgXmWJ/h4Fj2kq17nLj7y c5Zra+Pd4R6zuREEufqDBpHf76AV6vQQ/dcUJP3RVmZm/V0NlU9uQLBiCgDy687/ UjY0wkeV+jV4/d/Dx/kcf4eQsFlVgtxe3fGbRDtcT1xUcuFmJdG0S+wMUwIDAQAB o4ICDTCCAgkwHQYDVR0OBBYEFPjpKaKAke+dAzlNyjuENALvS7OQMB8GA1UdIwQY MBaAFNn/DMhTVUvd+Qmao87r01JGuSj1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmY4TXlGTlZTOTM1Q1pxanp1dlRVa2E1S1BVLmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9hYWEwNWQtZTdiMS00ZTM5LTg0NzAt Y2FmZTVlN2RiNzU4LzEvMS1Pa3Bvb0NSNzUwRE9VM0tPNFEwQXU5THM1QS5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvOWIvYWFhMDVkLWU3YjEtNGUzOS04NDcwLWNhZmU1ZTdkYjc1 OC8xLzJmOE15Rk5WUzkzNUNacWp6dXZUVWthNUtQVS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoGUgAA CjANBgkqhkiG9w0BAQsFAAOCAQEALj7puysTeSSajlNS+9wFjLx+djO/TCsprmjr v4xuEqdJr70iaAaKfK43ZtzlyfUnLvZZSAqit0xCiu4ulbPEy1JDsSnTq4ZyxHl+ CI/lnyM3kqvO+r+8r74CLE9G9hDPfEjZf1kpDwgxCxU4mjxchrU6yjI6RWZrNmyb 73X6YDar/9a2pESTJ525U/tD5G1GBUQcOG4I1+vNVjnfaeHz9qeG+cpQyExGti09 zA+2BNrxQVeCbCr3NKv30jIVHYvTB6XUkXi18+m+8zTZYvoJ6PC6xSo7ZPXEa4Aj nFk+QULDUL+2MV+QEyhgmneDRjm7PKVPJQAw3S71cFAC9eetEQ== -----END CERTIFICATE-----Generated at Sun Jan 25 11:40:38 2026 by rpki-client