This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/OqFJQmWIWlUgwt4wauu6KZcowmw.roa File: OqFJQmWIWlUgwt4wauu6KZcowmw.roa (raw, json) Hash identifier: 5cgutzLvwloFkAKb42SaluRwnKatUxb+LuqQKWj5zbk= Subject key identifier: 3A:A1:49:42:65:88:5A:55:20:C2:DE:30:6A:EB:BA:29:97:28:C2:6C Certificate issuer: /CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2 Certificate serial: 019B7BA36AE5FE7796E21FE39C81CB8A8757 Authority key identifier: 29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/OqFJQmWIWlUgwt4wauu6KZcowmw.roa Signing time: Thu 01 Jan 2026 22:17:45 +0000 ROA not before: Thu 01 Jan 2026 22:17:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208421 IP address blocks: 2a01:e901:106::/48 maxlen: 48 2a01:e901:116::/48 maxlen: 48 2a01:e901:126::/48 maxlen: 48 2a01:e901:136::/48 maxlen: 48 2a01:e901:146::/48 maxlen: 48 2a01:e901:156::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.mft rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:6a:e5:fe:77:96:e2:1f:e3:9c:81:cb:8a:87:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2 Validity Not Before: Jan 1 22:17:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3aa1494265885a5520c2de306aebba299728c26c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:ce:53:13:3c:4d:6f:34:32:b3:08:03:ca:27: 3b:93:b4:a8:da:94:3b:6e:cd:bc:fd:7c:af:a5:31: 82:a4:66:10:dc:9a:76:28:7c:5f:6e:11:ed:df:13: 6d:96:cc:4f:9f:2c:98:ff:68:4e:ab:a2:09:a7:88: 12:e7:f9:c5:eb:e0:55:86:fb:3d:36:a6:65:e9:12: e6:98:e7:0a:f0:57:5c:d5:3f:9c:52:64:e7:02:c0: 24:61:3e:23:39:b4:74:63:c0:5b:82:2b:1e:1a:e3: 65:7f:63:8c:11:78:4a:3a:2c:7a:9f:0b:d6:ba:f2: 4b:8f:aa:68:19:60:25:4a:18:69:76:03:f7:c2:d4: f8:5e:ec:86:29:28:3d:20:28:5e:32:ec:d4:05:a3: f0:e3:ea:94:ea:01:bc:51:88:ea:ba:72:d9:e5:8d: 91:f9:7e:66:cc:6d:99:3b:54:ce:bf:e2:13:41:47: 40:3f:e5:18:28:4b:ce:1f:ed:db:f8:84:1b:e7:45: 42:46:7f:38:8a:27:e5:4b:2b:40:09:87:59:0c:92: 42:1d:fe:81:5a:a1:b8:f8:31:83:06:c3:42:40:72: c8:64:75:71:e3:82:3d:4e:c0:39:89:d4:8d:2d:8c: a4:d2:8d:60:4d:84:e0:17:15:e1:4f:38:f0:10:ff: 62:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:A1:49:42:65:88:5A:55:20:C2:DE:30:6A:EB:BA:29:97:28:C2:6C X509v3 Authority Key Identifier: keyid:29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/OqFJQmWIWlUgwt4wauu6KZcowmw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:e901:106::/48 2a01:e901:116::/48 2a01:e901:126::/48 2a01:e901:136::/48 2a01:e901:146::/48 2a01:e901:156::/48 Signature Algorithm: sha256WithRSAEncryption 6b:27:5d:5d:07:10:98:ac:6e:a5:1b:7d:45:5f:aa:64:22:68: 71:a7:dd:f6:4f:1e:e5:4d:03:22:01:cc:76:2f:eb:e2:99:84: 86:60:c1:d0:5c:75:9c:f2:f4:fd:c7:b6:b0:f1:43:1c:b5:91: 22:54:5e:81:17:18:17:c4:73:6e:b0:29:0f:87:75:95:45:76: 85:e6:67:a3:10:ec:24:5f:9d:07:a4:b1:5c:73:91:bb:61:2e: 6e:6c:18:6d:e1:c3:7b:2f:ac:61:82:2d:23:39:2a:13:36:95: 85:45:cc:39:90:aa:89:6a:6e:ce:dc:23:69:3f:66:5b:51:93: 4f:98:d2:f8:2c:d0:e7:fd:e6:68:d5:95:37:a2:4a:78:fc:cd: cf:95:7f:e0:2f:ac:0b:26:a0:0f:f7:34:e6:bf:db:49:d7:02: de:67:2b:8d:af:69:d8:53:ec:bf:6f:e8:ad:78:91:d0:5b:fd: 9a:15:f6:12:9a:c9:d7:0c:76:f8:b5:41:fe:96:50:ca:bd:ff: 88:04:0b:a3:c7:65:43:1b:70:5e:7b:22:4a:c8:09:b8:1d:ee: 18:7c:83:1e:01:53:28:0c:49:6c:80:99:fc:0b:54:48:d3:5f: f9:07:79:08:57:e6:9d:a5:2b:5c:9e:39:07:e5:7a:f6:68:a2: bd:e4:da:d4 -----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgISAZt7o2rl/neW4h/jnIHLiodXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5NjhiNGUwZWY4MTA2ZjBlMTJhYjhlNTAxZDJhYTRlMzZi NzgzYzIwHhcNMjYwMTAxMjIxNzQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYWExNDk0MjY1ODg1YTU1MjBjMmRlMzA2YWViYmEyOTk3MjhjMjZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqc5TEzxNbzQyswgDyic7k7So2pQ7 bs28/XyvpTGCpGYQ3Jp2KHxfbhHt3xNtlsxPnyyY/2hOq6IJp4gS5/nF6+BVhvs9 NqZl6RLmmOcK8Fdc1T+cUmTnAsAkYT4jObR0Y8BbgiseGuNlf2OMEXhKOix6nwvW uvJLj6poGWAlShhpdgP3wtT4XuyGKSg9ICheMuzUBaPw4+qU6gG8UYjqunLZ5Y2R +X5mzG2ZO1TOv+ITQUdAP+UYKEvOH+3b+IQb50VCRn84iiflSytACYdZDJJCHf6B WqG4+DGDBsNCQHLIZHVx44I9TsA5idSNLYyk0o1gTYTgFxXhTzjwEP9i+QIDAQAB o4ICOTCCAjUwHQYDVR0OBBYEFDqhSUJliFpVIMLeMGrruimXKMJsMB8GA1UdIwQY MBaAFClotODvgQbw4Sq45QHSqk42t4PCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQt NDRmOGVkNWQ2MWQ3LzEvT3FGSlFtV0lXbFVnd3Q0d2F1dTZLWmNvd213LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQtNDRmOGVkNWQ2MWQ3 LzEvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKgHpAQEG AwcAKgHpAQEWAwcAKgHpAQEmAwcAKgHpAQE2AwcAKgHpAQFGAwcAKgHpAQFWMA0G CSqGSIb3DQEBCwUAA4IBAQBrJ11dBxCYrG6lG31FX6pkImhxp932Tx7lTQMiAcx2 L+vimYSGYMHQXHWc8vT9x7aw8UMctZEiVF6BFxgXxHNusCkPh3WVRXaF5mejEOwk X50HpLFcc5G7YS5ubBht4cN7L6xhgi0jOSoTNpWFRcw5kKqJam7O3CNpP2ZbUZNP mNL4LNDn/eZo1ZU3okp4/M3PlX/gL6wLJqAP9zTmv9tJ1wLeZyuNr2nYU+y/b+it eJHQW/2aFfYSmsnXDHb4tUH+llDKvf+IBAujx2VDG3BeeyJKyAm4He4YfIMeAVMo DElsgJn8C1RI01/5B3kIV+adpStcnjkH5Xr2aKK95NrU -----END CERTIFICATE-----Generated at Sun Jan 25 17:19:21 2026 by rpki-client