This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/0Ony0Z32rWEnwNj71Ovz0lORKec.roa File: 0Ony0Z32rWEnwNj71Ovz0lORKec.roa (raw, json) Hash identifier: 7t8ewPQTHuUTtFM6k7Y9/Ks6g1UbZaiotzIUrFdJujs= Subject key identifier: D0:E9:F2:D1:9D:F6:AD:61:27:C0:D8:FB:D4:EB:F3:D2:53:91:29:E7 Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4 Certificate serial: 019B7BA5364BB85A7FE9A34E65197CC59E90 Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/0Ony0Z32rWEnwNj71Ovz0lORKec.roa Signing time: Thu 01 Jan 2026 22:19:43 +0000 ROA not before: Thu 01 Jan 2026 22:19:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43561 IP address blocks: 37.157.169.0/24 maxlen: 24 37.157.191.0/24 maxlen: 24 84.40.65.0/24 maxlen: 24 84.40.73.0/24 maxlen: 24 84.40.74.0/24 maxlen: 24 84.40.93.0/24 maxlen: 24 84.40.116.0/24 maxlen: 24 95.43.250.0/24 maxlen: 24 95.87.199.0/24 maxlen: 24 95.87.209.0/24 maxlen: 24 95.87.223.0/24 maxlen: 24 95.87.228.0/24 maxlen: 24 95.87.255.0/24 maxlen: 24 185.60.66.0/24 maxlen: 24 185.60.67.0/24 maxlen: 24 2a02:1338::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:36:4b:b8:5a:7f:e9:a3:4e:65:19:7c:c5:9e:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4 Validity Not Before: Jan 1 22:19:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d0e9f2d19df6ad6127c0d8fbd4ebf3d2539129e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:30:42:8e:0d:38:df:7f:b7:f1:dc:53:d5:e1: 49:f9:f9:98:2d:d3:e6:34:91:ac:f4:5e:b4:8b:6e: 16:58:d3:32:d8:b3:de:ea:2c:3d:f9:00:60:ae:a7: bd:59:1e:e7:3f:ed:96:79:c1:f0:3b:46:73:73:a1: b1:57:d2:47:b8:73:b2:88:31:f7:1c:0b:12:29:2b: 4a:73:49:bb:4d:29:75:ac:2c:cd:af:5e:3f:11:d1: db:bd:b6:19:dd:72:b0:04:be:4c:e9:78:9f:d5:c2: 38:bc:20:1c:55:33:58:63:ea:49:b0:d4:a0:bc:e0: 14:3b:24:e6:e9:16:d4:94:25:6f:8f:ab:51:cb:88: 93:71:ca:3f:92:b9:e9:27:11:f0:d9:cc:66:a4:fb: a3:90:5a:99:a7:e1:6e:a6:3a:a2:56:56:87:54:42: 1f:ab:b7:05:be:51:18:c6:3f:5f:1e:43:b9:ad:a2: db:eb:85:e6:df:15:d4:ee:f4:21:99:17:b2:8b:74: 43:ce:af:49:bf:c5:c0:e3:8c:92:16:d5:b6:62:83: ca:cf:eb:18:dd:6c:c2:c9:4a:61:1d:99:29:b8:fb: d2:79:f5:b5:01:aa:82:70:ca:aa:ce:35:02:a8:d7: d2:a2:ec:19:00:4f:02:cf:78:34:8d:f6:8c:f3:d4: 12:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:E9:F2:D1:9D:F6:AD:61:27:C0:D8:FB:D4:EB:F3:D2:53:91:29:E7 X509v3 Authority Key Identifier: keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/0Ony0Z32rWEnwNj71Ovz0lORKec.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.157.169.0/24 37.157.191.0/24 84.40.65.0/24 84.40.73.0-84.40.74.255 84.40.93.0/24 84.40.116.0/24 95.43.250.0/24 95.87.199.0/24 95.87.209.0/24 95.87.223.0/24 95.87.228.0/24 95.87.255.0/24 185.60.66.0/23 IPv6: 2a02:1338::/32 Signature Algorithm: sha256WithRSAEncryption a3:63:52:01:4c:21:8b:1d:9b:70:dd:de:bd:91:11:d9:ad:45: d9:f0:9b:9c:94:f6:ba:03:8d:55:ef:84:7b:46:f2:58:15:93: 86:82:c7:ff:e2:17:38:2c:13:f8:34:19:61:63:a9:68:b7:82: 65:6e:c8:e7:e8:d5:e0:3f:92:62:1c:f9:f7:98:40:ba:07:5c: 30:0b:3a:7d:7c:f6:6e:f7:5a:db:d3:aa:e8:2d:fd:9c:2b:36: 9b:0a:cd:63:c8:58:79:eb:c5:c8:32:07:65:f1:0b:99:75:92: c1:a4:3d:a1:de:54:bf:99:fc:70:71:b8:a3:9b:c9:36:59:be: 0a:6a:c2:82:66:f8:0e:02:2c:af:30:3b:9a:a2:dc:87:d5:c1: e5:b5:e8:d2:66:3f:18:74:8b:a5:5e:df:4c:b2:78:a8:e0:0d: e5:37:f8:9b:a0:6f:7a:2b:31:14:aa:77:27:14:2f:cb:fa:71: 17:01:7e:5e:f6:5f:a9:e9:19:e3:f6:a9:d8:5d:9e:9d:48:51: 7b:1a:4f:c2:39:44:33:8c:2b:16:fd:f8:0b:20:3f:32:cb:6f: e1:66:82:5b:79:07:e2:0a:2d:5d:98:17:90:9e:cb:f3:68:45: 03:0f:df:1d:33:c3:8d:ab:c8:4b:79:53:57:6c:14:7a:2d:9c: 9a:3c:8e:98 -----BEGIN CERTIFICATE----- MIIFXDCCBESgAwIBAgISAZt7pTZLuFp/6aNOZRl8xZ6QMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4 ZmI0YzQwHhcNMjYwMTAxMjIxOTQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMGU5ZjJkMTlkZjZhZDYxMjdjMGQ4ZmJkNGViZjNkMjUzOTEyOWU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzBCjg0433+38dxT1eFJ+fmYLdPm NJGs9F60i24WWNMy2LPe6iw9+QBgrqe9WR7nP+2WecHwO0Zzc6GxV9JHuHOyiDH3 HAsSKStKc0m7TSl1rCzNr14/EdHbvbYZ3XKwBL5M6Xif1cI4vCAcVTNYY+pJsNSg vOAUOyTm6RbUlCVvj6tRy4iTcco/krnpJxHw2cxmpPujkFqZp+FupjqiVlaHVEIf q7cFvlEYxj9fHkO5raLb64Xm3xXU7vQhmReyi3RDzq9Jv8XA44ySFtW2YoPKz+sY 3WzCyUphHZkpuPvSefW1AaqCcMqqzjUCqNfSouwZAE8Cz3g0jfaM89QSPwIDAQAB o4ICaDCCAmQwHQYDVR0OBBYEFNDp8tGd9q1hJ8DY+9Tr89JTkSnnMB8GA1UdIwQY MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct ODcyYmEyZDlmNDRjLzEvME9ueTBaMzJyV0Vud05qNzFPdnowbE9SS2VjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBcBAIAATBWAwQAJZ2pAwQA JZ2/AwQAVChBMAwDBABUKEkDBABUKEoDBABUKF0DBABUKHQDBABfK/oDBABfV8cD BABfV9EDBABfV98DBABfV+QDBABfV/8DBAG5PEIwDQQCAAIwBwMFACoCEzgwDQYJ KoZIhvcNAQELBQADggEBAKNjUgFMIYsdm3Dd3r2REdmtRdnwm5yU9roDjVXvhHtG 8lgVk4aCx//iFzgsE/g0GWFjqWi3gmVuyOfo1eA/kmIc+feYQLoHXDALOn189m73 WtvTqugt/ZwrNpsKzWPIWHnrxcgyB2XxC5l1ksGkPaHeVL+Z/HBxuKObyTZZvgpq woJm+A4CLK8wO5qi3IfVweW16NJmPxh0i6Ve30yyeKjgDeU3+Jugb3orMRSqdycU L8v6cRcBfl72X6npGeP2qdhdnp1IUXsaT8I5RDOMKxb9+AsgPzLLb+Fmglt5B+IK LV2YF5Cey/NoRQMP3x0zw42ryEt5U1dsFHotnJo8jpg= -----END CERTIFICATE-----Generated at Mon Jan 26 08:43:04 2026 by rpki-client