This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/OkvrHqovIuCvA9DKylZPzJjsiLw.roa File: OkvrHqovIuCvA9DKylZPzJjsiLw.roa (raw, json) Hash identifier: zDYM6sW/jEHSN9/osUFU8Hrx77FyqMIJs5+jayqems0= Subject key identifier: 3A:4B:EB:1E:AA:2F:22:E0:AF:03:D0:CA:CA:56:4F:CC:98:EC:88:BC Certificate issuer: /CN=a7e2ce3109480aee7b3fd2846ec8f8646885cdba Certificate serial: 019B7DCA3D5E6681880E71C00B7E8BD2CEC0 Authority key identifier: A7:E2:CE:31:09:48:0A:EE:7B:3F:D2:84:6E:C8:F8:64:68:85:CD:BA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/OkvrHqovIuCvA9DKylZPzJjsiLw.roa Signing time: Fri 02 Jan 2026 08:19:24 +0000 ROA not before: Fri 02 Jan 2026 08:19:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34659 IP address blocks: 5.104.192.0/21 maxlen: 24 37.32.56.0/21 maxlen: 24 77.247.104.0/22 maxlen: 24 83.136.160.0/21 maxlen: 25 85.31.168.0/22 maxlen: 24 178.21.176.0/21 maxlen: 24 178.22.0.0/21 maxlen: 24 185.3.196.0/22 maxlen: 24 185.45.228.0/22 maxlen: 24 185.83.236.0/22 maxlen: 24 185.96.156.0/22 maxlen: 24 185.153.96.0/22 maxlen: 24 185.185.4.0/22 maxlen: 24 185.185.8.0/22 maxlen: 24 192.166.204.0/22 maxlen: 24 193.36.52.0/22 maxlen: 24 194.104.16.0/22 maxlen: 24 194.169.176.0/22 maxlen: 24 194.180.116.0/22 maxlen: 24 213.41.240.0/21 maxlen: 24 2a00:1db8::/29 maxlen: 48 2a07:8580::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/p-LOMQlICu57P9KEbsj4ZGiFzbo.crl rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/p-LOMQlICu57P9KEbsj4ZGiFzbo.mft rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:3d:5e:66:81:88:0e:71:c0:0b:7e:8b:d2:ce:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a7e2ce3109480aee7b3fd2846ec8f8646885cdba Validity Not Before: Jan 2 08:19:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3a4beb1eaa2f22e0af03d0caca564fcc98ec88bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:d9:fe:10:e8:b3:41:bc:27:ab:91:b6:3d:cd: 49:88:34:e3:bd:00:ef:5c:10:10:11:0b:30:01:44: 94:40:0d:a9:ee:3c:b4:06:aa:28:ba:04:97:33:9e: 54:76:ed:c8:9e:1e:63:a7:bd:eb:21:25:08:1d:90: 02:bf:c4:02:fa:5d:e7:fc:8f:f0:f1:1e:b0:5f:dc: ad:78:87:45:cf:03:ac:6c:de:58:91:8c:cc:b3:02: a1:b3:f9:14:f7:4e:c8:0d:e7:a2:66:24:fe:ca:01: d6:a2:bb:c8:29:a3:c9:63:3d:c8:25:a3:c9:75:27: f2:56:34:09:36:4f:b3:77:61:6a:57:32:d9:dc:b0: 37:f3:26:ef:5e:de:b1:5a:bb:82:9f:2a:42:a0:8b: 3f:41:e5:46:d7:8b:ba:7f:19:b0:d3:d4:56:4a:8b: 76:bd:02:d5:c5:d6:ef:3e:1f:d5:77:b4:d8:33:35: 44:14:5a:e6:1d:41:3a:85:08:77:a4:9e:58:11:17: 35:4c:c9:8e:34:07:e1:48:fa:8c:c2:d4:e7:5f:e3: bf:b7:dc:67:44:c8:79:6e:cd:11:a6:42:de:fb:bb: c4:c1:5a:45:98:d5:85:44:8c:5a:f8:57:00:61:0b: 64:03:18:68:ff:f0:51:45:2e:1a:6f:79:09:35:41: a9:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:4B:EB:1E:AA:2F:22:E0:AF:03:D0:CA:CA:56:4F:CC:98:EC:88:BC X509v3 Authority Key Identifier: keyid:A7:E2:CE:31:09:48:0A:EE:7B:3F:D2:84:6E:C8:F8:64:68:85:CD:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/OkvrHqovIuCvA9DKylZPzJjsiLw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/p-LOMQlICu57P9KEbsj4ZGiFzbo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.104.192.0/21 37.32.56.0/21 77.247.104.0/22 83.136.160.0/21 85.31.168.0/22 178.21.176.0/21 178.22.0.0/21 185.3.196.0/22 185.45.228.0/22 185.83.236.0/22 185.96.156.0/22 185.153.96.0/22 185.185.4.0-185.185.11.255 192.166.204.0/22 193.36.52.0/22 194.104.16.0/22 194.169.176.0/22 194.180.116.0/22 213.41.240.0/21 IPv6: 2a00:1db8::/29 2a07:8580::/29 Signature Algorithm: sha256WithRSAEncryption 47:37:6c:f0:d4:68:51:07:dd:2a:2a:89:8d:a1:e0:76:ec:4d: fa:b9:da:37:d6:43:10:f9:a9:4c:8d:6d:54:0b:23:8b:d0:f1: 79:0d:f1:f7:05:ba:44:07:e0:65:5e:a9:18:3e:7a:b0:d5:f8: c9:97:ed:1b:da:91:28:b0:67:4a:59:8d:84:b5:f0:4e:c3:c8: 70:1f:2a:e1:78:de:c8:6d:8b:51:86:8d:21:a5:b4:de:79:7c: f2:cc:5a:2e:20:6e:55:1f:4a:53:50:eb:26:45:20:aa:a0:7e: f3:b8:15:99:60:48:ed:1e:63:37:8c:00:8b:5a:7f:12:13:e8: e3:e4:0d:55:d8:50:76:bd:79:43:22:54:72:13:8a:cf:b5:af: 72:1a:27:51:a4:fe:43:3a:6d:0c:08:b5:a9:3a:ba:6e:8c:89: f6:05:62:af:23:5c:b6:bc:b8:9f:7d:f1:fe:45:0d:c7:56:c7: 76:eb:68:c4:f7:b8:92:41:c1:f8:e0:52:2b:3a:6c:00:db:e5: e7:70:37:6d:07:ec:e2:1e:7a:29:67:4f:3d:0a:39:2f:48:10: f5:45:d9:e1:e1:ea:ce:47:40:93:de:c0:f3:95:03:e6:1a:56: 35:6b:b6:3e:98:ea:cb:86:29:0a:61:b0:79:ec:9e:1f:db:9c: e7:f4:76:62 -----BEGIN CERTIFICATE----- MIIFizCCBHOgAwIBAgISAZt9yj1eZoGIDnHAC36L0s7AMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE3ZTJjZTMxMDk0ODBhZWU3YjNmZDI4NDZlYzhmODY0Njg4 NWNkYmEwHhcNMjYwMTAyMDgxOTI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYTRiZWIxZWFhMmYyMmUwYWYwM2QwY2FjYTU2NGZjYzk4ZWM4OGJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNn+EOizQbwnq5G2Pc1JiDTjvQDv XBAQEQswAUSUQA2p7jy0BqoougSXM55Udu3Inh5jp73rISUIHZACv8QC+l3n/I/w 8R6wX9yteIdFzwOsbN5YkYzMswKhs/kU907IDeeiZiT+ygHWorvIKaPJYz3IJaPJ dSfyVjQJNk+zd2FqVzLZ3LA38ybvXt6xWruCnypCoIs/QeVG14u6fxmw09RWSot2 vQLVxdbvPh/Vd7TYMzVEFFrmHUE6hQh3pJ5YERc1TMmONAfhSPqMwtTnX+O/t9xn RMh5bs0RpkLe+7vEwVpFmNWFRIxa+FcAYQtkAxho//BRRS4ab3kJNUGp1wIDAQAB o4IClzCCApMwHQYDVR0OBBYEFDpL6x6qLyLgrwPQyspWT8yY7Ii8MB8GA1UdIwQY MBaAFKfizjEJSAruez/ShG7I+GRohc26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcC1MT01RbElDdTU3UDlLRWJzajRaR2lGemJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9iNjFhZGQtMzJmMC00MmY0LWEzMDEt NzgxOGE4OTQ1NmNiLzEvT2t2ckhxb3ZJdUN2QTlES3lsWlB6SmpzaUx3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMi9iNjFhZGQtMzJmMC00MmY0LWEzMDEtNzgxOGE4OTQ1NmNi LzEvcC1MT01RbElDdTU3UDlLRWJzajRaR2lGemJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBgAQCAAEwegMEAwVo wAMEAyUgOAMEAk33aAMEA1OIoAMEAlUfqAMEA7IVsAMEA7IWAAMEArkDxAMEArkt 5AMEArlT7AMEArlgnAMEArmZYDAMAwQCubkEAwQCubkIAwQCwKbMAwQCwSQ0AwQC wmgQAwQCwqmwAwQCwrR0AwQD1SnwMBQEAgACMA4DBQMqAB24AwUDKgeFgDANBgkq hkiG9w0BAQsFAAOCAQEARzds8NRoUQfdKiqJjaHgduxN+rnaN9ZDEPmpTI1tVAsj i9DxeQ3x9wW6RAfgZV6pGD56sNX4yZftG9qRKLBnSlmNhLXwTsPIcB8q4XjeyG2L UYaNIaW03nl88sxaLiBuVR9KU1DrJkUgqqB+87gVmWBI7R5jN4wAi1p/EhPo4+QN VdhQdr15QyJUchOKz7WvchonUaT+QzptDAi1qTq6boyJ9gViryNctry4n33x/kUN x1bHdutoxPe4kkHB+OBSKzpsANvl53A3bQfs4h56KWdPPQo5L0gQ9UXZ4eHqzkdA k97A85UD5hpWNWu2Ppjqy4YpCmGweeyeH9uc5/R2Yg== -----END CERTIFICATE-----Generated at Mon Jan 26 05:32:05 2026 by rpki-client