This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/9cdedb-4dd5-4dac-977e-149079627713/1/Oseq2GLb6xrjZkXXHe4BWK34A9g.roa File: Oseq2GLb6xrjZkXXHe4BWK34A9g.roa (raw, json) Hash identifier: D4503oRCcfEEMSFLDRNXtNfMdtm4x7ryMVkIdTttA/E= Subject key identifier: 3A:C7:AA:D8:62:DB:EB:1A:E3:66:45:D7:1D:EE:01:58:AD:F8:03:D8 Certificate issuer: /CN=1c6104a2d3350827cad11a16569cab59f0f8774c Certificate serial: 019B7E3750967A7654BF8E493D69E5A71C92 Authority key identifier: 1C:61:04:A2:D3:35:08:27:CA:D1:1A:16:56:9C:AB:59:F0:F8:77:4C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HGEEotM1CCfK0RoWVpyrWfD4d0w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/9cdedb-4dd5-4dac-977e-149079627713/1/Oseq2GLb6xrjZkXXHe4BWK34A9g.roa Signing time: Fri 02 Jan 2026 10:18:32 +0000 ROA not before: Fri 02 Jan 2026 10:18:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200296 IP address blocks: 213.108.240.0/24 maxlen: 24 213.108.241.0/24 maxlen: 24 213.108.242.0/24 maxlen: 24 213.108.243.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/9cdedb-4dd5-4dac-977e-149079627713/1/HGEEotM1CCfK0RoWVpyrWfD4d0w.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/9cdedb-4dd5-4dac-977e-149079627713/1/HGEEotM1CCfK0RoWVpyrWfD4d0w.mft rsync://rpki.ripe.net/repository/DEFAULT/HGEEotM1CCfK0RoWVpyrWfD4d0w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:50:96:7a:76:54:bf:8e:49:3d:69:e5:a7:1c:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c6104a2d3350827cad11a16569cab59f0f8774c Validity Not Before: Jan 2 10:18:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3ac7aad862dbeb1ae36645d71dee0158adf803d8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:67:c7:69:54:3a:29:62:17:91:ff:37:69:13: 08:78:7b:58:0f:2a:32:f1:38:70:d8:ea:75:dc:3e: 5b:ee:98:fe:8c:c6:11:62:a0:48:54:22:c9:52:ef: c4:39:31:7b:15:e4:52:d7:a7:1e:13:f5:42:b0:8c: 41:41:6c:4c:5b:d5:8d:94:81:61:6c:e0:bd:79:58: 24:89:f1:65:26:3d:b5:a3:7b:db:a8:46:44:b9:77: a9:13:8d:0b:ed:ff:f2:f9:6d:61:91:5a:b8:14:b0: 96:49:10:a5:58:45:da:d5:09:3b:9e:f3:e5:1e:35: 25:bb:03:e9:4e:cf:54:40:e0:35:dd:78:67:f6:2e: ce:a4:a8:8b:04:66:9a:fb:00:8d:8d:27:fc:74:2b: 9a:c4:49:e3:04:81:6d:04:45:72:ce:c1:c2:19:57: 2b:f4:16:e5:7a:2b:ef:e5:1c:80:9b:9d:57:19:ea: 86:ae:82:bf:14:4f:ea:b6:c9:f8:4c:f2:fc:66:c1: 48:f6:c8:a4:81:77:22:a1:aa:6f:de:95:bd:3c:86: 5b:df:d4:88:56:c3:2c:2b:90:a0:0d:89:a5:8d:a5: 05:1f:b3:dd:03:bf:a3:cf:cd:df:b7:ef:e6:b6:10: ff:8b:79:f2:f1:ea:c4:1c:5b:a8:ee:9b:56:15:96: 9f:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:C7:AA:D8:62:DB:EB:1A:E3:66:45:D7:1D:EE:01:58:AD:F8:03:D8 X509v3 Authority Key Identifier: keyid:1C:61:04:A2:D3:35:08:27:CA:D1:1A:16:56:9C:AB:59:F0:F8:77:4C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HGEEotM1CCfK0RoWVpyrWfD4d0w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/9cdedb-4dd5-4dac-977e-149079627713/1/Oseq2GLb6xrjZkXXHe4BWK34A9g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/9cdedb-4dd5-4dac-977e-149079627713/1/HGEEotM1CCfK0RoWVpyrWfD4d0w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 213.108.240.0/22 Signature Algorithm: sha256WithRSAEncryption 7c:25:19:8f:ad:60:73:2c:7c:a1:fe:82:9f:17:80:bd:77:1b: 12:b2:78:56:ce:47:78:51:dc:fb:4e:84:2c:27:9b:f5:c7:3c: f7:d6:45:50:80:b6:01:93:57:8a:ed:66:91:09:0c:e8:7f:ba: 0c:5f:e7:be:d9:ee:50:80:a2:37:90:20:25:03:b5:36:fe:4b: e1:8f:0c:2b:67:8f:8d:c3:62:12:81:ce:cd:d5:fe:4e:f3:8a: a3:27:86:8e:b5:40:98:a6:d7:1c:3c:58:d4:42:48:e9:73:51: 32:a8:e0:e8:37:80:2f:98:a8:0e:23:b6:3e:07:ff:88:43:70: ba:28:fa:6c:32:34:0b:34:98:d9:3c:f7:4e:e7:ab:85:fb:af: 06:28:d1:3b:ba:42:bc:02:a0:8e:0e:48:51:c7:0f:ba:e1:e2: 91:f3:6f:14:91:be:e4:42:14:b7:70:77:d9:5e:ad:37:5b:4a: a8:44:c7:4b:c1:e6:c3:cb:57:06:7c:26:a0:6f:b5:68:c6:80: 91:30:fd:ca:9d:5e:9c:ba:e8:bf:87:dd:76:06:b4:70:0f:19: 64:0a:f5:99:1a:58:51:26:eb:35:de:3a:37:47:40:21:b8:04: 33:8c:7a:a9:8e:9f:84:73:be:bb:91:c0:3a:67:fe:ba:0c:dd: f2:af:1f:33 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+N1CWenZUv45JPWnlpxySMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjNjEwNGEyZDMzNTA4MjdjYWQxMWExNjU2OWNhYjU5ZjBm ODc3NGMwHhcNMjYwMTAyMTAxODMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYWM3YWFkODYyZGJlYjFhZTM2NjQ1ZDcxZGVlMDE1OGFkZjgwM2Q4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGfHaVQ6KWIXkf83aRMIeHtYDyoy 8Thw2Op13D5b7pj+jMYRYqBIVCLJUu/EOTF7FeRS16ceE/VCsIxBQWxMW9WNlIFh bOC9eVgkifFlJj21o3vbqEZEuXepE40L7f/y+W1hkVq4FLCWSRClWEXa1Qk7nvPl HjUluwPpTs9UQOA13Xhn9i7OpKiLBGaa+wCNjSf8dCuaxEnjBIFtBEVyzsHCGVcr 9Bbleivv5RyAm51XGeqGroK/FE/qtsn4TPL8ZsFI9sikgXcioapv3pW9PIZb39SI VsMsK5CgDYmljaUFH7PdA7+jz83ft+/mthD/i3ny8erEHFuo7ptWFZafEwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFDrHqthi2+sa42ZF1x3uAVit+APYMB8GA1UdIwQY MBaAFBxhBKLTNQgnytEaFlacq1nw+HdMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEdFRW90TTFDQ2ZLMFJvV1ZweXJXZkQ0ZDB3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC85Y2RlZGItNGRkNS00ZGFjLTk3N2Ut MTQ5MDc5NjI3NzEzLzEvT3NlcTJHTGI2eHJqWmtYWEhlNEJXSzM0QTlnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC85Y2RlZGItNGRkNS00ZGFjLTk3N2UtMTQ5MDc5NjI3NzEz LzEvSEdFRW90TTFDQ2ZLMFJvV1ZweXJXZkQ0ZDB3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1WzwMA0G CSqGSIb3DQEBCwUAA4IBAQB8JRmPrWBzLHyh/oKfF4C9dxsSsnhWzkd4Udz7ToQs J5v1xzz31kVQgLYBk1eK7WaRCQzof7oMX+e+2e5QgKI3kCAlA7U2/kvhjwwrZ4+N w2ISgc7N1f5O84qjJ4aOtUCYptccPFjUQkjpc1EyqODoN4AvmKgOI7Y+B/+IQ3C6 KPpsMjQLNJjZPPdO56uF+68GKNE7ukK8AqCODkhRxw+64eKR828Ukb7kQhS3cHfZ Xq03W0qoRMdLwebDy1cGfCagb7VoxoCRMP3KnV6cuui/h912BrRwDxlkCvWZGlhR Jus13jo3R0AhuAQzjHqpjp+Ec767kcA6Z/66DN3yrx8z -----END CERTIFICATE-----Generated at Sun Jan 25 19:36:44 2026 by rpki-client