This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/1277ec-156a-46c4-9f03-e25751b3ffd5/1/oCe9xKAx3gPI7iUETaqklwJOVSg.roa File: oCe9xKAx3gPI7iUETaqklwJOVSg.roa (raw, json) Hash identifier: Hl/RVZt4ha0REz41RabhXwcOue4AeE9NninK5nqE8vY= Subject key identifier: A0:27:BD:C4:A0:31:DE:03:C8:EE:25:04:4D:AA:A4:97:02:4E:55:28 Certificate issuer: /CN=2cc25ff32918f0b49306259d483afb9e381a3915 Certificate serial: 019B7834F8641BFA99F81B2FDE51A515B299 Authority key identifier: 2C:C2:5F:F3:29:18:F0:B4:93:06:25:9D:48:3A:FB:9E:38:1A:39:15 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LMJf8ykY8LSTBiWdSDr7njgaORU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/1277ec-156a-46c4-9f03-e25751b3ffd5/1/oCe9xKAx3gPI7iUETaqklwJOVSg.roa Signing time: Thu 01 Jan 2026 06:18:15 +0000 ROA not before: Thu 01 Jan 2026 06:18:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202391 IP address blocks: 185.158.172.0/24 maxlen: 24 185.158.173.0/24 maxlen: 24 185.158.174.0/24 maxlen: 24 185.158.175.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/1277ec-156a-46c4-9f03-e25751b3ffd5/1/LMJf8ykY8LSTBiWdSDr7njgaORU.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/1277ec-156a-46c4-9f03-e25751b3ffd5/1/LMJf8ykY8LSTBiWdSDr7njgaORU.mft rsync://rpki.ripe.net/repository/DEFAULT/LMJf8ykY8LSTBiWdSDr7njgaORU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 15:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:f8:64:1b:fa:99:f8:1b:2f:de:51:a5:15:b2:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2cc25ff32918f0b49306259d483afb9e381a3915 Validity Not Before: Jan 1 06:18:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a027bdc4a031de03c8ee25044daaa497024e5528 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:ad:ef:2c:d3:9a:1c:93:8f:ea:97:45:8a:77: 2e:0b:b6:b9:12:fa:41:cc:ed:a4:0b:c6:69:c1:24: 16:2b:50:0e:3f:e6:fc:58:36:a0:4a:53:3b:46:4b: 1a:dd:b9:10:31:67:74:b9:9d:2f:ad:78:ea:7f:5f: a7:74:b6:dc:b0:5d:e7:69:b1:d4:7b:e4:af:d9:3b: 5f:ba:f6:ca:e9:d0:e0:3f:cc:81:9b:28:f0:23:1d: 8d:77:9c:31:8a:38:ad:8d:d3:5b:85:8b:55:25:b5: fc:d3:c9:80:1d:0c:f3:08:64:e7:00:f9:29:17:8d: 9c:0f:84:1f:73:17:12:5b:37:f5:26:77:8d:bd:09: e4:f0:41:7c:ee:48:57:03:16:eb:16:ce:08:92:09: 56:48:98:f6:27:20:27:15:fd:76:d6:a8:34:92:e6: 8b:7b:34:6f:27:75:86:ff:7e:92:ce:d3:c1:1d:87: 68:f1:5a:65:de:33:ea:c9:df:ef:23:7a:8e:c4:d1: 8c:8c:3e:d4:05:d8:0a:63:21:46:e8:b2:d7:01:74: e5:80:db:ed:42:aa:64:f8:66:09:73:ce:85:a1:b6: f6:b3:56:e5:48:80:50:69:1b:01:95:22:6f:63:7c: 1a:1f:ea:51:29:d8:2b:cb:df:7c:36:31:d1:af:00: 7d:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:27:BD:C4:A0:31:DE:03:C8:EE:25:04:4D:AA:A4:97:02:4E:55:28 X509v3 Authority Key Identifier: keyid:2C:C2:5F:F3:29:18:F0:B4:93:06:25:9D:48:3A:FB:9E:38:1A:39:15 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LMJf8ykY8LSTBiWdSDr7njgaORU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1277ec-156a-46c4-9f03-e25751b3ffd5/1/oCe9xKAx3gPI7iUETaqklwJOVSg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1277ec-156a-46c4-9f03-e25751b3ffd5/1/LMJf8ykY8LSTBiWdSDr7njgaORU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.158.172.0/22 Signature Algorithm: sha256WithRSAEncryption 93:7c:d8:0b:d4:4e:0d:3a:e4:4d:f6:fc:4f:59:9c:a2:ac:28: fe:7f:5a:ce:fb:2b:f9:0a:75:c2:fd:21:c7:e3:7b:ab:60:cd: a2:83:fe:3e:98:9a:88:c8:98:a6:b8:f7:d8:82:85:bf:fd:ea: 60:36:90:9b:38:c9:c4:0b:8b:d9:ef:3f:02:fe:84:93:73:56: f1:cb:1f:e0:cd:76:53:29:7e:0f:85:3a:6b:86:42:6a:f8:81: 03:df:04:73:46:88:b9:38:f2:95:cf:75:8b:fe:4c:0e:3a:77: 08:c1:40:14:5d:6f:42:04:66:90:95:48:f2:44:0c:23:f4:f6: 99:e5:01:d1:07:68:27:6b:19:90:aa:77:c5:59:27:5a:cb:11: 6b:98:75:34:87:8d:63:cc:6b:f6:cc:7d:9c:9d:24:7a:e6:05: f3:8f:b3:c9:fd:0e:32:80:4e:dd:1f:18:e0:36:80:cf:58:7c: 49:29:5a:61:41:f5:0f:34:91:87:f9:70:1c:6c:63:c8:b6:25: 0b:29:f1:d8:72:9e:cd:c5:b6:38:38:e0:d2:57:38:96:e8:c7: b3:26:41:0a:ad:53:0f:7d:df:e7:2a:67:53:4b:01:2f:9a:6c: 7a:e6:d6:86:f8:e0:8c:91:15:fd:d2:07:96:d8:fa:a7:a6:a7: f5:96:26:0b -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4NPhkG/qZ+Bsv3lGlFbKZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJjYzI1ZmYzMjkxOGYwYjQ5MzA2MjU5ZDQ4M2FmYjllMzgx YTM5MTUwHhcNMjYwMTAxMDYxODE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMDI3YmRjNGEwMzFkZTAzYzhlZTI1MDQ0ZGFhYTQ5NzAyNGU1NTI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqK3vLNOaHJOP6pdFincuC7a5EvpB zO2kC8ZpwSQWK1AOP+b8WDagSlM7Rksa3bkQMWd0uZ0vrXjqf1+ndLbcsF3nabHU e+Sv2TtfuvbK6dDgP8yBmyjwIx2Nd5wxijitjdNbhYtVJbX808mAHQzzCGTnAPkp F42cD4QfcxcSWzf1JneNvQnk8EF87khXAxbrFs4IkglWSJj2JyAnFf121qg0kuaL ezRvJ3WG/36SztPBHYdo8Vpl3jPqyd/vI3qOxNGMjD7UBdgKYyFG6LLXAXTlgNvt Qqpk+GYJc86Fobb2s1blSIBQaRsBlSJvY3waH+pRKdgry998NjHRrwB9xwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFKAnvcSgMd4DyO4lBE2qpJcCTlUoMB8GA1UdIwQY MBaAFCzCX/MpGPC0kwYlnUg6+544GjkVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTE1KZjh5a1k4TFNUQmlXZFNEcjduamdhT1JVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8xMjc3ZWMtMTU2YS00NmM0LTlmMDMt ZTI1NzUxYjNmZmQ1LzEvb0NlOXhLQXgzZ1BJN2lVRVRhcWtsd0pPVlNnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS8xMjc3ZWMtMTU2YS00NmM0LTlmMDMtZTI1NzUxYjNmZmQ1 LzEvTE1KZjh5a1k4TFNUQmlXZFNEcjduamdhT1JVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZ6sMA0G CSqGSIb3DQEBCwUAA4IBAQCTfNgL1E4NOuRN9vxPWZyirCj+f1rO+yv5CnXC/SHH 43urYM2ig/4+mJqIyJimuPfYgoW//epgNpCbOMnEC4vZ7z8C/oSTc1bxyx/gzXZT KX4PhTprhkJq+IED3wRzRoi5OPKVz3WL/kwOOncIwUAUXW9CBGaQlUjyRAwj9PaZ 5QHRB2gnaxmQqnfFWSdayxFrmHU0h41jzGv2zH2cnSR65gXzj7PJ/Q4ygE7dHxjg NoDPWHxJKVphQfUPNJGH+XAcbGPItiULKfHYcp7NxbY4OODSVziW6MezJkEKrVMP fd/nKmdTSwEvmmx65taG+OCMkRX90geW2Pqnpqf1liYL -----END CERTIFICATE-----Generated at Mon Jan 26 01:15:29 2026 by rpki-client