This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/ca935b-2484-4020-b814-3d4ae80fc45d/1/OYfq_lWnAQ_tUxH83Vafk3m1hAU.roa File: OYfq_lWnAQ_tUxH83Vafk3m1hAU.roa (raw, json) Hash identifier: jPa4kfq6v0aw3m5eHQ43ps6ZzHtlfC/2MPYqiPwryT8= Subject key identifier: 39:87:EA:FE:55:A7:01:0F:ED:53:11:FC:DD:56:9F:93:79:B5:84:05 Certificate issuer: /CN=10721ead6a4575643cb703062c0968755e8281eb Certificate serial: 019B77C6A37F8A32EB096A8B1B1F842FEBC3 Authority key identifier: 10:72:1E:AD:6A:45:75:64:3C:B7:03:06:2C:09:68:75:5E:82:81:EB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHIerWpFdWQ8twMGLAlodV6Cges.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/ca935b-2484-4020-b814-3d4ae80fc45d/1/OYfq_lWnAQ_tUxH83Vafk3m1hAU.roa Signing time: Thu 01 Jan 2026 04:17:45 +0000 ROA not before: Thu 01 Jan 2026 04:17:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207020 IP address blocks: 185.203.136.0/23 maxlen: 23 185.203.138.0/23 maxlen: 23 2a0a:e740::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/ca935b-2484-4020-b814-3d4ae80fc45d/1/EHIerWpFdWQ8twMGLAlodV6Cges.crl rsync://rpki.ripe.net/repository/DEFAULT/bb/ca935b-2484-4020-b814-3d4ae80fc45d/1/EHIerWpFdWQ8twMGLAlodV6Cges.mft rsync://rpki.ripe.net/repository/DEFAULT/EHIerWpFdWQ8twMGLAlodV6Cges.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:a3:7f:8a:32:eb:09:6a:8b:1b:1f:84:2f:eb:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=10721ead6a4575643cb703062c0968755e8281eb Validity Not Before: Jan 1 04:17:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3987eafe55a7010fed5311fcdd569f9379b58405 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:8a:4e:4e:d6:2c:06:a4:76:c5:89:06:b6:a3: 45:f8:ae:a7:50:9f:23:f1:c7:cb:45:57:10:dc:b1: b7:93:b4:ea:bf:fe:77:cd:25:46:3a:f1:29:a1:53: a9:17:9a:99:64:b8:b4:52:78:b7:4c:48:3a:38:c1: d0:d2:a2:8a:6b:80:37:02:03:8d:2a:ba:70:8b:a7: 54:27:89:c8:23:98:c8:b5:c5:69:11:74:4d:89:ba: e1:3a:c8:34:fd:cb:bc:e5:4b:3f:18:fe:2d:fb:18: 4b:48:71:1b:a8:b5:df:6c:ff:fa:17:2c:30:ef:fe: 18:50:48:8c:9a:a5:05:4e:ad:8c:2f:1a:ae:14:e0: 8f:6f:64:8d:68:b6:4b:02:ec:ab:87:d8:5c:4b:88: 87:6e:3b:1f:66:69:50:92:4d:07:1e:a0:cb:9b:d9: c8:d6:2a:80:99:d5:48:a2:63:07:ca:de:d5:16:1d: 62:73:28:38:b9:0b:82:a6:75:ba:0d:51:a8:bb:93: 10:29:ad:cf:ab:5a:0c:bd:3f:1a:d7:3d:f3:45:d9: 49:2e:c9:01:32:48:1c:5a:93:2b:16:78:87:c7:00: a6:32:47:b9:98:70:9d:c1:11:76:6a:fe:c1:29:4b: 24:fe:79:8e:04:0c:4a:d6:3d:f2:f8:c2:08:d0:a4: 09:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:87:EA:FE:55:A7:01:0F:ED:53:11:FC:DD:56:9F:93:79:B5:84:05 X509v3 Authority Key Identifier: keyid:10:72:1E:AD:6A:45:75:64:3C:B7:03:06:2C:09:68:75:5E:82:81:EB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHIerWpFdWQ8twMGLAlodV6Cges.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/ca935b-2484-4020-b814-3d4ae80fc45d/1/OYfq_lWnAQ_tUxH83Vafk3m1hAU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/ca935b-2484-4020-b814-3d4ae80fc45d/1/EHIerWpFdWQ8twMGLAlodV6Cges.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.203.136.0/22 IPv6: 2a0a:e740::/29 Signature Algorithm: sha256WithRSAEncryption 57:98:71:b3:06:69:4a:cb:36:80:48:1c:b1:c8:f0:c5:1a:17: 91:80:d1:30:e2:50:d6:50:f4:0f:7b:d5:67:d7:c9:ac:5d:00: 6a:47:fb:f0:23:4f:d3:5c:cd:6d:8a:71:14:54:ed:98:b4:b4: 52:56:84:31:9b:7f:2c:e1:75:c1:6d:f2:bb:17:28:be:f7:b1: b1:5d:68:99:2c:78:f8:1c:c0:fe:5b:d4:9b:df:95:09:85:e0: 7f:02:87:6f:f9:8a:3c:a2:1b:9b:60:01:84:c4:79:1f:29:59: 83:d5:41:6a:03:05:c5:95:a3:16:ac:94:a8:98:a3:65:47:b6: 2a:68:58:35:e0:4b:21:28:0d:97:55:8f:74:4e:3f:ad:b5:9d: 07:a7:2a:c1:6e:47:a2:7c:df:69:ca:5a:82:1f:1c:bb:8a:fa: 37:19:1f:04:cc:4e:46:b1:9a:97:3c:4c:33:3a:b9:04:11:83: 84:c5:c3:bf:1b:eb:b6:57:c9:06:6c:1e:b6:aa:71:4b:aa:94: 2d:26:b8:26:a5:e4:ad:94:bb:a3:e1:28:59:cb:25:95:79:6f: 18:61:8e:54:d3:4c:57:8e:9f:c9:0f:51:34:3b:76:d2:63:58: 52:f3:12:9a:2c:a7:c1:ce:e1:79:70:83:15:48:27:64:8a:01: 14:f3:96:2b -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt3xqN/ijLrCWqLGx+EL+vDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEwNzIxZWFkNmE0NTc1NjQzY2I3MDMwNjJjMDk2ODc1NWU4 MjgxZWIwHhcNMjYwMTAxMDQxNzQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzOTg3ZWFmZTU1YTcwMTBmZWQ1MzExZmNkZDU2OWY5Mzc5YjU4NDA1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5YpOTtYsBqR2xYkGtqNF+K6nUJ8j 8cfLRVcQ3LG3k7Tqv/53zSVGOvEpoVOpF5qZZLi0Uni3TEg6OMHQ0qKKa4A3AgON Krpwi6dUJ4nII5jItcVpEXRNibrhOsg0/cu85Us/GP4t+xhLSHEbqLXfbP/6Fyww 7/4YUEiMmqUFTq2MLxquFOCPb2SNaLZLAuyrh9hcS4iHbjsfZmlQkk0HHqDLm9nI 1iqAmdVIomMHyt7VFh1icyg4uQuCpnW6DVGou5MQKa3Pq1oMvT8a1z3zRdlJLskB MkgcWpMrFniHxwCmMke5mHCdwRF2av7BKUsk/nmOBAxK1j3y+MII0KQJPwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFDmH6v5VpwEP7VMR/N1Wn5N5tYQFMB8GA1UdIwQY MBaAFBByHq1qRXVkPLcDBiwJaHVegoHrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRUhJZXJXcEZkV1E4dHdNR0xBbG9kVjZDZ2VzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9jYTkzNWItMjQ4NC00MDIwLWI4MTQt M2Q0YWU4MGZjNDVkLzEvT1lmcV9sV25BUV90VXhIODNWYWZrM20xaEFVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYi9jYTkzNWItMjQ4NC00MDIwLWI4MTQtM2Q0YWU4MGZjNDVk LzEvRUhJZXJXcEZkV1E4dHdNR0xBbG9kVjZDZ2VzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucuIMA0E AgACMAcDBQMqCudAMA0GCSqGSIb3DQEBCwUAA4IBAQBXmHGzBmlKyzaASByxyPDF GheRgNEw4lDWUPQPe9Vn18msXQBqR/vwI0/TXM1tinEUVO2YtLRSVoQxm38s4XXB bfK7Fyi+97GxXWiZLHj4HMD+W9Sb35UJheB/Aodv+Yo8ohubYAGExHkfKVmD1UFq AwXFlaMWrJSomKNlR7YqaFg14EshKA2XVY90Tj+ttZ0HpyrBbkeifN9pylqCHxy7 ivo3GR8EzE5GsZqXPEwzOrkEEYOExcO/G+u2V8kGbB62qnFLqpQtJrgmpeStlLuj 4ShZyyWVeW8YYY5U00xXjp/JD1E0O3bSY1hS8xKaLKfBzuF5cIMVSCdkigEU85Yr -----END CERTIFICATE-----Generated at Sun Jan 25 19:18:41 2026 by rpki-client