This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/OmMFI95X2qnhZDKjI6slDjGRNqk.roa File: OmMFI95X2qnhZDKjI6slDjGRNqk.roa (raw, json) Hash identifier: Pn7MijhIBVlC/zjDS4+PEDcrihjLjcsRGTtxI7Cgocg= Subject key identifier: 3A:63:05:23:DE:57:DA:A9:E1:64:32:A3:23:AB:25:0E:31:91:36:A9 Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75 Certificate serial: 019B76EB0F554AF176807826CBC75059B2DE Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/OmMFI95X2qnhZDKjI6slDjGRNqk.roa Signing time: Thu 01 Jan 2026 00:17:54 +0000 ROA not before: Thu 01 Jan 2026 00:17:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199952 IP address blocks: 45.66.64.0/22 maxlen: 24 92.119.108.0/22 maxlen: 24 152.89.100.0/22 maxlen: 24 185.29.68.0/22 maxlen: 24 185.29.70.0/23 maxlen: 24 185.69.8.0/22 maxlen: 24 185.88.52.0/22 maxlen: 24 185.110.76.0/22 maxlen: 24 185.223.240.0/22 maxlen: 24 185.227.8.0/22 maxlen: 24 2a04:41c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:0f:55:4a:f1:76:80:78:26:cb:c7:50:59:b2:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75 Validity Not Before: Jan 1 00:17:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3a630523de57daa9e16432a323ab250e319136a9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:35:91:6c:90:ce:c8:67:32:52:b3:00:35:e6: 11:2b:55:11:68:1d:c5:ed:35:06:c4:83:6e:ec:95: 0c:b6:cc:ad:4f:77:6b:50:ca:ec:c5:f6:f5:15:ec: c6:60:da:0b:2a:6c:b7:dd:11:28:5c:81:49:82:cc: fb:80:d5:8a:18:c0:69:6c:29:7d:81:99:0c:09:25: 44:a3:10:02:86:fe:6e:c1:21:2e:f1:d1:7d:0a:08: 0a:fa:46:b2:ba:88:a7:70:48:9b:3e:ee:ea:54:4e: 2a:11:5f:29:c8:d8:29:c4:84:55:6f:06:6c:97:af: 38:e6:68:9c:ce:a0:ec:7d:ed:b5:50:06:fa:79:98: b7:7a:49:8e:0b:56:b7:8a:06:6c:ba:54:04:24:7f: 4b:d4:f5:7a:ad:11:77:7d:b0:00:f3:d2:28:7e:6d: 3c:4d:83:cc:81:bc:8c:b5:20:ae:95:bd:d8:b5:18: 9d:f9:11:b5:9b:1d:0f:ce:9b:4a:61:73:d3:4f:cb: 6f:9c:6d:00:e6:93:e3:84:a3:60:17:b4:fc:73:1c: 09:48:be:9f:f2:81:2c:d7:bf:a8:86:94:9f:0d:e1: 25:98:d3:62:cc:e3:a0:cb:7a:4d:ee:f6:40:75:d5: d8:0a:be:3b:c7:5d:d0:f5:c4:d1:d6:b2:09:0f:51: 41:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:63:05:23:DE:57:DA:A9:E1:64:32:A3:23:AB:25:0E:31:91:36:A9 X509v3 Authority Key Identifier: keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/OmMFI95X2qnhZDKjI6slDjGRNqk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.66.64.0/22 92.119.108.0/22 152.89.100.0/22 185.29.68.0/22 185.69.8.0/22 185.88.52.0/22 185.110.76.0/22 185.223.240.0/22 185.227.8.0/22 IPv6: 2a04:41c0::/29 Signature Algorithm: sha256WithRSAEncryption 15:95:26:6f:61:5f:7c:6c:0b:04:fd:e5:0d:56:d9:03:09:a8: aa:1c:79:d2:7d:98:b3:26:df:8a:2c:c9:8b:0e:15:dd:d6:d3: 51:04:1a:cc:2d:d2:1a:89:aa:da:ed:de:97:29:ab:b0:40:10: 7a:b8:52:f9:fc:32:08:c4:78:b1:39:6c:50:4a:2f:b1:ba:a2: 77:2f:b3:f8:35:5d:9e:a7:41:4b:a2:7c:a5:93:28:58:18:d4: 2b:89:12:68:e1:6a:61:7f:47:8a:4b:7d:d3:49:8e:ac:b0:95: 0b:0c:5c:b8:47:a7:e1:11:5b:1b:4e:73:93:38:d2:41:51:29: 4c:78:18:8d:8a:51:a7:53:f3:39:2c:da:e0:0a:29:f1:04:0e: cf:d1:0c:3a:82:29:92:61:7a:64:26:a6:b2:e6:0b:49:d5:1f: 0e:4a:2f:31:38:0f:9d:d9:9c:b2:04:9d:cf:ef:f1:be:3e:ac: e6:03:bd:0f:81:d4:1c:e5:df:5b:0d:6b:80:a0:3c:a3:fe:12: 06:b5:34:c8:af:c0:5d:2a:35:2a:dc:aa:f8:9a:3a:4d:c9:d7: cb:be:2e:1a:65:dd:f1:9e:e8:3b:78:d7:09:ee:f7:eb:4b:64: 87:8c:92:88:ab:a5:67:19:28:63:49:2b:97:7f:fe:9b:28:eb: 33:7c:41:f1 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgISAZt26w9VSvF2gHgmy8dQWbLeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4 YjZiNzUwHhcNMjYwMTAxMDAxNzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYTYzMDUyM2RlNTdkYWE5ZTE2NDMyYTMyM2FiMjUwZTMxOTEzNmE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDWRbJDOyGcyUrMANeYRK1URaB3F 7TUGxINu7JUMtsytT3drUMrsxfb1FezGYNoLKmy33REoXIFJgsz7gNWKGMBpbCl9 gZkMCSVEoxAChv5uwSEu8dF9CggK+kayuoincEibPu7qVE4qEV8pyNgpxIRVbwZs l6845miczqDsfe21UAb6eZi3ekmOC1a3igZsulQEJH9L1PV6rRF3fbAA89Iofm08 TYPMgbyMtSCulb3YtRid+RG1mx0PzptKYXPTT8tvnG0A5pPjhKNgF7T8cxwJSL6f 8oEs17+ohpSfDeElmNNizOOgy3pN7vZAddXYCr47x13Q9cTR1rIJD1FB4QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFDpjBSPeV9qp4WQyoyOrJQ4xkTapMB8GA1UdIwQY MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt Yzc5MTRhYjY0MjczLzEvT21NRkk5NVgycW5oWkRLakk2c2xEakdSTnFrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQCLUJAAwQC XHdsAwQCmFlkAwQCuR1EAwQCuUUIAwQCuVg0AwQCuW5MAwQCud/wAwQCueMIMA0E AgACMAcDBQMqBEHAMA0GCSqGSIb3DQEBCwUAA4IBAQAVlSZvYV98bAsE/eUNVtkD CaiqHHnSfZizJt+KLMmLDhXd1tNRBBrMLdIaiara7d6XKauwQBB6uFL5/DIIxHix OWxQSi+xuqJ3L7P4NV2ep0FLonylkyhYGNQriRJo4Wphf0eKS33TSY6ssJULDFy4 R6fhEVsbTnOTONJBUSlMeBiNilGnU/M5LNrgCinxBA7P0Qw6gimSYXpkJqay5gtJ 1R8OSi8xOA+d2ZyyBJ3P7/G+PqzmA70PgdQc5d9bDWuAoDyj/hIGtTTIr8BdKjUq 3Kr4mjpNydfLvi4aZd3xnug7eNcJ7vfrS2SHjJKIq6VnGShjSSuXf/6bKOszfEHx -----END CERTIFICATE-----Generated at Sun Jan 25 17:49:19 2026 by rpki-client