This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/2fbcbf-358e-4928-9a84-ce78d4c0642f/1/oLCvqkc2mvd1Uubh1jqgFHKgWY4.roa File: oLCvqkc2mvd1Uubh1jqgFHKgWY4.roa (raw, json) Hash identifier: 851d7yUDOfGFVIsF/8n5AOnDnpNu7Amo5A1xKwGH5o8= Subject key identifier: A0:B0:AF:AA:47:36:9A:F7:75:52:E6:E1:D6:3A:A0:14:72:A0:59:8E Certificate issuer: /CN=db2ec22a66b5b24986395feed7fb5b90e28c9be4 Certificate serial: 019BE1EC2D94747B71AF79CD525D1CE13545 Authority key identifier: DB:2E:C2:2A:66:B5:B2:49:86:39:5F:EE:D7:FB:5B:90:E2:8C:9B:E4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2y7CKma1skmGOV_u1_tbkOKMm-Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/2fbcbf-358e-4928-9a84-ce78d4c0642f/1/oLCvqkc2mvd1Uubh1jqgFHKgWY4.roa Signing time: Wed 21 Jan 2026 18:58:30 +0000 ROA not before: Wed 21 Jan 2026 18:58:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203196 IP address blocks: 195.226.216.0/24 maxlen: 24 2a12:5dc0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/2fbcbf-358e-4928-9a84-ce78d4c0642f/1/2y7CKma1skmGOV_u1_tbkOKMm-Q.crl rsync://rpki.ripe.net/repository/DEFAULT/d7/2fbcbf-358e-4928-9a84-ce78d4c0642f/1/2y7CKma1skmGOV_u1_tbkOKMm-Q.mft rsync://rpki.ripe.net/repository/DEFAULT/2y7CKma1skmGOV_u1_tbkOKMm-Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:e1:ec:2d:94:74:7b:71:af:79:cd:52:5d:1c:e1:35:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db2ec22a66b5b24986395feed7fb5b90e28c9be4 Validity Not Before: Jan 21 18:58:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a0b0afaa47369af77552e6e1d63aa01472a0598e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:ee:48:41:0d:ab:76:21:be:d4:7b:80:14:36: e8:fe:1d:27:8c:5d:22:c3:db:22:01:a2:4e:ea:2e: 2e:f1:c1:82:79:fc:35:dd:33:e2:1e:3b:fb:85:78: cb:22:f5:32:7e:61:21:1e:c1:a7:e9:ef:88:c7:ce: 7a:4d:7d:d7:65:0f:6f:9d:91:db:71:0e:7c:09:f6: 0f:bb:f7:aa:2d:cb:bd:03:7a:61:d9:ee:b7:92:62: c5:9f:6f:a7:f9:9a:2c:cc:8d:b5:a0:28:eb:dd:05: 69:84:15:76:e9:4e:4e:8f:75:72:73:e4:e7:10:a9: 5a:3c:37:f9:b7:07:af:02:c3:64:c4:5f:66:3b:b0: 26:0a:93:ad:52:36:7b:29:d3:de:ad:38:bf:dd:48: d8:11:c5:78:0c:55:2b:0a:a0:91:b0:78:8d:68:bf: 8d:95:64:3c:1f:8b:3d:77:52:cb:80:16:e9:8d:ff: 46:cb:c1:98:e0:98:8e:ba:db:44:79:d1:bb:4a:69: 51:80:68:d2:3d:e5:71:70:f1:97:f6:f2:d4:5c:e6: c5:63:1f:23:5b:cf:c9:74:38:3c:f7:42:66:62:6a: c4:25:9f:ec:a6:0e:f6:c8:26:9c:07:a8:2b:45:f9: 5e:18:cb:5b:34:65:fe:ca:bb:73:09:93:0a:69:e6: 8e:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:B0:AF:AA:47:36:9A:F7:75:52:E6:E1:D6:3A:A0:14:72:A0:59:8E X509v3 Authority Key Identifier: keyid:DB:2E:C2:2A:66:B5:B2:49:86:39:5F:EE:D7:FB:5B:90:E2:8C:9B:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2y7CKma1skmGOV_u1_tbkOKMm-Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/2fbcbf-358e-4928-9a84-ce78d4c0642f/1/oLCvqkc2mvd1Uubh1jqgFHKgWY4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/2fbcbf-358e-4928-9a84-ce78d4c0642f/1/2y7CKma1skmGOV_u1_tbkOKMm-Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.226.216.0/24 IPv6: 2a12:5dc0::/29 Signature Algorithm: sha256WithRSAEncryption 68:20:2d:1d:a9:03:4e:2e:4f:e3:be:26:99:fa:7e:ed:1c:c4: ce:c4:ae:69:09:fb:3c:8e:6b:15:02:10:85:d9:94:27:b8:de: a9:e1:d3:c1:40:6f:27:ac:f8:6d:f5:a7:c4:a1:03:64:dd:1f: a3:e8:e9:78:0b:b8:d1:fa:6a:51:76:60:63:e9:54:b9:1a:ae: f2:fd:59:d5:db:12:ea:a1:e3:48:04:cd:1a:03:1c:70:62:fd: e9:ad:90:33:d8:01:14:69:af:d2:ee:84:3b:9b:de:dd:45:e0: aa:52:19:c0:f8:b3:19:fa:c4:cf:9f:18:ef:4f:db:4b:63:8f: 03:75:d3:3e:1a:c5:c0:fc:db:69:6e:71:0e:e4:d7:cc:cf:49: 98:52:0c:4d:b8:bf:8a:71:da:e3:17:c6:eb:c8:10:1a:34:08: 0d:b8:19:c6:dd:f9:92:60:2f:36:9b:0b:6b:e9:bc:75:ef:72: 6e:be:00:96:8a:99:90:27:a7:c4:16:12:39:50:00:c6:bd:78: 25:f5:42:7a:c3:85:d8:06:c7:1b:af:4b:7d:bd:61:b9:4e:ea: e1:f7:e1:66:d2:c4:c2:34:8f:9b:cd:8d:a9:f5:58:b1:e2:ac: a5:aa:49:49:92:f0:d0:ce:f8:ad:24:02:92:09:0c:78:ed:38: b0:38:8d:56 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZvh7C2UdHtxr3nNUl0c4TVFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiMmVjMjJhNjZiNWIyNDk4NjM5NWZlZWQ3ZmI1YjkwZTI4 YzliZTQwHhcNMjYwMTIxMTg1ODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMGIwYWZhYTQ3MzY5YWY3NzU1MmU2ZTFkNjNhYTAxNDcyYTA1OThlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAre5IQQ2rdiG+1HuAFDbo/h0njF0i w9siAaJO6i4u8cGCefw13TPiHjv7hXjLIvUyfmEhHsGn6e+Ix856TX3XZQ9vnZHb cQ58CfYPu/eqLcu9A3ph2e63kmLFn2+n+ZoszI21oCjr3QVphBV26U5Oj3Vyc+Tn EKlaPDf5twevAsNkxF9mO7AmCpOtUjZ7KdPerTi/3UjYEcV4DFUrCqCRsHiNaL+N lWQ8H4s9d1LLgBbpjf9Gy8GY4JiOuttEedG7SmlRgGjSPeVxcPGX9vLUXObFYx8j W8/JdDg890JmYmrEJZ/spg72yCacB6grRfleGMtbNGX+yrtzCZMKaeaOqQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFKCwr6pHNpr3dVLm4dY6oBRyoFmOMB8GA1UdIwQY MBaAFNsuwipmtbJJhjlf7tf7W5DijJvkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnk3Q0ttYTFza21HT1ZfdTFfdGJrT0tNbS1RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8yZmJjYmYtMzU4ZS00OTI4LTlhODQt Y2U3OGQ0YzA2NDJmLzEvb0xDdnFrYzJtdmQxVXViaDFqcWdGSEtnV1k0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNy8yZmJjYmYtMzU4ZS00OTI4LTlhODQtY2U3OGQ0YzA2NDJm LzEvMnk3Q0ttYTFza21HT1ZfdTFfdGJrT0tNbS1RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAw+LYMA0E AgACMAcDBQMqEl3AMA0GCSqGSIb3DQEBCwUAA4IBAQBoIC0dqQNOLk/jviaZ+n7t HMTOxK5pCfs8jmsVAhCF2ZQnuN6p4dPBQG8nrPht9afEoQNk3R+j6Ol4C7jR+mpR dmBj6VS5Gq7y/VnV2xLqoeNIBM0aAxxwYv3prZAz2AEUaa/S7oQ7m97dReCqUhnA +LMZ+sTPnxjvT9tLY48DddM+GsXA/NtpbnEO5NfMz0mYUgxNuL+KcdrjF8bryBAa NAgNuBnG3fmSYC82mwtr6bx173JuvgCWipmQJ6fEFhI5UADGvXgl9UJ6w4XYBscb r0t9vWG5Turh9+Fm0sTCNI+bzY2p9Vix4qylqklJkvDQzvitJAKSCQx47TiwOI1W -----END CERTIFICATE-----Generated at Sun Jan 25 18:08:51 2026 by rpki-client