This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/Sl9bNPBsXlBI0DeUAp-mjVlbQuQ.roa File: Sl9bNPBsXlBI0DeUAp-mjVlbQuQ.roa (raw, json) Hash identifier: OCH6KKa8NHD+YpgJ2LuApSob95p9PeDsu1ZA6J3sKlc= Subject key identifier: 4A:5F:5B:34:F0:6C:5E:50:48:D0:37:94:02:9F:A6:8D:59:5B:42:E4 Certificate issuer: /CN=3a685cf88a7fc43fe1c7fe34a6ff3ddbb414f0b5 Certificate serial: 019B79ECA51880357C28FC948202864C067C Authority key identifier: 3A:68:5C:F8:8A:7F:C4:3F:E1:C7:FE:34:A6:FF:3D:DB:B4:14:F0:B5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Omhc-Ip_xD_hx_40pv8927QU8LU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/Sl9bNPBsXlBI0DeUAp-mjVlbQuQ.roa Signing time: Thu 01 Jan 2026 14:18:30 +0000 ROA not before: Thu 01 Jan 2026 14:18:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42 IP address blocks: 194.0.47.0/24 maxlen: 24 2001:678:78::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/Omhc-Ip_xD_hx_40pv8927QU8LU.crl rsync://rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/Omhc-Ip_xD_hx_40pv8927QU8LU.mft rsync://rpki.ripe.net/repository/DEFAULT/Omhc-Ip_xD_hx_40pv8927QU8LU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:a5:18:80:35:7c:28:fc:94:82:02:86:4c:06:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a685cf88a7fc43fe1c7fe34a6ff3ddbb414f0b5 Validity Not Before: Jan 1 14:18:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4a5f5b34f06c5e5048d03794029fa68d595b42e4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:28:58:4a:e3:50:b3:c7:fc:e4:d2:18:da:99: 38:60:52:94:f8:8a:57:b8:33:ad:4c:7e:49:b4:5d: 23:1a:57:7b:b4:87:a2:9c:ba:f1:de:80:a5:62:9f: d6:99:fb:d3:3e:2e:11:d1:dc:5d:d1:c9:01:78:d6: c1:58:d1:62:e7:27:a7:e4:39:2d:3a:bb:d8:43:00: 39:29:0a:3f:d3:22:17:72:6d:8f:07:c7:5b:1e:6b: 5a:83:4a:08:45:9c:18:f9:ac:de:30:0b:42:9b:aa: 85:9c:cb:ff:69:89:81:44:e1:ac:88:0c:a3:8a:fd: d6:c1:4c:33:ac:4e:54:b4:ac:09:99:88:b9:58:ae: 81:57:46:7f:4d:ca:9d:87:06:3f:a2:20:0c:02:98: 21:8d:82:c3:2b:9e:5a:2d:cd:e6:95:df:37:7e:63: bb:17:c5:85:e5:92:d0:06:a3:36:4f:66:3d:87:80: 9b:7f:4a:f7:02:ee:c0:1b:ba:a7:d9:c9:1c:25:54: fe:bd:80:3f:b2:1d:06:ec:8f:64:40:4c:33:e1:91: 6f:f2:35:1d:e3:93:b4:d9:b3:a2:47:80:13:20:9b: 66:02:7a:68:b3:3c:7c:84:1a:6e:88:af:f9:da:12: 87:72:59:8b:11:23:06:6b:27:0c:43:40:1b:0c:78: f8:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:5F:5B:34:F0:6C:5E:50:48:D0:37:94:02:9F:A6:8D:59:5B:42:E4 X509v3 Authority Key Identifier: keyid:3A:68:5C:F8:8A:7F:C4:3F:E1:C7:FE:34:A6:FF:3D:DB:B4:14:F0:B5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Omhc-Ip_xD_hx_40pv8927QU8LU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/Sl9bNPBsXlBI0DeUAp-mjVlbQuQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/Omhc-Ip_xD_hx_40pv8927QU8LU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.0.47.0/24 IPv6: 2001:678:78::/48 Signature Algorithm: sha256WithRSAEncryption b5:db:f1:51:a8:91:e5:ad:a0:5f:3f:6d:c6:98:24:6f:a8:cd: 00:3d:49:19:24:f9:85:39:c6:f7:37:b0:b5:58:3f:e5:dc:94: 72:27:7f:7c:90:ff:ce:30:6c:9c:39:da:c9:74:50:27:74:83: 06:3b:3c:a1:6d:38:7e:ea:9e:f5:72:f1:a0:47:69:8d:3c:12: db:c3:bf:e0:5e:a2:df:be:09:fe:e4:6e:71:26:72:46:d0:7f: de:d0:6b:fa:1b:b2:32:7b:54:3a:d0:d3:fc:f9:bf:64:cd:bf: 32:00:d5:10:cf:b4:87:24:d4:db:c1:42:10:92:c1:05:a8:14: d8:55:63:f4:6e:87:14:b3:e7:24:02:b3:4a:8b:42:b6:40:e5: b3:c9:7d:87:05:20:18:33:1e:76:76:0e:f5:ff:06:bb:7c:5e: d4:e6:ff:7e:58:19:8b:78:65:5d:82:a6:ac:da:cd:59:f9:93: 0d:63:cc:a6:6a:3d:ba:77:79:e1:4e:b8:14:b8:83:37:a9:94: 1b:b0:67:7a:33:a0:8d:fa:d4:f0:01:9c:d9:2e:94:e2:b6:2c: fd:df:95:2e:5b:e9:b3:f0:88:14:26:99:bc:3d:a8:54:36:7b: eb:30:a7:6a:54:f2:e1:ab:d5:3b:e4:a7:b3:f0:1d:2f:3b:69: a7:fd:cc:57 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt57KUYgDV8KPyUggKGTAZ8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhNjg1Y2Y4OGE3ZmM0M2ZlMWM3ZmUzNGE2ZmYzZGRiYjQx NGYwYjUwHhcNMjYwMTAxMTQxODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0YTVmNWIzNGYwNmM1ZTUwNDhkMDM3OTQwMjlmYTY4ZDU5NWI0MmU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyhYSuNQs8f85NIY2pk4YFKU+IpX uDOtTH5JtF0jGld7tIeinLrx3oClYp/WmfvTPi4R0dxd0ckBeNbBWNFi5yen5Dkt OrvYQwA5KQo/0yIXcm2PB8dbHmtag0oIRZwY+azeMAtCm6qFnMv/aYmBROGsiAyj iv3WwUwzrE5UtKwJmYi5WK6BV0Z/TcqdhwY/oiAMApghjYLDK55aLc3mld83fmO7 F8WF5ZLQBqM2T2Y9h4Cbf0r3Au7AG7qn2ckcJVT+vYA/sh0G7I9kQEwz4ZFv8jUd 45O02bOiR4ATIJtmAnposzx8hBpuiK/52hKHclmLESMGaycMQ0AbDHj4GQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFEpfWzTwbF5QSNA3lAKfpo1ZW0LkMB8GA1UdIwQY MBaAFDpoXPiKf8Q/4cf+NKb/Pdu0FPC1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT21oYy1JcF94RF9oeF80MHB2ODkyN1FVOExVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9lNjVjMjctYWVmNS00ODZkLWI1ZDct NTlkNmNhNjVjY2JjLzEvU2w5Yk5QQnNYbEJJMERlVUFwLW1qVmxiUXVRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNy9lNjVjMjctYWVmNS00ODZkLWI1ZDctNTlkNmNhNjVjY2Jj LzEvT21oYy1JcF94RF9oeF80MHB2ODkyN1FVOExVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwgAvMA8E AgACMAkDBwAgAQZ4AHgwDQYJKoZIhvcNAQELBQADggEBALXb8VGokeWtoF8/bcaY JG+ozQA9SRkk+YU5xvc3sLVYP+XclHInf3yQ/84wbJw52sl0UCd0gwY7PKFtOH7q nvVy8aBHaY08EtvDv+Beot++Cf7kbnEmckbQf97Qa/obsjJ7VDrQ0/z5v2TNvzIA 1RDPtIck1NvBQhCSwQWoFNhVY/RuhxSz5yQCs0qLQrZA5bPJfYcFIBgzHnZ2DvX/ Brt8XtTm/35YGYt4ZV2CpqzazVn5kw1jzKZqPbp3eeFOuBS4gzeplBuwZ3ozoI36 1PABnNkulOK2LP3flS5b6bPwiBQmmbw9qFQ2e+swp2pU8uGr1Tvkp7PwHS87aaf9 zFc= -----END CERTIFICATE-----Generated at Sun Jan 25 09:19:24 2026 by rpki-client