This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/OhtO9gQuXsBPS-Q3O3FN8E4x348.roa File: OhtO9gQuXsBPS-Q3O3FN8E4x348.roa (raw, json) Hash identifier: o+Nr9wOEwTpH2Y6JMdDgtincCGDhZv31TNiZL0Hk3Bs= Subject key identifier: 3A:1B:4E:F6:04:2E:5E:C0:4F:4B:E4:37:3B:71:4D:F0:4E:31:DF:8F Certificate issuer: /CN=a4e7205f5d41257a6bb95f900eec0a1123e75164 Certificate serial: 019B7DCA102450E637922E8CFD595D7EDBA9 Authority key identifier: A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/OhtO9gQuXsBPS-Q3O3FN8E4x348.roa Signing time: Fri 02 Jan 2026 08:19:12 +0000 ROA not before: Fri 02 Jan 2026 08:19:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43220 IP address blocks: 80.70.7.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/pOcgX11BJXpruV-QDuwKESPnUWQ.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/pOcgX11BJXpruV-QDuwKESPnUWQ.mft rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 23:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:10:24:50:e6:37:92:2e:8c:fd:59:5d:7e:db:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a4e7205f5d41257a6bb95f900eec0a1123e75164 Validity Not Before: Jan 2 08:19:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3a1b4ef6042e5ec04f4be4373b714df04e31df8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:f9:d6:83:9d:eb:e1:9e:d8:49:26:90:71:94: 3a:17:9d:8a:2e:a3:68:4d:9b:09:ef:0d:91:95:34: 87:02:63:c0:8b:e5:8a:2e:d9:64:77:f9:5d:35:15: 63:4e:37:d8:d9:f4:a8:d2:f4:0a:cc:31:cb:4a:54: 84:14:bf:d9:52:62:23:c9:5b:29:11:c3:25:fb:f6: 04:55:13:4d:42:85:9f:d8:65:4b:ed:2e:7f:e7:6c: 50:fd:56:7d:49:49:d4:16:b8:cb:dd:81:27:b4:cb: aa:17:60:c9:1d:d1:e2:38:d4:fd:23:ac:62:25:96: 2a:39:4a:fc:53:48:f6:78:8a:55:4b:60:da:b0:e5: 92:f3:51:ac:a3:7a:48:8d:92:72:21:a8:48:ea:b5: 09:e8:b8:b2:cb:43:5e:77:07:55:8b:1b:76:12:37: f5:5a:bf:d5:9e:f7:d7:22:02:37:bf:4a:ba:a0:6f: 24:14:08:6b:82:03:e1:a7:43:a1:0b:54:22:02:54: 14:dd:5e:e3:e1:2f:f1:8c:41:27:63:75:7a:3a:38: 63:d5:3a:70:c8:db:ac:7b:4c:d4:5b:8a:73:5a:c4: 84:46:f0:80:8f:4e:d3:bb:2c:1a:1c:fe:c0:ad:4d: f6:95:97:94:e7:08:b4:54:55:bc:61:1d:c2:19:16: 6e:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:1B:4E:F6:04:2E:5E:C0:4F:4B:E4:37:3B:71:4D:F0:4E:31:DF:8F X509v3 Authority Key Identifier: keyid:A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/OhtO9gQuXsBPS-Q3O3FN8E4x348.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/pOcgX11BJXpruV-QDuwKESPnUWQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.70.7.0/24 Signature Algorithm: sha256WithRSAEncryption 8b:03:8b:8a:9e:3a:2f:d1:de:4c:1e:4a:3d:c6:6b:30:48:6d: 0e:c9:d3:56:22:31:c1:63:15:36:95:6c:a7:1f:76:ed:1e:86: 8d:ac:8c:0a:b2:8e:96:53:48:8f:b3:72:5a:6b:3d:da:b5:69: ad:86:e3:9b:78:ae:0e:47:83:2c:df:f9:26:a9:8d:3d:f4:fb: 2a:d8:70:a9:c2:30:83:ef:04:58:77:b9:61:76:4f:2c:22:68: 3d:bc:ff:4f:4c:4d:40:80:57:cc:94:99:e0:fd:7e:2a:ca:54: 3c:0c:7a:73:4a:ad:ab:e7:be:5c:ca:f1:16:15:2b:9b:90:97: c9:ad:4e:7b:f7:e8:7a:1e:24:e6:50:80:75:28:f2:9b:34:c5: d9:ac:16:61:f4:a8:02:32:e9:ac:43:51:45:93:42:be:9f:bf: 6a:19:ad:1b:2e:b8:d7:0c:2d:b1:e2:f6:59:5d:90:fd:17:13: 9c:2d:97:73:5d:95:ef:dc:be:2e:f7:ad:27:8c:ed:f6:f2:6a: e8:9c:58:a7:a2:20:d5:ab:99:9c:22:27:f3:60:17:78:40:6f: 5a:a0:94:f6:68:39:20:9e:ea:1c:c6:17:7d:0b:7a:2a:52:47: 1a:25:69:19:bc:7b:59:63:15:d1:3e:b9:27:a3:87:c9:cf:bf: 0f:08:12:b9 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9yhAkUOY3ki6M/VldftupMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE0ZTcyMDVmNWQ0MTI1N2E2YmI5NWY5MDBlZWMwYTExMjNl NzUxNjQwHhcNMjYwMTAyMDgxOTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYTFiNGVmNjA0MmU1ZWMwNGY0YmU0MzczYjcxNGRmMDRlMzFkZjhmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/nWg53r4Z7YSSaQcZQ6F52KLqNo TZsJ7w2RlTSHAmPAi+WKLtlkd/ldNRVjTjfY2fSo0vQKzDHLSlSEFL/ZUmIjyVsp EcMl+/YEVRNNQoWf2GVL7S5/52xQ/VZ9SUnUFrjL3YEntMuqF2DJHdHiONT9I6xi JZYqOUr8U0j2eIpVS2DasOWS81Gso3pIjZJyIahI6rUJ6Liyy0NedwdVixt2Ejf1 Wr/VnvfXIgI3v0q6oG8kFAhrggPhp0OhC1QiAlQU3V7j4S/xjEEnY3V6Ojhj1Tpw yNuse0zUW4pzWsSERvCAj07TuywaHP7ArU32lZeU5wi0VFW8YR3CGRZuNQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFDobTvYELl7AT0vkNztxTfBOMd+PMB8GA1UdIwQY MBaAFKTnIF9dQSV6a7lfkA7sChEj51FkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDkt M2U1OWNlNDQ1YjFjLzEvT2h0TzlnUXVYc0JQUy1RM08zRk44RTR4MzQ4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDktM2U1OWNlNDQ1YjFj LzEvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUEYHMA0G CSqGSIb3DQEBCwUAA4IBAQCLA4uKnjov0d5MHko9xmswSG0OydNWIjHBYxU2lWyn H3btHoaNrIwKso6WU0iPs3Jaaz3atWmthuObeK4OR4Ms3/kmqY099Psq2HCpwjCD 7wRYd7lhdk8sImg9vP9PTE1AgFfMlJng/X4qylQ8DHpzSq2r575cyvEWFSubkJfJ rU579+h6HiTmUIB1KPKbNMXZrBZh9KgCMumsQ1FFk0K+n79qGa0bLrjXDC2x4vZZ XZD9FxOcLZdzXZXv3L4u960njO328mronFinoiDVq5mcIifzYBd4QG9aoJT2aDkg nuocxhd9C3oqUkcaJWkZvHtZYxXRPrkno4fJz78PCBK5 -----END CERTIFICATE-----Generated at Mon Jan 26 09:22:57 2026 by rpki-client