This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/O_CD_5ALmuh68TK-xyESGxnHW24.roa File: O_CD_5ALmuh68TK-xyESGxnHW24.roa (raw, json) Hash identifier: A4M+FCTh23fTzIJAI9lDd9sc/Yc7QQultOVy81PYaSo= Subject key identifier: 3B:F0:83:FF:90:0B:9A:E8:7A:F1:32:BE:C7:21:12:1B:19:C7:5B:6E Certificate issuer: /CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6 Certificate serial: 019B7FF07588F583F161885BF17FDB4C456B Authority key identifier: 7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/O_CD_5ALmuh68TK-xyESGxnHW24.roa Signing time: Fri 02 Jan 2026 18:20:23 +0000 ROA not before: Fri 02 Jan 2026 18:20:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203954 IP address blocks: 185.118.240.0/24 maxlen: 24 2a06:9681::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.crl rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.mft rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f0:75:88:f5:83:f1:61:88:5b:f1:7f:db:4c:45:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6 Validity Not Before: Jan 2 18:20:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3bf083ff900b9ae87af132bec721121b19c75b6e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:6a:82:68:6c:13:10:04:0c:f5:c4:43:ee:2f: 79:ee:46:99:34:e6:77:8d:61:9c:1b:41:10:e6:71: 3e:64:7a:b1:b0:0b:55:4c:03:23:13:7b:8b:19:6d: 7c:7d:11:aa:2b:48:dc:67:78:50:70:04:c1:aa:87: 1e:48:88:ca:15:99:13:e4:7c:fe:bd:68:a8:48:67: c7:51:54:25:23:c3:f1:8b:fb:45:66:3c:f6:11:67: 18:5c:2c:43:dd:18:22:73:2f:59:61:a2:32:53:2e: 63:cd:6e:97:f0:f7:6e:a0:f2:d8:17:05:a8:c7:5c: 8d:bf:1a:f6:ba:18:d9:b3:1d:a3:4c:74:73:f8:ee: bb:bd:21:45:7a:ca:c2:e5:fa:63:91:f7:a3:29:a8: 33:1e:84:6c:f5:98:e1:71:72:a3:5f:7e:08:42:84: e9:dd:a4:55:24:1d:16:0e:ac:0e:5b:78:07:d7:be: 70:da:c6:92:d4:ec:9e:b3:61:a2:e0:a5:e1:0a:10: 5e:0a:c7:cc:8f:16:80:8c:00:37:82:8d:17:dd:d1: 83:28:35:56:2b:31:6a:72:af:e3:3e:3f:99:97:9d: 6e:3f:34:25:0c:5e:83:d0:28:bb:50:d5:47:45:77: cc:57:d8:60:9c:82:5a:c6:16:9b:39:87:ef:c9:86: f4:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:F0:83:FF:90:0B:9A:E8:7A:F1:32:BE:C7:21:12:1B:19:C7:5B:6E X509v3 Authority Key Identifier: keyid:7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/O_CD_5ALmuh68TK-xyESGxnHW24.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.118.240.0/24 IPv6: 2a06:9681::/32 Signature Algorithm: sha256WithRSAEncryption 28:69:ef:98:ca:27:39:c6:9b:8f:34:81:2c:df:ae:c2:89:93: 87:e8:64:95:6e:59:ef:14:e4:40:9e:d7:8b:c9:58:b8:be:7d: 83:9e:bb:6a:ee:be:75:46:86:c2:80:f1:fb:40:c0:6e:61:60: 7c:cb:dc:72:13:eb:45:fc:38:7b:79:cd:3b:74:1e:bc:86:00: 04:1b:99:ab:33:31:e1:93:37:47:7b:c4:a9:6d:63:a9:6e:03: 37:65:28:23:7e:5a:e8:9d:c5:a8:25:0f:6d:f0:9c:6b:2d:c9: ef:22:88:ca:00:e3:2a:56:63:62:11:fe:40:a2:8b:bf:ac:12: bc:cc:26:cc:77:2c:34:f7:04:7f:22:10:d2:14:dc:90:0b:59: 1f:35:ca:77:73:d0:fe:36:2a:86:80:5c:19:f6:69:42:74:89: 03:96:05:a6:01:c0:7f:4b:33:ab:70:f9:52:4a:13:67:87:e1: a9:38:0b:8f:2c:5c:01:5c:ca:4b:26:63:b5:de:ae:bc:9e:fc: aa:6b:0e:0c:34:9b:d5:50:02:51:8b:db:57:66:c7:74:9b:84: e1:11:f1:91:69:69:47:16:11:14:e9:4e:f6:3a:2a:56:55:dc: a0:2c:d1:78:0b:29:f8:4c:bb:8f:21:4f:09:60:3c:24:4e:03: 9d:1d:8f:0c -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/8HWI9YPxYYhb8X/bTEVrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdjM2I4ODc3ZTFhMTMwZmU1MDM4NmM2MTBkNmVhZDU2NDFi OTdiYTYwHhcNMjYwMTAyMTgyMDIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYmYwODNmZjkwMGI5YWU4N2FmMTMyYmVjNzIxMTIxYjE5Yzc1YjZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2qCaGwTEAQM9cRD7i957kaZNOZ3 jWGcG0EQ5nE+ZHqxsAtVTAMjE3uLGW18fRGqK0jcZ3hQcATBqoceSIjKFZkT5Hz+ vWioSGfHUVQlI8Pxi/tFZjz2EWcYXCxD3Rgicy9ZYaIyUy5jzW6X8PduoPLYFwWo x1yNvxr2uhjZsx2jTHRz+O67vSFFesrC5fpjkfejKagzHoRs9ZjhcXKjX34IQoTp 3aRVJB0WDqwOW3gH175w2saS1Oyes2Gi4KXhChBeCsfMjxaAjAA3go0X3dGDKDVW KzFqcq/jPj+Zl51uPzQlDF6D0Ci7UNVHRXfMV9hgnIJaxhabOYfvyYb0ZQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFDvwg/+QC5roevEyvschEhsZx1tuMB8GA1UdIwQY MBaAFHw7iHfhoTD+UDhsYQ1urVZBuXumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTIt MTIwMjVjNTRmNDg0LzEvT19DRF81QUxtdWg2OFRLLXh5RVNHeG5IVzI0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTItMTIwMjVjNTRmNDg0 LzEvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuXbwMA0E AgACMAcDBQAqBpaBMA0GCSqGSIb3DQEBCwUAA4IBAQAoae+Yyic5xpuPNIEs367C iZOH6GSVblnvFORAnteLyVi4vn2Dnrtq7r51RobCgPH7QMBuYWB8y9xyE+tF/Dh7 ec07dB68hgAEG5mrMzHhkzdHe8SpbWOpbgM3ZSgjflroncWoJQ9t8JxrLcnvIojK AOMqVmNiEf5Aoou/rBK8zCbMdyw09wR/IhDSFNyQC1kfNcp3c9D+NiqGgFwZ9mlC dIkDlgWmAcB/SzOrcPlSShNnh+GpOAuPLFwBXMpLJmO13q68nvyqaw4MNJvVUAJR i9tXZsd0m4ThEfGRaWlHFhEU6U72OipWVdygLNF4Cyn4TLuPIU8JYDwkTgOdHY8M -----END CERTIFICATE-----Generated at Mon Jan 26 08:37:33 2026 by rpki-client