This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/okmt1S4hd7NrbW4f-tCxGrBU2rY.roa File: okmt1S4hd7NrbW4f-tCxGrBU2rY.roa (raw, json) Hash identifier: 7cs3FirAxa0B9mH+9gI5rKR6WF9kuQy/8mCwxNj88sE= Subject key identifier: A2:49:AD:D5:2E:21:77:B3:6B:6D:6E:1F:FA:D0:B1:1A:B0:54:DA:B6 Certificate issuer: /CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e Certificate serial: 019A53A9E774E15FC67816C4204DF8B51D0E Authority key identifier: 5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/okmt1S4hd7NrbW4f-tCxGrBU2rY.roa Signing time: Wed 05 Nov 2025 10:57:14 +0000 ROA not before: Wed 05 Nov 2025 10:57:14 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 51375 IP address blocks: 84.235.102.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.crl rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.mft rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:53:a9:e7:74:e1:5f:c6:78:16:c4:20:4d:f8:b5:1d:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e Validity Not Before: Nov 5 10:57:14 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=a249add52e2177b36b6d6e1ffad0b11ab054dab6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:27:23:5c:24:b2:88:b1:8f:70:99:cf:70:47: e6:38:1e:fb:42:15:b6:a8:24:e3:c1:07:09:79:f7: ca:79:6f:03:c5:9a:00:f4:26:1e:57:f4:7e:9b:1f: c8:a8:b5:7c:89:a8:a3:9f:2b:b1:74:30:50:44:93: 0e:9b:c2:aa:c3:19:83:e0:23:02:ff:e1:8c:0c:73: 51:7a:67:83:fa:48:21:00:0f:6d:6a:3c:d0:ee:88: 67:6b:ce:a4:61:c8:23:af:df:cd:91:64:21:5d:0b: 70:40:31:77:6b:97:f3:9d:00:f9:17:c0:3f:6c:a0: 91:55:cc:c6:4a:4d:4d:45:ec:7b:6d:1b:50:9f:96: bc:35:dd:a9:fc:07:77:72:f6:5c:50:38:e8:b1:55: 2d:ae:19:cd:6f:e2:52:81:0b:a5:d8:1d:44:bb:16: 8b:c1:eb:99:ab:18:6b:4b:e6:f9:b9:3d:ba:28:78: 51:52:77:d1:fd:18:62:9d:a2:54:fa:f7:4c:85:c7: a9:c9:d6:1b:22:a5:77:fc:24:42:d9:e0:1c:aa:a8: f1:d5:1b:84:51:82:84:e1:22:5b:a2:59:dc:4f:65: 43:e1:f7:b1:cb:cb:c3:8d:3c:5f:bc:79:cd:38:5a: 73:5a:ce:b3:3f:9b:3e:8a:95:84:1c:1e:c5:5e:2b: f3:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:49:AD:D5:2E:21:77:B3:6B:6D:6E:1F:FA:D0:B1:1A:B0:54:DA:B6 X509v3 Authority Key Identifier: keyid:5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/okmt1S4hd7NrbW4f-tCxGrBU2rY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 84.235.102.0/24 Signature Algorithm: sha256WithRSAEncryption 15:d9:d4:9a:ed:3b:e0:3e:9a:e3:46:b0:f6:d6:b4:65:55:00: 6c:15:1d:e9:bf:b7:cb:92:70:9d:62:15:1a:fc:65:a8:8c:1b: 3a:65:61:1d:9c:7a:21:68:db:23:d7:be:33:a2:46:ac:f8:0f: b7:a4:9c:03:d9:3c:3c:d4:9a:68:74:dd:e8:47:4d:88:54:97: 37:be:66:20:a5:fa:1c:c3:1a:08:ba:1b:5b:05:87:b8:14:42: 8f:fc:72:7a:cc:a6:b0:ca:9f:a6:fa:6e:6e:a8:fd:81:76:1a: ba:a7:cf:a1:09:06:f7:04:6c:b9:98:1c:85:87:6a:82:9f:fc: 06:ca:eb:40:ec:a2:b6:e8:15:a4:a6:9a:c6:f9:db:a0:0a:17: 35:75:f4:0c:65:26:e4:27:c4:cc:28:c9:46:a8:af:93:9a:79: f4:b5:c3:d0:92:a5:de:dd:07:09:4c:82:2b:2a:c8:c0:67:bf: a2:6e:66:cd:3c:22:f8:3c:33:d9:59:7b:fb:72:5b:db:d7:9e: 3c:e0:3e:68:8d:1b:59:4f:0b:8b:99:eb:0e:01:83:c5:1c:67: 58:b9:24:2a:2c:10:3c:88:36:4f:c3:ef:75:5d:52:f5:0b:e0: 89:8b:21:57:8e:b3:41:14:5d:62:4c:68:b5:f7:9a:06:8d:f3: 2f:6e:e8:eb -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZpTqed04V/GeBbEIE34tR0OMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlMWJmNmEzMTlkYTI0ODk4MTZhZWRiYTFiNGZkMGNjN2Rk ZjNlMWUwHhcNMjUxMTA1MTA1NzE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMjQ5YWRkNTJlMjE3N2IzNmI2ZDZlMWZmYWQwYjExYWIwNTRkYWI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvicjXCSyiLGPcJnPcEfmOB77QhW2 qCTjwQcJeffKeW8DxZoA9CYeV/R+mx/IqLV8iaijnyuxdDBQRJMOm8KqwxmD4CMC /+GMDHNRemeD+kghAA9tajzQ7ohna86kYcgjr9/NkWQhXQtwQDF3a5fznQD5F8A/ bKCRVczGSk1NRex7bRtQn5a8Nd2p/Ad3cvZcUDjosVUtrhnNb+JSgQul2B1EuxaL weuZqxhrS+b5uT26KHhRUnfR/RhinaJU+vdMhcepydYbIqV3/CRC2eAcqqjx1RuE UYKE4SJbolncT2VD4fexy8vDjTxfvHnNOFpzWs6zP5s+ipWEHB7FXivzqQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFKJJrdUuIXeza21uH/rQsRqwVNq2MB8GA1UdIwQY MBaAFF4b9qMZ2iSJgWrtuhtP0Mx93z4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYt YjU5MDk1N2Q5NDE1LzEvb2ttdDFTNGhkN05yYlc0Zi10Q3hHckJVMnJZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYtYjU5MDk1N2Q5NDE1 LzEvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVOtmMA0G CSqGSIb3DQEBCwUAA4IBAQAV2dSa7TvgPprjRrD21rRlVQBsFR3pv7fLknCdYhUa /GWojBs6ZWEdnHohaNsj174zokas+A+3pJwD2Tw81JpodN3oR02IVJc3vmYgpfoc wxoIuhtbBYe4FEKP/HJ6zKawyp+m+m5uqP2Bdhq6p8+hCQb3BGy5mByFh2qCn/wG yutA7KK26BWkpprG+dugChc1dfQMZSbkJ8TMKMlGqK+Tmnn0tcPQkqXe3QcJTIIr KsjAZ7+ibmbNPCL4PDPZWXv7clvb15484D5ojRtZTwuLmesOAYPFHGdYuSQqLBA8 iDZPw+91XVL1C+CJiyFXjrNBFF1iTGi195oGjfMvbujr -----END CERTIFICATE-----Generated at Sat Dec 6 14:06:25 2025 by rpki-client