This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/oQqfeDIpQqTY2qXddv-RmkOsSBw.roa File: oQqfeDIpQqTY2qXddv-RmkOsSBw.roa (raw, json) Hash identifier: hZoJxnHQE17dg7NNgeLOUvJ0Ph/Ff3w++3G8l+eeaLU= Subject key identifier: A1:0A:9F:78:32:29:42:A4:D8:DA:A5:DD:76:FF:91:9A:43:AC:48:1C Certificate issuer: /CN=7c45672fc42bdd33e545338a7417e8171a04ee3f Certificate serial: 019B7C80B229407B28899D663683E648BF15 Authority key identifier: 7C:45:67:2F:C4:2B:DD:33:E5:45:33:8A:74:17:E8:17:1A:04:EE:3F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fEVnL8Qr3TPlRTOKdBfoFxoE7j8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/oQqfeDIpQqTY2qXddv-RmkOsSBw.roa Signing time: Fri 02 Jan 2026 02:19:27 +0000 ROA not before: Fri 02 Jan 2026 02:19:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29695 IP address blocks: 185.131.200.0/24 maxlen: 24 185.197.211.0/24 maxlen: 24 2a0c:1bc0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/fEVnL8Qr3TPlRTOKdBfoFxoE7j8.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/fEVnL8Qr3TPlRTOKdBfoFxoE7j8.mft rsync://rpki.ripe.net/repository/DEFAULT/fEVnL8Qr3TPlRTOKdBfoFxoE7j8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:b2:29:40:7b:28:89:9d:66:36:83:e6:48:bf:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7c45672fc42bdd33e545338a7417e8171a04ee3f Validity Not Before: Jan 2 02:19:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a10a9f78322942a4d8daa5dd76ff919a43ac481c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:9f:28:d6:de:b8:ab:80:e8:17:26:9a:d8:67: f5:91:0a:df:ed:7d:33:17:6a:a6:4a:27:d7:c2:56: e9:a2:07:dd:28:bd:6d:7f:26:07:1f:71:5d:21:4e: 29:38:d5:45:47:c2:55:b4:6f:fc:7f:20:d2:b2:6e: 47:22:7c:ba:18:30:79:3d:2a:ca:a1:79:5a:68:06: 7f:ff:58:9d:c5:19:df:1d:2a:0e:90:a8:df:38:c8: 9c:c3:bd:bf:39:0a:5e:71:9f:78:27:b9:6b:64:47: 88:1e:09:bf:98:98:35:06:b4:f1:c2:17:ee:77:e1: 35:5d:c7:42:92:7c:38:82:1c:64:05:ad:8b:d6:5e: b9:58:1e:02:98:64:49:41:59:86:7e:f3:69:c2:1d: ec:13:85:e6:cc:01:b5:e3:cd:2c:4c:de:bf:8e:19: 16:cd:9d:6d:4b:ed:5d:5e:7c:d8:75:6c:6a:f8:14: 4e:f3:1e:33:45:5d:49:59:90:6a:3a:9b:a6:7e:49: 4f:32:34:a3:e6:88:c9:cc:ca:5c:8a:a2:8d:22:76: a4:b4:9e:50:1b:4d:aa:0c:a3:38:bc:fd:28:f3:68: c9:47:68:1a:a4:70:32:96:52:8a:df:cb:13:18:4a: 3e:cf:b8:1b:7c:c3:21:ca:36:1d:8c:2a:dc:a0:8a: 0b:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:0A:9F:78:32:29:42:A4:D8:DA:A5:DD:76:FF:91:9A:43:AC:48:1C X509v3 Authority Key Identifier: keyid:7C:45:67:2F:C4:2B:DD:33:E5:45:33:8A:74:17:E8:17:1A:04:EE:3F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fEVnL8Qr3TPlRTOKdBfoFxoE7j8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/oQqfeDIpQqTY2qXddv-RmkOsSBw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/fEVnL8Qr3TPlRTOKdBfoFxoE7j8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.131.200.0/24 185.197.211.0/24 IPv6: 2a0c:1bc0::/29 Signature Algorithm: sha256WithRSAEncryption 38:c4:9b:5c:a8:53:12:8c:ff:b3:53:bf:2d:42:17:b1:9e:f6: 13:7d:84:5e:ed:b7:79:36:eb:36:70:84:ed:be:e7:4a:53:09: 0a:1b:93:4e:82:60:24:ce:e7:e9:aa:0f:c4:b7:14:40:66:f5: e9:75:bf:3f:d7:73:dc:92:b4:47:d9:dd:98:bd:19:38:ab:a9: b4:5c:9c:0e:de:42:ed:ee:55:4f:95:98:e1:31:21:42:82:9e: 09:eb:b3:e5:42:25:c3:3d:5d:df:01:ea:9c:ea:3d:cb:96:bf: c0:7a:2b:32:a1:e9:af:31:41:ed:c1:02:c2:18:d7:2e:a4:3e: 88:ae:58:0c:a3:cd:ee:a8:60:eb:ef:4a:ca:00:6c:02:e7:4b: 13:b4:51:2d:5f:6b:bb:16:9c:39:24:4b:24:ca:c1:53:f5:de: 8e:d1:9f:fe:ec:59:3d:f5:57:e4:7a:bb:3f:b0:79:4d:9a:fa: 3b:41:1d:ce:a0:25:3f:c5:61:95:2b:c5:be:db:e0:16:5e:2d: d5:e0:5b:bd:90:83:cb:8b:62:10:6e:c9:19:87:0a:38:f6:34: 37:92:05:ba:5f:ae:ea:43:5b:91:6a:12:e1:32:c0:eb:5b:38: 92:fe:b7:13:05:9b:cd:cd:5e:ec:36:09:e9:b8:75:52:d0:29: ce:69:b4:41 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt8gLIpQHsoiZ1mNoPmSL8VMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdjNDU2NzJmYzQyYmRkMzNlNTQ1MzM4YTc0MTdlODE3MWEw NGVlM2YwHhcNMjYwMTAyMDIxOTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMTBhOWY3ODMyMjk0MmE0ZDhkYWE1ZGQ3NmZmOTE5YTQzYWM0ODFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZ8o1t64q4DoFyaa2Gf1kQrf7X0z F2qmSifXwlbpogfdKL1tfyYHH3FdIU4pONVFR8JVtG/8fyDSsm5HIny6GDB5PSrK oXlaaAZ//1idxRnfHSoOkKjfOMicw72/OQpecZ94J7lrZEeIHgm/mJg1BrTxwhfu d+E1XcdCknw4ghxkBa2L1l65WB4CmGRJQVmGfvNpwh3sE4XmzAG1480sTN6/jhkW zZ1tS+1dXnzYdWxq+BRO8x4zRV1JWZBqOpumfklPMjSj5ojJzMpciqKNInaktJ5Q G02qDKM4vP0o82jJR2gapHAyllKK38sTGEo+z7gbfMMhyjYdjCrcoIoLuwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFKEKn3gyKUKk2Nql3Xb/kZpDrEgcMB8GA1UdIwQY MBaAFHxFZy/EK90z5UUzinQX6BcaBO4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZkVWbkw4UXIzVFBsUlRPS2RCZm9GeG9FN2o4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8wOGFmMjItZmZjOS00YzFiLWE5ZDct OTRiZWRiNWQwMzM0LzEvb1FxZmVESXBRcVRZMnFYZGR2LVJta09zU0J3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC8wOGFmMjItZmZjOS00YzFiLWE5ZDctOTRiZWRiNWQwMzM0 LzEvZkVWbkw4UXIzVFBsUlRPS2RCZm9GeG9FN2o4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuYPIAwQA ucXTMA0EAgACMAcDBQMqDBvAMA0GCSqGSIb3DQEBCwUAA4IBAQA4xJtcqFMSjP+z U78tQhexnvYTfYRe7bd5Nus2cITtvudKUwkKG5NOgmAkzufpqg/EtxRAZvXpdb8/ 13PckrRH2d2YvRk4q6m0XJwO3kLt7lVPlZjhMSFCgp4J67PlQiXDPV3fAeqc6j3L lr/AeisyoemvMUHtwQLCGNcupD6IrlgMo83uqGDr70rKAGwC50sTtFEtX2u7Fpw5 JEskysFT9d6O0Z/+7Fk99Vfkers/sHlNmvo7QR3OoCU/xWGVK8W+2+AWXi3V4Fu9 kIPLi2IQbskZhwo49jQ3kgW6X67qQ1uRahLhMsDrWziS/rcTBZvNzV7sNgnpuHVS 0CnOabRB -----END CERTIFICATE-----Generated at Mon Jan 26 00:14:30 2026 by rpki-client