This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/OrYOImn3NtSbw6j1q7F4tyMDONo.roa File: OrYOImn3NtSbw6j1q7F4tyMDONo.roa (raw, json) Hash identifier: AOiTTEt/7wPiwgX5uzbI7/3KraGUZvwfK+uoiywXaUk= Subject key identifier: 3A:B6:0E:22:69:F7:36:D4:9B:C3:A8:F5:AB:B1:78:B7:23:03:38:DA Certificate issuer: /CN=06bd30ac3561a1df7fc6b296bf9d29dd5581f1ee Certificate serial: 019B7D5BFF023CA9772920BFA3C146576710 Authority key identifier: 06:BD:30:AC:35:61:A1:DF:7F:C6:B2:96:BF:9D:29:DD:55:81:F1:EE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Br0wrDVhod9_xrKWv50p3VWB8e4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/OrYOImn3NtSbw6j1q7F4tyMDONo.roa Signing time: Fri 02 Jan 2026 06:18:59 +0000 ROA not before: Fri 02 Jan 2026 06:18:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60929 IP address blocks: 185.23.152.0/22 maxlen: 22 185.23.152.0/24 maxlen: 24 185.23.153.0/24 maxlen: 24 185.23.154.0/24 maxlen: 24 185.23.155.0/24 maxlen: 24 2a00:6e20::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/Br0wrDVhod9_xrKWv50p3VWB8e4.crl rsync://rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/Br0wrDVhod9_xrKWv50p3VWB8e4.mft rsync://rpki.ripe.net/repository/DEFAULT/Br0wrDVhod9_xrKWv50p3VWB8e4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5b:ff:02:3c:a9:77:29:20:bf:a3:c1:46:57:67:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=06bd30ac3561a1df7fc6b296bf9d29dd5581f1ee Validity Not Before: Jan 2 06:18:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3ab60e2269f736d49bc3a8f5abb178b7230338da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:87:e4:00:be:e8:45:ed:76:27:5b:e9:ac:93: 81:01:63:6a:f2:9f:55:f1:76:f8:79:a3:fa:91:cf: da:0a:de:fe:d7:7c:44:c3:a7:45:85:92:45:bf:ee: dd:3a:d7:86:85:0e:1d:0e:16:95:5f:1a:62:13:bf: f0:d7:f4:d0:42:da:71:0b:26:ff:73:03:5b:09:a8: 49:20:56:a2:9f:8a:aa:78:c4:0b:f8:c2:89:c5:2b: 15:0b:e9:e8:4d:c9:b5:bc:ba:f3:cc:6e:b2:24:09: c4:27:a4:03:d6:d1:b9:d8:79:f8:f3:57:de:d9:cb: bd:e6:ef:53:14:6b:51:ce:9d:b8:e9:ce:cf:4b:4e: 09:d1:94:0c:5d:26:7e:a9:a0:1b:ff:54:2c:e1:2a: fd:be:eb:bf:cd:da:19:43:67:c4:8e:60:1d:a7:e8: 9f:54:cc:5d:bc:c2:69:9a:22:f6:0f:04:07:6e:d9: b8:27:82:24:6d:1a:32:09:75:5d:65:18:9a:7f:04: 18:34:bf:79:c2:da:68:2a:27:78:60:1e:2f:77:42: f8:a5:b0:f7:2f:12:37:ef:f1:bd:61:bd:2e:f5:bd: 12:4f:51:83:9e:a7:30:44:1f:27:91:50:1f:f0:27: 25:4c:ce:e5:06:f4:cb:25:d8:db:f0:bd:9d:21:7c: c3:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:B6:0E:22:69:F7:36:D4:9B:C3:A8:F5:AB:B1:78:B7:23:03:38:DA X509v3 Authority Key Identifier: keyid:06:BD:30:AC:35:61:A1:DF:7F:C6:B2:96:BF:9D:29:DD:55:81:F1:EE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Br0wrDVhod9_xrKWv50p3VWB8e4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/OrYOImn3NtSbw6j1q7F4tyMDONo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/Br0wrDVhod9_xrKWv50p3VWB8e4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.23.152.0/22 IPv6: 2a00:6e20::/32 Signature Algorithm: sha256WithRSAEncryption 5d:a0:c1:41:9d:1e:b7:2f:8e:a5:73:4e:a5:7c:73:65:18:ad: f0:21:d6:af:88:ec:69:26:fb:fa:10:1a:36:7c:63:88:37:cd: a4:83:1a:f9:ad:e9:22:64:ca:86:81:a5:49:c2:4a:57:ef:40: 88:86:19:b8:a6:2f:6b:48:d3:02:1c:89:cf:73:70:2d:de:90: c3:34:cb:65:f6:dd:e0:bb:ed:2e:19:19:41:2d:fc:63:67:af: ee:81:69:84:6a:80:5d:ae:25:20:45:f7:7e:a6:ef:6a:2b:bf: ed:0e:f4:b2:90:0d:66:3e:41:c1:51:6c:11:11:7f:23:26:95: af:dc:92:bf:4c:91:e3:02:25:cd:c7:f4:50:5d:11:9e:e0:e9: c1:b0:ee:94:37:2b:8e:bc:7a:de:d6:64:0c:67:ef:b3:19:5a: c7:2b:52:4c:a7:45:45:bf:c2:4a:9c:3f:10:79:98:bb:88:d6: 33:e9:d8:b3:33:39:a3:0d:39:4c:67:c6:80:2f:cd:5e:8a:2e: 8c:37:e7:53:aa:97:3e:59:6b:f3:5b:7f:32:03:df:dc:c1:ec: 05:ba:60:18:c8:44:c9:b9:76:51:d5:4f:86:c2:18:26:b7:97: 6a:cf:84:b1:01:14:67:7a:6f:14:97:e1:54:66:33:6e:e8:68: 71:d5:51:e3 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt9W/8CPKl3KSC/o8FGV2cQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA2YmQzMGFjMzU2MWExZGY3ZmM2YjI5NmJmOWQyOWRkNTU4 MWYxZWUwHhcNMjYwMTAyMDYxODU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYWI2MGUyMjY5ZjczNmQ0OWJjM2E4ZjVhYmIxNzhiNzIzMDMzOGRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4fkAL7oRe12J1vprJOBAWNq8p9V 8Xb4eaP6kc/aCt7+13xEw6dFhZJFv+7dOteGhQ4dDhaVXxpiE7/w1/TQQtpxCyb/ cwNbCahJIFain4qqeMQL+MKJxSsVC+noTcm1vLrzzG6yJAnEJ6QD1tG52Hn481fe 2cu95u9TFGtRzp246c7PS04J0ZQMXSZ+qaAb/1Qs4Sr9vuu/zdoZQ2fEjmAdp+if VMxdvMJpmiL2DwQHbtm4J4IkbRoyCXVdZRiafwQYNL95wtpoKid4YB4vd0L4pbD3 LxI37/G9Yb0u9b0ST1GDnqcwRB8nkVAf8CclTM7lBvTLJdjb8L2dIXzD1QIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFDq2DiJp9zbUm8Oo9auxeLcjAzjaMB8GA1UdIwQY MBaAFAa9MKw1YaHff8aylr+dKd1VgfHuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQnIwd3JEVmhvZDlfeHJLV3Y1MHAzVldCOGU0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9hMDFhYjUtODNjMC00ZTE5LTkwOTMt NzkxNzViMTUxYTUyLzEvT3JZT0ltbjNOdFNidzZqMXE3RjR0eU1ET05vLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZi9hMDFhYjUtODNjMC00ZTE5LTkwOTMtNzkxNzViMTUxYTUy LzEvQnIwd3JEVmhvZDlfeHJLV3Y1MHAzVldCOGU0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuReYMA0E AgACMAcDBQAqAG4gMA0GCSqGSIb3DQEBCwUAA4IBAQBdoMFBnR63L46lc06lfHNl GK3wIdaviOxpJvv6EBo2fGOIN82kgxr5rekiZMqGgaVJwkpX70CIhhm4pi9rSNMC HInPc3At3pDDNMtl9t3gu+0uGRlBLfxjZ6/ugWmEaoBdriUgRfd+pu9qK7/tDvSy kA1mPkHBUWwREX8jJpWv3JK/TJHjAiXNx/RQXRGe4OnBsO6UNyuOvHre1mQMZ++z GVrHK1JMp0VFv8JKnD8QeZi7iNYz6dizMzmjDTlMZ8aAL81eii6MN+dTqpc+WWvz W38yA9/cwewFumAYyETJuXZR1U+Gwhgmt5dqz4SxARRnem8Ul+FUZjNu6Ghx1VHj -----END CERTIFICATE-----Generated at Sun Jan 25 17:19:28 2026 by rpki-client