This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/0zhOlHpaJdqZGNBYjC5tXKokWw0.roa File: 0zhOlHpaJdqZGNBYjC5tXKokWw0.roa (raw, json) Hash identifier: bqToAspOu7YFB5JdKf7AKuH2bS00lDEY1+9fIwnYmQY= Subject key identifier: D3:38:4E:94:7A:5A:25:DA:99:18:D0:58:8C:2E:6D:5C:AA:24:5B:0D Certificate issuer: /CN=4b98127943e7175734964010c89ef821416a31b3 Certificate serial: 019B9D661F6F0DF24B3AF6A205FD8E520D56 Authority key identifier: 4B:98:12:79:43:E7:17:57:34:96:40:10:C8:9E:F8:21:41:6A:31:B3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/0zhOlHpaJdqZGNBYjC5tXKokWw0.roa Signing time: Thu 08 Jan 2026 11:37:54 +0000 ROA not before: Thu 08 Jan 2026 11:37:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 0 IP address blocks: 31.99.64.0/18 maxlen: 18 31.99.128.0/18 maxlen: 18 31.99.200.0/21 maxlen: 21 31.99.208.0/20 maxlen: 20 31.99.224.0/19 maxlen: 19 178.106.0.0/16 maxlen: 16 178.107.32.0/19 maxlen: 19 178.107.64.0/18 maxlen: 18 185.102.192.0/22 maxlen: 22 185.102.196.0/22 maxlen: 22 185.102.200.0/22 maxlen: 22 194.36.212.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/S5gSeUPnF1c0lkAQyJ74IUFqMbM.crl rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/S5gSeUPnF1c0lkAQyJ74IUFqMbM.mft rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:9d:66:1f:6f:0d:f2:4b:3a:f6:a2:05:fd:8e:52:0d:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4b98127943e7175734964010c89ef821416a31b3 Validity Not Before: Jan 8 11:37:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d3384e947a5a25da9918d0588c2e6d5caa245b0d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:71:81:ea:4d:b9:59:01:ef:ab:ec:c8:ef:bf: 95:d6:01:4f:42:22:1f:de:6c:eb:61:da:a3:b2:e1: 4c:f7:f5:3e:df:86:d8:4e:43:a1:62:1e:37:60:f2: 3b:d0:c0:1b:ef:fc:da:72:eb:61:c7:7b:3b:25:40: 3e:44:4a:48:33:fa:79:43:e4:76:7d:ca:35:9d:4d: f3:12:5d:fb:63:5c:e7:62:27:0a:22:4c:9f:61:66: e4:9b:c0:1e:18:78:68:ba:8f:71:39:97:5a:31:97: 2e:a7:f4:0d:6b:a9:1f:5f:09:1f:de:7a:20:3d:da: 62:1b:74:c1:80:87:03:9d:56:07:d2:c9:11:4a:72: f1:85:ae:8a:07:e7:69:48:24:cb:12:61:12:bb:eb: e6:b3:57:77:dd:47:22:20:5c:49:9b:63:60:38:11: 07:cb:64:f4:5e:10:67:f7:71:7a:21:98:b4:ad:3a: 54:a7:24:50:6c:e2:bf:7c:3c:88:d5:a3:0d:d6:ab: ca:dd:57:ec:61:74:0e:3e:07:f7:dd:8a:67:8b:be: d6:eb:4d:57:4d:79:c1:a1:f0:27:53:f0:5d:31:68: bb:8c:60:86:37:63:17:6d:b5:61:18:73:61:45:fa: 3a:c1:a4:25:c1:4c:b1:2b:8e:f9:62:41:94:13:c0: 0b:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:38:4E:94:7A:5A:25:DA:99:18:D0:58:8C:2E:6D:5C:AA:24:5B:0D X509v3 Authority Key Identifier: keyid:4B:98:12:79:43:E7:17:57:34:96:40:10:C8:9E:F8:21:41:6A:31:B3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/0zhOlHpaJdqZGNBYjC5tXKokWw0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/S5gSeUPnF1c0lkAQyJ74IUFqMbM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.99.64.0-31.99.191.255 31.99.200.0-31.99.255.255 178.106.0.0/16 178.107.32.0-178.107.127.255 185.102.192.0-185.102.203.255 194.36.212.0/22 Signature Algorithm: sha256WithRSAEncryption 41:d0:91:08:85:52:7a:a8:61:13:28:e5:26:a6:f7:c1:1a:a6: 6c:9a:29:ff:fc:82:f3:15:1a:a8:69:67:d9:26:f9:5c:48:3a: dd:29:44:16:34:77:6c:da:8d:6d:88:95:22:5e:24:17:e9:70: 05:fc:33:0c:fe:0b:bb:a1:5c:f2:1c:42:85:3e:89:8a:c7:aa: da:b5:51:bf:8b:e5:fa:9a:85:00:e2:41:b3:e1:ab:75:43:a2: ba:7e:42:86:09:a7:97:a5:1d:de:b9:25:6a:fb:77:e6:18:85: cd:06:c9:b9:d0:77:83:6f:ce:60:31:3d:24:57:6d:a2:d4:c1: 30:1a:e2:dc:66:2f:56:44:8b:94:3b:cf:0d:48:50:bf:74:e1: 83:19:21:54:d6:88:b6:2f:90:41:bb:68:26:a4:82:31:fc:ee: 41:5b:09:c0:c8:3d:6a:22:5e:f6:74:fa:8f:f2:9b:d5:17:d2: 91:3b:cf:62:c3:1f:7c:b5:c5:5d:13:cb:39:d4:72:ad:f3:ad: ef:fb:df:28:41:30:24:10:d8:0d:66:9f:ce:d4:d0:65:52:20: bd:68:c0:5f:cc:8e:70:d4:f1:9c:10:b0:93:5e:9c:7f:22:9b: 4b:c1:f7:25:03:88:76:fe:11:08:7f:03:4a:7e:55:fa:71:18: ed:c5:d6:f5 -----BEGIN CERTIFICATE----- MIIFOTCCBCGgAwIBAgISAZudZh9vDfJLOvaiBf2OUg1WMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRiOTgxMjc5NDNlNzE3NTczNDk2NDAxMGM4OWVmODIxNDE2 YTMxYjMwHhcNMjYwMTA4MTEzNzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMzM4NGU5NDdhNWEyNWRhOTkxOGQwNTg4YzJlNmQ1Y2FhMjQ1YjBkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHGB6k25WQHvq+zI77+V1gFPQiIf 3mzrYdqjsuFM9/U+34bYTkOhYh43YPI70MAb7/zacuthx3s7JUA+REpIM/p5Q+R2 fco1nU3zEl37Y1znYicKIkyfYWbkm8AeGHhouo9xOZdaMZcup/QNa6kfXwkf3nog PdpiG3TBgIcDnVYH0skRSnLxha6KB+dpSCTLEmESu+vms1d33UciIFxJm2NgOBEH y2T0XhBn93F6IZi0rTpUpyRQbOK/fDyI1aMN1qvK3VfsYXQOPgf33Ypni77W601X TXnBofAnU/BdMWi7jGCGN2MXbbVhGHNhRfo6waQlwUyxK475YkGUE8ALeQIDAQAB o4ICRTCCAkEwHQYDVR0OBBYEFNM4TpR6WiXamRjQWIwubVyqJFsNMB8GA1UdIwQY MBaAFEuYEnlD5xdXNJZAEMie+CFBajGzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUzVnU2VVUG5GMWMwbGtBUXlKNzRJVUZxTWJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mMjBkZjMtMjc1My00MzUzLWE2Njgt NjIxNzkyZjdlNTZhLzEvMHpoT2xIcGFKZHFaR05CWWpDNXRYS29rV3cwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOC9mMjBkZjMtMjc1My00MzUzLWE2NjgtNjIxNzkyZjdlNTZh LzEvUzVnU2VVUG5GMWMwbGtBUXlKNzRJVUZxTWJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCMAwDBAYfY0AD BAYfY4AwCwMEAx9jyAMDAh9gAwMAsmowDAMEBbJrIAMEB7JrADAMAwQGuWbAAwQC uWbIAwQCwiTUMA0GCSqGSIb3DQEBCwUAA4IBAQBB0JEIhVJ6qGETKOUmpvfBGqZs min//ILzFRqoaWfZJvlcSDrdKUQWNHds2o1tiJUiXiQX6XAF/DMM/gu7oVzyHEKF PomKx6ratVG/i+X6moUA4kGz4at1Q6K6fkKGCaeXpR3euSVq+3fmGIXNBsm50HeD b85gMT0kV22i1MEwGuLcZi9WRIuUO88NSFC/dOGDGSFU1oi2L5BBu2gmpIIx/O5B WwnAyD1qIl72dPqP8pvVF9KRO89iwx98tcVdE8s51HKt863v+98oQTAkENgNZp/O 1NBlUiC9aMBfzI5w1PGcELCTXpx/IptLwfclA4h2/hEIfwNKflX6cRjtxdb1 -----END CERTIFICATE-----Generated at Sun Jan 25 16:28:13 2026 by rpki-client