This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/ONTD94tSJf9fXNFkDmqJFPova7w.roa File: ONTD94tSJf9fXNFkDmqJFPova7w.roa (raw, json) Hash identifier: 8CmLbDXa7VHHQi3WVp6sd9eSv+T7qFC0aCMYD3kLfU8= Subject key identifier: 38:D4:C3:F7:8B:52:25:FF:5F:5C:D1:64:0E:6A:89:14:FA:2F:6B:BC Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52 Certificate serial: 019B77C68414345943A7835CDB9A8DC43FD8 Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/ONTD94tSJf9fXNFkDmqJFPova7w.roa Signing time: Thu 01 Jan 2026 04:17:37 +0000 ROA not before: Thu 01 Jan 2026 04:17:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 36623 IP address blocks: 81.19.195.30/32 maxlen: 32 81.19.195.31/32 maxlen: 32 185.100.0.53/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:84:14:34:59:43:a7:83:5c:db:9a:8d:c4:3f:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52 Validity Not Before: Jan 1 04:17:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=38d4c3f78b5225ff5f5cd1640e6a8914fa2f6bbc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:7b:de:a6:d5:0c:d3:f4:61:2e:fd:db:70:0d: 39:02:fa:c4:d5:ae:7e:fa:64:0b:52:23:61:39:47: 84:63:8d:a2:44:63:bf:ae:1d:f8:1a:b1:a8:0a:18: 6d:a0:17:3b:e2:71:f3:9a:3d:4f:0c:10:bb:92:d0: 91:e1:fd:f8:20:c9:7c:d9:a6:37:8a:03:3b:33:df: 77:f9:26:87:35:0f:d1:ab:ba:4a:87:06:12:5f:95: 62:3e:e2:ce:b7:d0:24:d2:89:b8:62:52:f0:12:ce: 50:db:a0:f8:40:a7:98:14:f8:83:d0:8e:c0:30:43: 43:4b:b2:d8:0d:26:cc:62:34:1e:fe:fc:90:81:29: de:3a:c1:27:dd:9e:ff:19:f9:c8:bf:23:e1:ff:ee: e4:ff:81:8c:db:52:81:c4:dd:df:b4:69:fb:f0:8d: ea:a0:79:95:31:92:73:14:29:62:d1:ea:45:a9:d6: 0a:3d:74:21:a5:6e:46:18:4a:6e:86:71:86:f6:32: 65:b4:58:c1:b0:f6:0e:03:7e:f1:32:a8:f7:74:0d: 5d:a5:3f:50:13:8a:d0:58:6f:82:02:17:f6:83:1c: 11:3f:a6:08:da:fd:d7:7d:b6:41:ef:16:5a:98:b1: 36:c8:54:70:75:6e:dd:7e:05:27:8d:30:52:88:79: 74:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:D4:C3:F7:8B:52:25:FF:5F:5C:D1:64:0E:6A:89:14:FA:2F:6B:BC X509v3 Authority Key Identifier: keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/ONTD94tSJf9fXNFkDmqJFPova7w.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.19.195.30/31 185.100.0.53/32 Signature Algorithm: sha256WithRSAEncryption 9c:13:e2:25:0e:b6:1d:42:a0:b3:26:97:3d:23:7c:fb:40:01: 1c:03:51:38:45:a4:44:21:28:b1:82:f1:37:d3:4c:3c:df:ad: 32:12:6c:d3:8a:bf:60:53:4c:a1:8d:d6:04:b1:23:a3:4e:6e: 0e:38:db:2a:c1:e9:10:25:ff:ba:ce:93:ad:93:af:8d:7f:a4: 06:8d:de:69:e3:20:fb:08:13:39:63:ee:25:37:78:fb:6f:32: 95:e7:4c:e3:9b:d2:e5:52:75:47:7a:54:18:34:2d:5d:be:01: fd:b2:8c:a9:bc:27:3a:8a:66:e0:25:b3:e2:98:cf:83:26:50: e7:81:44:58:82:c3:53:a7:09:9c:c8:53:be:2d:93:68:33:ab: e1:8f:18:eb:98:3e:21:df:89:de:83:fa:53:bf:c6:ba:5f:44: 16:6e:ba:5a:1c:4e:47:d9:ac:58:12:fd:4e:ab:72:d3:41:14: 71:11:5a:c6:08:b1:35:6a:a3:46:ef:93:fb:b4:3d:99:75:60: c5:08:aa:d7:91:f7:36:5b:80:16:15:a9:87:54:5e:06:c9:b4: 48:e6:99:1a:6c:ce:6f:a8:c3:41:df:92:60:87:98:13:4f:6d: fc:b3:8a:2e:37:a6:c5:ed:be:c1:71:93:62:ba:d9:4c:d8:c2: c2:a9:df:4a -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt3xoQUNFlDp4Nc25qNxD/YMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl MDZkNTIwHhcNMjYwMTAxMDQxNzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzOGQ0YzNmNzhiNTIyNWZmNWY1Y2QxNjQwZTZhODkxNGZhMmY2YmJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2nveptUM0/RhLv3bcA05AvrE1a5+ +mQLUiNhOUeEY42iRGO/rh34GrGoChhtoBc74nHzmj1PDBC7ktCR4f34IMl82aY3 igM7M993+SaHNQ/Rq7pKhwYSX5ViPuLOt9Ak0om4YlLwEs5Q26D4QKeYFPiD0I7A MENDS7LYDSbMYjQe/vyQgSneOsEn3Z7/GfnIvyPh/+7k/4GM21KBxN3ftGn78I3q oHmVMZJzFCli0epFqdYKPXQhpW5GGEpuhnGG9jJltFjBsPYOA37xMqj3dA1dpT9Q E4rQWG+CAhf2gxwRP6YI2v3XfbZB7xZamLE2yFRwdW7dfgUnjTBSiHl0EwIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFDjUw/eLUiX/X1zRZA5qiRT6L2u8MB8GA1UdIwQY MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt MzZjY2I1YTA2MTk1LzEvT05URDk0dFNKZjlmWE5Ga0RtcUpGUG92YTd3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1 LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF ALlkADUwDQYJKoZIhvcNAQELBQADggEBAJwT4iUOth1CoLMmlz0jfPtAARwDUThF pEQhKLGC8TfTTDzfrTISbNOKv2BTTKGN1gSxI6NObg442yrB6RAl/7rOk62Tr41/ pAaN3mnjIPsIEzlj7iU3ePtvMpXnTOOb0uVSdUd6VBg0LV2+Af2yjKm8JzqKZuAl s+KYz4MmUOeBRFiCw1OnCZzIU74tk2gzq+GPGOuYPiHfid6D+lO/xrpfRBZuuloc TkfZrFgS/U6rctNBFHERWsYIsTVqo0bvk/u0PZl1YMUIqteR9zZbgBYVqYdUXgbJ tEjmmRpszm+ow0HfkmCHmBNPbfyzii43psXtvsFxk2K62UzYwsKp30o= -----END CERTIFICATE-----Generated at Mon Jan 26 00:37:35 2026 by rpki-client