This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/lOhpbDdZVccBf_9FacfF6DZ_Ti4.roa File: lOhpbDdZVccBf_9FacfF6DZ_Ti4.roa (raw, json) Hash identifier: Vu/KbWnW1+bPGuoIZQjr3JGIWAIz/C7xBZPkO8t2inI= Subject key identifier: 94:E8:69:6C:37:59:55:C7:01:7F:FF:45:69:C7:C5:E8:36:7F:4E:2E Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74 Certificate serial: 019B2773A89AC2C5883CCB10D723EA82BCF3 Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/lOhpbDdZVccBf_9FacfF6DZ_Ti4.roa Signing time: Tue 16 Dec 2025 13:57:29 +0000 ROA not before: Tue 16 Dec 2025 13:57:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 206604 IP address blocks: 2a0d:d940:70::/44 maxlen: 48 2a0d:d940:2005::/48 maxlen: 48 2a0d:d940:2007::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.mft rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 17:13:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:27:73:a8:9a:c2:c5:88:3c:cb:10:d7:23:ea:82:bc:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74 Validity Not Before: Dec 16 13:57:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=94e8696c375955c7017fff4569c7c5e8367f4e2e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:bc:5d:ae:be:b9:06:32:10:94:04:ed:e7:f8: c4:5c:57:2a:bf:51:a9:f2:94:fe:49:a0:e9:5a:24: 19:fd:1d:56:79:03:f2:ee:bf:1e:46:69:1f:7b:97: 36:ca:8a:26:dd:16:d2:a6:15:7f:f6:b7:be:8f:4a: a0:30:df:ba:90:0d:bd:b5:69:fa:47:1b:8c:a6:3a: 06:2e:61:35:84:63:79:0e:e8:c2:e5:0c:61:4b:76: 10:d5:ea:38:2d:98:ad:41:b6:23:6e:b7:ba:19:d0: 08:1d:fa:19:72:34:b5:94:c8:3f:aa:42:7b:71:e8: 76:a0:be:1d:8e:08:45:58:10:9e:b8:47:8d:58:cd: bf:52:15:43:f7:44:d9:fc:78:4c:31:74:8f:88:46: 6f:5d:7d:76:b4:c1:91:d0:84:a7:94:56:0e:0b:60: fb:05:61:63:8e:0c:83:b2:6b:8b:f9:ff:55:eb:ca: d8:e4:2b:b9:00:aa:02:15:ab:af:a1:46:6b:52:d6: 0e:69:27:c8:1c:8e:b9:30:33:c3:8c:62:1c:60:d5: a2:af:7d:3b:89:58:7f:7c:67:88:1f:b4:b2:6f:35: f1:6d:68:82:d8:7d:24:f9:90:37:12:1f:f2:b3:68: a9:0c:5c:a3:1b:0b:d3:5a:f8:a6:29:1d:36:e5:55: ac:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:E8:69:6C:37:59:55:C7:01:7F:FF:45:69:C7:C5:E8:36:7F:4E:2E X509v3 Authority Key Identifier: keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/lOhpbDdZVccBf_9FacfF6DZ_Ti4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0d:d940:70::/44 2a0d:d940:2005::/48 2a0d:d940:2007::/48 Signature Algorithm: sha256WithRSAEncryption df:87:a2:4b:1c:f9:60:bd:a5:f6:8a:a6:8b:ef:ad:d5:10:1f: 2b:82:9b:aa:d0:ec:20:bc:52:20:d6:cb:b3:bb:bd:32:b9:98: 49:ac:f3:b8:88:b0:57:b6:60:75:34:7d:4d:c6:c5:58:04:00: 08:c3:99:b5:8c:76:41:18:50:81:bc:4a:af:2b:01:88:35:02: c3:e6:8b:ea:0e:38:b1:87:0b:40:50:4b:f1:c6:d9:c9:cf:ab: 01:7d:42:5c:e6:74:35:d4:e7:e9:3c:f1:62:bb:8c:7e:62:e0: bd:f1:f3:43:de:47:49:ec:9e:62:16:c3:82:65:ba:09:45:61: 0d:43:01:9b:a1:52:8d:1e:06:e7:52:cb:9f:26:c0:4e:27:08: 48:3c:bd:97:10:74:74:44:2c:e5:1e:fc:be:d7:de:a5:45:ba: 4d:b1:a9:bd:93:df:29:97:c8:8e:eb:36:aa:4e:9d:e8:57:f2: f6:10:db:15:0a:50:e6:09:0a:5c:5a:30:6a:c3:26:07:7d:35: 3e:a1:e8:c2:6a:d3:a7:5f:66:10:ea:67:b1:f1:1a:0d:08:95: e4:b5:4e:ed:84:e2:ea:c6:53:bd:1b:d2:a6:80:f5:c0:f9:25: 39:11:fa:e5:0e:1b:69:a3:36:15:bb:c4:83:ed:23:3f:cf:49: ff:2e:51:5b -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZsnc6iawsWIPMsQ1yPqgrzzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj YmJjNzQwHhcNMjUxMjE2MTM1NzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NGU4Njk2YzM3NTk1NWM3MDE3ZmZmNDU2OWM3YzVlODM2N2Y0ZTJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbxdrr65BjIQlATt5/jEXFcqv1Gp 8pT+SaDpWiQZ/R1WeQPy7r8eRmkfe5c2yoom3RbSphV/9re+j0qgMN+6kA29tWn6 RxuMpjoGLmE1hGN5DujC5QxhS3YQ1eo4LZitQbYjbre6GdAIHfoZcjS1lMg/qkJ7 ceh2oL4djghFWBCeuEeNWM2/UhVD90TZ/HhMMXSPiEZvXX12tMGR0ISnlFYOC2D7 BWFjjgyDsmuL+f9V68rY5Cu5AKoCFauvoUZrUtYOaSfIHI65MDPDjGIcYNWir307 iVh/fGeIH7SybzXxbWiC2H0k+ZA3Eh/ys2ipDFyjGwvTWvimKR025VWshwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFJToaWw3WVXHAX//RWnHxeg2f04uMB8GA1UdIwQY MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt MTRkMjM4NTI3ODM1LzEvbE9ocGJEZFpWY2NCZl85RmFjZkY2RFpfVGk0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1 LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKg3ZQABw AwcAKg3ZQCAFAwcAKg3ZQCAHMA0GCSqGSIb3DQEBCwUAA4IBAQDfh6JLHPlgvaX2 iqaL763VEB8rgpuq0OwgvFIg1suzu70yuZhJrPO4iLBXtmB1NH1NxsVYBAAIw5m1 jHZBGFCBvEqvKwGINQLD5ovqDjixhwtAUEvxxtnJz6sBfUJc5nQ11OfpPPFiu4x+ YuC98fND3kdJ7J5iFsOCZboJRWENQwGboVKNHgbnUsufJsBOJwhIPL2XEHR0RCzl Hvy+196lRbpNsam9k98pl8iO6zaqTp3oV/L2ENsVClDmCQpcWjBqwyYHfTU+oejC atOnX2YQ6mex8RoNCJXktU7thOLqxlO9G9KmgPXA+SU5EfrlDhtpozYVu8SD7SM/ z0n/LlFb -----END CERTIFICATE-----Generated at Sat Dec 20 03:21:04 2025 by rpki-client