This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/oPTsHymLci7fd09NsvXBq7O6RPk.roa File: oPTsHymLci7fd09NsvXBq7O6RPk.roa (raw, json) Hash identifier: LFrx4cQED0mzFhJ5bZEMbk7u2JP9cJJqjo6hpAnRfYc= Subject key identifier: A0:F4:EC:1F:29:8B:72:2E:DF:77:4F:4D:B2:F5:C1:AB:B3:BA:44:F9 Certificate issuer: /CN=af09503fcac01769515a19f2dc2657d92fd350df Certificate serial: 019B7E38CF167CDD68F0C036D3590A3F3A22 Authority key identifier: AF:09:50:3F:CA:C0:17:69:51:5A:19:F2:DC:26:57:D9:2F:D3:50:DF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rwlQP8rAF2lRWhny3CZX2S_TUN8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/oPTsHymLci7fd09NsvXBq7O6RPk.roa Signing time: Fri 02 Jan 2026 10:20:10 +0000 ROA not before: Fri 02 Jan 2026 10:20:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 553 IP address blocks: 141.10.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.crl rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.mft rsync://rpki.ripe.net/repository/DEFAULT/rwlQP8rAF2lRWhny3CZX2S_TUN8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Feb 2026 21:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:cf:16:7c:dd:68:f0:c0:36:d3:59:0a:3f:3a:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af09503fcac01769515a19f2dc2657d92fd350df Validity Not Before: Jan 2 10:20:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a0f4ec1f298b722edf774f4db2f5c1abb3ba44f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:ef:3f:76:c9:47:1f:0b:f5:f3:62:7b:e9:a1: b6:72:d7:53:e5:3e:a3:07:9d:dc:0d:e9:73:65:9a: 7c:18:5c:56:24:2a:0a:e8:36:28:1d:09:56:b8:e0: 41:2f:aa:b1:ab:08:44:b3:08:3e:37:b5:2a:52:02: 0f:a3:27:a4:a3:2a:84:cd:ee:d9:cd:02:2d:35:3a: d2:4f:12:7e:29:4f:60:9a:12:73:2f:66:15:c3:41: 98:83:2f:b8:21:7b:3d:32:c0:2e:39:56:6b:dd:fe: 4a:11:50:4e:00:86:34:22:2f:09:df:32:67:e5:d1: 28:0e:bd:94:99:e1:28:04:b6:30:ed:90:be:6b:4d: ac:8f:e3:fc:d5:21:f3:43:0f:90:14:c8:ba:d0:3b: 72:e4:5f:2c:66:70:fe:b3:77:f6:02:2b:fb:81:2b: df:ba:98:cd:dc:da:30:cb:01:c6:cc:5a:38:73:71: d0:72:2b:57:89:df:bf:ce:23:20:6a:28:01:19:d5: 50:4e:73:a4:b8:02:5e:97:33:53:0a:84:9d:ec:fc: b8:1d:ca:34:59:b2:ef:8b:f4:1a:ba:3c:2b:07:ef: cc:94:4e:06:af:bd:d8:f4:d1:5a:0e:82:37:d8:6b: 2d:5a:eb:f3:42:a9:23:4d:df:28:bb:62:97:b5:4f: 7a:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:F4:EC:1F:29:8B:72:2E:DF:77:4F:4D:B2:F5:C1:AB:B3:BA:44:F9 X509v3 Authority Key Identifier: keyid:AF:09:50:3F:CA:C0:17:69:51:5A:19:F2:DC:26:57:D9:2F:D3:50:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rwlQP8rAF2lRWhny3CZX2S_TUN8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/oPTsHymLci7fd09NsvXBq7O6RPk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 141.10.0.0/16 Signature Algorithm: sha256WithRSAEncryption 03:37:f9:90:67:ef:c4:b2:bd:f9:49:0e:16:84:7c:27:9f:c0: 0c:62:58:0b:1a:ee:0c:80:45:67:4b:1c:4f:4e:a2:2d:bd:98: 5f:e7:22:6a:c8:09:de:e7:6a:17:00:9f:21:61:db:4d:d4:2a: 96:05:da:c2:74:a2:df:9b:fc:dc:cc:ab:d9:77:79:eb:9c:5d: 3d:9a:75:88:57:69:54:05:24:6d:8b:77:da:99:59:b0:8c:91: cf:e9:61:87:4c:a1:9a:db:9a:c5:24:69:20:66:06:1b:95:d7: 32:38:84:c9:ef:4c:40:6b:08:d6:fb:11:c7:f0:d8:a7:36:8c: 7d:40:94:d9:c9:28:83:da:5a:64:29:b2:91:7a:e8:88:08:7e: 53:f6:b0:28:9c:78:40:f3:f7:d9:d5:bb:63:14:93:29:e6:0d: 6a:11:be:5e:00:69:29:cc:c0:68:7e:06:8d:0f:65:64:20:f6: 8e:0b:c4:1b:a5:e6:c8:1f:55:32:4c:3a:86:ce:92:8e:ae:cc: d4:ac:af:36:89:8b:a6:c6:36:5c:59:8f:84:33:7d:ab:47:dc: 2f:12:09:23:15:00:26:65:9e:a1:3e:20:6e:81:0e:2b:86:f5: 22:33:5e:80:fb:1a:78:7d:2d:04:c7:bf:69:c4:db:eb:db:aa: 89:9d:cc:a6 -----BEGIN CERTIFICATE----- MIIE/DCCA+SgAwIBAgISAZt+OM8WfN1o8MA201kKPzoiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmMDk1MDNmY2FjMDE3Njk1MTVhMTlmMmRjMjY1N2Q5MmZk MzUwZGYwHhcNMjYwMTAyMTAyMDEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMGY0ZWMxZjI5OGI3MjJlZGY3NzRmNGRiMmY1YzFhYmIzYmE0NGY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2e8/dslHHwv182J76aG2ctdT5T6j B53cDelzZZp8GFxWJCoK6DYoHQlWuOBBL6qxqwhEswg+N7UqUgIPoyekoyqEze7Z zQItNTrSTxJ+KU9gmhJzL2YVw0GYgy+4IXs9MsAuOVZr3f5KEVBOAIY0Ii8J3zJn 5dEoDr2UmeEoBLYw7ZC+a02sj+P81SHzQw+QFMi60Dty5F8sZnD+s3f2Aiv7gSvf upjN3NowywHGzFo4c3HQcitXid+/ziMgaigBGdVQTnOkuAJelzNTCoSd7Py4Hco0 WbLvi/QaujwrB+/MlE4Gr73Y9NFaDoI32GstWuvzQqkjTd8ou2KXtU96rwIDAQAB o4ICCDCCAgQwHQYDVR0OBBYEFKD07B8pi3Iu33dPTbL1wauzukT5MB8GA1UdIwQY MBaAFK8JUD/KwBdpUVoZ8twmV9kv01DfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcndsUVA4ckFGMmxSV2hueTNDWlgyU19UVU44LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8wZDEwODktZDk2Ny00M2I1LWJjMzAt MTc1MDJkM2RmOTVmLzEvb1BUc0h5bUxjaTdmZDA5TnN2WEJxN082UlBrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yy8wZDEwODktZDk2Ny00M2I1LWJjMzAtMTc1MDJkM2RmOTVm LzEvcndsUVA4ckFGMmxSV2hueTNDWlgyU19UVU44LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjQowDQYJ KoZIhvcNAQELBQADggEBAAM3+ZBn78SyvflJDhaEfCefwAxiWAsa7gyARWdLHE9O oi29mF/nImrICd7nahcAnyFh203UKpYF2sJ0ot+b/NzMq9l3eeucXT2adYhXaVQF JG2Ld9qZWbCMkc/pYYdMoZrbmsUkaSBmBhuV1zI4hMnvTEBrCNb7Ecfw2Kc2jH1A lNnJKIPaWmQpspF66IgIflP2sCiceEDz99nVu2MUkynmDWoRvl4AaSnMwGh+Bo0P ZWQg9o4LxBul5sgfVTJMOobOko6uzNSsrzaJi6bGNlxZj4QzfatH3C8SCSMVACZl nqE+IG6BDiuG9SIzXoD7Gnh9LQTHv2nE2+vbqomdzKY= -----END CERTIFICATE-----Generated at Mon Feb 2 08:05:13 2026 by rpki-client