This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/998a1d-3095-4643-873d-d8c950cacab5/1/osfEs2cq4Y3e4u7ONEj-2qqGCag.roa File: osfEs2cq4Y3e4u7ONEj-2qqGCag.roa (raw, json) Hash identifier: Xacw/yDD8Q2YywhQyavmFIysSR1p4RioONJPWWgqSEE= Subject key identifier: A2:C7:C4:B3:67:2A:E1:8D:DE:E2:EE:CE:34:48:FE:DA:AA:86:09:A8 Certificate issuer: /CN=a72472c3f004b0b71f118e872b9838a4e0c721c7 Certificate serial: 019B79103E5DBBDB1209BDA3C1E2311880B8 Authority key identifier: A7:24:72:C3:F0:04:B0:B7:1F:11:8E:87:2B:98:38:A4:E0:C7:21:C7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pyRyw_AEsLcfEY6HK5g4pODHIcc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/998a1d-3095-4643-873d-d8c950cacab5/1/osfEs2cq4Y3e4u7ONEj-2qqGCag.roa Signing time: Thu 01 Jan 2026 10:17:46 +0000 ROA not before: Thu 01 Jan 2026 10:17:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15830 IP address blocks: 158.120.254.0/24 maxlen: 24 2001:678:d48::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/998a1d-3095-4643-873d-d8c950cacab5/1/pyRyw_AEsLcfEY6HK5g4pODHIcc.crl rsync://rpki.ripe.net/repository/DEFAULT/de/998a1d-3095-4643-873d-d8c950cacab5/1/pyRyw_AEsLcfEY6HK5g4pODHIcc.mft rsync://rpki.ripe.net/repository/DEFAULT/pyRyw_AEsLcfEY6HK5g4pODHIcc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 21:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:3e:5d:bb:db:12:09:bd:a3:c1:e2:31:18:80:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a72472c3f004b0b71f118e872b9838a4e0c721c7 Validity Not Before: Jan 1 10:17:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a2c7c4b3672ae18ddee2eece3448fedaaa8609a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:6a:0b:40:e9:6c:40:7b:e6:58:70:90:9d:6a: 34:01:bb:c3:02:3c:23:c3:df:a8:6d:95:d9:b5:26: f3:e0:a2:78:01:74:11:4d:51:fa:77:33:31:0d:c2: 7c:33:7a:4b:f9:8f:f2:10:19:56:05:25:69:bd:7e: 80:1c:45:92:46:b1:d9:f2:71:95:a9:2d:9a:eb:6c: 2c:71:05:77:55:34:a1:c5:ce:cc:6d:11:39:c2:0f: a4:fd:4d:a7:b7:26:b1:f1:3c:1f:b9:fe:96:8c:e0: 38:7d:cc:2c:82:a6:bb:ca:6d:cf:72:24:94:cc:82: 5f:70:23:27:e9:81:9b:d3:6a:3c:34:83:3a:bc:2e: 33:ea:95:51:a6:b5:7c:03:6e:70:be:8c:7a:3a:cd: 25:d7:b2:38:72:1f:19:46:34:e5:be:01:3a:ad:b9: 81:e5:f6:60:f8:3d:7c:49:2f:f0:a1:41:cf:9e:50: b8:4f:7a:9c:b7:44:49:d5:b3:77:d7:92:d3:dc:62: bc:25:df:d0:5b:7d:7d:f6:1d:03:54:73:ac:dc:00: f5:20:4c:9f:3b:48:28:7a:5d:98:44:46:46:70:c7: 3e:2d:45:f7:c8:83:f6:b2:46:b6:8a:61:9f:c8:86: 0f:b2:4e:95:65:c2:b8:ce:70:31:2f:44:a3:f0:3a: 4d:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:C7:C4:B3:67:2A:E1:8D:DE:E2:EE:CE:34:48:FE:DA:AA:86:09:A8 X509v3 Authority Key Identifier: keyid:A7:24:72:C3:F0:04:B0:B7:1F:11:8E:87:2B:98:38:A4:E0:C7:21:C7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pyRyw_AEsLcfEY6HK5g4pODHIcc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/998a1d-3095-4643-873d-d8c950cacab5/1/osfEs2cq4Y3e4u7ONEj-2qqGCag.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/de/998a1d-3095-4643-873d-d8c950cacab5/1/pyRyw_AEsLcfEY6HK5g4pODHIcc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.120.254.0/24 IPv6: 2001:678:d48::/48 Signature Algorithm: sha256WithRSAEncryption 67:14:dc:dc:ea:c5:72:8c:f7:30:7d:32:59:9a:01:3c:00:73: 07:6c:0a:e1:93:23:d5:d0:dd:5d:a7:b4:ab:89:cc:56:17:16: d4:21:d9:34:2a:4d:35:49:1f:85:79:d7:0f:d3:b4:64:7f:64: bd:14:34:48:0c:27:c6:8d:c6:53:1c:00:ad:80:fb:d1:0f:52: c8:4b:45:f1:79:ca:e2:4d:e9:aa:59:db:dc:f9:9d:ab:c0:f6: 38:7d:ef:81:a1:90:83:eb:92:04:6d:ca:22:0f:ce:d7:14:81: d6:a9:16:3f:07:13:b1:71:bf:84:6e:fa:7c:76:ce:47:c7:db: c6:98:ac:02:07:7c:f1:a3:b3:67:b5:3f:81:cc:e9:e1:68:2f: 68:8b:51:26:b4:c7:91:d6:15:47:ad:5b:67:a4:9d:ff:39:bb: 37:8a:3a:7b:f5:52:af:da:ce:d4:94:f7:24:2c:81:d9:a1:d4: a3:28:b3:d9:b7:de:1d:09:67:1e:20:1b:63:e0:50:e8:24:4f: 43:11:b5:79:fc:9d:cc:e7:8d:7f:77:47:56:fc:a7:72:51:f7: a0:2f:9d:5b:8e:c5:c6:56:99:41:a7:09:0c:ad:78:ec:ed:e6: 4b:02:d8:32:95:dc:ef:ca:de:40:3d:c9:61:98:4a:c0:81:5b: 06:62:e5:f8 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt5ED5du9sSCb2jweIxGIC4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE3MjQ3MmMzZjAwNGIwYjcxZjExOGU4NzJiOTgzOGE0ZTBj NzIxYzcwHhcNMjYwMTAxMTAxNzQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMmM3YzRiMzY3MmFlMThkZGVlMmVlY2UzNDQ4ZmVkYWFhODYwOWE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGoLQOlsQHvmWHCQnWo0AbvDAjwj w9+obZXZtSbz4KJ4AXQRTVH6dzMxDcJ8M3pL+Y/yEBlWBSVpvX6AHEWSRrHZ8nGV qS2a62wscQV3VTShxc7MbRE5wg+k/U2ntyax8Twfuf6WjOA4fcwsgqa7ym3PciSU zIJfcCMn6YGb02o8NIM6vC4z6pVRprV8A25wvox6Os0l17I4ch8ZRjTlvgE6rbmB 5fZg+D18SS/woUHPnlC4T3qct0RJ1bN315LT3GK8Jd/QW3199h0DVHOs3AD1IEyf O0goel2YREZGcMc+LUX3yIP2ska2imGfyIYPsk6VZcK4znAxL0Sj8DpN8wIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFKLHxLNnKuGN3uLuzjRI/tqqhgmoMB8GA1UdIwQY MBaAFKckcsPwBLC3HxGOhyuYOKTgxyHHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcHlSeXdfQUVzTGNmRVk2SEs1ZzRwT0RISWNjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS85OThhMWQtMzA5NS00NjQzLTg3M2Qt ZDhjOTUwY2FjYWI1LzEvb3NmRXMyY3E0WTNlNHU3T05Fai0ycXFHQ2FnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZS85OThhMWQtMzA5NS00NjQzLTg3M2QtZDhjOTUwY2FjYWI1 LzEvcHlSeXdfQUVzTGNmRVk2SEs1ZzRwT0RISWNjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAnnj+MA8E AgACMAkDBwAgAQZ4DUgwDQYJKoZIhvcNAQELBQADggEBAGcU3NzqxXKM9zB9Mlma ATwAcwdsCuGTI9XQ3V2ntKuJzFYXFtQh2TQqTTVJH4V51w/TtGR/ZL0UNEgMJ8aN xlMcAK2A+9EPUshLRfF5yuJN6apZ29z5navA9jh974GhkIPrkgRtyiIPztcUgdap Fj8HE7Fxv4Ru+nx2zkfH28aYrAIHfPGjs2e1P4HM6eFoL2iLUSa0x5HWFUetW2ek nf85uzeKOnv1Uq/aztSU9yQsgdmh1KMos9m33h0JZx4gG2PgUOgkT0MRtXn8nczn jX93R1b8p3JR96AvnVuOxcZWmUGnCQyteOzt5ksC2DKV3O/K3kA9yWGYSsCBWwZi 5fg= -----END CERTIFICATE-----Generated at Sat Jan 3 04:53:26 2026 by rpki-client