This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/ryskVS0dPdz-y92F77QMcmew-3Q.roa File: ryskVS0dPdz-y92F77QMcmew-3Q.roa (raw, json) Hash identifier: 0cvjILsIuN391vO2mz7RFzGnNcWo3ps5v9bfRxUj9oQ= Subject key identifier: AF:2B:24:55:2D:1D:3D:DC:FE:CB:DD:85:EF:B4:0C:72:67:B0:FB:74 Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839 Certificate serial: 019B7C807A3B31482919EF7A5FB0CB6DB95D Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/ryskVS0dPdz-y92F77QMcmew-3Q.roa Signing time: Fri 02 Jan 2026 02:19:13 +0000 ROA not before: Fri 02 Jan 2026 02:19:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 23532 IP address blocks: 2a00:e460::/29 maxlen: 48 2a0b:d900::/29 maxlen: 48 2a0c:65c0::/29 maxlen: 48 2a0c:6980::/29 maxlen: 48 2a13:97c0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:7a:3b:31:48:29:19:ef:7a:5f:b0:cb:6d:b9:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839 Validity Not Before: Jan 2 02:19:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=af2b24552d1d3ddcfecbdd85efb40c7267b0fb74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:39:44:4a:c7:c0:80:6d:65:7d:f6:f1:2e:c4: 12:21:ce:19:7b:07:70:e6:10:6a:cb:62:8d:cd:a5: ed:d2:b4:19:e5:e2:50:32:48:37:65:29:71:bf:7c: 0f:99:40:d5:ea:62:ca:16:87:81:df:9a:22:dd:9a: 86:1e:8b:1e:68:17:16:b3:92:14:2c:6e:3c:d8:6c: 69:17:45:c0:e9:b1:20:d7:1c:25:54:c3:b3:a6:27: 46:3b:d2:59:1e:3e:be:2d:81:e5:e4:75:e2:b4:42: 5f:4c:fe:d0:6a:82:4e:f9:49:dc:78:9b:6f:fa:37: a8:c6:bb:71:8e:6b:87:fb:b1:85:c9:3c:b5:70:a4: d9:62:ef:52:33:e8:1a:c4:48:b1:2d:bf:a7:9e:e5: 1b:da:98:64:3f:cf:3d:45:90:c2:3a:1c:a0:54:d8: dd:f2:c4:a5:1b:65:b2:1a:f8:40:c4:ec:b5:c6:d4: 1e:3b:e1:7d:ab:eb:3a:2b:5d:53:9a:3b:57:78:6c: 52:c2:30:f5:ea:f9:72:48:da:fc:58:79:ae:4b:1b: 16:f0:7b:e3:fd:bf:ea:fa:98:0a:3a:69:0d:8f:99: 42:a4:33:a1:f5:f9:62:9b:11:51:06:37:a3:67:9f: c9:97:ee:ab:61:0b:1f:70:1f:33:40:15:dd:21:eb: 2f:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:2B:24:55:2D:1D:3D:DC:FE:CB:DD:85:EF:B4:0C:72:67:B0:FB:74 X509v3 Authority Key Identifier: keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/ryskVS0dPdz-y92F77QMcmew-3Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a00:e460::/29 2a0b:d900::/29 2a0c:65c0::/29 2a0c:6980::/29 2a13:97c0::/29 Signature Algorithm: sha256WithRSAEncryption 43:53:b5:c2:8a:02:0a:05:85:c0:14:0e:c2:80:4c:1f:cf:5b: 77:49:c9:ed:14:b6:b5:35:e0:06:7a:65:0b:cf:fc:fe:91:76: 6e:f4:7c:ac:e1:5f:d3:14:5f:59:e4:8f:30:2d:3a:c2:e6:a6: 23:00:32:a0:d5:f5:df:69:c2:71:16:24:1d:b9:7c:5b:29:8c: c7:ef:e6:2f:97:7f:1d:ed:d4:e1:e4:fc:84:a6:b7:f9:1d:d7: b3:74:27:7c:d1:06:c6:1a:19:41:3f:0d:e6:23:e1:db:8f:2a: 25:72:cd:04:db:56:fd:e2:d1:a8:14:2c:bf:3f:49:23:f0:93: f4:07:72:b5:56:8f:b8:44:4c:84:95:28:54:e0:29:22:fc:e7: 58:c7:8d:91:3d:5c:f0:d4:92:bc:91:e8:05:a1:61:aa:94:83: 11:24:a3:d3:71:ff:96:c8:4c:f9:99:9f:f9:bc:a9:f2:68:4d: a5:e8:f9:f3:e7:5e:7c:22:d6:7f:27:89:97:13:48:01:a9:6c: 27:f8:ab:a3:7b:6f:6b:37:3a:11:78:04:cd:9a:55:1e:63:14: 01:64:77:07:73:22:77:36:79:d4:dc:74:70:56:34:ce:95:34: 0d:3e:63:f6:29:d3:f9:40:50:fd:d0:13:aa:7d:19:0e:a7:e6: 2f:8c:bf:43 -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt8gHo7MUgpGe96X7DLbbldMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx ZmE4MzkwHhcNMjYwMTAyMDIxOTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZjJiMjQ1NTJkMWQzZGRjZmVjYmRkODVlZmI0MGM3MjY3YjBmYjc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTlESsfAgG1lffbxLsQSIc4Zewdw 5hBqy2KNzaXt0rQZ5eJQMkg3ZSlxv3wPmUDV6mLKFoeB35oi3ZqGHoseaBcWs5IU LG482GxpF0XA6bEg1xwlVMOzpidGO9JZHj6+LYHl5HXitEJfTP7QaoJO+UnceJtv +jeoxrtxjmuH+7GFyTy1cKTZYu9SM+gaxEixLb+nnuUb2phkP889RZDCOhygVNjd 8sSlG2WyGvhAxOy1xtQeO+F9q+s6K11TmjtXeGxSwjD16vlySNr8WHmuSxsW8Hvj /b/q+pgKOmkNj5lCpDOh9flimxFRBjejZ5/Jl+6rYQsfcB8zQBXdIesvLwIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFK8rJFUtHT3c/svdhe+0DHJnsPt0MB8GA1UdIwQY MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt MzA0OTVmNDAzNzg0LzEvcnlza1ZTMGRQZHoteTkyRjc3UU1jbWV3LTNRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0 LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgDkYAMF AyoL2QADBQMqDGXAAwUDKgxpgAMFAyoTl8AwDQYJKoZIhvcNAQELBQADggEBAENT tcKKAgoFhcAUDsKATB/PW3dJye0UtrU14AZ6ZQvP/P6Rdm70fKzhX9MUX1nkjzAt OsLmpiMAMqDV9d9pwnEWJB25fFspjMfv5i+Xfx3t1OHk/ISmt/kd17N0J3zRBsYa GUE/DeYj4duPKiVyzQTbVv3i0agULL8/SSPwk/QHcrVWj7hETISVKFTgKSL851jH jZE9XPDUkryR6AWhYaqUgxEko9Nx/5bITPmZn/m8qfJoTaXo+fPnXnwi1n8niZcT SAGpbCf4q6N7b2s3OhF4BM2aVR5jFAFkdwdzInc2edTcdHBWNM6VNA0+Y/Yp0/lA UP3QE6p9GQ6n5i+Mv0M= -----END CERTIFICATE-----Generated at Wed Jan 21 08:07:20 2026 by rpki-client