This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/OYsX4hAIO8zocCjaiLAgo7rhl6g.roa File: OYsX4hAIO8zocCjaiLAgo7rhl6g.roa (raw, json) Hash identifier: 8mSQCijrpWAiZ1jkdyn7YQSYQONkGQ/rnpGjGBbFCh4= Subject key identifier: 39:8B:17:E2:10:08:3B:CC:E8:70:28:DA:88:B0:20:A3:BA:E1:97:A8 Certificate issuer: /CN=050b1e38c704bd08e3b9d17f590367b1d1f03c4a Certificate serial: 019B79101AA59CF7D4F1B739147A8F55B080 Authority key identifier: 05:0B:1E:38:C7:04:BD:08:E3:B9:D1:7F:59:03:67:B1:D1:F0:3C:4A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BQseOMcEvQjjudF_WQNnsdHwPEo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/OYsX4hAIO8zocCjaiLAgo7rhl6g.roa Signing time: Thu 01 Jan 2026 10:17:36 +0000 ROA not before: Thu 01 Jan 2026 10:17:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197912 IP address blocks: 128.127.168.0/24 maxlen: 24 128.127.169.0/24 maxlen: 24 128.127.170.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/BQseOMcEvQjjudF_WQNnsdHwPEo.crl rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/BQseOMcEvQjjudF_WQNnsdHwPEo.mft rsync://rpki.ripe.net/repository/DEFAULT/BQseOMcEvQjjudF_WQNnsdHwPEo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 19:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:1a:a5:9c:f7:d4:f1:b7:39:14:7a:8f:55:b0:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=050b1e38c704bd08e3b9d17f590367b1d1f03c4a Validity Not Before: Jan 1 10:17:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=398b17e210083bcce87028da88b020a3bae197a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:f1:77:c0:9a:93:21:ee:7c:a6:58:e5:ab:60: 1f:81:ee:40:47:5a:c2:af:8f:96:96:09:0f:31:f2: 9d:8c:a2:a7:70:e7:b4:ce:50:d4:e7:25:ac:d4:09: a9:bc:76:05:d8:99:b5:3f:28:62:fc:c2:e5:85:ce: d5:1b:04:8a:fc:ff:cf:9b:90:8e:41:e5:3d:3c:9d: 41:9a:51:64:f0:8e:8e:86:34:d7:1c:e0:4d:49:90: 41:c7:03:96:fd:b4:89:3b:b0:22:6a:b4:9e:32:f0: b9:16:ed:e0:ee:df:3c:28:e5:fc:fe:e9:bc:f5:68: 19:62:05:dc:ad:44:ec:f2:52:47:a9:c9:b8:f9:e8: d2:dd:03:2b:32:5a:18:a6:1e:6a:10:1b:fc:c7:84: 99:b6:f6:a7:f7:1b:37:3d:c2:9c:57:cf:14:2a:13: 1c:5f:b9:e5:43:3b:57:93:4e:20:95:28:b1:b8:15: b8:a3:da:23:87:c0:78:50:ac:b3:66:f0:be:74:ad: ca:e4:4d:22:49:ac:e9:6e:e8:0e:ba:28:28:ea:77: 74:ed:2f:25:13:b7:d6:0b:f6:cd:69:79:60:ee:1d: 7e:62:73:e5:5f:ad:fd:af:a4:f0:8e:b2:77:47:12: 82:17:b9:79:52:1b:0e:41:04:0f:fe:28:55:4a:eb: 8c:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:8B:17:E2:10:08:3B:CC:E8:70:28:DA:88:B0:20:A3:BA:E1:97:A8 X509v3 Authority Key Identifier: keyid:05:0B:1E:38:C7:04:BD:08:E3:B9:D1:7F:59:03:67:B1:D1:F0:3C:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQseOMcEvQjjudF_WQNnsdHwPEo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/OYsX4hAIO8zocCjaiLAgo7rhl6g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/BQseOMcEvQjjudF_WQNnsdHwPEo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 128.127.168.0-128.127.170.255 Signature Algorithm: sha256WithRSAEncryption 52:d0:77:08:53:27:9d:b1:68:35:43:80:99:1a:32:30:5e:c5: 45:f0:f2:07:1b:b9:d1:80:9a:52:89:5a:76:cf:b7:6e:c3:2a: 4d:ea:51:68:e2:0c:c5:64:e5:6c:d4:c6:fd:f4:b3:69:ca:6e: 93:cc:87:66:15:c9:aa:d2:8e:91:a0:83:aa:96:3e:47:ea:e1: 57:59:60:89:b9:56:1b:25:65:82:b9:70:0d:d1:00:ec:e7:cf: 4e:d5:9b:d5:ed:44:eb:0f:7c:ea:25:b3:34:14:2d:f4:51:94: 9a:52:32:5f:0b:04:e5:01:ed:1b:03:7f:15:07:fc:24:21:e1: 43:ca:c2:b7:cb:32:97:1d:6f:af:3d:b1:c0:45:e3:d1:7e:20: 8f:1c:2c:12:2e:82:75:6c:ff:07:77:0a:15:73:da:43:de:46: e6:36:a4:8c:7a:cc:98:df:f8:b6:b3:ef:53:2f:8d:d4:db:aa: d5:95:58:95:5f:fe:9a:fd:48:f0:74:0b:85:42:9a:a7:f4:bd: e2:59:64:ce:27:ba:21:d7:a3:e0:44:15:30:dd:92:78:97:d9: 17:c1:39:0f:73:f3:d5:49:7e:af:c0:b7:0a:c7:65:6e:1a:f8: 98:d8:c1:28:a5:b5:d0:be:11:8a:55:98:c7:cf:17:7a:93:91: c7:a8:ef:62 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt5EBqlnPfU8bc5FHqPVbCAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1MGIxZTM4YzcwNGJkMDhlM2I5ZDE3ZjU5MDM2N2IxZDFm MDNjNGEwHhcNMjYwMTAxMTAxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzOThiMTdlMjEwMDgzYmNjZTg3MDI4ZGE4OGIwMjBhM2JhZTE5N2E4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/F3wJqTIe58pljlq2Afge5AR1rC r4+WlgkPMfKdjKKncOe0zlDU5yWs1AmpvHYF2Jm1Pyhi/MLlhc7VGwSK/P/Pm5CO QeU9PJ1BmlFk8I6OhjTXHOBNSZBBxwOW/bSJO7AiarSeMvC5Fu3g7t88KOX8/um8 9WgZYgXcrUTs8lJHqcm4+ejS3QMrMloYph5qEBv8x4SZtvan9xs3PcKcV88UKhMc X7nlQztXk04glSixuBW4o9ojh8B4UKyzZvC+dK3K5E0iSazpbugOuigo6nd07S8l E7fWC/bNaXlg7h1+YnPlX639r6TwjrJ3RxKCF7l5UhsOQQQP/ihVSuuMOwIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFDmLF+IQCDvM6HAo2oiwIKO64ZeoMB8GA1UdIwQY MBaAFAULHjjHBL0I47nRf1kDZ7HR8DxKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQlFzZU9NY0V2UWpqdWRGX1dRTm5zZEh3UEVvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8zY2M5YjQtMWVmZi00OGM5LWIyZjYt YTAxZTllNmRjYmYyLzEvT1lzWDRoQUlPOHpvY0NqYWlMQWdvN3JobDZnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZC8zY2M5YjQtMWVmZi00OGM5LWIyZjYtYTAxZTllNmRjYmYy LzEvQlFzZU9NY0V2UWpqdWRGX1dRTm5zZEh3UEVvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOAf6gD BACAf6owDQYJKoZIhvcNAQELBQADggEBAFLQdwhTJ52xaDVDgJkaMjBexUXw8gcb udGAmlKJWnbPt27DKk3qUWjiDMVk5WzUxv30s2nKbpPMh2YVyarSjpGgg6qWPkfq 4VdZYIm5VhslZYK5cA3RAOznz07Vm9XtROsPfOolszQULfRRlJpSMl8LBOUB7RsD fxUH/CQh4UPKwrfLMpcdb689scBF49F+II8cLBIugnVs/wd3ChVz2kPeRuY2pIx6 zJjf+Laz71MvjdTbqtWVWJVf/pr9SPB0C4VCmqf0veJZZM4nuiHXo+BEFTDdkniX 2RfBOQ9z89VJfq/AtwrHZW4a+JjYwSiltdC+EYpVmMfPF3qTkceo72I= -----END CERTIFICATE-----Generated at Mon Jan 26 03:27:22 2026 by rpki-client