This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/OyXa5XHUgsJSBsdbc3Qrhq4QU1Y.roa File: OyXa5XHUgsJSBsdbc3Qrhq4QU1Y.roa (raw, json) Hash identifier: Gyfd0tsIEQsaZgvjHA4zwq5b2ZqvTwYd6Np55tiRmHQ= Subject key identifier: 3B:25:DA:E5:71:D4:82:C2:52:06:C7:5B:73:74:2B:86:AE:10:53:56 Certificate issuer: /CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0 Certificate serial: 019B76EACBA018A53B1914B54D044A280EAD Authority key identifier: 99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/OyXa5XHUgsJSBsdbc3Qrhq4QU1Y.roa Signing time: Thu 01 Jan 2026 00:17:37 +0000 ROA not before: Thu 01 Jan 2026 00:17:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 395747 IP address blocks: 2a06:98c0:1c00::/48 maxlen: 48 2a06:98c0:1c01::/48 maxlen: 48 2a06:98c0:1c0b::/48 maxlen: 48 2a06:98c0:1c4a::/48 maxlen: 48 2a06:98c0:1c59::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.crl rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.mft rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:cb:a0:18:a5:3b:19:14:b5:4d:04:4a:28:0e:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0 Validity Not Before: Jan 1 00:17:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3b25dae571d482c25206c75b73742b86ae105356 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:cd:9d:b7:09:1a:8e:56:3b:80:40:66:dc:85: a0:2e:3e:30:5a:72:65:b1:78:2d:7a:3c:ba:96:02: 4d:ea:f0:58:96:99:e1:53:31:5f:2a:24:53:e4:df: 5c:20:47:c1:28:e4:29:c9:2b:ff:0a:86:f5:11:f8: 1d:50:92:8a:cf:c3:42:20:3a:13:73:97:93:c3:93: f4:78:06:68:5e:29:86:6e:ba:68:5b:b4:a5:62:82: f0:aa:a9:3d:a3:06:34:8f:f6:f7:db:25:75:20:99: e5:43:eb:ff:03:83:b6:07:d4:1d:7e:08:d0:cf:12: bf:c1:58:c1:3b:c0:13:a2:12:75:13:10:04:59:ff: 99:6f:51:75:7d:94:59:54:ab:a5:7f:0c:ef:81:37: 58:b0:ed:ae:6e:21:8a:e9:4b:aa:f7:02:2f:23:67: 4c:47:db:2d:6d:87:f5:c1:d2:08:1e:27:89:45:58: 0d:18:23:22:16:8d:e8:6a:7a:7c:51:3c:c0:e9:6d: c4:24:0d:cf:b0:97:02:98:0e:ca:1e:17:69:e9:53: 8f:19:33:fc:40:5b:51:76:65:5c:8a:f4:35:59:82: bd:0c:85:bf:8d:d5:36:f5:25:15:26:17:13:3e:de: 1e:d3:ed:60:71:42:c0:ca:7a:2d:e0:78:63:24:1f: 5e:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:25:DA:E5:71:D4:82:C2:52:06:C7:5B:73:74:2B:86:AE:10:53:56 X509v3 Authority Key Identifier: keyid:99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/OyXa5XHUgsJSBsdbc3Qrhq4QU1Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a06:98c0:1c00::/47 2a06:98c0:1c0b::/48 2a06:98c0:1c4a::/48 2a06:98c0:1c59::/48 Signature Algorithm: sha256WithRSAEncryption 62:ea:09:95:74:e5:70:e3:42:3a:b1:8b:c5:42:bf:73:e0:d5: b1:79:1c:e7:97:9b:b1:c7:d8:b6:a3:b7:a8:40:a7:60:a7:3e: 0e:e5:b3:a8:0b:fd:b1:12:f2:95:98:84:fe:79:e7:22:92:fe: be:2f:b2:8b:0c:6f:fa:24:60:d0:a1:75:8d:89:88:4e:a2:02: 90:8a:bc:5e:2a:cf:50:de:ce:41:78:c0:e7:81:7e:fa:de:c6: f7:c5:8e:9b:c6:4b:b6:ba:bb:20:43:53:e7:bf:d4:8b:b4:c2: d2:7c:5e:e9:d2:08:5f:92:8b:7e:5d:9c:da:63:20:ff:7d:27: 98:98:dd:bc:1c:0e:85:2e:9f:c7:42:af:7b:26:95:85:87:39: 36:78:42:cb:00:2d:0f:84:9e:2c:a6:0c:1f:a5:1f:a0:b9:26: 73:de:c7:ed:62:56:47:ee:4b:19:dd:9f:81:1a:19:1e:46:35: 07:5a:a3:33:7b:87:ec:92:92:d8:87:fc:14:a4:bb:c2:03:c3: 1f:81:fc:c1:93:c7:6b:58:25:4a:e3:2e:79:2f:d0:52:65:26: 1b:59:d3:d6:39:65:10:13:f3:44:5e:04:b3:7f:fd:0e:44:7b: 13:ac:13:36:48:bb:87:00:6c:51:ba:48:51:4b:76:ba:bb:33: 63:98:72:d8 -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt26sugGKU7GRS1TQRKKA6tMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk5ZDViZmFkNDVkN2M2NWE2ZTM0MzAyODUwOWZkMTg5MmU5 N2I5ZDAwHhcNMjYwMTAxMDAxNzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYjI1ZGFlNTcxZDQ4MmMyNTIwNmM3NWI3Mzc0MmI4NmFlMTA1MzU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApM2dtwkajlY7gEBm3IWgLj4wWnJl sXgtejy6lgJN6vBYlpnhUzFfKiRT5N9cIEfBKOQpySv/Cob1EfgdUJKKz8NCIDoT c5eTw5P0eAZoXimGbrpoW7SlYoLwqqk9owY0j/b32yV1IJnlQ+v/A4O2B9QdfgjQ zxK/wVjBO8ATohJ1ExAEWf+Zb1F1fZRZVKulfwzvgTdYsO2ubiGK6Uuq9wIvI2dM R9stbYf1wdIIHieJRVgNGCMiFo3oanp8UTzA6W3EJA3PsJcCmA7KHhdp6VOPGTP8 QFtRdmVcivQ1WYK9DIW/jdU29SUVJhcTPt4e0+1gcULAynot4HhjJB9eOwIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFDsl2uVx1ILCUgbHW3N0K4auEFNWMB8GA1UdIwQY MBaAFJnVv61F18ZabjQwKFCf0Ykul7nQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbWRXX3JVWFh4bHB1TkRBb1VKX1JpUzZYdWRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC84MTcxZTMtMmQyOS00Y2I2LThhOTQt NzU1MTgwOWNiNzMxLzEvT3lYYTVYSFVnc0pTQnNkYmMzUXJocTRRVTFZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MC84MTcxZTMtMmQyOS00Y2I2LThhOTQtNzU1MTgwOWNiNzMx LzEvbWRXX3JVWFh4bHB1TkRBb1VKX1JpUzZYdWRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcBKgaYwBwA AwcAKgaYwBwLAwcAKgaYwBxKAwcAKgaYwBxZMA0GCSqGSIb3DQEBCwUAA4IBAQBi 6gmVdOVw40I6sYvFQr9z4NWxeRznl5uxx9i2o7eoQKdgpz4O5bOoC/2xEvKVmIT+ eecikv6+L7KLDG/6JGDQoXWNiYhOogKQirxeKs9Q3s5BeMDngX763sb3xY6bxku2 ursgQ1Pnv9SLtMLSfF7p0ghfkot+XZzaYyD/fSeYmN28HA6FLp/HQq97JpWFhzk2 eELLAC0PhJ4spgwfpR+guSZz3sftYlZH7ksZ3Z+BGhkeRjUHWqMze4fskpLYh/wU pLvCA8MfgfzBk8drWCVK4y55L9BSZSYbWdPWOWUQE/NEXgSzf/0ORHsTrBM2SLuH AGxRukhRS3a6uzNjmHLY -----END CERTIFICATE-----Generated at Sun Jan 25 15:35:15 2026 by rpki-client