This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/67cfa0-a32b-4063-9370-0b5c5d94426a/1/osRm_vCZFQn-IZrfa-S-ZoLyv-k.roa File: osRm_vCZFQn-IZrfa-S-ZoLyv-k.roa (raw, json) Hash identifier: UdnDiufWcMmwrrv9vsKKmhqhc0AHNBah6lzkUFktmdw= Subject key identifier: A2:C4:66:FE:F0:99:15:09:FE:21:9A:DF:6B:E4:BE:66:82:F2:BF:E9 Certificate issuer: /CN=08d3a515683e9ddb85d38e7ab39c33aedacaf7ef Certificate serial: 019A7ED100E8B14A289CE1FF630ED42424FD Authority key identifier: 08:D3:A5:15:68:3E:9D:DB:85:D3:8E:7A:B3:9C:33:AE:DA:CA:F7:EF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CNOlFWg-nduF0456s5wzrtrK9-8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/67cfa0-a32b-4063-9370-0b5c5d94426a/1/osRm_vCZFQn-IZrfa-S-ZoLyv-k.roa Signing time: Thu 13 Nov 2025 20:03:37 +0000 ROA not before: Thu 13 Nov 2025 20:03:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 60134 IP address blocks: 2.57.2.0/24 maxlen: 24 193.30.129.0/24 maxlen: 24 213.232.248.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/67cfa0-a32b-4063-9370-0b5c5d94426a/1/CNOlFWg-nduF0456s5wzrtrK9-8.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/67cfa0-a32b-4063-9370-0b5c5d94426a/1/CNOlFWg-nduF0456s5wzrtrK9-8.mft rsync://rpki.ripe.net/repository/DEFAULT/CNOlFWg-nduF0456s5wzrtrK9-8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:7e:d1:00:e8:b1:4a:28:9c:e1:ff:63:0e:d4:24:24:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08d3a515683e9ddb85d38e7ab39c33aedacaf7ef Validity Not Before: Nov 13 20:03:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=a2c466fef0991509fe219adf6be4be6682f2bfe9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:23:f5:4f:3f:bd:c5:e2:7b:52:c6:96:5f:66: 69:75:9d:0f:24:39:d2:b6:e1:00:8a:3c:fb:92:a8: 7e:36:35:cd:c4:26:8e:43:4d:ca:89:6f:d3:9f:f3: aa:d7:2c:6f:21:cc:e5:f3:6b:63:f1:1d:79:0c:91: f7:24:d0:d6:0e:80:62:18:9c:fe:9e:db:2b:78:7f: 42:36:a9:da:65:39:dc:60:d3:7f:61:66:fc:85:b7: ef:ae:7a:36:11:41:d8:30:01:06:cc:1a:49:b0:6c: b8:32:ab:f2:12:05:a7:3a:e0:81:ef:ef:7c:52:3f: 41:8b:b0:d1:aa:36:79:83:da:49:44:a1:29:dd:62: 98:8e:93:1a:5c:14:21:b2:ba:2f:1f:5b:32:26:d3: e2:d8:89:9f:f7:0d:38:c7:af:06:ff:d8:df:5c:c8: dd:c4:2d:a6:d8:b6:2a:b6:e7:2f:ce:8a:a7:ca:1d: a2:0b:bc:e4:4a:a3:06:d1:6a:f0:02:1f:73:2b:0c: 27:9c:56:93:45:dd:b6:8f:16:b1:32:47:d5:ff:3c: 7e:43:f6:d0:1b:33:34:0b:16:a1:a4:77:67:05:8b: 56:61:93:8f:10:1f:1c:7f:f7:e2:e5:81:ca:b6:5b: 20:cc:fe:a2:c5:30:4a:00:2b:46:b7:68:ab:ca:c6: 49:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:C4:66:FE:F0:99:15:09:FE:21:9A:DF:6B:E4:BE:66:82:F2:BF:E9 X509v3 Authority Key Identifier: keyid:08:D3:A5:15:68:3E:9D:DB:85:D3:8E:7A:B3:9C:33:AE:DA:CA:F7:EF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CNOlFWg-nduF0456s5wzrtrK9-8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/67cfa0-a32b-4063-9370-0b5c5d94426a/1/osRm_vCZFQn-IZrfa-S-ZoLyv-k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/67cfa0-a32b-4063-9370-0b5c5d94426a/1/CNOlFWg-nduF0456s5wzrtrK9-8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.57.2.0/24 193.30.129.0/24 213.232.248.0/24 Signature Algorithm: sha256WithRSAEncryption 43:04:4b:f1:a1:59:52:26:3c:ac:93:8e:94:57:af:ee:5a:86: 71:b1:c4:da:6c:a4:aa:30:bb:e8:e5:43:e7:25:73:df:8d:79: c5:02:ce:6b:f3:13:49:be:7e:46:37:93:cb:ba:cb:7b:f3:c2: a9:3d:7c:97:34:86:b2:5c:0f:48:2d:d5:a1:f8:8f:cd:2c:9c: 88:35:b9:ab:0c:1f:de:7c:83:56:15:fb:03:1e:da:49:d0:f8: a4:ec:6c:64:92:39:54:38:10:99:91:11:a7:35:48:3f:ed:5d: ad:f7:55:9a:52:6b:82:21:a3:89:c6:bf:78:1a:c8:a8:79:d9: fc:af:43:df:bf:8b:2a:8d:4d:72:33:72:ff:15:fb:17:62:7c: f4:82:79:c7:ce:95:9b:11:fe:2e:e9:57:8b:d9:4f:87:46:8f: 5b:59:12:c4:b2:03:38:82:4a:7e:ba:7d:6a:13:7b:c0:bd:bc: a4:e7:6b:e4:20:2d:67:6f:c3:2b:79:21:8b:25:cb:1e:77:3d: 36:2e:12:5f:dd:2e:32:45:e4:a4:0d:f5:fb:f1:5e:08:29:24: 06:31:c6:67:7f:53:92:8e:cd:3e:97:c8:10:47:9e:a1:51:59: bf:19:d8:f2:56:01:25:75:58:d5:0c:d9:37:01:ac:fc:b9:7d: ed:54:76:1b -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZp+0QDosUoonOH/Yw7UJCT9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4ZDNhNTE1NjgzZTlkZGI4NWQzOGU3YWIzOWMzM2FlZGFj YWY3ZWYwHhcNMjUxMTEzMjAwMzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMmM0NjZmZWYwOTkxNTA5ZmUyMTlhZGY2YmU0YmU2NjgyZjJiZmU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryP1Tz+9xeJ7UsaWX2ZpdZ0PJDnS tuEAijz7kqh+NjXNxCaOQ03KiW/Tn/Oq1yxvIczl82tj8R15DJH3JNDWDoBiGJz+ ntsreH9CNqnaZTncYNN/YWb8hbfvrno2EUHYMAEGzBpJsGy4MqvyEgWnOuCB7+98 Uj9Bi7DRqjZ5g9pJRKEp3WKYjpMaXBQhsrovH1syJtPi2Imf9w04x68G/9jfXMjd xC2m2LYqtucvzoqnyh2iC7zkSqMG0WrwAh9zKwwnnFaTRd22jxaxMkfV/zx+Q/bQ GzM0CxahpHdnBYtWYZOPEB8cf/fi5YHKtlsgzP6ixTBKACtGt2irysZJSwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFKLEZv7wmRUJ/iGa32vkvmaC8r/pMB8GA1UdIwQY MBaAFAjTpRVoPp3bhdOOerOcM67ayvfvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ05PbEZXZy1uZHVGMDQ1NnM1d3pydHJLOS04LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82N2NmYTAtYTMyYi00MDYzLTkzNzAt MGI1YzVkOTQ0MjZhLzEvb3NSbV92Q1pGUW4tSVpyZmEtUy1ab0x5di1rLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS82N2NmYTAtYTMyYi00MDYzLTkzNzAtMGI1YzVkOTQ0MjZh LzEvQ05PbEZXZy1uZHVGMDQ1NnM1d3pydHJLOS04LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjkCAwQA wR6BAwQA1ej4MA0GCSqGSIb3DQEBCwUAA4IBAQBDBEvxoVlSJjysk46UV6/uWoZx scTabKSqMLvo5UPnJXPfjXnFAs5r8xNJvn5GN5PLust788KpPXyXNIayXA9ILdWh +I/NLJyINbmrDB/efINWFfsDHtpJ0Pik7GxkkjlUOBCZkRGnNUg/7V2t91WaUmuC IaOJxr94Gsioedn8r0Pfv4sqjU1yM3L/FfsXYnz0gnnHzpWbEf4u6VeL2U+HRo9b WRLEsgM4gkp+un1qE3vAvbyk52vkIC1nb8MreSGLJcsedz02LhJf3S4yReSkDfX7 8V4IKSQGMcZnf1OSjs0+l8gQR56hUVm/GdjyVgEldVjVDNk3Aaz8uX3tVHYb -----END CERTIFICATE-----Generated at Sat Dec 6 12:03:47 2025 by rpki-client