This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/OSjRZ1PSSlJuUv_feSDSX8D5qss.roa File: OSjRZ1PSSlJuUv_feSDSX8D5qss.roa (raw, json) Hash identifier: 9j2P3ndf7PqtASAbOJiA9us6tk9fCukKTlRIi2ivlN0= Subject key identifier: 39:28:D1:67:53:D2:4A:52:6E:52:FF:DF:79:20:D2:5F:C0:F9:AA:CB Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933 Certificate serial: 019B7D5D0FC5543862536797FBD0C6EB7BE3 Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/OSjRZ1PSSlJuUv_feSDSX8D5qss.roa Signing time: Fri 02 Jan 2026 06:20:09 +0000 ROA not before: Fri 02 Jan 2026 06:20:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206957 IP address blocks: 78.133.237.0/24 maxlen: 24 89.174.109.0/24 maxlen: 24 89.174.116.0/24 maxlen: 24 89.174.117.0/24 maxlen: 24 89.174.228.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.mft rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:0f:c5:54:38:62:53:67:97:fb:d0:c6:eb:7b:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933 Validity Not Before: Jan 2 06:20:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3928d16753d24a526e52ffdf7920d25fc0f9aacb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:80:d9:00:42:42:06:ac:8d:bf:73:17:3f:c3: f6:a6:b9:ee:99:1e:ec:4d:cd:9e:b3:28:28:be:3a: d4:11:13:38:04:c9:bf:17:6b:74:bf:9d:b8:7c:88: b0:52:c5:3a:5d:83:ee:f5:0c:3d:ef:0e:f1:22:d8: 26:fe:2e:c3:0c:46:27:bb:a2:6b:3c:23:e1:f4:6c: 28:15:b4:a5:2d:02:21:63:8f:a8:98:0c:46:1d:b4: 66:8c:37:16:02:71:cb:68:d5:8d:b1:f8:27:0b:df: 05:fc:4e:9a:99:40:16:37:2a:f0:cc:89:69:45:97: 98:c7:26:c9:8c:a2:84:80:15:a0:90:7d:fc:10:bb: c1:a9:51:ae:4c:c7:7c:ff:b8:77:fc:d3:40:08:e9: e6:9b:00:a7:9c:a8:c8:e1:98:6a:04:da:42:ff:f8: dd:cb:49:7f:8d:73:46:db:a2:4b:be:dd:59:04:75: af:70:7b:d8:78:0d:95:be:e9:29:0b:9c:ea:b6:82: f0:76:c2:3c:58:5a:df:7d:86:3f:64:cb:23:a2:f4: 24:36:ac:54:46:62:0f:82:ab:59:c3:f8:69:1b:d1: 3d:84:18:92:32:74:21:75:fb:6e:b2:45:e7:4b:8b: cb:a7:87:94:10:57:30:3a:de:90:29:51:fc:72:11: a1:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:28:D1:67:53:D2:4A:52:6E:52:FF:DF:79:20:D2:5F:C0:F9:AA:CB X509v3 Authority Key Identifier: keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/OSjRZ1PSSlJuUv_feSDSX8D5qss.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 78.133.237.0/24 89.174.109.0/24 89.174.116.0/23 89.174.228.0/24 Signature Algorithm: sha256WithRSAEncryption 51:e0:52:35:9c:6a:ae:b9:71:42:01:0e:a5:d9:32:96:11:d5: 9b:a5:b0:40:97:9e:73:4b:7b:58:8b:34:ca:5c:01:f3:e1:39: 7f:90:8e:81:97:33:bc:c3:ad:a3:41:70:ed:41:ef:3f:ae:11: f9:08:10:29:a5:1d:88:88:be:36:59:63:b9:02:c8:7c:0e:62: a3:d9:86:81:fe:ff:f6:19:a5:e0:3d:aa:0f:94:5b:45:75:12: fd:5c:5a:12:0c:01:71:32:21:c0:04:2a:d7:27:d3:f4:a3:ac: 98:09:d4:5d:ed:d3:d7:6f:16:80:3b:79:9c:34:59:58:fd:73: 7b:b8:2e:e5:e9:d3:6b:02:01:53:91:4b:04:41:c6:df:40:6a: 8a:c2:44:ac:9c:fc:24:6d:27:96:89:cc:51:4e:64:c4:ac:1e: 51:25:c9:40:16:fc:28:41:10:62:6a:47:7e:ab:ad:0e:80:9f: ed:bb:ea:17:90:e0:55:2f:66:c9:48:79:e5:a9:c7:94:36:0e: 1f:c9:a9:c0:34:89:4c:f8:74:03:3c:11:b8:6a:f5:7c:bd:00: 05:89:73:e3:8a:74:56:4c:6c:ce:80:be:58:34:e8:b0:24:87: f3:82:6c:9a:ab:66:e4:00:9c:21:30:12:77:f6:5f:f4:97:cc: 54:93:17:ab -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt9XQ/FVDhiU2eX+9DG63vjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj ZWY5MzMwHhcNMjYwMTAyMDYyMDA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzOTI4ZDE2NzUzZDI0YTUyNmU1MmZmZGY3OTIwZDI1ZmMwZjlhYWNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoDZAEJCBqyNv3MXP8P2prnumR7s Tc2esygovjrUERM4BMm/F2t0v524fIiwUsU6XYPu9Qw97w7xItgm/i7DDEYnu6Jr PCPh9GwoFbSlLQIhY4+omAxGHbRmjDcWAnHLaNWNsfgnC98F/E6amUAWNyrwzIlp RZeYxybJjKKEgBWgkH38ELvBqVGuTMd8/7h3/NNACOnmmwCnnKjI4ZhqBNpC//jd y0l/jXNG26JLvt1ZBHWvcHvYeA2VvukpC5zqtoLwdsI8WFrffYY/ZMsjovQkNqxU RmIPgqtZw/hpG9E9hBiSMnQhdftuskXnS4vLp4eUEFcwOt6QKVH8chGh/wIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFDko0WdT0kpSblL/33kg0l/A+arLMB8GA1UdIwQY MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt OTFlMzE4NGJiMGFiLzEvT1NqUloxUFNTbEp1VXZfZmVTRFNYOEQ1cXNzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAToXtAwQA Wa5tAwQBWa50AwQAWa7kMA0GCSqGSIb3DQEBCwUAA4IBAQBR4FI1nGquuXFCAQ6l 2TKWEdWbpbBAl55zS3tYizTKXAHz4Tl/kI6BlzO8w62jQXDtQe8/rhH5CBAppR2I iL42WWO5Ash8DmKj2YaB/v/2GaXgPaoPlFtFdRL9XFoSDAFxMiHABCrXJ9P0o6yY CdRd7dPXbxaAO3mcNFlY/XN7uC7l6dNrAgFTkUsEQcbfQGqKwkSsnPwkbSeWicxR TmTErB5RJclAFvwoQRBiakd+q60OgJ/tu+oXkOBVL2bJSHnlqceUNg4fyanANIlM +HQDPBG4avV8vQAFiXPjinRWTGzOgL5YNOiwJIfzgmyaq2bkAJwhMBJ39l/0l8xU kxer -----END CERTIFICATE-----Generated at Sun Jan 25 19:18:31 2026 by rpki-client