This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/d28fd4-c368-46b3-a17d-43187e29b0e3/1/zCmHEUDwxreVgjHT33MieHTkvHo.roa File: zCmHEUDwxreVgjHT33MieHTkvHo.roa (raw, json) Hash identifier: GOn7Ax5ilTDC4mIkf7WnEWeisHxiQ0BYABkeo+vnpp8= Subject key identifier: CC:29:87:11:40:F0:C6:B7:95:82:31:D3:DF:73:22:78:74:E4:BC:7A Certificate issuer: /CN=8b0c8d35dd66657bffc90b6ac41600ffa623d5b8 Certificate serial: 019B77C7004FB04A9DAE669A62259563ECEE Authority key identifier: 8B:0C:8D:35:DD:66:65:7B:FF:C9:0B:6A:C4:16:00:FF:A6:23:D5:B8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iwyNNd1mZXv_yQtqxBYA_6Yj1bg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/d28fd4-c368-46b3-a17d-43187e29b0e3/1/zCmHEUDwxreVgjHT33MieHTkvHo.roa Signing time: Thu 01 Jan 2026 04:18:09 +0000 ROA not before: Thu 01 Jan 2026 04:18:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8455 IP address blocks: 185.121.95.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/d28fd4-c368-46b3-a17d-43187e29b0e3/1/iwyNNd1mZXv_yQtqxBYA_6Yj1bg.crl rsync://rpki.ripe.net/repository/DEFAULT/05/d28fd4-c368-46b3-a17d-43187e29b0e3/1/iwyNNd1mZXv_yQtqxBYA_6Yj1bg.mft rsync://rpki.ripe.net/repository/DEFAULT/iwyNNd1mZXv_yQtqxBYA_6Yj1bg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:00:4f:b0:4a:9d:ae:66:9a:62:25:95:63:ec:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b0c8d35dd66657bffc90b6ac41600ffa623d5b8 Validity Not Before: Jan 1 04:18:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cc29871140f0c6b7958231d3df73227874e4bc7a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:29:bb:f5:7b:53:d9:1a:22:24:c2:4d:47:5f: f2:93:d8:2d:09:7d:c6:27:97:08:06:f2:d7:88:8a: 41:64:05:cd:00:1a:d3:4c:2e:9a:ad:f1:22:68:0f: e0:1a:95:e0:64:9f:d9:47:84:e0:c6:04:e4:ad:d7: e0:a8:8d:ef:47:51:1a:e8:32:d2:32:2f:87:23:cf: ba:47:ad:a1:86:e7:59:d3:99:e9:be:11:0a:60:66: b4:12:2b:34:e0:3b:9a:6d:95:2e:e3:90:91:8d:90: 88:dc:d3:ae:d1:95:81:04:2a:c9:65:23:60:2a:dd: bb:c7:51:05:9f:73:66:4d:f3:ed:04:a0:2a:ac:65: 3a:08:6b:78:77:9d:60:c6:51:c9:b7:77:fb:99:ee: 7a:4f:d1:d0:75:63:c1:ad:cc:5a:6e:d2:8b:6f:b8: 22:8c:57:c8:45:fe:bd:df:f6:1e:d9:ea:d7:d2:19: 0d:43:f7:20:a4:15:91:1d:bd:2b:19:67:e6:33:bb: 87:46:1e:24:3e:5a:fd:70:bc:68:1d:9a:fc:de:88: a7:e8:22:d4:19:77:02:35:9f:de:56:e6:1c:c6:31: 39:b3:a2:d9:65:f5:d0:c5:5c:5f:1f:b5:78:ac:e9: e0:98:f5:3e:c1:d6:98:5d:78:92:19:71:a4:00:71: ff:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:29:87:11:40:F0:C6:B7:95:82:31:D3:DF:73:22:78:74:E4:BC:7A X509v3 Authority Key Identifier: keyid:8B:0C:8D:35:DD:66:65:7B:FF:C9:0B:6A:C4:16:00:FF:A6:23:D5:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iwyNNd1mZXv_yQtqxBYA_6Yj1bg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/d28fd4-c368-46b3-a17d-43187e29b0e3/1/zCmHEUDwxreVgjHT33MieHTkvHo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/d28fd4-c368-46b3-a17d-43187e29b0e3/1/iwyNNd1mZXv_yQtqxBYA_6Yj1bg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.121.95.0/24 Signature Algorithm: sha256WithRSAEncryption 32:86:65:20:c5:86:5c:9d:82:22:bf:96:8d:e6:69:33:dc:35: a7:e9:bf:85:4c:57:a9:41:c3:c4:89:a5:30:61:ab:ac:60:18: a0:46:97:f3:b0:4d:0f:74:d7:23:ee:93:71:29:be:1c:93:3e: 0b:78:0c:fa:89:aa:d8:bc:66:e9:3f:95:20:69:4b:00:26:10: 06:dd:0b:fd:62:94:98:32:76:e6:fe:2c:61:00:f7:53:bb:fa: 5e:2e:b9:a7:71:41:f2:c1:69:cf:f8:3e:13:45:3e:39:de:de: 63:62:84:4e:83:e8:a3:de:c4:29:c9:ad:a2:0e:ac:88:78:3f: 20:c1:95:a1:b4:3d:b4:47:20:84:c6:20:18:2a:31:66:a0:84: 35:53:29:4c:96:b1:25:93:03:b4:7e:3c:50:1b:5e:23:6c:86: 8e:a1:1c:b9:be:bb:c2:a9:fe:e3:a7:22:74:77:1f:d9:5d:3e: ee:5f:2c:ca:fb:03:11:c7:8f:3c:5d:86:70:39:f0:0a:7f:f3: 7c:92:25:ac:f0:22:ae:bc:a3:9f:af:fb:47:e5:01:93:4f:39: 57:d8:b5:90:5c:4c:c3:66:b6:79:16:8f:b0:a6:80:88:0c:17: de:ac:66:18:36:48:3c:e6:55:78:ff:d8:b1:e1:31:b0:12:da: 96:b3:d5:45 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3xwBPsEqdrmaaYiWVY+zuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhiMGM4ZDM1ZGQ2NjY1N2JmZmM5MGI2YWM0MTYwMGZmYTYy M2Q1YjgwHhcNMjYwMTAxMDQxODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYzI5ODcxMTQwZjBjNmI3OTU4MjMxZDNkZjczMjI3ODc0ZTRiYzdhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoym79XtT2RoiJMJNR1/yk9gtCX3G J5cIBvLXiIpBZAXNABrTTC6arfEiaA/gGpXgZJ/ZR4TgxgTkrdfgqI3vR1Ea6DLS Mi+HI8+6R62hhudZ05npvhEKYGa0Eis04DuabZUu45CRjZCI3NOu0ZWBBCrJZSNg Kt27x1EFn3NmTfPtBKAqrGU6CGt4d51gxlHJt3f7me56T9HQdWPBrcxabtKLb7gi jFfIRf693/Ye2erX0hkNQ/cgpBWRHb0rGWfmM7uHRh4kPlr9cLxoHZr83oin6CLU GXcCNZ/eVuYcxjE5s6LZZfXQxVxfH7V4rOngmPU+wdaYXXiSGXGkAHH/CwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFMwphxFA8Ma3lYIx099zInh05Lx6MB8GA1UdIwQY MBaAFIsMjTXdZmV7/8kLasQWAP+mI9W4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaXd5Tk5kMW1aWHZfeVF0cXhCWUFfNllqMWJnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kMjhmZDQtYzM2OC00NmIzLWExN2Qt NDMxODdlMjliMGUzLzEvekNtSEVVRHd4cmVWZ2pIVDMzTWllSFRrdkhvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS9kMjhmZDQtYzM2OC00NmIzLWExN2QtNDMxODdlMjliMGUz LzEvaXd5Tk5kMW1aWHZfeVF0cXhCWUFfNllqMWJnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXlfMA0G CSqGSIb3DQEBCwUAA4IBAQAyhmUgxYZcnYIiv5aN5mkz3DWn6b+FTFepQcPEiaUw YausYBigRpfzsE0PdNcj7pNxKb4ckz4LeAz6iarYvGbpP5UgaUsAJhAG3Qv9YpSY Mnbm/ixhAPdTu/peLrmncUHywWnP+D4TRT453t5jYoROg+ij3sQpya2iDqyIeD8g wZWhtD20RyCExiAYKjFmoIQ1UylMlrElkwO0fjxQG14jbIaOoRy5vrvCqf7jpyJ0 dx/ZXT7uXyzK+wMRx488XYZwOfAKf/N8kiWs8CKuvKOfr/tH5QGTTzlX2LWQXEzD ZrZ5Fo+wpoCIDBferGYYNkg85lV4/9ix4TGwEtqWs9VF -----END CERTIFICATE-----Generated at Mon Jan 26 07:40:29 2026 by rpki-client