This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/89c4ab-984b-4f6c-bdd0-33d7ac370979/1/ZsE_mt7ku7Fr5hPoQLALle6qg7o.roa File: ZsE_mt7ku7Fr5hPoQLALle6qg7o.roa (raw, json) Hash identifier: HUKBNWBBwbvfcuNQzCGO+9wjMStLGidRG99eNbwf4fs= Subject key identifier: 66:C1:3F:9A:DE:E4:BB:B1:6B:E6:13:E8:40:B0:0B:95:EE:AA:83:BA Certificate issuer: /CN=53390b13c9ef4afcfd08124111e6f63dc30165aa Certificate serial: 019B7D5C3FA644F085E6159F5E0220BF413F Authority key identifier: 53:39:0B:13:C9:EF:4A:FC:FD:08:12:41:11:E6:F6:3D:C3:01:65:AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UzkLE8nvSvz9CBJBEeb2PcMBZao.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/89c4ab-984b-4f6c-bdd0-33d7ac370979/1/ZsE_mt7ku7Fr5hPoQLALle6qg7o.roa Signing time: Fri 02 Jan 2026 06:19:16 +0000 ROA not before: Fri 02 Jan 2026 06:19:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31655 IP address blocks: 185.9.232.0/22 maxlen: 24 2a02:df80::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/89c4ab-984b-4f6c-bdd0-33d7ac370979/1/UzkLE8nvSvz9CBJBEeb2PcMBZao.crl rsync://rpki.ripe.net/repository/DEFAULT/0b/89c4ab-984b-4f6c-bdd0-33d7ac370979/1/UzkLE8nvSvz9CBJBEeb2PcMBZao.mft rsync://rpki.ripe.net/repository/DEFAULT/UzkLE8nvSvz9CBJBEeb2PcMBZao.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:3f:a6:44:f0:85:e6:15:9f:5e:02:20:bf:41:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=53390b13c9ef4afcfd08124111e6f63dc30165aa Validity Not Before: Jan 2 06:19:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=66c13f9adee4bbb16be613e840b00b95eeaa83ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:de:25:82:19:84:6f:29:1a:0c:8f:f0:01:51: 8f:d4:92:a8:65:c2:e3:74:fa:4c:f1:08:5d:7b:f0: a5:72:f5:1e:6d:e8:da:7c:2e:5d:f6:ce:09:06:70: 95:94:50:2c:7b:e6:35:74:60:e3:0b:61:d5:34:71: 49:7f:df:a3:d3:c8:7c:17:87:54:f5:90:81:43:c0: 72:fc:2e:bd:de:d0:0f:2e:f1:a6:63:73:ca:18:72: ca:31:c7:93:d3:28:71:cb:c5:78:2f:97:91:fd:0e: 59:53:b7:7f:7e:92:1c:b2:a6:5b:e3:f8:4a:6a:d4: ee:b9:fd:1d:e6:93:0d:9a:dc:a9:2c:20:ea:6e:4d: 18:72:1f:04:ab:e3:02:47:53:fa:32:cf:2b:ec:08: 71:f2:a4:5e:fd:44:34:e3:c9:c6:d4:be:14:80:1e: 0f:d3:b5:9f:d3:51:6b:3d:a8:87:a2:fc:7f:c0:0d: 40:0c:3c:d8:e3:8c:01:bc:4c:79:66:9d:68:d3:11: 4d:0b:27:df:53:24:b0:70:c2:29:2f:55:0e:95:c4: 93:a6:70:01:5b:13:79:be:ee:8e:41:6c:1b:61:0d: 3f:20:dd:c9:04:ae:79:43:ad:6c:f0:35:9c:bf:0b: 97:89:fd:97:fa:78:b6:cc:89:c5:6f:e7:31:99:5f: 9f:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:C1:3F:9A:DE:E4:BB:B1:6B:E6:13:E8:40:B0:0B:95:EE:AA:83:BA X509v3 Authority Key Identifier: keyid:53:39:0B:13:C9:EF:4A:FC:FD:08:12:41:11:E6:F6:3D:C3:01:65:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UzkLE8nvSvz9CBJBEeb2PcMBZao.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/89c4ab-984b-4f6c-bdd0-33d7ac370979/1/ZsE_mt7ku7Fr5hPoQLALle6qg7o.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/89c4ab-984b-4f6c-bdd0-33d7ac370979/1/UzkLE8nvSvz9CBJBEeb2PcMBZao.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.9.232.0/22 IPv6: 2a02:df80::/29 Signature Algorithm: sha256WithRSAEncryption 21:a1:7b:fa:bb:cb:b8:9d:c8:02:0c:06:28:8c:60:fb:ed:8d: b3:e4:70:5b:7d:a6:a6:ca:6c:7f:aa:82:6a:a6:47:99:b1:1d: 9d:62:bf:69:72:2c:52:e7:14:49:d2:20:ae:43:48:42:4c:e0: a5:00:06:99:e1:ce:85:76:e9:19:69:96:87:be:d5:9a:c2:c2: 1f:5d:0d:84:9e:fd:6f:e8:0e:de:ec:c7:a6:9b:fb:02:2f:5f: f1:1f:94:2a:7d:0b:5e:45:c8:39:ba:3d:fc:77:23:50:e1:ef: 63:f4:de:87:81:30:28:2d:9f:35:6b:01:09:04:2f:56:be:99: 42:37:b0:c3:93:c3:7e:d9:9a:a5:6f:47:53:c7:88:0f:1c:02: bf:35:bf:81:c4:05:b2:35:d6:0f:f9:9b:33:ef:fa:b6:a4:0f: 22:0d:6a:d5:5a:c8:eb:da:e0:e4:40:78:c9:02:d3:27:58:69: 9f:40:57:b4:d2:9a:8f:00:2e:5f:15:ed:0d:ae:c5:6f:d2:e4: e0:53:ad:2c:a9:cb:1e:e7:ea:2a:1f:52:fa:90:db:90:80:29: d0:5c:ed:52:40:fc:ee:f3:3a:62:87:33:60:18:ed:a2:3d:4b: f5:dc:14:b1:88:57:b6:75:01:7e:92:53:28:a0:a1:5c:d4:56: 46:da:0c:8e -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt9XD+mRPCF5hWfXgIgv0E/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUzMzkwYjEzYzllZjRhZmNmZDA4MTI0MTExZTZmNjNkYzMw MTY1YWEwHhcNMjYwMTAyMDYxOTE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NmMxM2Y5YWRlZTRiYmIxNmJlNjEzZTg0MGIwMGI5NWVlYWE4M2JhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyd4lghmEbykaDI/wAVGP1JKoZcLj dPpM8Qhde/ClcvUebejafC5d9s4JBnCVlFAse+Y1dGDjC2HVNHFJf9+j08h8F4dU 9ZCBQ8By/C693tAPLvGmY3PKGHLKMceT0yhxy8V4L5eR/Q5ZU7d/fpIcsqZb4/hK atTuuf0d5pMNmtypLCDqbk0Ych8Eq+MCR1P6Ms8r7Ahx8qRe/UQ048nG1L4UgB4P 07Wf01FrPaiHovx/wA1ADDzY44wBvEx5Zp1o0xFNCyffUySwcMIpL1UOlcSTpnAB WxN5vu6OQWwbYQ0/IN3JBK55Q61s8DWcvwuXif2X+ni2zInFb+cxmV+fSwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFGbBP5re5Luxa+YT6ECwC5XuqoO6MB8GA1UdIwQY MBaAFFM5CxPJ70r8/QgSQRHm9j3DAWWqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVXprTEU4bnZTdno5Q0JKQkVlYjJQY01CWmFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi84OWM0YWItOTg0Yi00ZjZjLWJkZDAt MzNkN2FjMzcwOTc5LzEvWnNFX210N2t1N0ZyNWhQb1FMQUxsZTZxZzdvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYi84OWM0YWItOTg0Yi00ZjZjLWJkZDAtMzNkN2FjMzcwOTc5 LzEvVXprTEU4bnZTdno5Q0JKQkVlYjJQY01CWmFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQnoMA0E AgACMAcDBQMqAt+AMA0GCSqGSIb3DQEBCwUAA4IBAQAhoXv6u8u4ncgCDAYojGD7 7Y2z5HBbfaamymx/qoJqpkeZsR2dYr9pcixS5xRJ0iCuQ0hCTOClAAaZ4c6FdukZ aZaHvtWawsIfXQ2Env1v6A7e7Memm/sCL1/xH5QqfQteRcg5uj38dyNQ4e9j9N6H gTAoLZ81awEJBC9WvplCN7DDk8N+2Zqlb0dTx4gPHAK/Nb+BxAWyNdYP+Zsz7/q2 pA8iDWrVWsjr2uDkQHjJAtMnWGmfQFe00pqPAC5fFe0NrsVv0uTgU60sqcse5+oq H1L6kNuQgCnQXO1SQPzu8zpihzNgGO2iPUv13BSxiFe2dQF+klMooKFc1FZG2gyO -----END CERTIFICATE-----Generated at Sun Jan 25 19:36:45 2026 by rpki-client