This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/zmd5DMlEMs7x1X9PCKsNsTMW85A.roa File: zmd5DMlEMs7x1X9PCKsNsTMW85A.roa (raw, json) Hash identifier: +YU6hVZe0+5DtmTz9/lx0AEtMcLkshGqyIbMlS0ia0E= Subject key identifier: CE:67:79:0C:C9:44:32:CE:F1:D5:7F:4F:08:AB:0D:B1:33:16:F3:90 Certificate issuer: /CN=5ee004befa553ddb35564fb7762b05eb222ecf93 Certificate serial: 019B7EA6EF13D4A34CFD4412E6BDB80FFA3C Authority key identifier: 5E:E0:04:BE:FA:55:3D:DB:35:56:4F:B7:76:2B:05:EB:22:2E:CF:93 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/zmd5DMlEMs7x1X9PCKsNsTMW85A.roa Signing time: Fri 02 Jan 2026 12:20:27 +0000 ROA not before: Fri 02 Jan 2026 12:20:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50611 IP address blocks: 185.95.96.0/23 maxlen: 24 185.95.98.0/23 maxlen: 24 2a00:1c3e:96::/47 maxlen: 48 2a00:1c3e:98::/47 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.mft rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 18:01:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:ef:13:d4:a3:4c:fd:44:12:e6:bd:b8:0f:fa:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5ee004befa553ddb35564fb7762b05eb222ecf93 Validity Not Before: Jan 2 12:20:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ce67790cc94432cef1d57f4f08ab0db13316f390 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:7f:53:d5:b0:36:3c:8d:51:05:c8:37:4e:c7: 07:40:2d:82:eb:f8:f7:04:8a:57:c9:e8:1c:b1:c1: a0:fa:79:9c:f9:e9:18:1c:78:39:2a:bc:71:7f:8b: 2e:81:34:54:de:8d:97:55:ac:fa:14:35:1f:34:44: 74:b1:94:0e:63:40:28:21:7c:1d:49:0a:de:5f:84: b8:cf:91:88:4a:e1:5e:78:bd:5d:c2:aa:db:a6:61: 0e:0a:4f:9f:4c:82:c1:9b:19:ad:98:bb:0a:ea:05: 6a:7e:d2:48:18:ec:db:82:9a:0b:dd:16:33:53:d5: 63:b8:26:de:5d:83:fc:39:c2:00:67:0f:56:c8:05: b4:f4:61:cb:3b:21:eb:5f:3c:b9:b8:ac:e8:17:f6: 87:34:7a:0c:c0:17:13:ea:7a:eb:85:c0:34:c7:14: ae:45:7a:c1:01:65:88:19:2a:97:fe:a0:f6:99:1d: 44:b5:a6:de:22:6b:34:a8:74:e0:11:dc:bb:89:bb: 93:5a:f7:be:5c:e8:d7:99:bc:8b:6f:c5:ce:10:ae: b2:b8:ea:30:da:b4:c2:39:67:cf:01:09:0d:cf:95: a3:fa:f9:94:fe:ea:28:ea:1c:42:48:7e:cc:de:8a: 95:9d:e4:82:a6:d9:68:fc:43:2f:6f:6d:c9:42:a3: 35:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:67:79:0C:C9:44:32:CE:F1:D5:7F:4F:08:AB:0D:B1:33:16:F3:90 X509v3 Authority Key Identifier: keyid:5E:E0:04:BE:FA:55:3D:DB:35:56:4F:B7:76:2B:05:EB:22:2E:CF:93 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/zmd5DMlEMs7x1X9PCKsNsTMW85A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.95.96.0/22 IPv6: 2a00:1c3e:96::-2a00:1c3e:99:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 33:41:9a:55:a0:90:13:93:8f:7c:ad:0e:0f:f3:ee:6f:f7:b7: 9c:16:49:5a:69:d7:a9:01:77:fa:25:20:75:2a:58:5f:4c:db: 6e:12:36:4f:52:ed:61:9a:0e:e7:5d:01:8d:d5:82:e4:6c:63: 31:15:b1:8f:f9:db:09:6c:a2:12:82:da:d3:97:cc:3d:87:9c: e8:be:93:6b:5e:23:18:14:4d:75:b8:76:62:14:9f:46:4d:5e: a8:00:6f:3e:53:db:c9:85:30:65:a8:96:31:df:b7:42:a2:05: af:f6:05:47:bc:b2:9f:f1:41:3e:a4:39:20:c6:66:a3:cc:cd: 46:6c:0b:cd:35:6a:9e:ba:8a:9d:70:c4:e0:0b:af:08:52:ac: 4b:bd:9e:87:16:1c:87:a3:41:39:35:89:c6:c7:70:f7:cc:0f: ef:a6:de:93:fc:5a:a7:43:04:db:6b:21:78:3a:62:52:f8:00: 38:36:de:a1:c3:d8:fe:73:f0:3d:32:c7:3c:56:16:0e:88:ca: 05:5d:10:bf:cb:56:25:e9:01:c7:07:89:53:a7:13:17:3d:3c: ff:32:fd:d1:e8:2e:df:9b:2d:16:ff:8b:8c:a7:13:e2:e3:cc: 2f:8c:ad:dd:7a:81:86:2c:ad:2d:cc:fa:41:46:b2:a8:b1:fc: b6:bd:54:40 -----BEGIN CERTIFICATE----- MIIFGTCCBAGgAwIBAgISAZt+pu8T1KNM/UQS5r24D/o8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlZTAwNGJlZmE1NTNkZGIzNTU2NGZiNzc2MmIwNWViMjIy ZWNmOTMwHhcNMjYwMTAyMTIyMDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZTY3NzkwY2M5NDQzMmNlZjFkNTdmNGYwOGFiMGRiMTMzMTZmMzkwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAun9T1bA2PI1RBcg3TscHQC2C6/j3 BIpXyegcscGg+nmc+ekYHHg5Krxxf4sugTRU3o2XVaz6FDUfNER0sZQOY0AoIXwd SQreX4S4z5GISuFeeL1dwqrbpmEOCk+fTILBmxmtmLsK6gVqftJIGOzbgpoL3RYz U9VjuCbeXYP8OcIAZw9WyAW09GHLOyHrXzy5uKzoF/aHNHoMwBcT6nrrhcA0xxSu RXrBAWWIGSqX/qD2mR1EtabeIms0qHTgEdy7ibuTWve+XOjXmbyLb8XOEK6yuOow 2rTCOWfPAQkNz5Wj+vmU/uoo6hxCSH7M3oqVneSCptlo/EMvb23JQqM1VwIDAQAB o4ICJTCCAiEwHQYDVR0OBBYEFM5neQzJRDLO8dV/TwirDbEzFvOQMB8GA1UdIwQY MBaAFF7gBL76VT3bNVZPt3YrBesiLs+TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHVBRXZ2cFZQZHMxVmstM2Rpc0Y2eUl1ejVNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zYzM1ZWEtN2M5YS00OGUyLWIzYjIt ZTIyOGFhYjQ1MDE0LzEvem1kNURNbEVNczd4MVg5UENLc05zVE1XODVBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi8zYzM1ZWEtN2M5YS00OGUyLWIzYjItZTIyOGFhYjQ1MDE0 LzEvWHVBRXZ2cFZQZHMxVmstM2Rpc0Y2eUl1ejVNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQCuV9gMBoE AgACMBQwEgMHASoAHD4AlgMHASoAHD4AmDANBgkqhkiG9w0BAQsFAAOCAQEAM0Ga VaCQE5OPfK0OD/Pub/e3nBZJWmnXqQF3+iUgdSpYX0zbbhI2T1LtYZoO510BjdWC 5GxjMRWxj/nbCWyiEoLa05fMPYec6L6Ta14jGBRNdbh2YhSfRk1eqABvPlPbyYUw ZaiWMd+3QqIFr/YFR7yyn/FBPqQ5IMZmo8zNRmwLzTVqnrqKnXDE4AuvCFKsS72e hxYch6NBOTWJxsdw98wP76bek/xap0ME22sheDpiUvgAODbeocPY/nPwPTLHPFYW DojKBV0Qv8tWJekBxweJU6cTFz08/zL90egu35stFv+LjKcT4uPML4yt3XqBhiyt Lcz6QUayqLH8tr1UQA== -----END CERTIFICATE-----Generated at Mon Jan 26 03:57:06 2026 by rpki-client