This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2607fb-6b84-456e-aa09-9d8bc8115f68/1/rz6RNvNT6rFMHWEHKtScJPlIWP0.roa File: rz6RNvNT6rFMHWEHKtScJPlIWP0.roa (raw, json) Hash identifier: 10DDyOgYR+xyUk2Wn7NL3jHpOF/gWWoZiYOlgVYeGzQ= Subject key identifier: AF:3E:91:36:F3:53:EA:B1:4C:1D:61:07:2A:D4:9C:24:F9:48:58:FD Certificate issuer: /CN=04d3c5de9ff3cce131c8bfcdcce333947d92635e Certificate serial: 019ADF4F021E7ED29FC87EC3262ED636D8C0 Authority key identifier: 04:D3:C5:DE:9F:F3:CC:E1:31:C8:BF:CD:CC:E3:33:94:7D:92:63:5E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BNPF3p_zzOExyL_NzOMzlH2SY14.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2607fb-6b84-456e-aa09-9d8bc8115f68/1/rz6RNvNT6rFMHWEHKtScJPlIWP0.roa Signing time: Tue 02 Dec 2025 13:44:48 +0000 ROA not before: Tue 02 Dec 2025 13:44:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 214824 IP address blocks: 91.226.244.0/24 maxlen: 24 2a14:4e40::/64 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/2607fb-6b84-456e-aa09-9d8bc8115f68/1/BNPF3p_zzOExyL_NzOMzlH2SY14.crl rsync://rpki.ripe.net/repository/DEFAULT/21/2607fb-6b84-456e-aa09-9d8bc8115f68/1/BNPF3p_zzOExyL_NzOMzlH2SY14.mft rsync://rpki.ripe.net/repository/DEFAULT/BNPF3p_zzOExyL_NzOMzlH2SY14.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:df:4f:02:1e:7e:d2:9f:c8:7e:c3:26:2e:d6:36:d8:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=04d3c5de9ff3cce131c8bfcdcce333947d92635e Validity Not Before: Dec 2 13:44:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=af3e9136f353eab14c1d61072ad49c24f94858fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:6c:f4:a9:da:e6:43:ca:61:03:5c:0b:3f:6f: bd:a6:84:cc:08:6b:d6:6e:5f:ca:78:c5:30:71:48: 53:4d:d8:58:76:9e:a0:dd:eb:96:0d:95:1e:f7:54: 18:f3:37:36:c7:6e:62:0c:c7:20:a3:59:5e:79:d8: 7c:92:a7:04:5e:2a:94:20:d4:7f:9c:eb:51:82:45: 2e:d0:a6:0d:af:29:a5:0a:4a:a3:9e:21:91:26:27: 07:c6:5f:b8:26:46:72:b0:29:25:8b:bc:88:88:8b: 85:1b:8f:7a:ef:74:06:46:dd:c8:d2:39:9a:d4:c9: 20:62:59:d7:e0:c3:40:d9:27:66:ca:a3:6b:24:9a: ea:ee:05:19:a8:12:d2:cd:d0:d4:b6:c9:12:d4:cd: 39:13:06:83:9d:1f:69:74:03:e5:e4:cf:b6:86:ab: a9:fd:e2:5b:a2:00:e2:12:b1:ba:28:70:0f:55:9f: a5:17:07:87:f9:3e:7d:6c:12:25:65:47:2d:08:e9: c8:a4:2e:e4:27:3d:2e:6a:04:c6:b2:84:58:93:f0: 86:45:de:ea:c0:4f:5a:f6:9b:fa:d4:0b:77:41:d9: 2d:72:ea:a9:81:3d:dd:20:be:d1:8c:c6:e1:50:65: 53:9c:a0:02:4c:29:d9:2e:e5:7f:70:d3:53:e4:a6: 5e:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:3E:91:36:F3:53:EA:B1:4C:1D:61:07:2A:D4:9C:24:F9:48:58:FD X509v3 Authority Key Identifier: keyid:04:D3:C5:DE:9F:F3:CC:E1:31:C8:BF:CD:CC:E3:33:94:7D:92:63:5E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BNPF3p_zzOExyL_NzOMzlH2SY14.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2607fb-6b84-456e-aa09-9d8bc8115f68/1/rz6RNvNT6rFMHWEHKtScJPlIWP0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2607fb-6b84-456e-aa09-9d8bc8115f68/1/BNPF3p_zzOExyL_NzOMzlH2SY14.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.226.244.0/24 IPv6: 2a14:4e40::/64 Signature Algorithm: sha256WithRSAEncryption 4d:3d:bc:49:6d:d5:7d:74:06:ba:7b:0c:8b:be:99:df:68:1e: 5c:33:a8:47:a8:b9:7c:fa:fb:ec:2a:bb:bb:0f:4b:03:b8:2b: d3:ca:81:c8:9f:52:38:e1:d5:7e:0a:12:b9:ec:1a:ba:f6:36: fc:3e:4a:da:4d:30:79:ce:28:5f:f7:61:1a:3e:11:e5:e0:99: e6:5d:a1:6b:a5:a4:ce:d7:53:8f:24:30:1d:c9:ff:6b:ff:20: 80:c3:69:59:8a:ce:b2:86:96:05:5f:62:3f:d7:7b:97:63:4e: 5d:1a:7e:23:5d:4b:6a:4e:a1:bf:f7:87:a5:68:9f:ec:a3:7a: e8:84:2d:2c:1c:c8:d7:44:96:cf:01:5b:0d:b1:fd:d2:e0:ed: f7:fd:80:76:f1:e3:9b:97:41:8d:6e:77:12:40:a9:c9:3e:aa: 78:0a:0d:50:32:4d:55:cb:39:ac:55:08:81:2f:62:c7:10:bf: 02:fd:0d:e4:07:0a:b9:c5:78:dc:ac:0e:41:3c:4d:cb:e0:b3: c7:8e:96:b4:5b:34:14:e9:2f:d9:e9:3e:f7:7a:81:ca:67:34: dd:76:3e:2f:c2:d2:3e:a6:8b:27:fb:eb:2c:8f:71:0e:82:af: 6c:53:84:c0:5f:fc:cd:61:98:55:b9:bb:93:48:8c:a6:74:04: 63:0a:79:1d -----BEGIN CERTIFICATE----- MIIFEDCCA/igAwIBAgISAZrfTwIeftKfyH7DJi7WNtjAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA0ZDNjNWRlOWZmM2NjZTEzMWM4YmZjZGNjZTMzMzk0N2Q5 MjYzNWUwHhcNMjUxMjAyMTM0NDQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZjNlOTEzNmYzNTNlYWIxNGMxZDYxMDcyYWQ0OWMyNGY5NDg1OGZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWz0qdrmQ8phA1wLP2+9poTMCGvW bl/KeMUwcUhTTdhYdp6g3euWDZUe91QY8zc2x25iDMcgo1leedh8kqcEXiqUINR/ nOtRgkUu0KYNrymlCkqjniGRJicHxl+4JkZysCkli7yIiIuFG49673QGRt3I0jma 1MkgYlnX4MNA2SdmyqNrJJrq7gUZqBLSzdDUtskS1M05EwaDnR9pdAPl5M+2hqup /eJbogDiErG6KHAPVZ+lFweH+T59bBIlZUctCOnIpC7kJz0uagTGsoRYk/CGRd7q wE9a9pv61At3QdktcuqpgT3dIL7RjMbhUGVTnKACTCnZLuV/cNNT5KZewwIDAQAB o4ICHDCCAhgwHQYDVR0OBBYEFK8+kTbzU+qxTB1hByrUnCT5SFj9MB8GA1UdIwQY MBaAFATTxd6f88zhMci/zczjM5R9kmNeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQk5QRjNwX3p6T0V4eUxfTnpPTXpsSDJTWTE0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yNjA3ZmItNmI4NC00NTZlLWFhMDkt OWQ4YmM4MTE1ZjY4LzEvcno2Uk52TlQ2ckZNSFdFSEt0U2NKUGxJV1AwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS8yNjA3ZmItNmI4NC00NTZlLWFhMDktOWQ4YmM4MTE1ZjY4 LzEvQk5QRjNwX3p6T0V4eUxfTnpPTXpsSDJTWTE0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAMBAIAATAGAwQAW+L0MBEE AgACMAsDCQAqFE5AAAAAADANBgkqhkiG9w0BAQsFAAOCAQEATT28SW3VfXQGunsM i76Z32geXDOoR6i5fPr77Cq7uw9LA7gr08qByJ9SOOHVfgoSuewauvY2/D5K2k0w ec4oX/dhGj4R5eCZ5l2ha6WkztdTjyQwHcn/a/8ggMNpWYrOsoaWBV9iP9d7l2NO XRp+I11Lak6hv/eHpWif7KN66IQtLBzI10SWzwFbDbH90uDt9/2AdvHjm5dBjW53 EkCpyT6qeAoNUDJNVcs5rFUIgS9ixxC/Av0N5AcKucV43KwOQTxNy+Czx46WtFs0 FOkv2ek+93qBymc03XY+L8LSPqaLJ/vrLI9xDoKvbFOEwF/8zWGYVbm7k0iMpnQE Ywp5HQ== -----END CERTIFICATE-----Generated at Sat Dec 6 21:30:19 2025 by rpki-client