This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ZhB3SHNyZsayrfOH0UW61vc7vmA.roa File: ZhB3SHNyZsayrfOH0UW61vc7vmA.roa (raw, json) Hash identifier: mWJxQJcBLaSuCYVydxxPxheALcOefDmmGX4VM1mnW5w= Subject key identifier: 66:10:77:48:73:72:66:C6:B2:AD:F3:87:D1:45:BA:D6:F7:3B:BE:60 Certificate issuer: /CN=1027a8a61299b80a3e71d1a981427ec00b849d17 Certificate serial: 019B7B369B186CA360BACF79854A460ACF94 Authority key identifier: 10:27:A8:A6:12:99:B8:0A:3E:71:D1:A9:81:42:7E:C0:0B:84:9D:17 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ZhB3SHNyZsayrfOH0UW61vc7vmA.roa Signing time: Thu 01 Jan 2026 20:18:54 +0000 ROA not before: Thu 01 Jan 2026 20:18:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8455 IP address blocks: 31.22.80.0/21 maxlen: 21 31.22.84.0/24 maxlen: 24 45.148.184.0/22 maxlen: 22 45.148.187.0/24 maxlen: 24 95.142.96.0/20 maxlen: 20 130.193.4.0/24 maxlen: 24 178.237.32.0/20 maxlen: 20 178.237.34.0/24 maxlen: 24 178.237.42.0/24 maxlen: 24 178.237.43.0/24 maxlen: 24 185.27.16.0/22 maxlen: 22 193.22.161.0/24 maxlen: 24 2a00:1188::/29 maxlen: 29 2a00:1188:8::/48 maxlen: 48 2a00:1188:9::/48 maxlen: 48 2a00:1188:b::/48 maxlen: 48 2a00:1188:c::/48 maxlen: 48 2a00:1188:d::/48 maxlen: 48 2a00:1188:13::/48 maxlen: 48 2a00:1188:19::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.mft rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:9b:18:6c:a3:60:ba:cf:79:85:4a:46:0a:cf:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1027a8a61299b80a3e71d1a981427ec00b849d17 Validity Not Before: Jan 1 20:18:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=66107748737266c6b2adf387d145bad6f73bbe60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:a1:80:fa:9e:f9:fc:51:e0:98:c1:ac:02:36: 15:8d:9f:17:f0:d7:58:3d:e5:a0:0a:0a:b6:70:7c: 68:c9:3c:4d:48:ef:ff:87:c8:a3:07:98:03:98:40: ce:92:76:d0:ba:b3:63:d6:0f:c9:4d:96:14:e2:95: 95:f2:d3:39:d0:6e:79:b2:6d:c2:a5:74:5b:bb:33: a9:8a:bf:74:fc:28:2d:04:fb:43:c8:46:72:da:51: c7:59:22:7b:cd:19:4c:9e:2f:3e:b1:8a:03:7e:7a: 58:6a:a3:66:14:1e:0f:fe:ce:41:d3:2f:e5:ea:ec: 17:2b:7f:54:8a:d4:0a:6e:03:e2:c9:c6:02:16:21: 4b:7b:81:e9:b6:93:e9:ce:27:20:e1:ae:b9:ca:89: 57:79:59:a1:d5:33:e6:9d:1f:5f:af:cc:7b:f9:7b: 72:a0:a4:69:45:69:c8:2d:c7:b9:70:15:b7:76:05: 61:93:ab:c0:46:ac:91:7c:e1:f2:71:3c:0b:85:2a: 16:b4:e1:b1:9a:60:8c:1c:9f:d7:f9:4f:85:89:03: 04:4b:30:58:d8:af:3c:9a:75:90:a4:87:6f:d0:a6: d0:6d:0d:5f:fb:36:81:26:e4:d4:b6:d8:3f:d2:e8: 33:2b:b3:c8:73:c3:a0:04:eb:3b:a8:26:2a:96:71: f2:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:10:77:48:73:72:66:C6:B2:AD:F3:87:D1:45:BA:D6:F7:3B:BE:60 X509v3 Authority Key Identifier: keyid:10:27:A8:A6:12:99:B8:0A:3E:71:D1:A9:81:42:7E:C0:0B:84:9D:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ZhB3SHNyZsayrfOH0UW61vc7vmA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.22.80.0/21 45.148.184.0/22 95.142.96.0/20 130.193.4.0/24 178.237.32.0/20 185.27.16.0/22 193.22.161.0/24 IPv6: 2a00:1188::/29 Signature Algorithm: sha256WithRSAEncryption 5c:31:d0:12:95:8c:bf:68:d5:42:dc:69:ff:44:d9:b6:a2:4e: 93:44:e6:dc:81:89:9f:a3:98:61:8b:a1:8f:24:d6:bc:74:f9: 57:5e:2b:d2:d0:31:5d:48:7d:9b:f7:e0:e0:78:09:56:f2:be: ff:4a:ff:8f:88:8e:ca:b8:df:4b:21:c0:89:b4:e0:93:a8:23: fa:0f:68:02:de:d1:77:82:a2:83:27:3e:a7:7e:5a:9c:06:f3: c3:12:4b:2d:70:76:88:ca:a4:77:1f:96:c3:56:fd:62:d2:bb: 19:52:31:f4:f2:78:e4:c7:c8:bd:51:e3:a2:6d:5e:d2:e5:5d: e4:6e:98:90:07:99:53:68:b1:cb:da:fe:fd:f6:6f:af:66:11: c1:86:cc:95:1f:1e:bb:1b:82:94:4e:61:42:b6:0c:ae:da:8f: f6:7a:fa:a1:51:ba:b3:74:04:7c:a4:1c:25:27:3c:14:29:b8: 97:ea:be:65:5c:78:3e:a7:18:dd:b6:0d:86:19:ed:c2:ac:ab: 60:fb:cf:3b:38:ce:ea:97:96:f5:ad:05:92:cd:da:74:e8:1a: 13:4c:ba:77:56:78:68:e1:77:c7:d3:98:5e:49:69:5b:81:eb: d3:88:9a:77:1d:47:89:34:13:eb:91:64:b2:dd:d2:d9:72:14: e6:2d:ef:8a -----BEGIN CERTIFICATE----- MIIFMDCCBBigAwIBAgISAZt7NpsYbKNgus95hUpGCs+UMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEwMjdhOGE2MTI5OWI4MGEzZTcxZDFhOTgxNDI3ZWMwMGI4 NDlkMTcwHhcNMjYwMTAxMjAxODU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NjEwNzc0ODczNzI2NmM2YjJhZGYzODdkMTQ1YmFkNmY3M2JiZTYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1KGA+p75/FHgmMGsAjYVjZ8X8NdY PeWgCgq2cHxoyTxNSO//h8ijB5gDmEDOknbQurNj1g/JTZYU4pWV8tM50G55sm3C pXRbuzOpir90/CgtBPtDyEZy2lHHWSJ7zRlMni8+sYoDfnpYaqNmFB4P/s5B0y/l 6uwXK39UitQKbgPiycYCFiFLe4HptpPpzicg4a65yolXeVmh1TPmnR9fr8x7+Xty oKRpRWnILce5cBW3dgVhk6vARqyRfOHycTwLhSoWtOGxmmCMHJ/X+U+FiQMESzBY 2K88mnWQpIdv0KbQbQ1f+zaBJuTUttg/0ugzK7PIc8OgBOs7qCYqlnHyswIDAQAB o4ICPDCCAjgwHQYDVR0OBBYEFGYQd0hzcmbGsq3zh9FFutb3O75gMB8GA1UdIwQY MBaAFBAnqKYSmbgKPnHRqYFCfsALhJ0XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRUNlb3BoS1p1QW8tY2RHcGdVSi13QXVFblJjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYTlkMTMtOGNhNi00NTc3LWE1OWMt OWRkOTk3ZWVmNGVmLzEvWmhCM1NITnlac2F5cmZPSDBVVzYxdmM3dm1BLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS9iYTlkMTMtOGNhNi00NTc3LWE1OWMtOWRkOTk3ZWVmNGVm LzEvRUNlb3BoS1p1QW8tY2RHcGdVSi13QXVFblJjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDHxZQAwQC LZS4AwQEX45gAwQAgsEEAwQEsu0gAwQCuRsQAwQAwRahMA0EAgACMAcDBQMqABGI MA0GCSqGSIb3DQEBCwUAA4IBAQBcMdASlYy/aNVC3Gn/RNm2ok6TRObcgYmfo5hh i6GPJNa8dPlXXivS0DFdSH2b9+DgeAlW8r7/Sv+PiI7KuN9LIcCJtOCTqCP6D2gC 3tF3gqKDJz6nflqcBvPDEkstcHaIyqR3H5bDVv1i0rsZUjH08njkx8i9UeOibV7S 5V3kbpiQB5lTaLHL2v799m+vZhHBhsyVHx67G4KUTmFCtgyu2o/2evqhUbqzdAR8 pBwlJzwUKbiX6r5lXHg+pxjdtg2GGe3CrKtg+887OM7ql5b1rQWSzdp06BoTTLp3 Vnho4XfH05heSWlbgevTiJp3HUeJNBPrkWSy3dLZchTmLe+K -----END CERTIFICATE-----Generated at Mon Jan 26 10:53:00 2026 by rpki-client