This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/bf9e51-cc2b-4ff4-86ac-2f7e52fb8bd3/1/zHx4boZUx9mQ4kmi1AyAMn8HdYg.roa File: zHx4boZUx9mQ4kmi1AyAMn8HdYg.roa (raw, json) Hash identifier: 2evdzACk+oevIsq4yxjXZwXVQi4UVdSShl8e3fPWgbU= Subject key identifier: CC:7C:78:6E:86:54:C7:D9:90:E2:49:A2:D4:0C:80:32:7F:07:75:88 Certificate issuer: /CN=6d3006dcd289c47f9f58e128eb29757239144bb6 Certificate serial: 019B7C7FF6742AE97D3FF508A62255619B5C Authority key identifier: 6D:30:06:DC:D2:89:C4:7F:9F:58:E1:28:EB:29:75:72:39:14:4B:B6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bTAG3NKJxH-fWOEo6yl1cjkUS7Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/bf9e51-cc2b-4ff4-86ac-2f7e52fb8bd3/1/zHx4boZUx9mQ4kmi1AyAMn8HdYg.roa Signing time: Fri 02 Jan 2026 02:18:39 +0000 ROA not before: Fri 02 Jan 2026 02:18:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204778 IP address blocks: 185.120.141.0/24 maxlen: 24 2a13:2180::/29 maxlen: 29 2a13:2180::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/bf9e51-cc2b-4ff4-86ac-2f7e52fb8bd3/1/bTAG3NKJxH-fWOEo6yl1cjkUS7Y.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/bf9e51-cc2b-4ff4-86ac-2f7e52fb8bd3/1/bTAG3NKJxH-fWOEo6yl1cjkUS7Y.mft rsync://rpki.ripe.net/repository/DEFAULT/bTAG3NKJxH-fWOEo6yl1cjkUS7Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:f6:74:2a:e9:7d:3f:f5:08:a6:22:55:61:9b:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6d3006dcd289c47f9f58e128eb29757239144bb6 Validity Not Before: Jan 2 02:18:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cc7c786e8654c7d990e249a2d40c80327f077588 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:f5:d7:cc:40:c4:cb:2b:73:99:bf:12:b4:55: bf:b1:9e:5a:31:15:3f:69:05:41:e4:3c:b6:46:50: 3a:7a:96:2f:cb:0a:8d:02:19:f0:23:eb:d4:22:72: d7:8e:54:6b:87:9f:fb:09:74:0d:b1:f9:79:27:0d: 3d:c2:ae:94:1b:ef:b0:32:91:70:ea:97:12:84:9a: d4:1f:54:75:12:d3:5d:04:89:67:6b:15:69:a0:14: 6a:ba:13:b9:f3:69:11:5a:bf:2f:91:7c:61:05:32: 1f:25:79:19:c9:09:19:73:6e:8e:4e:87:95:3c:44: 34:03:81:ef:30:20:12:e4:69:bd:25:5e:e4:8f:0e: bc:cd:63:22:52:fe:41:86:ab:0d:51:db:cd:4a:81: db:61:d0:9e:3d:01:33:11:87:24:8e:77:ef:e9:bd: 14:10:58:75:94:87:0e:23:5c:2e:10:5c:57:7b:f3: 09:14:3e:f5:c5:2c:ba:09:fe:3e:cc:cb:60:bb:81: 87:4b:f9:e6:f4:dc:80:69:84:02:68:f3:49:c1:d0: 37:57:19:b6:be:47:86:13:e6:65:17:1e:4a:5c:a5: 66:a7:bc:0a:21:04:50:ca:40:61:15:99:45:2c:54: 89:93:57:2c:0b:ca:d5:18:83:b3:5d:03:b5:4e:0c: 3d:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:7C:78:6E:86:54:C7:D9:90:E2:49:A2:D4:0C:80:32:7F:07:75:88 X509v3 Authority Key Identifier: keyid:6D:30:06:DC:D2:89:C4:7F:9F:58:E1:28:EB:29:75:72:39:14:4B:B6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bTAG3NKJxH-fWOEo6yl1cjkUS7Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/bf9e51-cc2b-4ff4-86ac-2f7e52fb8bd3/1/zHx4boZUx9mQ4kmi1AyAMn8HdYg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/bf9e51-cc2b-4ff4-86ac-2f7e52fb8bd3/1/bTAG3NKJxH-fWOEo6yl1cjkUS7Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.120.141.0/24 IPv6: 2a13:2180::/29 Signature Algorithm: sha256WithRSAEncryption 50:03:c3:ec:83:6d:4b:bb:b3:d3:e5:42:9b:2b:a5:be:66:6b: 3b:53:94:80:03:1e:5d:de:50:85:f8:d0:13:8c:54:16:ef:41: 44:e7:96:fe:40:2f:40:35:47:0a:a9:4d:54:48:f0:e0:f1:fe: 7d:04:88:a4:da:0e:4b:8e:4d:e5:b4:fd:cb:ae:9c:5a:7e:45: 41:e3:b1:3f:bb:71:81:c4:0a:a7:79:1b:51:eb:46:e6:d1:8f: ea:7a:0d:6d:c4:f9:03:04:92:0f:85:5c:b5:ea:cf:53:5f:b6: 03:d7:29:b9:16:6a:8e:b4:c4:16:f0:0a:64:8c:26:c2:35:8b: 0c:90:57:0a:15:9a:b6:69:c6:1f:79:38:15:66:02:4d:40:4f: 0d:d4:81:ef:bc:13:f2:fc:93:5d:30:7f:ef:b3:15:dc:ae:30: 9d:3d:eb:74:71:68:e0:a2:e0:d4:af:ea:b0:5e:e9:bf:7e:6c: 55:26:64:f2:f8:2f:95:55:79:0b:2c:5c:e0:f9:35:78:89:49: af:87:54:2b:7a:20:55:86:e4:57:46:80:80:ed:b7:73:6f:24: 12:a3:1a:17:23:04:3d:9c:f2:6a:e1:ad:36:7d:1c:22:39:b4: d8:de:5e:a3:8f:56:a9:e1:ef:03:49:f1:3b:23:cc:0d:ff:48: 4b:55:c5:01 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt8f/Z0Kul9P/UIpiJVYZtcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkMzAwNmRjZDI4OWM0N2Y5ZjU4ZTEyOGViMjk3NTcyMzkx NDRiYjYwHhcNMjYwMTAyMDIxODM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYzdjNzg2ZTg2NTRjN2Q5OTBlMjQ5YTJkNDBjODAzMjdmMDc3NTg4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/XXzEDEyytzmb8StFW/sZ5aMRU/ aQVB5Dy2RlA6epYvywqNAhnwI+vUInLXjlRrh5/7CXQNsfl5Jw09wq6UG++wMpFw 6pcShJrUH1R1EtNdBIlnaxVpoBRquhO582kRWr8vkXxhBTIfJXkZyQkZc26OToeV PEQ0A4HvMCAS5Gm9JV7kjw68zWMiUv5BhqsNUdvNSoHbYdCePQEzEYckjnfv6b0U EFh1lIcOI1wuEFxXe/MJFD71xSy6Cf4+zMtgu4GHS/nm9NyAaYQCaPNJwdA3Vxm2 vkeGE+ZlFx5KXKVmp7wKIQRQykBhFZlFLFSJk1csC8rVGIOzXQO1Tgw9kQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFMx8eG6GVMfZkOJJotQMgDJ/B3WIMB8GA1UdIwQY MBaAFG0wBtzSicR/n1jhKOspdXI5FEu2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlRBRzNOS0p4SC1mV09FbzZ5bDFjamtVUzdZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9iZjllNTEtY2MyYi00ZmY0LTg2YWMt MmY3ZTUyZmI4YmQzLzEvekh4NGJvWlV4OW1RNGttaTFBeUFNbjhIZFlnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy9iZjllNTEtY2MyYi00ZmY0LTg2YWMtMmY3ZTUyZmI4YmQz LzEvYlRBRzNOS0p4SC1mV09FbzZ5bDFjamtVUzdZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuXiNMA0E AgACMAcDBQMqEyGAMA0GCSqGSIb3DQEBCwUAA4IBAQBQA8Psg21Lu7PT5UKbK6W+ Zms7U5SAAx5d3lCF+NATjFQW70FE55b+QC9ANUcKqU1USPDg8f59BIik2g5Ljk3l tP3LrpxafkVB47E/u3GBxAqneRtR60bm0Y/qeg1txPkDBJIPhVy16s9TX7YD1ym5 FmqOtMQW8ApkjCbCNYsMkFcKFZq2acYfeTgVZgJNQE8N1IHvvBPy/JNdMH/vsxXc rjCdPet0cWjgouDUr+qwXum/fmxVJmTy+C+VVXkLLFzg+TV4iUmvh1QreiBVhuRX RoCA7bdzbyQSoxoXIwQ9nPJq4a02fRwiObTY3l6jj1ap4e8DSfE7I8wN/0hLVcUB -----END CERTIFICATE-----Generated at Sun Jan 25 22:12:34 2026 by rpki-client