This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/ZhVI6A7yr7ri4GCLLeKZeWj0x0g.roa File: ZhVI6A7yr7ri4GCLLeKZeWj0x0g.roa (raw, json) Hash identifier: RoqCMqDvqASNbsfdIC5YDSePIlxj7YcloZ7cYASt570= Subject key identifier: 66:15:48:E8:0E:F2:AF:BA:E2:E0:60:8B:2D:E2:99:79:68:F4:C7:48 Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2 Certificate serial: 019B7DCB225E436886CB330BF3C4B0FA8203 Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/ZhVI6A7yr7ri4GCLLeKZeWj0x0g.roa Signing time: Fri 02 Jan 2026 08:20:22 +0000 ROA not before: Fri 02 Jan 2026 08:20:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51395 IP address blocks: 2a0b:7140:4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.mft rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:22:5e:43:68:86:cb:33:0b:f3:c4:b0:fa:82:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2 Validity Not Before: Jan 2 08:20:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=661548e80ef2afbae2e0608b2de2997968f4c748 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:09:d7:db:1c:91:5d:a1:68:f3:97:66:6a:4e: 9f:ac:e5:92:27:d5:21:6b:a4:2e:d6:f1:b5:d4:5d: e8:57:08:b2:70:69:1c:f7:f9:48:85:a6:b7:60:85: ce:8f:40:eb:2b:f4:56:98:c0:3d:00:8b:5d:b1:c6: f8:e9:a3:dc:ac:8c:88:f4:2a:59:5a:f6:ee:77:e8: d1:7c:3c:34:b5:b6:e4:d6:e8:5d:31:1a:7e:62:62: 6f:a5:18:9e:3c:77:b8:d1:62:01:ec:e3:6b:a6:74: 38:8f:dd:b9:fa:6b:91:c9:27:51:b1:0a:31:13:df: 99:68:7a:e2:8b:ff:24:82:d3:5b:d4:26:38:90:ed: 21:3d:38:18:4b:a9:bd:8e:70:aa:f3:bf:b3:ed:b8: 99:a8:c4:8d:a1:4b:18:47:ee:94:2b:30:02:08:41: a5:49:0d:7b:00:57:0d:dc:22:4e:18:0d:5f:6e:4b: 01:73:79:d3:c9:94:12:af:a4:95:ee:0c:5d:67:f3: 33:b6:57:b1:e8:66:52:03:0e:1b:13:55:1a:95:ad: 07:46:3a:c4:9d:15:88:c6:11:69:76:7b:39:f2:69: 0c:c7:b6:7d:ec:db:5f:7a:b7:2d:b4:bd:39:dc:1e: f8:9b:59:d8:3b:ba:8c:d8:6a:8d:fb:a7:4a:14:f7: cd:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:15:48:E8:0E:F2:AF:BA:E2:E0:60:8B:2D:E2:99:79:68:F4:C7:48 X509v3 Authority Key Identifier: keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/ZhVI6A7yr7ri4GCLLeKZeWj0x0g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0b:7140:4::/48 Signature Algorithm: sha256WithRSAEncryption 45:64:c2:f6:d7:b2:2c:60:3e:f5:05:be:b0:90:af:0c:b0:ad: 78:a0:d3:bb:fc:c2:22:1a:e7:23:b1:1f:02:e8:0a:03:60:88: e0:80:4f:98:cf:ac:63:d4:55:12:7b:85:4d:86:17:53:20:16: e2:8e:7f:00:d8:ac:1b:30:a9:20:70:3c:86:e8:ce:b3:a6:03: 43:27:23:ef:c6:56:70:19:63:26:54:32:ae:d1:ea:a3:f1:8e: 61:ee:c1:d4:22:f7:a5:30:2a:26:0b:1c:1a:88:9b:37:45:9d: 94:68:5b:5c:9f:21:59:65:c7:77:d4:34:e7:62:68:3f:35:09: be:4c:2c:e2:a6:b0:0f:7f:99:d7:7b:02:0a:40:c6:bf:d9:74: 69:5b:d2:91:58:5a:07:c4:eb:e8:3a:66:b0:e3:a6:43:54:da: a4:3f:46:e3:85:dc:8d:21:5e:87:c5:fa:9b:e5:6c:78:6f:a6: 7a:3e:54:28:a1:33:ec:67:e5:45:81:a4:74:36:5a:dd:22:d7: cc:d2:a8:ed:60:2f:1c:e8:39:ef:ad:0a:ad:d0:1b:25:76:ec: 46:9d:0b:e3:86:17:87:9e:82:a9:d5:83:58:fb:02:45:b5:46: 6e:b6:02:64:b3:e4:9d:36:d8:33:50:59:0a:f1:08:e0:8a:65: 86:08:f0:13 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt9yyJeQ2iGyzML88Sw+oIDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy MWZjZjIwHhcNMjYwMTAyMDgyMDIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NjE1NDhlODBlZjJhZmJhZTJlMDYwOGIyZGUyOTk3OTY4ZjRjNzQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgnX2xyRXaFo85dmak6frOWSJ9Uh a6Qu1vG11F3oVwiycGkc9/lIhaa3YIXOj0DrK/RWmMA9AItdscb46aPcrIyI9CpZ Wvbud+jRfDw0tbbk1uhdMRp+YmJvpRiePHe40WIB7ONrpnQ4j925+muRySdRsQox E9+ZaHrii/8kgtNb1CY4kO0hPTgYS6m9jnCq87+z7biZqMSNoUsYR+6UKzACCEGl SQ17AFcN3CJOGA1fbksBc3nTyZQSr6SV7gxdZ/Mztlex6GZSAw4bE1Uala0HRjrE nRWIxhFpdns58mkMx7Z97NtfercttL053B74m1nYO7qM2GqN+6dKFPfNKwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFGYVSOgO8q+64uBgiy3imXlo9MdIMB8GA1UdIwQY MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt Mzk1NTk1OWVhZjgxLzEvWmhWSTZBN3lyN3JpNEdDTExlS1plV2oweDBnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgtxQAAE MA0GCSqGSIb3DQEBCwUAA4IBAQBFZML217IsYD71Bb6wkK8MsK14oNO7/MIiGucj sR8C6AoDYIjggE+Yz6xj1FUSe4VNhhdTIBbijn8A2KwbMKkgcDyG6M6zpgNDJyPv xlZwGWMmVDKu0eqj8Y5h7sHUIvelMComCxwaiJs3RZ2UaFtcnyFZZcd31DTnYmg/ NQm+TCziprAPf5nXewIKQMa/2XRpW9KRWFoHxOvoOmaw46ZDVNqkP0bjhdyNIV6H xfqb5Wx4b6Z6PlQooTPsZ+VFgaR0NlrdItfM0qjtYC8c6DnvrQqt0BslduxGnQvj hheHnoKp1YNY+wJFtUZutgJks+SdNtgzUFkK8QjgimWGCPAT -----END CERTIFICATE-----Generated at Sun Jan 25 18:08:55 2026 by rpki-client