This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/dzTzYf-TKYJMVkOvvaBfstjTJ9w.roa File: dzTzYf-TKYJMVkOvvaBfstjTJ9w.roa (raw, json) Hash identifier: ZIgS2/isxUOPCfVNIh153dBZ1pmUGjEqXD0BSekDaHQ= Subject key identifier: 77:34:F3:61:FF:93:29:82:4C:56:43:AF:BD:A0:5F:B2:D8:D3:27:DC Certificate issuer: /CN=424ab8c7cf7403b5620a1b813e6ad1da0dacb44d Certificate serial: 019B797ECE00B9F1AF7DF7A307B724450663 Authority key identifier: 42:4A:B8:C7:CF:74:03:B5:62:0A:1B:81:3E:6A:D1:DA:0D:AC:B4:4D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qkq4x890A7ViChuBPmrR2g2stE0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/dzTzYf-TKYJMVkOvvaBfstjTJ9w.roa Signing time: Thu 01 Jan 2026 12:18:31 +0000 ROA not before: Thu 01 Jan 2026 12:18:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60522 IP address blocks: 185.188.108.0/22 maxlen: 24 2a0b:bf80::/32 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/Qkq4x890A7ViChuBPmrR2g2stE0.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/Qkq4x890A7ViChuBPmrR2g2stE0.mft rsync://rpki.ripe.net/repository/DEFAULT/Qkq4x890A7ViChuBPmrR2g2stE0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 06:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:ce:00:b9:f1:af:7d:f7:a3:07:b7:24:45:06:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=424ab8c7cf7403b5620a1b813e6ad1da0dacb44d Validity Not Before: Jan 1 12:18:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7734f361ff9329824c5643afbda05fb2d8d327dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:0b:ef:a0:61:0d:e2:01:40:ea:f4:46:a0:cc: 57:f7:66:2f:7e:ff:92:4d:28:f2:fe:66:8c:27:52: 66:ac:57:03:ab:e8:50:e9:40:f2:e8:fe:6e:4b:90: 80:c2:69:42:64:14:c0:d2:62:31:43:c3:46:78:cc: ac:e1:7e:63:46:31:64:1d:56:45:13:5b:13:b4:f9: c4:21:c4:f5:95:18:b9:68:1e:9c:22:d8:8d:ee:ee: 88:a4:cc:48:c5:f1:67:4e:da:dc:31:f2:e2:af:58: 43:32:16:94:b4:44:78:24:ea:a5:4c:d1:4f:0e:b1: 86:2e:b5:93:2d:85:76:a3:8e:cf:b5:1f:8a:a2:5d: 6d:d5:e8:80:3f:a0:61:95:e9:f2:c0:e8:90:b4:ae: 4c:08:31:f1:71:6f:f1:e4:09:4f:43:9d:22:52:9a: 8f:f6:af:28:62:fd:20:af:dc:49:28:28:14:55:22: 7d:a6:0a:61:ca:ea:eb:58:83:f3:c9:dd:47:a5:7e: 6d:91:cb:17:3e:36:3f:88:f5:3f:10:f1:e7:ed:27: d0:41:81:bb:b4:05:68:45:ed:03:ec:7f:55:5e:8e: 9e:99:4d:3a:7c:35:0b:3b:46:71:59:34:9b:20:00: e0:80:b8:27:e9:c6:41:b4:41:b7:8c:ce:1e:58:3f: 00:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:34:F3:61:FF:93:29:82:4C:56:43:AF:BD:A0:5F:B2:D8:D3:27:DC X509v3 Authority Key Identifier: keyid:42:4A:B8:C7:CF:74:03:B5:62:0A:1B:81:3E:6A:D1:DA:0D:AC:B4:4D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qkq4x890A7ViChuBPmrR2g2stE0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/dzTzYf-TKYJMVkOvvaBfstjTJ9w.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/Qkq4x890A7ViChuBPmrR2g2stE0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.188.108.0/22 IPv6: 2a0b:bf80::/32 Signature Algorithm: sha256WithRSAEncryption 53:7d:a9:9b:46:65:d8:2f:89:a1:bc:c3:f8:66:47:c9:2b:bd: 02:ff:41:90:4b:d4:79:27:24:af:42:5f:e1:b9:7a:13:d8:1e: fe:b1:f7:eb:23:85:3a:3b:f5:23:20:0b:89:19:4b:1b:77:ba: 45:7d:ba:fe:d5:a4:10:7e:26:f8:76:70:d6:cb:a0:da:19:47: 7c:05:21:1c:f5:6d:ca:50:34:03:15:97:28:a0:22:61:a8:e5: 21:9b:dc:56:cd:86:07:90:2c:08:89:c7:0a:9f:78:ad:2e:a4: 44:2c:d9:5b:f0:b4:42:83:48:2f:66:13:a6:fa:98:d7:9e:fe: 9f:19:70:78:31:24:f0:08:2d:5f:02:a4:fa:e9:3e:1a:4a:c5: 41:92:d4:13:f6:d0:b0:e3:22:e5:77:d3:93:c7:29:25:d1:70: 2a:b3:6c:da:e5:4e:46:1e:c2:1d:c8:15:35:30:24:08:83:05: 90:4f:01:01:49:d4:7a:c1:52:a7:4b:75:48:71:59:cc:b5:4b: 63:23:73:66:e3:3d:a5:e8:a2:4b:ab:88:a1:f7:04:09:80:b6: 1d:91:e3:63:96:db:4e:ae:88:64:15:21:c1:63:08:00:31:8c: fa:3f:59:67:df:80:d2:dc:0a:bf:e5:b1:3d:61:18:81:f3:0b: 4f:7d:f7:09 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt5fs4AufGvffejB7ckRQZjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQyNGFiOGM3Y2Y3NDAzYjU2MjBhMWI4MTNlNmFkMWRhMGRh Y2I0NGQwHhcNMjYwMTAxMTIxODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NzM0ZjM2MWZmOTMyOTgyNGM1NjQzYWZiZGEwNWZiMmQ4ZDMyN2RjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgvvoGEN4gFA6vRGoMxX92Yvfv+S TSjy/maMJ1JmrFcDq+hQ6UDy6P5uS5CAwmlCZBTA0mIxQ8NGeMys4X5jRjFkHVZF E1sTtPnEIcT1lRi5aB6cItiN7u6IpMxIxfFnTtrcMfLir1hDMhaUtER4JOqlTNFP DrGGLrWTLYV2o47PtR+Kol1t1eiAP6BhlenywOiQtK5MCDHxcW/x5AlPQ50iUpqP 9q8oYv0gr9xJKCgUVSJ9pgphyurrWIPzyd1HpX5tkcsXPjY/iPU/EPHn7SfQQYG7 tAVoRe0D7H9VXo6emU06fDULO0ZxWTSbIADggLgn6cZBtEG3jM4eWD8ApQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFHc082H/kymCTFZDr72gX7LY0yfcMB8GA1UdIwQY MBaAFEJKuMfPdAO1YgobgT5q0doNrLRNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUWtxNHg4OTBBN1ZpQ2h1QlBtclIyZzJzdEUwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zYjMyMTUtNTcyMS00MzQ1LTg0MWIt MmFkOTMwOGYxZjZjLzEvZHpUellmLVRLWUpNVmtPdnZhQmZzdGpUSjl3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC8zYjMyMTUtNTcyMS00MzQ1LTg0MWItMmFkOTMwOGYxZjZj LzEvUWtxNHg4OTBBN1ZpQ2h1QlBtclIyZzJzdEUwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubxsMA0E AgACMAcDBQAqC7+AMA0GCSqGSIb3DQEBCwUAA4IBAQBTfambRmXYL4mhvMP4ZkfJ K70C/0GQS9R5JySvQl/huXoT2B7+sffrI4U6O/UjIAuJGUsbd7pFfbr+1aQQfib4 dnDWy6DaGUd8BSEc9W3KUDQDFZcooCJhqOUhm9xWzYYHkCwIiccKn3itLqRELNlb 8LRCg0gvZhOm+pjXnv6fGXB4MSTwCC1fAqT66T4aSsVBktQT9tCw4yLld9OTxykl 0XAqs2za5U5GHsIdyBU1MCQIgwWQTwEBSdR6wVKnS3VIcVnMtUtjI3Nm4z2l6KJL q4ih9wQJgLYdkeNjlttOrohkFSHBYwgAMYz6P1ln34DS3Aq/5bE9YRiB8wtPffcJ -----END CERTIFICATE-----Generated at Mon Jan 26 12:27:02 2026 by rpki-client