This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/cZkC82-vLrRXW7ttrbp1YPZPpe0.roa File: cZkC82-vLrRXW7ttrbp1YPZPpe0.roa (raw, json) Hash identifier: X7Xi6DZVONjtuDM1mnYOVnatQGs+c73Ycapzeqr5W+A= Subject key identifier: 71:99:02:F3:6F:AF:2E:B4:57:5B:BB:6D:AD:BA:75:60:F6:4F:A5:ED Certificate issuer: /CN=896a82a725ed22bb46847ae568912078de25c108 Certificate serial: 019B797EA31DAE7A9030C49D01F930573DD8 Authority key identifier: 89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/cZkC82-vLrRXW7ttrbp1YPZPpe0.roa Signing time: Thu 01 Jan 2026 12:18:21 +0000 ROA not before: Thu 01 Jan 2026 12:18:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44431 IP address blocks: 77.70.176.0/22 maxlen: 24 77.70.181.0/24 maxlen: 24 77.70.184.0/21 maxlen: 24 193.220.160.0/24 maxlen: 24 193.220.162.0/23 maxlen: 24 193.220.224.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.mft rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:a3:1d:ae:7a:90:30:c4:9d:01:f9:30:57:3d:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=896a82a725ed22bb46847ae568912078de25c108 Validity Not Before: Jan 1 12:18:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=719902f36faf2eb4575bbb6dadba7560f64fa5ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:ff:bd:32:9c:fe:e2:c9:7f:9f:b9:e6:98:15: 9f:c5:d5:db:27:20:49:30:db:e9:21:0b:87:ab:5c: a7:5f:c2:fd:23:34:83:2a:a7:b7:48:3e:c3:75:cf: b8:7d:8b:22:ae:f3:e0:c8:f7:e9:da:d6:17:a8:52: 3f:9b:6b:b0:d3:3f:ec:33:00:e0:d5:48:c6:2d:7a: a9:f1:2f:b8:e6:c9:f1:cb:1b:9e:38:e3:7f:6b:5f: 10:22:3d:a8:ff:98:80:51:ca:80:b2:14:a4:b1:91: 28:b5:0a:81:cb:79:e8:d5:01:43:15:61:23:14:87: 12:a9:97:55:f9:5f:8c:f7:df:63:42:2b:e9:32:79: f7:55:e0:63:d4:c9:d8:08:91:7d:f3:85:b7:fb:5a: 74:40:64:85:59:00:43:bd:a1:b5:16:22:39:99:58: 05:9e:bc:c0:ee:43:00:68:33:3c:20:bd:26:74:24: 9a:e9:f0:e2:ec:dd:40:e4:26:92:14:8a:b8:6c:86: 13:8d:6c:fd:ce:3c:6f:20:cd:13:87:b8:0a:83:69: 45:b3:5f:20:56:9d:a5:cd:1d:db:52:74:71:58:7e: 66:a8:c6:1f:7a:84:ba:07:a2:7c:df:ff:74:84:72: 8e:4a:2f:7a:d5:99:ad:c0:7c:f2:a0:07:8f:eb:85: 9f:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:99:02:F3:6F:AF:2E:B4:57:5B:BB:6D:AD:BA:75:60:F6:4F:A5:ED X509v3 Authority Key Identifier: keyid:89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/cZkC82-vLrRXW7ttrbp1YPZPpe0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.70.176.0/22 77.70.181.0/24 77.70.184.0/21 193.220.160.0/24 193.220.162.0/23 193.220.224.0/20 Signature Algorithm: sha256WithRSAEncryption cc:4e:89:90:4f:c4:46:23:40:66:c9:52:86:b0:f7:e2:22:13: 7c:10:e1:df:93:26:e7:31:32:14:fd:8b:fa:7a:c8:ce:f0:ce: c0:5c:0e:66:cf:b7:98:8a:6c:8f:4f:ab:d4:27:98:dd:12:e5: 3a:45:39:f7:5e:c6:92:83:af:a6:80:e7:f0:d0:c3:6d:05:a7: 86:dd:6a:12:15:ce:8a:35:84:24:51:8f:e6:ba:73:f2:e3:34: 83:26:8e:0a:23:72:df:7b:7b:2b:c3:f5:4a:45:d9:81:f0:65: 2f:15:07:ec:62:00:fc:b3:e7:92:9a:1f:cf:4f:9e:7a:e7:75: 0f:40:e4:c1:02:ac:0a:02:c1:e0:4b:05:4d:d6:ca:30:df:33: 1c:bb:4e:d2:ae:a4:1f:12:0d:f9:c9:cd:e4:b3:bb:24:0a:1e: e7:f1:cf:01:4d:98:59:ab:c6:d3:6d:ef:3c:64:2e:53:ec:a5: 4b:ae:7e:21:38:41:85:03:2d:16:87:18:4b:6a:b7:cf:4b:82: 46:18:29:40:90:c4:70:0f:91:fa:1b:ff:f1:62:66:89:cc:f4: ab:9b:77:1a:63:92:ce:e4:21:5f:f4:26:34:c8:d3:69:ff:ff: 48:4f:97:11:c1:6c:8e:14:c0:0f:00:c2:63:1e:0f:63:1a:d5: f1:09:63:a0 -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt5fqMdrnqQMMSdAfkwVz3YMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5NmE4MmE3MjVlZDIyYmI0Njg0N2FlNTY4OTEyMDc4ZGUy NWMxMDgwHhcNMjYwMTAxMTIxODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MTk5MDJmMzZmYWYyZWI0NTc1YmJiNmRhZGJhNzU2MGY2NGZhNWVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAov+9Mpz+4sl/n7nmmBWfxdXbJyBJ MNvpIQuHq1ynX8L9IzSDKqe3SD7Ddc+4fYsirvPgyPfp2tYXqFI/m2uw0z/sMwDg 1UjGLXqp8S+45snxyxueOON/a18QIj2o/5iAUcqAshSksZEotQqBy3no1QFDFWEj FIcSqZdV+V+M999jQivpMnn3VeBj1MnYCJF984W3+1p0QGSFWQBDvaG1FiI5mVgF nrzA7kMAaDM8IL0mdCSa6fDi7N1A5CaSFIq4bIYTjWz9zjxvIM0Th7gKg2lFs18g Vp2lzR3bUnRxWH5mqMYfeoS6B6J83/90hHKOSi961ZmtwHzyoAeP64WfYwIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFHGZAvNvry60V1u7ba26dWD2T6XtMB8GA1UdIwQY MBaAFIlqgqcl7SK7RoR65WiRIHjeJcEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUt MDQwMTI3MTAyMjA5LzEvY1prQzgyLXZMclJYVzd0dHJicDFZUFpQcGUwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUtMDQwMTI3MTAyMjA5 LzEvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCTUawAwQA TUa1AwQDTUa4AwQAwdygAwQBwdyiAwQEwdzgMA0GCSqGSIb3DQEBCwUAA4IBAQDM TomQT8RGI0BmyVKGsPfiIhN8EOHfkybnMTIU/Yv6esjO8M7AXA5mz7eYimyPT6vU J5jdEuU6RTn3XsaSg6+mgOfw0MNtBaeG3WoSFc6KNYQkUY/munPy4zSDJo4KI3Lf e3srw/VKRdmB8GUvFQfsYgD8s+eSmh/PT55653UPQOTBAqwKAsHgSwVN1sow3zMc u07SrqQfEg35yc3ks7skCh7n8c8BTZhZq8bTbe88ZC5T7KVLrn4hOEGFAy0WhxhL arfPS4JGGClAkMRwD5H6G//xYmaJzPSrm3caY5LO5CFf9CY0yNNp//9IT5cRwWyO FMAPAMJjHg9jGtXxCWOg -----END CERTIFICATE-----Generated at Sun Jan 25 17:44:42 2026 by rpki-client