This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/zRYCcQ03Zo7Mtjwf5o0jfcWViDY.roa File: zRYCcQ03Zo7Mtjwf5o0jfcWViDY.roa (raw, json) Hash identifier: hObMfSwMh57HZlCx8OTlbluNMpET5Cy14GAtqwnhGDg= Subject key identifier: CD:16:02:71:0D:37:66:8E:CC:B6:3C:1F:E6:8D:23:7D:C5:95:88:36 Certificate issuer: /CN=f50bae60970a2dfc86dd607c5b915ad5c534b413 Certificate serial: 019BB2B7947C82C5A1795BE4FFBEDE7E7302 Authority key identifier: F5:0B:AE:60:97:0A:2D:FC:86:DD:60:7C:5B:91:5A:D5:C5:34:B4:13 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/zRYCcQ03Zo7Mtjwf5o0jfcWViDY.roa Signing time: Mon 12 Jan 2026 14:58:54 +0000 ROA not before: Mon 12 Jan 2026 14:58:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210805 IP address blocks: 2a0a:2786::/32 maxlen: 32 2a0a:2786:1800::/37 maxlen: 37 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.crl rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.mft rsync://rpki.ripe.net/repository/DEFAULT/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 08:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b2:b7:94:7c:82:c5:a1:79:5b:e4:ff:be:de:7e:73:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f50bae60970a2dfc86dd607c5b915ad5c534b413 Validity Not Before: Jan 12 14:58:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cd1602710d37668eccb63c1fe68d237dc5958836 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:26:5a:ba:33:26:04:25:9b:19:8f:04:bf:98: 2b:07:a2:8b:96:5d:b2:76:f4:f0:87:e9:84:95:ef: c2:29:46:b8:7e:9f:63:e3:a7:d5:44:86:23:69:d5: 6c:ed:5c:2d:61:58:cb:7b:fa:e4:ea:eb:88:05:d6: 67:b4:fe:14:b2:ca:1d:c4:3d:b4:9d:0d:24:f5:04: 84:62:39:00:47:33:3e:51:12:f3:95:3c:c6:6b:53: d4:25:fe:ee:a7:bb:f2:b5:85:44:ad:8f:0d:26:02: 98:35:80:d8:3e:2b:b9:9d:78:08:56:a1:f3:9b:39: 57:86:71:07:96:15:87:a3:e4:72:6e:ce:d6:90:6c: 18:9c:a8:a6:a6:39:21:f6:b7:fc:22:92:54:f2:4a: 1b:dd:e4:d8:44:1b:99:f5:2d:ba:d1:3d:8f:a2:25: a1:dd:40:17:3b:28:3c:79:0f:04:0c:7d:7f:27:76: b4:93:5e:7b:2b:0e:c1:9d:a3:c9:90:26:7e:35:cc: ba:36:a5:30:a5:ab:09:5a:c6:54:91:64:ec:78:fb: 8e:68:97:11:05:b6:43:53:85:97:25:4a:16:ae:bc: 16:41:91:52:7d:f4:3e:8a:50:d7:c6:98:49:9e:37: 25:00:b3:2d:a2:8e:6e:67:ab:ae:90:40:2c:c3:b6: fa:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:16:02:71:0D:37:66:8E:CC:B6:3C:1F:E6:8D:23:7D:C5:95:88:36 X509v3 Authority Key Identifier: keyid:F5:0B:AE:60:97:0A:2D:FC:86:DD:60:7C:5B:91:5A:D5:C5:34:B4:13 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/zRYCcQ03Zo7Mtjwf5o0jfcWViDY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:2786::/32 Signature Algorithm: sha256WithRSAEncryption 4d:08:ab:87:be:79:14:69:13:d7:91:f8:b6:65:86:1e:40:fe: da:20:58:26:cb:7a:78:bb:c0:bb:6a:72:9a:48:9e:13:b5:72: 66:d5:48:87:41:47:bb:c7:af:2f:ee:89:8a:a8:6e:bc:97:ab: d5:91:78:4f:f8:ce:42:a1:3f:f2:75:2a:e6:c2:57:2c:d3:4b: 86:f0:4d:b3:a1:ab:f1:74:f6:a5:9f:1c:c8:e4:b5:57:73:62: de:d1:13:d4:a4:81:3d:79:1b:42:4e:2d:38:13:4e:61:69:cc: 6e:35:1d:d1:ff:b6:1f:d0:6e:84:e0:31:8b:75:cc:52:7e:4d: a6:5f:ca:23:de:23:a3:6e:ff:8a:87:c6:03:6a:93:c8:b3:3e: 94:31:0f:24:98:cc:18:4a:03:ab:c8:4d:48:e4:aa:dc:bb:bf: c5:5a:8a:1e:5d:7d:3e:c9:a8:95:4d:38:23:a2:75:7f:2b:82: 3f:2d:ca:32:89:d1:d9:f8:f0:74:b4:38:ec:4e:f8:4a:c9:ed: 06:76:89:9c:2c:1b:93:db:c5:d1:0b:1d:c3:be:e7:42:45:80: 9b:9c:40:f3:4f:cf:f8:a1:74:ca:d1:95:82:c5:56:ae:6b:56: 3f:c3:0a:2a:6e:a1:48:e0:84:b1:59:b9:d1:de:b1:7b:96:56: 86:0b:38:c7 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZuyt5R8gsWheVvk/77efnMCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY1MGJhZTYwOTcwYTJkZmM4NmRkNjA3YzViOTE1YWQ1YzUz NGI0MTMwHhcNMjYwMTEyMTQ1ODU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZDE2MDI3MTBkMzc2NjhlY2NiNjNjMWZlNjhkMjM3ZGM1OTU4ODM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliZaujMmBCWbGY8Ev5grB6KLll2y dvTwh+mEle/CKUa4fp9j46fVRIYjadVs7VwtYVjLe/rk6uuIBdZntP4UssodxD20 nQ0k9QSEYjkARzM+URLzlTzGa1PUJf7up7vytYVErY8NJgKYNYDYPiu5nXgIVqHz mzlXhnEHlhWHo+Rybs7WkGwYnKimpjkh9rf8IpJU8kob3eTYRBuZ9S260T2PoiWh 3UAXOyg8eQ8EDH1/J3a0k157Kw7BnaPJkCZ+Ncy6NqUwpasJWsZUkWTsePuOaJcR BbZDU4WXJUoWrrwWQZFSffQ+ilDXxphJnjclALMtoo5uZ6uukEAsw7b6tQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFM0WAnENN2aOzLY8H+aNI33FlYg2MB8GA1UdIwQY MBaAFPULrmCXCi38ht1gfFuRWtXFNLQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOVF1dVlKY0tMZnlHM1dCOFc1RmExY1UwdEJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9mNzFkY2ItOWU5Mi00NGU3LWIwNDIt MzY2NTA2N2RiMjU2LzEvelJZQ2NRMDNabzdNdGp3ZjVvMGpmY1dWaURZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OS9mNzFkY2ItOWU5Mi00NGU3LWIwNDItMzY2NTA2N2RiMjU2 LzEvOVF1dVlKY0tMZnlHM1dCOFc1RmExY1UwdEJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgonhjAN BgkqhkiG9w0BAQsFAAOCAQEATQirh755FGkT15H4tmWGHkD+2iBYJst6eLvAu2py mkieE7VyZtVIh0FHu8evL+6JiqhuvJer1ZF4T/jOQqE/8nUq5sJXLNNLhvBNs6Gr 8XT2pZ8cyOS1V3Ni3tET1KSBPXkbQk4tOBNOYWnMbjUd0f+2H9BuhOAxi3XMUn5N pl/KI94jo27/iofGA2qTyLM+lDEPJJjMGEoDq8hNSOSq3Lu/xVqKHl19PsmolU04 I6J1fyuCPy3KMonR2fjwdLQ47E74SsntBnaJnCwbk9vF0Qsdw77nQkWAm5xA80/P +KF0ytGVgsVWrmtWP8MKKm6hSOCEsVm50d6xe5ZWhgs4xw== -----END CERTIFICATE-----Generated at Sun Jan 25 18:05:51 2026 by rpki-client