This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/def647-9186-4729-bb99-142ebe869316/1/ZTdRtMHn9MCDhvPMjYCC0Pxr1RI.roa File: ZTdRtMHn9MCDhvPMjYCC0Pxr1RI.roa (raw, json) Hash identifier: sRz/UR+fsg7CPIL6g1R/rktvKe/HDvg2UOoVG8Jt4bw= Subject key identifier: 65:37:51:B4:C1:E7:F4:C0:83:86:F3:CC:8D:80:82:D0:FC:6B:D5:12 Certificate issuer: /CN=f1a06c6c108e9419b2cdb21d48b49a6bbd6c16df Certificate serial: 019B7F834057FCC962C35BA2C7B6654F4AF8 Authority key identifier: F1:A0:6C:6C:10:8E:94:19:B2:CD:B2:1D:48:B4:9A:6B:BD:6C:16:DF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8aBsbBCOlBmyzbIdSLSaa71sFt8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/def647-9186-4729-bb99-142ebe869316/1/ZTdRtMHn9MCDhvPMjYCC0Pxr1RI.roa Signing time: Fri 02 Jan 2026 16:21:06 +0000 ROA not before: Fri 02 Jan 2026 16:21:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207404 IP address blocks: 194.127.208.0/22 maxlen: 24 2001:678:c48::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/def647-9186-4729-bb99-142ebe869316/1/8aBsbBCOlBmyzbIdSLSaa71sFt8.crl rsync://rpki.ripe.net/repository/DEFAULT/4c/def647-9186-4729-bb99-142ebe869316/1/8aBsbBCOlBmyzbIdSLSaa71sFt8.mft rsync://rpki.ripe.net/repository/DEFAULT/8aBsbBCOlBmyzbIdSLSaa71sFt8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:40:57:fc:c9:62:c3:5b:a2:c7:b6:65:4f:4a:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f1a06c6c108e9419b2cdb21d48b49a6bbd6c16df Validity Not Before: Jan 2 16:21:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=653751b4c1e7f4c08386f3cc8d8082d0fc6bd512 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:68:cb:e0:d0:1b:9e:43:86:3b:93:b3:a0:88: d7:54:27:d8:e9:10:dc:0a:a0:5b:30:bd:21:03:27: de:b8:5d:3c:e0:70:ef:90:10:fc:23:56:ce:7d:4b: f5:df:21:ad:eb:4d:5c:42:eb:ce:9a:fc:d1:b5:fa: b8:51:21:5e:41:aa:0c:09:aa:95:09:8b:82:79:d7: 7b:3a:99:09:3d:de:a4:5f:af:91:3c:55:b1:32:e1: 42:a2:ce:72:c1:8a:05:28:0f:16:85:08:2d:df:0b: 41:dd:0e:5f:94:f9:48:7c:9a:e9:5f:64:76:1b:57: a8:39:dd:3d:bd:40:d4:95:e5:ca:d4:ab:6a:e6:05: 5e:cb:0d:88:36:a9:5c:b1:ab:7d:89:a6:0a:f0:d2: dc:13:62:7b:0f:e9:11:43:53:51:4a:03:ea:82:c9: db:6f:4a:1a:d8:4c:2e:af:d2:c7:32:49:d9:64:36: 95:8a:16:9e:51:bc:c7:55:ce:44:e3:fc:79:6e:88: cb:ce:5b:75:ee:fc:e1:14:5a:dc:07:8d:c7:9f:e9: 20:bf:df:83:50:e4:5f:8e:39:99:98:9c:fd:f2:85: e4:67:9c:3b:ed:89:72:bd:42:0a:b1:25:1d:84:6e: b0:df:77:f4:ac:ee:a7:7c:1a:9b:ae:fb:42:33:59: ce:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:37:51:B4:C1:E7:F4:C0:83:86:F3:CC:8D:80:82:D0:FC:6B:D5:12 X509v3 Authority Key Identifier: keyid:F1:A0:6C:6C:10:8E:94:19:B2:CD:B2:1D:48:B4:9A:6B:BD:6C:16:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8aBsbBCOlBmyzbIdSLSaa71sFt8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/def647-9186-4729-bb99-142ebe869316/1/ZTdRtMHn9MCDhvPMjYCC0Pxr1RI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/def647-9186-4729-bb99-142ebe869316/1/8aBsbBCOlBmyzbIdSLSaa71sFt8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.127.208.0/22 IPv6: 2001:678:c48::/48 Signature Algorithm: sha256WithRSAEncryption 3b:1a:7a:48:d6:d7:8f:07:b4:69:37:94:ff:3f:7a:01:e9:ac: 28:d8:0b:ba:fe:19:c1:f6:08:c3:e3:4c:8b:23:3f:20:80:f0: 8e:2c:6c:4a:75:bd:ab:94:d6:a8:f4:de:7d:9e:0f:d8:c0:2a: ea:71:8e:d3:a5:55:fe:7b:a2:86:11:10:72:b6:43:4e:db:11: ed:21:df:30:f4:df:0b:0f:ae:70:7b:ec:ae:f2:4b:73:9a:ba: a0:85:77:89:fe:60:18:63:51:ed:58:1a:48:9c:22:a8:2b:f7: 14:f5:d0:a1:aa:9e:a7:f5:ba:e7:84:be:c4:38:ea:af:da:77: 66:1b:33:d2:40:29:89:f5:46:ca:c4:ae:ce:30:73:1e:a9:8f: 84:7a:8c:7d:cf:28:02:d0:70:11:3a:0f:31:46:f5:a7:fc:85: 1e:c4:1d:03:7b:9f:5f:a1:9f:a5:cb:5d:a2:bc:b6:b4:e1:71: 48:53:b1:ab:1c:0a:8d:0b:c6:f2:13:e0:da:20:72:59:cc:f5: 39:cb:ee:7a:a0:b9:9e:3a:5b:d6:57:ad:3f:a3:dc:1c:d9:23: 09:ca:cd:cc:a2:ac:96:1c:56:e6:0b:e2:a8:2c:1b:41:8e:26: c2:71:9a:1b:3f:a4:db:96:b3:79:b9:4e:84:5b:06:45:74:b0: 7d:7b:8c:0a -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt/g0BX/Mliw1uix7ZlT0r4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYxYTA2YzZjMTA4ZTk0MTliMmNkYjIxZDQ4YjQ5YTZiYmQ2 YzE2ZGYwHhcNMjYwMTAyMTYyMTA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NTM3NTFiNGMxZTdmNGMwODM4NmYzY2M4ZDgwODJkMGZjNmJkNTEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02jL4NAbnkOGO5OzoIjXVCfY6RDc CqBbML0hAyfeuF084HDvkBD8I1bOfUv13yGt601cQuvOmvzRtfq4USFeQaoMCaqV CYuCedd7OpkJPd6kX6+RPFWxMuFCos5ywYoFKA8WhQgt3wtB3Q5flPlIfJrpX2R2 G1eoOd09vUDUleXK1Ktq5gVeyw2INqlcsat9iaYK8NLcE2J7D+kRQ1NRSgPqgsnb b0oa2Ewur9LHMknZZDaVihaeUbzHVc5E4/x5bojLzlt17vzhFFrcB43Hn+kgv9+D UORfjjmZmJz98oXkZ5w77YlyvUIKsSUdhG6w33f0rO6nfBqbrvtCM1nOmwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFGU3UbTB5/TAg4bzzI2AgtD8a9USMB8GA1UdIwQY MBaAFPGgbGwQjpQZss2yHUi0mmu9bBbfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOGFCc2JCQ09sQm15emJJZFNMU2FhNzFzRnQ4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9kZWY2NDctOTE4Ni00NzI5LWJiOTkt MTQyZWJlODY5MzE2LzEvWlRkUnRNSG45TUNEaHZQTWpZQ0MwUHhyMVJJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yy9kZWY2NDctOTE4Ni00NzI5LWJiOTktMTQyZWJlODY5MzE2 LzEvOGFCc2JCQ09sQm15emJJZFNMU2FhNzFzRnQ4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwn/QMA8E AgACMAkDBwAgAQZ4DEgwDQYJKoZIhvcNAQELBQADggEBADsaekjW148HtGk3lP8/ egHprCjYC7r+GcH2CMPjTIsjPyCA8I4sbEp1vauU1qj03n2eD9jAKupxjtOlVf57 ooYREHK2Q07bEe0h3zD03wsPrnB77K7yS3OauqCFd4n+YBhjUe1YGkicIqgr9xT1 0KGqnqf1uueEvsQ46q/ad2YbM9JAKYn1RsrErs4wcx6pj4R6jH3PKALQcBE6DzFG 9af8hR7EHQN7n1+hn6XLXaK8trThcUhTsascCo0LxvIT4NogclnM9TnL7nqguZ46 W9ZXrT+j3BzZIwnKzcyirJYcVuYL4qgsG0GOJsJxmhs/pNuWs3m5ToRbBkV0sH17 jAo= -----END CERTIFICATE-----Generated at Mon Jan 26 05:43:50 2026 by rpki-client