This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/21a927-8dd3-48f7-92ce-02ffceff1acc/1/zgjOZSAzojMMAhNOHNiG97-1lKs.roa File: zgjOZSAzojMMAhNOHNiG97-1lKs.roa (raw, json) Hash identifier: 9AqyfTSVIr04hBsXGR4iW4XjBoNFR8P2652xVPdhD0s= Subject key identifier: CE:08:CE:65:20:33:A2:33:0C:02:13:4E:1C:D8:86:F7:BF:B5:94:AB Certificate issuer: /CN=ecb1ea5a1050a829224ea486c0e22ebfc75d640c Certificate serial: 019B7CEE6A4B17B12D7B911BADDAE8D85759 Authority key identifier: EC:B1:EA:5A:10:50:A8:29:22:4E:A4:86:C0:E2:2E:BF:C7:5D:64:0C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7LHqWhBQqCkiTqSGwOIuv8ddZAw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/21a927-8dd3-48f7-92ce-02ffceff1acc/1/zgjOZSAzojMMAhNOHNiG97-1lKs.roa Signing time: Fri 02 Jan 2026 04:19:18 +0000 ROA not before: Fri 02 Jan 2026 04:19:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62214 IP address blocks: 46.29.136.0/21 maxlen: 21 79.139.56.0/21 maxlen: 21 85.155.240.0/21 maxlen: 21 92.119.120.0/22 maxlen: 22 109.122.216.0/21 maxlen: 21 185.43.204.0/22 maxlen: 22 185.80.48.0/22 maxlen: 22 185.187.72.0/22 maxlen: 22 193.39.12.0/22 maxlen: 22 193.201.184.0/21 maxlen: 21 194.176.123.0/24 maxlen: 24 194.180.12.0/24 maxlen: 24 194.180.16.0/24 maxlen: 24 194.180.19.0/24 maxlen: 24 2a01:6ee0::/32 maxlen: 32 2a01:6ee0::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/21a927-8dd3-48f7-92ce-02ffceff1acc/1/7LHqWhBQqCkiTqSGwOIuv8ddZAw.crl rsync://rpki.ripe.net/repository/DEFAULT/4d/21a927-8dd3-48f7-92ce-02ffceff1acc/1/7LHqWhBQqCkiTqSGwOIuv8ddZAw.mft rsync://rpki.ripe.net/repository/DEFAULT/7LHqWhBQqCkiTqSGwOIuv8ddZAw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ee:6a:4b:17:b1:2d:7b:91:1b:ad:da:e8:d8:57:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ecb1ea5a1050a829224ea486c0e22ebfc75d640c Validity Not Before: Jan 2 04:19:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ce08ce652033a2330c02134e1cd886f7bfb594ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:05:0e:3b:b5:e6:f4:7b:0d:94:db:84:3c:84: eb:c3:4b:40:98:80:49:d7:72:ac:72:c0:67:ec:4a: a2:4e:33:4b:4e:7e:0b:6f:35:90:2b:cc:b0:b6:1d: 4f:37:7c:1d:10:64:73:8f:a1:6d:16:53:cd:83:6c: bd:f9:c8:2b:24:41:8e:9d:f4:7a:bf:e1:96:b7:44: 6c:a1:d7:0e:7a:90:03:0f:f9:93:b1:2c:37:64:90: 62:a3:87:fa:bb:b8:13:8b:62:f7:6f:00:26:45:3d: 3b:a6:36:21:e5:76:56:59:a2:ac:9d:60:c6:b5:f3: 66:60:3e:b9:e5:c4:34:36:fd:a9:e3:9b:65:7f:2e: ed:d7:86:fb:bb:53:9d:29:16:51:87:a0:e4:25:d7: 99:ce:06:62:f2:ab:d5:89:85:67:dc:d6:c6:35:db: 17:16:fe:9a:cf:56:25:cf:45:f6:ce:b8:83:f9:6d: 37:2d:29:81:47:aa:a5:6a:b1:cb:cd:c2:79:99:8d: 55:a5:fb:46:0d:20:aa:f5:12:2f:40:16:76:ee:e5: f6:d1:9a:e2:5a:e8:37:eb:75:39:c9:01:8a:82:7d: f2:a4:4b:57:ea:22:c8:37:f7:1d:72:28:3d:81:05: 0d:76:02:12:d7:bd:d4:ab:31:02:19:b7:b3:02:cd: 3e:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:08:CE:65:20:33:A2:33:0C:02:13:4E:1C:D8:86:F7:BF:B5:94:AB X509v3 Authority Key Identifier: keyid:EC:B1:EA:5A:10:50:A8:29:22:4E:A4:86:C0:E2:2E:BF:C7:5D:64:0C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7LHqWhBQqCkiTqSGwOIuv8ddZAw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/21a927-8dd3-48f7-92ce-02ffceff1acc/1/zgjOZSAzojMMAhNOHNiG97-1lKs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/21a927-8dd3-48f7-92ce-02ffceff1acc/1/7LHqWhBQqCkiTqSGwOIuv8ddZAw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.29.136.0/21 79.139.56.0/21 85.155.240.0/21 92.119.120.0/22 109.122.216.0/21 185.43.204.0/22 185.80.48.0/22 185.187.72.0/22 193.39.12.0/22 193.201.184.0/21 194.176.123.0/24 194.180.12.0/24 194.180.16.0/24 194.180.19.0/24 IPv6: 2a01:6ee0::/32 Signature Algorithm: sha256WithRSAEncryption 53:30:ab:34:96:56:62:d7:1d:ce:d9:29:da:a8:f4:51:fc:73: 3f:32:cd:48:08:a6:3d:a6:08:97:dc:01:03:5e:ad:8c:66:4d: 32:0b:23:9e:d7:b1:e0:2e:7f:d5:a7:8c:d5:47:1d:07:d9:78: 41:48:d2:ee:27:97:1c:17:a0:03:84:1b:af:28:75:12:f6:f5: ff:fc:35:60:b6:ba:c0:df:21:c0:13:67:ea:95:07:e5:76:01: 0a:87:6d:bf:c5:c7:52:21:51:bd:c2:9f:46:e9:55:ed:15:eb: f7:8e:36:95:60:b2:12:24:5f:e4:cc:01:1c:43:fd:59:da:f9: 46:eb:30:4c:d0:85:3a:99:39:98:9e:8b:a6:00:b1:c8:da:45: 09:1b:89:70:2d:17:94:6b:99:ea:9a:91:5c:55:e8:f0:81:82: ba:60:fe:da:36:f2:7e:f1:cf:8d:85:c6:85:e0:ab:31:df:6d: 33:ea:e4:2a:85:be:52:c8:07:cc:13:80:86:cc:7c:1b:c8:f4: 0f:79:66:ea:f9:3b:9c:c6:94:c4:2f:aa:e0:23:b6:49:2f:3d: 7d:07:f5:34:7a:57:53:d6:2c:3b:79:d6:68:e7:ad:58:37:fe: 7e:55:40:34:42:16:8b:f4:20:a2:5b:12:a8:bf:cb:5f:68:7b: 4b:bb:94:d1 -----BEGIN CERTIFICATE----- MIIFWjCCBEKgAwIBAgISAZt87mpLF7Ete5Ebrdro2FdZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVjYjFlYTVhMTA1MGE4MjkyMjRlYTQ4NmMwZTIyZWJmYzc1 ZDY0MGMwHhcNMjYwMTAyMDQxOTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZTA4Y2U2NTIwMzNhMjMzMGMwMjEzNGUxY2Q4ODZmN2JmYjU5NGFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAUOO7Xm9HsNlNuEPITrw0tAmIBJ 13KscsBn7EqiTjNLTn4LbzWQK8ywth1PN3wdEGRzj6FtFlPNg2y9+cgrJEGOnfR6 v+GWt0RsodcOepADD/mTsSw3ZJBio4f6u7gTi2L3bwAmRT07pjYh5XZWWaKsnWDG tfNmYD655cQ0Nv2p45tlfy7t14b7u1OdKRZRh6DkJdeZzgZi8qvViYVn3NbGNdsX Fv6az1Ylz0X2zriD+W03LSmBR6qlarHLzcJ5mY1VpftGDSCq9RIvQBZ27uX20Zri Wug363U5yQGKgn3ypEtX6iLIN/cdcig9gQUNdgIS173UqzECGbezAs0+uwIDAQAB o4ICZjCCAmIwHQYDVR0OBBYEFM4IzmUgM6IzDAITThzYhve/tZSrMB8GA1UdIwQY MBaAFOyx6loQUKgpIk6khsDiLr/HXWQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvN0xIcVdoQlFxQ2tpVHFTR3dPSXV2OGRkWkF3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8yMWE5MjctOGRkMy00OGY3LTkyY2Ut MDJmZmNlZmYxYWNjLzEvemdqT1pTQXpvak1NQWhOT0hOaUc5Ny0xbEtzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZC8yMWE5MjctOGRkMy00OGY3LTkyY2UtMDJmZmNlZmYxYWNj LzEvN0xIcVdoQlFxQ2tpVHFTR3dPSXV2OGRkWkF3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQDLh2IAwQD T4s4AwQDVZvwAwQCXHd4AwQDbXrYAwQCuSvMAwQCuVAwAwQCubtIAwQCwScMAwQD wcm4AwQAwrB7AwQAwrQMAwQAwrQQAwQAwrQTMA0EAgACMAcDBQAqAW7gMA0GCSqG SIb3DQEBCwUAA4IBAQBTMKs0llZi1x3O2SnaqPRR/HM/Ms1ICKY9pgiX3AEDXq2M Zk0yCyOe17HgLn/Vp4zVRx0H2XhBSNLuJ5ccF6ADhBuvKHUS9vX//DVgtrrA3yHA E2fqlQfldgEKh22/xcdSIVG9wp9G6VXtFev3jjaVYLISJF/kzAEcQ/1Z2vlG6zBM 0IU6mTmYnoumALHI2kUJG4lwLReUa5nqmpFcVejwgYK6YP7aNvJ+8c+NhcaF4Ksx 320z6uQqhb5SyAfME4CGzHwbyPQPeWbq+TucxpTEL6rgI7ZJLz19B/U0eldT1iw7 edZo561YN/5+VUA0QhaL9CCiWxKov8tfaHtLu5TR -----END CERTIFICATE-----Generated at Mon Jan 26 08:39:55 2026 by rpki-client