This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/dadb4b-14f3-42fa-95b7-f85cc5747fbf/1/Zu8UuGG4D2VbmJDnyhSG0Cawt4M.roa File: Zu8UuGG4D2VbmJDnyhSG0Cawt4M.roa (raw, json) Hash identifier: 0v9+1D6+nPkZSNsJJaK1p3wg2xF1SbrepfZyyi1iP3c= Subject key identifier: 66:EF:14:B8:61:B8:0F:65:5B:98:90:E7:CA:14:86:D0:26:B0:B7:83 Certificate issuer: /CN=cb4fba09190b76849fff3d26d580790e54fac2e3 Certificate serial: 019B7F1363FAA083C08561BC82269CA681C6 Authority key identifier: CB:4F:BA:09:19:0B:76:84:9F:FF:3D:26:D5:80:79:0E:54:FA:C2:E3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y0-6CRkLdoSf_z0m1YB5DlT6wuM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/dadb4b-14f3-42fa-95b7-f85cc5747fbf/1/Zu8UuGG4D2VbmJDnyhSG0Cawt4M.roa Signing time: Fri 02 Jan 2026 14:18:55 +0000 ROA not before: Fri 02 Jan 2026 14:18:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62163 IP address blocks: 5.157.64.0/21 maxlen: 21 185.113.68.0/22 maxlen: 22 185.113.80.0/22 maxlen: 22 185.249.212.0/22 maxlen: 22 193.37.80.0/22 maxlen: 22 2a06:3f00::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/dadb4b-14f3-42fa-95b7-f85cc5747fbf/1/y0-6CRkLdoSf_z0m1YB5DlT6wuM.crl rsync://rpki.ripe.net/repository/DEFAULT/50/dadb4b-14f3-42fa-95b7-f85cc5747fbf/1/y0-6CRkLdoSf_z0m1YB5DlT6wuM.mft rsync://rpki.ripe.net/repository/DEFAULT/y0-6CRkLdoSf_z0m1YB5DlT6wuM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 20:01:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:13:63:fa:a0:83:c0:85:61:bc:82:26:9c:a6:81:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cb4fba09190b76849fff3d26d580790e54fac2e3 Validity Not Before: Jan 2 14:18:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=66ef14b861b80f655b9890e7ca1486d026b0b783 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:07:bb:4a:24:59:57:b9:cf:1b:f5:ca:d0:8a: 67:52:fa:ed:8b:ef:23:33:ba:65:90:57:86:85:0c: c7:4f:d4:0a:aa:ae:ab:6c:10:5c:28:a0:00:bf:f8: 86:0d:70:cc:87:aa:93:03:41:e3:08:83:b4:06:ff: 6d:47:17:82:7f:2a:a7:35:dc:57:98:bb:c6:a7:fd: 8d:dd:b2:10:cf:4c:c9:ef:88:62:1c:65:3c:53:66: 88:23:53:11:1e:76:f4:f8:9a:f9:61:d5:ad:d0:36: fe:72:98:cb:40:97:bb:f0:e8:2b:cc:e7:9e:2e:b9: bf:d9:0f:4b:92:5c:ae:4f:08:37:a3:37:ef:b0:9f: 1f:b1:73:6c:04:00:0e:3d:f4:f1:6e:9a:74:c8:40: 5f:7e:38:1d:28:ef:c7:85:34:b4:64:bd:a0:0a:59: b2:a5:b2:01:b0:ee:2d:56:fa:f2:42:b5:c6:83:0a: f1:d5:8d:f0:8a:67:f4:d0:0d:0d:26:f2:ec:d4:78: e1:26:9b:e9:f9:c7:42:b6:de:20:87:74:2a:d7:6d: b5:5f:19:be:fa:16:15:3d:57:fc:c4:6c:b7:51:11: 84:42:9e:5c:79:0a:b6:ac:c5:50:8a:ec:01:14:9f: 2b:a7:90:6e:a4:1a:64:95:95:aa:37:0a:71:05:0c: 36:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:EF:14:B8:61:B8:0F:65:5B:98:90:E7:CA:14:86:D0:26:B0:B7:83 X509v3 Authority Key Identifier: keyid:CB:4F:BA:09:19:0B:76:84:9F:FF:3D:26:D5:80:79:0E:54:FA:C2:E3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y0-6CRkLdoSf_z0m1YB5DlT6wuM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/dadb4b-14f3-42fa-95b7-f85cc5747fbf/1/Zu8UuGG4D2VbmJDnyhSG0Cawt4M.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/50/dadb4b-14f3-42fa-95b7-f85cc5747fbf/1/y0-6CRkLdoSf_z0m1YB5DlT6wuM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.157.64.0/21 185.113.68.0/22 185.113.80.0/22 185.249.212.0/22 193.37.80.0/22 IPv6: 2a06:3f00::/29 Signature Algorithm: sha256WithRSAEncryption 6d:20:2e:7c:db:4d:1e:c5:85:4e:c8:51:fc:83:ce:7a:07:7b: 74:38:96:64:e2:d3:85:79:4f:dc:af:cc:26:a0:0a:76:5f:e6: 7b:fd:ee:d6:9f:eb:ae:f4:e5:be:4a:40:c5:45:8c:41:8c:f6: 9d:75:6d:94:3b:20:a4:3c:d1:e7:09:1b:13:3b:0e:2d:bd:60: 84:a4:07:f2:41:03:cd:e4:67:9a:c8:a4:b0:b7:94:95:3d:f3: 2c:e0:76:12:0b:f7:15:0b:8f:13:48:b4:57:84:a9:60:da:d1: 1a:63:97:fe:54:ba:6a:2e:32:d3:8e:72:0c:3b:df:73:9e:5a: 09:6d:b4:19:5e:16:64:1c:21:f0:9e:01:e7:75:f0:b9:54:d2: e8:ff:70:b1:be:76:cd:99:f6:f3:12:ca:d7:ec:8a:05:f0:da: a8:84:f9:31:21:b2:2c:b7:a5:a2:bd:30:6a:9b:54:ed:0d:5c: 3d:6b:28:99:d8:54:79:59:6d:9c:c4:f3:1e:6e:30:ef:b3:5b: 09:11:a4:ef:5f:e1:80:ee:91:89:f5:91:80:1f:95:62:d3:5c: 9e:f1:1f:22:58:ae:0a:47:4b:22:08:61:23:77:22:31:d6:6c: 15:03:98:3c:21:af:1b:b3:95:b0:69:9a:54:00:f6:58:94:de: c4:b7:f0:18 -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZt/E2P6oIPAhWG8giacpoHGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiNGZiYTA5MTkwYjc2ODQ5ZmZmM2QyNmQ1ODA3OTBlNTRm YWMyZTMwHhcNMjYwMTAyMTQxODU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NmVmMTRiODYxYjgwZjY1NWI5ODkwZTdjYTE0ODZkMDI2YjBiNzgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAe7SiRZV7nPG/XK0IpnUvrti+8j M7plkFeGhQzHT9QKqq6rbBBcKKAAv/iGDXDMh6qTA0HjCIO0Bv9tRxeCfyqnNdxX mLvGp/2N3bIQz0zJ74hiHGU8U2aII1MRHnb0+Jr5YdWt0Db+cpjLQJe78OgrzOee Lrm/2Q9LklyuTwg3ozfvsJ8fsXNsBAAOPfTxbpp0yEBffjgdKO/HhTS0ZL2gClmy pbIBsO4tVvryQrXGgwrx1Y3wimf00A0NJvLs1HjhJpvp+cdCtt4gh3Qq1221Xxm+ +hYVPVf8xGy3URGEQp5ceQq2rMVQiuwBFJ8rp5BupBpklZWqNwpxBQw2WwIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFGbvFLhhuA9lW5iQ58oUhtAmsLeDMB8GA1UdIwQY MBaAFMtPugkZC3aEn/89JtWAeQ5U+sLjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveTAtNkNSa0xkb1NmX3owbTFZQjVEbFQ2d3VNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9kYWRiNGItMTRmMy00MmZhLTk1Yjct Zjg1Y2M1NzQ3ZmJmLzEvWnU4VXVHRzREMlZibUpEbnloU0cwQ2F3dDRNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MC9kYWRiNGItMTRmMy00MmZhLTk1YjctZjg1Y2M1NzQ3ZmJm LzEveTAtNkNSa0xkb1NmX3owbTFZQjVEbFQ2d3VNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBZ1AAwQC uXFEAwQCuXFQAwQCufnUAwQCwSVQMA0EAgACMAcDBQMqBj8AMA0GCSqGSIb3DQEB CwUAA4IBAQBtIC58200exYVOyFH8g856B3t0OJZk4tOFeU/cr8wmoAp2X+Z7/e7W n+uu9OW+SkDFRYxBjPaddW2UOyCkPNHnCRsTOw4tvWCEpAfyQQPN5GeayKSwt5SV PfMs4HYSC/cVC48TSLRXhKlg2tEaY5f+VLpqLjLTjnIMO99znloJbbQZXhZkHCHw ngHndfC5VNLo/3CxvnbNmfbzEsrX7IoF8NqohPkxIbIst6WivTBqm1TtDVw9ayiZ 2FR5WW2cxPMebjDvs1sJEaTvX+GA7pGJ9ZGAH5Vi01ye8R8iWK4KR0siCGEjdyIx 1mwVA5g8Ia8bs5WwaZpUAPZYlN7Et/AY -----END CERTIFICATE-----Generated at Mon Jan 26 06:20:46 2026 by rpki-client