This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/21a4fd-bd8a-4aa4-8c45-5710305439ec/1/ZSAjriqrsKE2YYg2ALkBE1sHfcc.roa File: ZSAjriqrsKE2YYg2ALkBE1sHfcc.roa (raw, json) Hash identifier: FpdwZa7IuH64lhVGz4Lc/UmsF5GpQU9SPxwgj/w+504= Subject key identifier: 65:20:23:AE:2A:AB:B0:A1:36:61:88:36:00:B9:01:13:5B:07:7D:C7 Certificate issuer: /CN=25292652a9ecd9c6bdc8264b9948df6212207624 Certificate serial: 019B7D5C95D2CD89D004C19C0DE1D519D31A Authority key identifier: 25:29:26:52:A9:EC:D9:C6:BD:C8:26:4B:99:48:DF:62:12:20:76:24 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JSkmUqns2ca9yCZLmUjfYhIgdiQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/21a4fd-bd8a-4aa4-8c45-5710305439ec/1/ZSAjriqrsKE2YYg2ALkBE1sHfcc.roa Signing time: Fri 02 Jan 2026 06:19:38 +0000 ROA not before: Fri 02 Jan 2026 06:19:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201698 IP address blocks: 185.64.156.0/22 maxlen: 22 2a04:f8c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/21a4fd-bd8a-4aa4-8c45-5710305439ec/1/JSkmUqns2ca9yCZLmUjfYhIgdiQ.crl rsync://rpki.ripe.net/repository/DEFAULT/52/21a4fd-bd8a-4aa4-8c45-5710305439ec/1/JSkmUqns2ca9yCZLmUjfYhIgdiQ.mft rsync://rpki.ripe.net/repository/DEFAULT/JSkmUqns2ca9yCZLmUjfYhIgdiQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:95:d2:cd:89:d0:04:c1:9c:0d:e1:d5:19:d3:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=25292652a9ecd9c6bdc8264b9948df6212207624 Validity Not Before: Jan 2 06:19:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=652023ae2aabb0a13661883600b901135b077dc7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:c0:55:00:9d:7b:c3:09:29:9e:5e:05:c3:07: f0:aa:39:8f:b9:14:d5:8d:c0:8a:e2:07:6f:8e:92: 04:24:12:e1:d6:6b:ed:d5:49:b0:a2:24:1d:a9:03: 1b:35:3d:f3:74:a7:a5:83:f8:a8:5d:9c:0a:db:1a: 21:df:26:85:a6:fb:51:be:13:1a:ed:24:f0:12:2a: 34:86:50:86:3e:99:42:dc:24:d9:f7:e1:f7:2c:9b: 18:f1:a8:0f:3c:d5:49:3d:7f:9a:28:1b:2b:61:ca: 16:6c:e2:0d:fa:18:e3:b0:8f:cb:5a:7a:44:cd:81: 16:94:ee:b4:4a:2b:bd:f9:26:cb:7c:f5:49:e3:82: 65:65:6a:5c:44:21:76:85:5a:09:d7:25:77:39:e4: b6:c1:6c:34:61:cd:f1:3c:83:02:04:2f:9a:a3:97: 61:8a:b0:0b:34:c1:97:f6:7f:21:d9:0b:f3:f7:28: e2:a6:40:3c:aa:6c:3f:4a:9e:19:88:0b:d7:d8:ed: b8:b9:ac:96:44:3a:ca:43:d8:03:66:05:89:09:af: 93:ca:0f:81:90:9f:28:f2:ba:80:89:82:3b:38:d3: f5:a6:0d:de:dc:ea:8d:19:24:72:82:87:0d:01:c6: db:5a:dc:aa:65:0d:2f:2a:8e:0b:c7:99:30:89:b6: 3b:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:20:23:AE:2A:AB:B0:A1:36:61:88:36:00:B9:01:13:5B:07:7D:C7 X509v3 Authority Key Identifier: keyid:25:29:26:52:A9:EC:D9:C6:BD:C8:26:4B:99:48:DF:62:12:20:76:24 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JSkmUqns2ca9yCZLmUjfYhIgdiQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/21a4fd-bd8a-4aa4-8c45-5710305439ec/1/ZSAjriqrsKE2YYg2ALkBE1sHfcc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/21a4fd-bd8a-4aa4-8c45-5710305439ec/1/JSkmUqns2ca9yCZLmUjfYhIgdiQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.64.156.0/22 IPv6: 2a04:f8c0::/29 Signature Algorithm: sha256WithRSAEncryption 71:00:da:50:7e:23:d6:1c:b1:04:a7:fa:cb:cd:49:a7:e3:2f: f9:62:9c:e3:1c:7f:b2:06:fc:68:8c:9a:58:c1:49:df:68:88: 42:5c:ef:4f:47:a2:3d:cf:94:4e:37:1b:a1:bc:dd:47:82:a8: 5f:27:55:fd:ca:e8:1f:1a:a3:2a:ae:f9:32:68:c3:c0:c5:d5: 54:ca:c0:01:b5:71:f0:77:69:50:95:fa:23:e4:69:a1:b4:ee: c1:78:4e:2d:02:96:2b:ab:6d:84:53:b1:5c:83:9a:55:df:b4: bb:ed:56:af:b2:85:43:8c:d3:e4:6b:43:1e:96:88:3f:3b:c5: 51:50:94:eb:52:ca:76:26:94:2a:eb:6c:d0:a4:91:f7:27:9a: 97:75:20:36:c2:29:0c:79:84:1c:38:99:e5:0a:a9:24:00:c1: 6f:77:df:4b:6a:1a:83:68:3f:7b:76:00:3d:18:19:1e:c7:db: d5:4b:a7:7d:a3:b2:c5:96:6d:e9:65:3a:16:9e:54:45:da:c6: c4:08:5e:6f:4c:41:93:7e:81:10:6e:ad:e2:dc:f3:e9:60:74: 1e:a0:d8:5b:5b:05:16:c0:c0:82:a1:ca:e1:23:c2:3e:35:5e: 60:d0:cd:aa:06:7f:54:63:d3:03:5a:c7:93:11:ac:4b:57:be: cd:a1:63:7a -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt9XJXSzYnQBMGcDeHVGdMaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI1MjkyNjUyYTllY2Q5YzZiZGM4MjY0Yjk5NDhkZjYyMTIy MDc2MjQwHhcNMjYwMTAyMDYxOTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NTIwMjNhZTJhYWJiMGExMzY2MTg4MzYwMGI5MDExMzViMDc3ZGM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38BVAJ17wwkpnl4FwwfwqjmPuRTV jcCK4gdvjpIEJBLh1mvt1UmwoiQdqQMbNT3zdKelg/ioXZwK2xoh3yaFpvtRvhMa 7STwEio0hlCGPplC3CTZ9+H3LJsY8agPPNVJPX+aKBsrYcoWbOIN+hjjsI/LWnpE zYEWlO60Siu9+SbLfPVJ44JlZWpcRCF2hVoJ1yV3OeS2wWw0Yc3xPIMCBC+ao5dh irALNMGX9n8h2Qvz9yjipkA8qmw/Sp4ZiAvX2O24uayWRDrKQ9gDZgWJCa+Tyg+B kJ8o8rqAiYI7ONP1pg3e3OqNGSRygocNAcbbWtyqZQ0vKo4Lx5kwibY7IwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFGUgI64qq7ChNmGINgC5ARNbB33HMB8GA1UdIwQY MBaAFCUpJlKp7NnGvcgmS5lI32ISIHYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSlNrbVVxbnMyY2E5eUNaTG1VamZZaElnZGlRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yMWE0ZmQtYmQ4YS00YWE0LThjNDUt NTcxMDMwNTQzOWVjLzEvWlNBanJpcXJzS0UyWVlnMkFMa0JFMXNIZmNjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi8yMWE0ZmQtYmQ4YS00YWE0LThjNDUtNTcxMDMwNTQzOWVj LzEvSlNrbVVxbnMyY2E5eUNaTG1VamZZaElnZGlRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUCcMA0E AgACMAcDBQMqBPjAMA0GCSqGSIb3DQEBCwUAA4IBAQBxANpQfiPWHLEEp/rLzUmn 4y/5YpzjHH+yBvxojJpYwUnfaIhCXO9PR6I9z5RONxuhvN1HgqhfJ1X9yugfGqMq rvkyaMPAxdVUysABtXHwd2lQlfoj5GmhtO7BeE4tApYrq22EU7Fcg5pV37S77Vav soVDjNPka0Melog/O8VRUJTrUsp2JpQq62zQpJH3J5qXdSA2wikMeYQcOJnlCqkk AMFvd99LahqDaD97dgA9GBkex9vVS6d9o7LFlm3pZToWnlRF2sbECF5vTEGTfoEQ bq3i3PPpYHQeoNhbWwUWwMCCocrhI8I+NV5g0M2qBn9UY9MDWseTEaxLV77NoWN6 -----END CERTIFICATE-----Generated at Sun Jan 25 19:59:07 2026 by rpki-client