This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/ZJ56n3Y17TFJk-Tqc_ycphu8qgc.roa File: ZJ56n3Y17TFJk-Tqc_ycphu8qgc.roa (raw, json) Hash identifier: J+O1IkyhA+FTfPaWOGsyaFo/vFHRN64aMyNig4w0a6g= Subject key identifier: 64:9E:7A:9F:76:35:ED:31:49:93:E4:EA:73:FC:9C:A6:1B:BC:AA:07 Certificate issuer: /CN=d07d7573aacae821c87d6d36431cfe4b2801ab41 Certificate serial: 019B7E3884A5FD5A454ABCD2C812E808FC2E Authority key identifier: D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/ZJ56n3Y17TFJk-Tqc_ycphu8qgc.roa Signing time: Fri 02 Jan 2026 10:19:51 +0000 ROA not before: Fri 02 Jan 2026 10:19:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41313 IP address blocks: 89.25.20.0/22 maxlen: 22 89.25.20.0/24 maxlen: 24 89.25.21.0/24 maxlen: 24 89.25.22.0/24 maxlen: 24 89.25.23.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.crl rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.mft rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:84:a5:fd:5a:45:4a:bc:d2:c8:12:e8:08:fc:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d07d7573aacae821c87d6d36431cfe4b2801ab41 Validity Not Before: Jan 2 10:19:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=649e7a9f7635ed314993e4ea73fc9ca61bbcaa07 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:93:6c:40:f1:0d:27:0b:dd:ce:77:b8:50:f3: cb:b2:93:b3:da:57:55:9d:69:0b:8f:d9:09:3b:58: 50:4b:2c:c4:f0:4c:2c:90:78:7c:e8:25:1d:3a:42: 3f:39:bd:92:b5:51:d9:b5:27:89:87:59:db:93:d6: b5:a9:00:df:9e:c5:3b:83:26:a0:ee:dd:8f:ad:82: a5:71:ab:8f:b4:30:c4:c7:5a:3e:e0:45:94:b2:36: e2:ea:14:75:80:ac:1f:4e:e2:e8:4a:0c:59:bf:14: a0:df:ac:a3:c5:81:66:ac:d6:3b:44:e2:21:e4:b2: 7c:6d:b6:23:16:ef:50:89:cf:14:bc:e2:0f:6a:11: cc:d0:8e:bb:16:d3:d6:f0:97:71:3c:1e:df:12:1f: 19:b6:63:19:cc:8f:ef:91:f5:86:98:2b:1d:00:da: 39:a5:4c:ac:9e:a6:ee:7c:a5:05:64:ce:26:59:a8: ad:3a:08:35:68:9c:ba:bb:29:7c:ec:04:50:80:09: 39:3e:a8:4c:df:8f:41:c8:11:a6:36:a9:07:21:2a: 56:88:6c:a6:da:f8:2d:a5:ea:6b:5e:cf:dd:d6:6a: 2b:d5:5b:b0:3f:fc:48:7b:cd:98:99:0c:88:af:ff: 86:af:8f:d7:8d:0a:9d:cf:89:5d:60:32:49:ba:02: 8f:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:9E:7A:9F:76:35:ED:31:49:93:E4:EA:73:FC:9C:A6:1B:BC:AA:07 X509v3 Authority Key Identifier: keyid:D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/ZJ56n3Y17TFJk-Tqc_ycphu8qgc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.25.20.0/22 Signature Algorithm: sha256WithRSAEncryption 16:fe:bc:f4:25:61:d7:37:32:08:97:5f:26:95:b7:42:45:df: 94:ec:35:ad:63:ec:57:25:33:fe:5c:1d:36:4c:24:75:9a:73: c4:d1:20:a3:69:5a:5c:c8:50:6d:66:1f:59:76:ff:9f:21:eb: 09:0f:cb:59:d2:41:61:bd:cd:10:43:9a:db:f3:52:7e:13:f7: 2b:86:a3:4d:33:c1:4c:9c:4e:3a:d9:6a:33:90:51:0e:e6:dc: 8d:59:f8:14:f1:92:8d:85:9b:b1:e6:a9:3f:f1:a8:9c:3d:89: 38:04:13:c5:68:6d:c8:45:93:ff:ac:27:cd:9d:cb:7a:0e:10: bb:6a:c6:86:ff:f8:03:3d:4b:f1:2d:0c:39:e7:fa:5b:57:b3: 03:5c:41:71:ec:33:e2:d3:40:54:10:ff:95:26:62:dc:2f:56: c3:ad:9b:79:60:11:d6:62:b6:2e:5c:e2:97:35:3f:fa:0d:bb: 0f:61:a7:c6:38:44:96:b9:96:8a:06:17:12:b8:39:13:fd:2b: 73:c0:78:80:79:9d:ca:15:95:1a:99:28:55:24:78:a1:c5:a9: 69:6b:e5:34:62:15:e2:91:ec:34:08:dc:be:73:60:eb:8a:d1: 64:ef:ba:5f:09:32:dc:3c:71:45:47:c9:bc:5b:03:85:1a:2f: 27:e0:5b:c8 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+OISl/VpFSrzSyBLoCPwuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwN2Q3NTczYWFjYWU4MjFjODdkNmQzNjQzMWNmZTRiMjgw MWFiNDEwHhcNMjYwMTAyMTAxOTUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NDllN2E5Zjc2MzVlZDMxNDk5M2U0ZWE3M2ZjOWNhNjFiYmNhYTA3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZNsQPENJwvdzne4UPPLspOz2ldV nWkLj9kJO1hQSyzE8EwskHh86CUdOkI/Ob2StVHZtSeJh1nbk9a1qQDfnsU7gyag 7t2PrYKlcauPtDDEx1o+4EWUsjbi6hR1gKwfTuLoSgxZvxSg36yjxYFmrNY7ROIh 5LJ8bbYjFu9Qic8UvOIPahHM0I67FtPW8JdxPB7fEh8ZtmMZzI/vkfWGmCsdANo5 pUysnqbufKUFZM4mWaitOgg1aJy6uyl87ARQgAk5PqhM349ByBGmNqkHISpWiGym 2vgtpeprXs/d1mor1VuwP/xIe82YmQyIr/+Gr4/XjQqdz4ldYDJJugKPMQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFGSeep92Ne0xSZPk6nP8nKYbvKoHMB8GA1UdIwQY MBaAFNB9dXOqyughyH1tNkMc/ksoAatBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjIt Y2Y5ZGM1YmFhYTc5LzEvWko1Nm4zWTE3VEZKay1UcWNfeWNwaHU4cWdjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjItY2Y5ZGM1YmFhYTc5 LzEvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWRkUMA0G CSqGSIb3DQEBCwUAA4IBAQAW/rz0JWHXNzIIl18mlbdCRd+U7DWtY+xXJTP+XB02 TCR1mnPE0SCjaVpcyFBtZh9Zdv+fIesJD8tZ0kFhvc0QQ5rb81J+E/crhqNNM8FM nE462WozkFEO5tyNWfgU8ZKNhZux5qk/8aicPYk4BBPFaG3IRZP/rCfNnct6DhC7 asaG//gDPUvxLQw55/pbV7MDXEFx7DPi00BUEP+VJmLcL1bDrZt5YBHWYrYuXOKX NT/6DbsPYafGOESWuZaKBhcSuDkT/StzwHiAeZ3KFZUamShVJHihxalpa+U0YhXi kew0CNy+c2DritFk77pfCTLcPHFFR8m8WwOFGi8n4FvI -----END CERTIFICATE-----Generated at Sun Jan 25 18:22:08 2026 by rpki-client