This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/ZS3grquCf_l1OKXIoqEGRKP0J6M.roa File: ZS3grquCf_l1OKXIoqEGRKP0J6M.roa (raw, json) Hash identifier: 2PBPag/zPM22x9IohJ6q0TulDZRbeQTFCvgCnuCjnz0= Subject key identifier: 65:2D:E0:AE:AB:82:7F:F9:75:38:A5:C8:A2:A1:06:44:A3:F4:27:A3 Certificate issuer: /CN=2985cc43d806a21b63330219eb638bb1ba49ae80 Certificate serial: 019B79ECE8FDA28E81A47E3FF09143CBBED9 Authority key identifier: 29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/ZS3grquCf_l1OKXIoqEGRKP0J6M.roa Signing time: Thu 01 Jan 2026 14:18:47 +0000 ROA not before: Thu 01 Jan 2026 14:18:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49063 IP address blocks: 87.242.76.0/22 maxlen: 22 87.242.76.0/24 maxlen: 24 87.242.77.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:e8:fd:a2:8e:81:a4:7e:3f:f0:91:43:cb:be:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2985cc43d806a21b63330219eb638bb1ba49ae80 Validity Not Before: Jan 1 14:18:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=652de0aeab827ff97538a5c8a2a10644a3f427a3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:cd:9c:5b:15:42:c5:ae:61:7c:33:9a:48:62: 29:e6:09:ea:09:b2:e4:43:3b:43:ea:74:88:82:96: 18:ea:70:ea:b4:ff:3a:7f:60:0f:32:dd:de:dd:47: 3d:49:a7:18:01:80:91:8e:06:87:58:49:e0:6b:9b: 73:84:3b:53:be:67:e0:3d:8b:56:50:1d:dd:ca:e9: 95:a3:7a:1c:1c:2c:7b:cd:9e:d7:96:ca:0d:6b:45: 9c:4a:a7:37:4b:24:d5:d1:04:13:d9:0b:d6:45:df: 4e:2f:61:be:11:4b:af:7b:55:be:e6:29:5d:f2:ea: 27:31:31:12:13:93:ea:95:db:21:d5:1c:7c:be:d4: 09:be:83:8f:c2:e6:82:2a:c6:be:6e:ec:b8:58:9a: fc:06:6a:be:ea:fa:02:c9:7f:23:1b:38:d9:dd:c2: 3e:e4:0e:88:b5:0c:fb:a0:2a:66:f0:37:45:d9:f5: 2d:ef:71:da:f7:8c:db:37:5c:b4:d2:ab:76:60:98: b2:ca:12:cb:c7:31:2e:39:69:ab:ea:10:51:f7:ed: 98:9f:b9:81:23:b5:31:ea:09:cd:6e:d2:3e:9e:34: 62:93:94:a4:63:11:c8:7a:cb:42:f5:be:ac:c9:0c: a4:bf:36:72:87:eb:36:86:e4:8b:6d:aa:7b:13:64: 8e:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:2D:E0:AE:AB:82:7F:F9:75:38:A5:C8:A2:A1:06:44:A3:F4:27:A3 X509v3 Authority Key Identifier: keyid:29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/ZS3grquCf_l1OKXIoqEGRKP0J6M.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 87.242.76.0/22 Signature Algorithm: sha256WithRSAEncryption 30:b2:65:b5:a2:cf:0f:40:c2:da:2a:0e:e9:8f:6b:f1:46:d9: 97:95:f9:84:f9:d7:ca:c6:b2:2f:f4:27:ee:7c:9d:43:cc:0b: 92:fc:81:46:d7:71:4d:86:79:7d:17:22:6d:a6:e8:18:9c:dd: f0:2b:e7:da:25:b2:5b:36:90:81:d5:43:4f:e1:14:c6:4e:5d: 16:57:ff:aa:b7:f7:c3:75:22:58:1c:4e:f7:b7:6c:e1:5a:d0: 87:13:d6:9b:31:15:8e:c7:09:9e:0c:06:6f:f5:18:28:8c:b3: 01:b2:e7:52:1e:12:8c:92:84:3e:76:bf:78:14:f1:c1:c1:4f: 3e:75:ed:2a:9a:38:ec:38:d6:0e:8d:60:b3:35:90:b8:3d:ef: da:4a:f6:87:8a:c8:60:40:fa:72:44:59:bf:1e:70:7a:7c:9e: 6c:aa:78:bd:24:47:5e:71:51:6c:59:49:7f:fc:30:7d:02:c2: 08:5f:83:10:c2:47:98:23:18:72:41:7d:ad:6d:38:2e:c4:40: 7e:4e:48:e7:ce:be:0a:76:6e:df:31:ed:70:c9:2e:45:c3:f0: d0:61:3c:d8:00:0d:6c:03:af:41:0d:6a:7c:4e:3d:19:ac:e3: 53:53:01:02:67:66:02:9a:6d:3d:f5:66:35:37:5e:57:fc:85: 7e:8a:eb:5d -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt57Oj9oo6BpH4/8JFDy77ZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5ODVjYzQzZDgwNmEyMWI2MzMzMDIxOWViNjM4YmIxYmE0 OWFlODAwHhcNMjYwMTAxMTQxODQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NTJkZTBhZWFiODI3ZmY5NzUzOGE1YzhhMmExMDY0NGEzZjQyN2EzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuM2cWxVCxa5hfDOaSGIp5gnqCbLk QztD6nSIgpYY6nDqtP86f2APMt3e3Uc9SacYAYCRjgaHWEnga5tzhDtTvmfgPYtW UB3dyumVo3ocHCx7zZ7XlsoNa0WcSqc3SyTV0QQT2QvWRd9OL2G+EUuve1W+5ild 8uonMTESE5Pqldsh1Rx8vtQJvoOPwuaCKsa+buy4WJr8Bmq+6voCyX8jGzjZ3cI+ 5A6ItQz7oCpm8DdF2fUt73Ha94zbN1y00qt2YJiyyhLLxzEuOWmr6hBR9+2Yn7mB I7Ux6gnNbtI+njRik5SkYxHIestC9b6syQykvzZyh+s2huSLbap7E2SO8QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFGUt4K6rgn/5dTilyKKhBkSj9CejMB8GA1UdIwQY MBaAFCmFzEPYBqIbYzMCGetji7G6Sa6AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzIt NGRmODg0MGVmYjE3LzEvWlMzZ3JxdUNmX2wxT0tYSW9xRUdSS1AwSjZNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzItNGRmODg0MGVmYjE3 LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCV/JMMA0G CSqGSIb3DQEBCwUAA4IBAQAwsmW1os8PQMLaKg7pj2vxRtmXlfmE+dfKxrIv9Cfu fJ1DzAuS/IFG13FNhnl9FyJtpugYnN3wK+faJbJbNpCB1UNP4RTGTl0WV/+qt/fD dSJYHE73t2zhWtCHE9abMRWOxwmeDAZv9RgojLMBsudSHhKMkoQ+dr94FPHBwU8+ de0qmjjsONYOjWCzNZC4Pe/aSvaHishgQPpyRFm/HnB6fJ5sqni9JEdecVFsWUl/ /DB9AsIIX4MQwkeYIxhyQX2tbTguxEB+Tkjnzr4Kdm7fMe1wyS5Fw/DQYTzYAA1s A69BDWp8Tj0ZrONTUwECZ2YCmm099WY1N15X/IV+iutd -----END CERTIFICATE-----Generated at Mon Jan 26 02:22:40 2026 by rpki-client