This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/Z5QikMa7UwGfn8uO2JzMrRFXYnY.roa File: Z5QikMa7UwGfn8uO2JzMrRFXYnY.roa (raw, json) Hash identifier: U7DHGYIkh2PVaJpwB3Rs6rnlNqHm+IBWFv5Y36W7frQ= Subject key identifier: 67:94:22:90:C6:BB:53:01:9F:9F:CB:8E:D8:9C:CC:AD:11:57:62:76 Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a Certificate serial: 019B7DCB4A4A2500C35B6526DB254742FF71 Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/Z5QikMa7UwGfn8uO2JzMrRFXYnY.roa Signing time: Fri 02 Jan 2026 08:20:33 +0000 ROA not before: Fri 02 Jan 2026 08:20:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208102 IP address blocks: 212.22.66.0/24 maxlen: 24 212.22.85.0/24 maxlen: 24 212.22.92.0/24 maxlen: 24 212.22.93.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.mft rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:4a:4a:25:00:c3:5b:65:26:db:25:47:42:ff:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a Validity Not Before: Jan 2 08:20:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=67942290c6bb53019f9fcb8ed89cccad11576276 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:68:00:bb:59:57:ca:a3:c5:26:5f:2d:b3:a6: 20:15:2b:88:f9:19:ed:43:81:af:47:6f:13:b0:23: a1:d9:ca:8a:63:59:f7:3d:5c:43:ae:59:c6:62:5f: 86:8c:cb:5b:42:75:67:64:99:74:c2:5a:77:fb:84: c1:6d:db:10:6b:63:ee:93:4a:08:ff:36:15:49:b4: fa:35:00:8d:d3:bf:f5:4d:be:69:ae:ca:12:28:bc: 98:5f:6f:b2:e3:3b:db:e0:a7:dd:c8:36:20:f9:90: 47:f1:72:6f:41:a2:2d:90:78:8d:01:52:c1:ed:50: 93:84:1a:e7:d1:02:88:08:12:62:f3:cf:6c:b5:47: 9f:06:e7:c5:04:7a:41:c8:25:f1:f9:cb:19:24:ca: 49:f1:33:7a:b8:d9:9a:d2:23:be:1a:57:ba:a6:82: 3f:4d:60:8c:2b:9c:1d:a9:3b:a8:ac:d9:91:52:c9: a7:d1:9b:ca:4b:61:79:d7:a7:69:83:4e:a5:b7:dd: 46:a2:b4:76:8e:a0:94:b5:84:fc:4b:77:ca:0e:37: 80:72:f7:8a:8e:5a:7a:49:24:6e:6f:51:e5:61:b0: ef:b0:5f:d1:5c:cf:05:a5:3a:5b:46:bd:47:a1:10: 63:dc:e6:2f:81:e3:ba:94:7e:c9:f8:7e:5d:c6:0b: c8:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:94:22:90:C6:BB:53:01:9F:9F:CB:8E:D8:9C:CC:AD:11:57:62:76 X509v3 Authority Key Identifier: keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/Z5QikMa7UwGfn8uO2JzMrRFXYnY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 212.22.66.0/24 212.22.85.0/24 212.22.92.0/23 Signature Algorithm: sha256WithRSAEncryption 96:28:81:37:ec:94:b5:5b:0f:05:02:f8:ee:02:ba:3c:81:56: 1b:09:32:4a:37:42:b3:a1:fe:c0:f1:ef:a0:f6:ca:89:ba:70: ec:01:92:f2:4b:f3:6b:29:d5:c1:31:0b:e9:5c:b8:80:78:bb: e0:cd:c3:a4:6f:d9:f0:e0:8d:3f:0e:cf:ba:66:81:84:bc:7b: 90:df:c4:c6:63:ea:d9:1e:1b:aa:27:6a:93:7f:78:ca:7f:99: 14:8c:b8:b5:3d:07:c1:fb:b4:35:de:b1:7f:08:42:d1:34:98: 83:49:6f:c0:aa:d2:68:17:06:0f:3d:44:e0:41:eb:f4:d8:ac: 0a:69:c3:3a:4b:c6:9a:ad:d1:c0:25:6b:a3:93:8a:9e:1b:20: a8:a7:99:92:42:ce:3f:e6:89:1f:cd:c8:5b:b6:81:a5:7d:3d: b3:da:1e:6c:8d:c5:28:99:ad:2a:b8:e8:7f:9e:c0:0f:82:6f: 37:98:94:a7:cf:0b:d7:4e:90:ac:a8:28:53:b0:cd:ff:c8:99: 20:70:aa:6c:d8:8d:5d:89:c4:08:c4:db:c5:fe:5b:39:71:16: dd:b2:c6:1d:cd:5c:76:8f:b2:85:7b:30:46:ce:13:85:4b:ee: fb:3e:e7:6f:26:33:e0:a2:26:b6:38:ce:fd:dc:d3:fe:1f:51: 34:43:16:ef -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt9y0pKJQDDW2Um2yVHQv9xMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm YmViOWEwHhcNMjYwMTAyMDgyMDMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2Nzk0MjI5MGM2YmI1MzAxOWY5ZmNiOGVkODljY2NhZDExNTc2Mjc2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmgAu1lXyqPFJl8ts6YgFSuI+Rnt Q4GvR28TsCOh2cqKY1n3PVxDrlnGYl+GjMtbQnVnZJl0wlp3+4TBbdsQa2Puk0oI /zYVSbT6NQCN07/1Tb5prsoSKLyYX2+y4zvb4KfdyDYg+ZBH8XJvQaItkHiNAVLB 7VCThBrn0QKICBJi889stUefBufFBHpByCXx+csZJMpJ8TN6uNma0iO+Gle6poI/ TWCMK5wdqTuorNmRUsmn0ZvKS2F516dpg06lt91GorR2jqCUtYT8S3fKDjeAcveK jlp6SSRub1HlYbDvsF/RXM8FpTpbRr1HoRBj3OYvgeO6lH7J+H5dxgvIoQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFGeUIpDGu1MBn5/LjticzK0RV2J2MB8GA1UdIwQY MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt NmE0ZWNhZjhiM2IxLzEvWjVRaWtNYTdVd0dmbjh1TzJKek1yUkZYWW5ZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1BZCAwQA 1BZVAwQB1BZcMA0GCSqGSIb3DQEBCwUAA4IBAQCWKIE37JS1Ww8FAvjuAro8gVYb CTJKN0Kzof7A8e+g9sqJunDsAZLyS/NrKdXBMQvpXLiAeLvgzcOkb9nw4I0/Ds+6 ZoGEvHuQ38TGY+rZHhuqJ2qTf3jKf5kUjLi1PQfB+7Q13rF/CELRNJiDSW/AqtJo FwYPPUTgQev02KwKacM6S8aardHAJWujk4qeGyCop5mSQs4/5okfzchbtoGlfT2z 2h5sjcUoma0quOh/nsAPgm83mJSnzwvXTpCsqChTsM3/yJkgcKps2I1dicQIxNvF /ls5cRbdssYdzVx2j7KFezBGzhOFS+77PudvJjPgoia2OM793NP+H1E0Qxbv -----END CERTIFICATE-----Generated at Sun Jan 25 08:47:47 2026 by rpki-client