This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/99cbcf-7d4f-4b12-a577-cc8054a51d66/1/ZbPx8DmJFKdQIWP-bXHtV-eEAv8.roa File: ZbPx8DmJFKdQIWP-bXHtV-eEAv8.roa (raw, json) Hash identifier: vdIV9Jeh3rKfLujo37xtw3yrmFmf9rID9z/P7vCkaSc= Subject key identifier: 65:B3:F1:F0:39:89:14:A7:50:21:63:FE:6D:71:ED:57:E7:84:02:FF Certificate issuer: /CN=63be08da1ab31e3f98f554fa01373f94cc9011ed Certificate serial: 019B79101355188C3013BA91EE10841196CE Authority key identifier: 63:BE:08:DA:1A:B3:1E:3F:98:F5:54:FA:01:37:3F:94:CC:90:11:ED Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y74I2hqzHj-Y9VT6ATc_lMyQEe0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/99cbcf-7d4f-4b12-a577-cc8054a51d66/1/ZbPx8DmJFKdQIWP-bXHtV-eEAv8.roa Signing time: Thu 01 Jan 2026 10:17:35 +0000 ROA not before: Thu 01 Jan 2026 10:17:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31673 IP address blocks: 5.39.168.0/21 maxlen: 24 31.171.200.0/21 maxlen: 24 83.143.184.0/21 maxlen: 24 84.38.224.0/20 maxlen: 24 178.248.152.0/21 maxlen: 24 185.168.85.0/24 maxlen: 24 185.168.86.0/23 maxlen: 24 195.69.72.0/22 maxlen: 24 2a0a:9fc0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/99cbcf-7d4f-4b12-a577-cc8054a51d66/1/Y74I2hqzHj-Y9VT6ATc_lMyQEe0.crl rsync://rpki.ripe.net/repository/DEFAULT/64/99cbcf-7d4f-4b12-a577-cc8054a51d66/1/Y74I2hqzHj-Y9VT6ATc_lMyQEe0.mft rsync://rpki.ripe.net/repository/DEFAULT/Y74I2hqzHj-Y9VT6ATc_lMyQEe0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 19:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:13:55:18:8c:30:13:ba:91:ee:10:84:11:96:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=63be08da1ab31e3f98f554fa01373f94cc9011ed Validity Not Before: Jan 1 10:17:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=65b3f1f0398914a7502163fe6d71ed57e78402ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:f4:7c:70:7e:d7:82:4e:06:d9:86:dd:a4:e4: 9b:cf:7b:b0:ed:42:ef:f5:03:91:68:21:95:86:11: 9b:02:8f:3f:b8:33:1b:63:2a:9f:86:8d:f2:f6:1c: 11:96:8e:15:c6:9e:2a:16:16:04:7f:f8:aa:65:5d: cf:2f:79:e3:bf:86:ed:4b:5d:06:95:46:5b:9c:f2: 97:e8:8d:e4:d9:0d:8b:e9:ae:00:a7:f6:e7:c4:68: ed:bd:8e:19:da:81:13:16:d1:36:19:b3:dc:6a:5a: 39:fe:0c:ae:53:d5:91:45:bb:73:76:12:b7:6e:48: e6:16:96:b3:6b:fa:f9:b9:ab:c1:83:31:b2:27:81: 38:51:9a:20:21:24:5e:0d:3f:9c:57:65:cb:db:bd: dc:6d:fe:c0:07:2a:99:15:91:ef:f6:a3:66:72:de: 0c:ca:2c:51:42:1d:66:a9:69:11:de:29:06:f4:5d: 36:bb:73:34:e6:56:05:0f:69:71:39:3b:bc:c3:4d: 82:de:14:c2:4b:2f:82:0d:3c:2a:26:e4:b9:f0:be: 04:87:a6:7e:64:2c:6e:10:a1:9d:ef:16:1a:5d:8d: 13:a4:17:54:bb:08:10:3f:83:ad:ae:8b:25:19:e3: 0f:7e:16:ce:97:3d:b1:13:f7:01:a9:5f:62:2f:c5: 27:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:B3:F1:F0:39:89:14:A7:50:21:63:FE:6D:71:ED:57:E7:84:02:FF X509v3 Authority Key Identifier: keyid:63:BE:08:DA:1A:B3:1E:3F:98:F5:54:FA:01:37:3F:94:CC:90:11:ED X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y74I2hqzHj-Y9VT6ATc_lMyQEe0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/99cbcf-7d4f-4b12-a577-cc8054a51d66/1/ZbPx8DmJFKdQIWP-bXHtV-eEAv8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/99cbcf-7d4f-4b12-a577-cc8054a51d66/1/Y74I2hqzHj-Y9VT6ATc_lMyQEe0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.39.168.0/21 31.171.200.0/21 83.143.184.0/21 84.38.224.0/20 178.248.152.0/21 185.168.85.0-185.168.87.255 195.69.72.0/22 IPv6: 2a0a:9fc0::/29 Signature Algorithm: sha256WithRSAEncryption 7e:72:1d:c8:69:23:32:3f:f0:69:eb:74:44:06:ad:8d:29:2e: 98:14:3d:05:ea:c0:61:88:5f:21:62:fd:c6:86:e1:34:31:ae: 71:93:50:54:94:62:20:69:e0:c2:5b:95:96:05:4b:bc:0b:fb: 1e:fb:de:9f:04:9e:c6:40:e2:32:33:9f:00:cb:ba:39:c3:98: 90:fd:b7:46:e5:66:cf:89:9a:04:92:cf:ef:f0:5b:08:c2:7e: 31:45:1d:14:cb:ce:2d:83:73:71:ff:5a:b5:99:79:11:ef:6c: 44:b8:b6:26:f6:c0:06:d5:d0:cb:14:25:3c:b5:65:02:a1:cc: 18:1b:74:b0:fe:25:2a:00:81:59:8b:aa:30:56:ac:1a:29:d7: 88:f2:2a:4a:aa:f4:39:ff:98:17:0a:92:4c:e0:71:75:11:6b: a2:f6:1f:42:c3:34:f7:1f:c1:2a:e8:2a:41:2f:1b:48:1a:b3: 32:57:fe:71:6b:6a:3b:2e:4d:32:d4:63:93:7a:af:5c:b1:7a: 9e:97:ed:db:25:fc:e6:37:3b:2a:89:68:b7:84:72:1d:f4:57: 6a:03:bd:2d:98:16:18:7b:ce:09:15:03:3f:8c:69:de:38:30: 88:3d:36:64:ef:0d:8b:3f:59:92:f1:ed:0d:0b:bf:3e:39:7b: 20:4d:1b:76 -----BEGIN CERTIFICATE----- MIIFODCCBCCgAwIBAgISAZt5EBNVGIwwE7qR7hCEEZbOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzYmUwOGRhMWFiMzFlM2Y5OGY1NTRmYTAxMzczZjk0Y2M5 MDExZWQwHhcNMjYwMTAxMTAxNzM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NWIzZjFmMDM5ODkxNGE3NTAyMTYzZmU2ZDcxZWQ1N2U3ODQwMmZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/R8cH7Xgk4G2YbdpOSbz3uw7ULv 9QORaCGVhhGbAo8/uDMbYyqfho3y9hwRlo4Vxp4qFhYEf/iqZV3PL3njv4btS10G lUZbnPKX6I3k2Q2L6a4Ap/bnxGjtvY4Z2oETFtE2GbPcalo5/gyuU9WRRbtzdhK3 bkjmFpaza/r5uavBgzGyJ4E4UZogISReDT+cV2XL273cbf7AByqZFZHv9qNmct4M yixRQh1mqWkR3ikG9F02u3M05lYFD2lxOTu8w02C3hTCSy+CDTwqJuS58L4Eh6Z+ ZCxuEKGd7xYaXY0TpBdUuwgQP4OtroslGeMPfhbOlz2xE/cBqV9iL8UnwQIDAQAB o4ICRDCCAkAwHQYDVR0OBBYEFGWz8fA5iRSnUCFj/m1x7VfnhAL/MB8GA1UdIwQY MBaAFGO+CNoasx4/mPVU+gE3P5TMkBHtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWTc0STJocXpIai1ZOVZUNkFUY19sTXlRRWUwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC85OWNiY2YtN2Q0Zi00YjEyLWE1Nzct Y2M4MDU0YTUxZDY2LzEvWmJQeDhEbUpGS2RRSVdQLWJYSHRWLWVFQXY4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC85OWNiY2YtN2Q0Zi00YjEyLWE1NzctY2M4MDU0YTUxZDY2 LzEvWTc0STJocXpIai1ZOVZUNkFUY19sTXlRRWUwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQDBSeoAwQD H6vIAwQDU4+4AwQEVCbgAwQDsviYMAwDBAC5qFUDBAO5qFADBALDRUgwDQQCAAIw BwMFAyoKn8AwDQYJKoZIhvcNAQELBQADggEBAH5yHchpIzI/8GnrdEQGrY0pLpgU PQXqwGGIXyFi/caG4TQxrnGTUFSUYiBp4MJblZYFS7wL+x773p8EnsZA4jIznwDL ujnDmJD9t0blZs+JmgSSz+/wWwjCfjFFHRTLzi2Dc3H/WrWZeRHvbES4tib2wAbV 0MsUJTy1ZQKhzBgbdLD+JSoAgVmLqjBWrBop14jyKkqq9Dn/mBcKkkzgcXURa6L2 H0LDNPcfwSroKkEvG0gaszJX/nFrajsuTTLUY5N6r1yxep6X7dsl/OY3OyqJaLeE ch30V2oDvS2YFhh7zgkVAz+Mad44MIg9NmTvDYs/WZLx7Q0Lvz45eyBNG3Y= -----END CERTIFICATE-----Generated at Mon Jan 26 04:38:51 2026 by rpki-client