This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/ZyYQ3KEt9f2yKB6eERuJd4g9UfE.roa File: ZyYQ3KEt9f2yKB6eERuJd4g9UfE.roa (raw, json) Hash identifier: 6ZxTJZl428x7/0NkpDuRPUr/wwMPeOVbNc5UG7dSpNs= Subject key identifier: 67:26:10:DC:A1:2D:F5:FD:B2:28:1E:9E:11:1B:89:77:88:3D:51:F1 Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4 Certificate serial: 019B77C6B239C2207F3CB4595D10A518B827 Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/ZyYQ3KEt9f2yKB6eERuJd4g9UfE.roa Signing time: Thu 01 Jan 2026 04:17:48 +0000 ROA not before: Thu 01 Jan 2026 04:17:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207952 IP address blocks: 46.8.104.0/24 maxlen: 24 109.248.57.0/24 maxlen: 24 188.130.149.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.mft rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:b2:39:c2:20:7f:3c:b4:59:5d:10:a5:18:b8:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4 Validity Not Before: Jan 1 04:17:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=672610dca12df5fdb2281e9e111b8977883d51f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:ab:ab:23:eb:79:8d:9c:de:c0:70:21:83:51: c2:10:ad:ca:bc:9b:53:e5:18:7c:4c:41:c8:03:58: d5:17:ad:50:e2:16:82:12:9b:13:aa:41:76:37:b8: 74:5e:05:6d:7d:4b:25:a1:22:cd:fb:6b:8e:0b:73: ce:6a:75:9d:de:0d:a5:d7:b4:72:c0:41:57:86:56: 2f:47:81:c5:f2:da:b4:bc:ac:a5:3d:60:0b:dd:0a: 35:66:b7:1f:60:4b:b7:a9:72:70:51:40:0a:dd:21: 9d:88:9f:60:15:16:72:f2:f8:e2:be:e1:1c:2b:9c: cd:14:78:d8:f3:6b:64:4c:a9:8d:a8:c9:f9:82:12: 5e:fb:36:6c:f8:bb:e1:cc:16:a3:99:73:f9:6f:47: 34:be:ea:7d:36:76:9d:df:cc:5c:73:86:c2:ea:41: 20:3d:98:28:10:f3:29:51:6d:b4:8c:57:b8:da:0d: 2f:0d:9e:5e:d9:60:26:7a:f0:5d:e4:c8:d1:b9:20: 7b:de:8e:03:86:16:0b:31:88:4b:d8:51:49:65:4e: 2a:07:4c:2e:87:00:28:37:f5:be:00:df:57:37:3d: 55:b4:38:91:89:af:52:5e:7d:1b:fd:34:f9:a9:7f: e6:41:f3:e4:21:5d:59:63:ce:52:99:fe:3e:ec:64: fb:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:26:10:DC:A1:2D:F5:FD:B2:28:1E:9E:11:1B:89:77:88:3D:51:F1 X509v3 Authority Key Identifier: keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/ZyYQ3KEt9f2yKB6eERuJd4g9UfE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.8.104.0/24 109.248.57.0/24 188.130.149.0/24 Signature Algorithm: sha256WithRSAEncryption 47:55:84:f4:b4:16:22:b8:b3:33:96:0d:62:ce:d3:8a:97:47: 5d:29:91:c2:54:4f:66:84:59:a3:39:df:72:d9:77:22:0b:e9: 60:22:4e:7a:08:fa:94:23:89:e8:70:1a:7c:71:6b:db:ce:2d: f6:77:88:05:87:be:23:6c:92:2b:f3:e3:ea:72:91:f4:26:67: 85:46:dc:f3:e1:ef:f6:44:b6:8a:be:30:bd:02:e7:f7:0a:fa: 8e:a3:d6:ff:fc:1e:12:e8:57:17:19:58:83:4e:a6:9f:d1:28: 0e:02:64:3c:89:7a:22:b1:62:8b:76:65:cb:b1:cb:29:00:20: ee:fb:97:93:fc:19:3e:2f:e9:e1:b6:ff:07:d9:28:5f:79:6e: 3b:d5:d0:33:19:fa:2e:3f:6b:81:25:78:60:9f:fd:be:82:aa: 80:2a:69:52:c5:0d:84:ce:15:4e:03:fa:c7:b7:22:c1:60:0a: c5:ae:a6:3a:eb:61:45:f5:43:71:de:cc:18:3e:e9:0e:87:6b: ec:0f:ba:38:2c:33:02:91:96:93:62:82:36:0c:20:02:21:5c: 39:fb:2e:06:3a:cb:b5:16:a8:26:a3:a2:84:83:ee:db:db:04: 1b:72:21:15:0a:b8:f0:64:ab:f8:55:87:19:80:f3:b4:c6:1f: 18:d1:95:99 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt3xrI5wiB/PLRZXRClGLgnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0 MjAzYjQwHhcNMjYwMTAxMDQxNzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NzI2MTBkY2ExMmRmNWZkYjIyODFlOWUxMTFiODk3Nzg4M2Q1MWYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3qurI+t5jZzewHAhg1HCEK3KvJtT 5Rh8TEHIA1jVF61Q4haCEpsTqkF2N7h0XgVtfUsloSLN+2uOC3POanWd3g2l17Ry wEFXhlYvR4HF8tq0vKylPWAL3Qo1ZrcfYEu3qXJwUUAK3SGdiJ9gFRZy8vjivuEc K5zNFHjY82tkTKmNqMn5ghJe+zZs+LvhzBajmXP5b0c0vup9Nnad38xcc4bC6kEg PZgoEPMpUW20jFe42g0vDZ5e2WAmevBd5MjRuSB73o4DhhYLMYhL2FFJZU4qB0wu hwAoN/W+AN9XNz1VtDiRia9SXn0b/TT5qX/mQfPkIV1ZY85Smf4+7GT79QIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFGcmENyhLfX9sigenhEbiXeIPVHxMB8GA1UdIwQY MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt MTY2OTljOTZkZDVlLzEvWnlZUTNLRXQ5ZjJ5S0I2ZUVSdUpkNGc5VWZFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALghoAwQA bfg5AwQAvIKVMA0GCSqGSIb3DQEBCwUAA4IBAQBHVYT0tBYiuLMzlg1iztOKl0dd KZHCVE9mhFmjOd9y2XciC+lgIk56CPqUI4nocBp8cWvbzi32d4gFh74jbJIr8+Pq cpH0JmeFRtzz4e/2RLaKvjC9Auf3CvqOo9b//B4S6FcXGViDTqaf0SgOAmQ8iXoi sWKLdmXLscspACDu+5eT/Bk+L+nhtv8H2ShfeW471dAzGfouP2uBJXhgn/2+gqqA KmlSxQ2EzhVOA/rHtyLBYArFrqY662FF9UNx3swYPukOh2vsD7o4LDMCkZaTYoI2 DCACIVw5+y4GOsu1Fqgmo6KEg+7b2wQbciEVCrjwZKv4VYcZgPO0xh8Y0ZWZ -----END CERTIFICATE-----Generated at Sun Jan 25 20:58:56 2026 by rpki-client