This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/6155f0-4dcb-48ce-a4ed-ac332f8d8c48/1/Zg9CXZORRCkEDfIdrbdV2Z1djOE.roa File: Zg9CXZORRCkEDfIdrbdV2Z1djOE.roa (raw, json) Hash identifier: ijvg+VbGDbhkZ0TpavVaie8pzYXStI3SVZx3OuXIsaQ= Subject key identifier: 66:0F:42:5D:93:91:44:29:04:0D:F2:1D:AD:B7:55:D9:9D:5D:8C:E1 Certificate issuer: /CN=2c9979ea38b9dbddca74b7bfa73768b57bffc12f Certificate serial: 019B7F83C8C1FC40252FDEB8E07B568F12EE Authority key identifier: 2C:99:79:EA:38:B9:DB:DD:CA:74:B7:BF:A7:37:68:B5:7B:FF:C1:2F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LJl56ji5293KdLe_pzdotXv_wS8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/6155f0-4dcb-48ce-a4ed-ac332f8d8c48/1/Zg9CXZORRCkEDfIdrbdV2Z1djOE.roa Signing time: Fri 02 Jan 2026 16:21:41 +0000 ROA not before: Fri 02 Jan 2026 16:21:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213020 IP address blocks: 2a12:9ac0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/6155f0-4dcb-48ce-a4ed-ac332f8d8c48/1/LJl56ji5293KdLe_pzdotXv_wS8.crl rsync://rpki.ripe.net/repository/DEFAULT/68/6155f0-4dcb-48ce-a4ed-ac332f8d8c48/1/LJl56ji5293KdLe_pzdotXv_wS8.mft rsync://rpki.ripe.net/repository/DEFAULT/LJl56ji5293KdLe_pzdotXv_wS8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:c8:c1:fc:40:25:2f:de:b8:e0:7b:56:8f:12:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2c9979ea38b9dbddca74b7bfa73768b57bffc12f Validity Not Before: Jan 2 16:21:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=660f425d93914429040df21dadb755d99d5d8ce1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:ac:c7:50:30:dd:b2:68:6a:9e:54:b6:f5:84: 54:cb:16:33:af:9d:5e:c1:e0:f6:41:ef:76:2d:b8: 26:0d:b0:e1:3c:ea:5d:7e:c8:5e:97:83:cc:66:4c: 22:b3:5a:68:ed:6d:2d:08:9f:ba:5d:fc:86:ac:60: 73:35:97:75:64:43:ec:ae:a1:f1:e7:9c:a9:1f:5f: cc:31:5d:59:68:cc:3b:91:c9:cd:3f:8e:28:da:1f: 13:9b:2b:a9:ad:2b:67:4a:15:7a:48:92:0c:9c:0e: 9e:82:e0:fd:81:e6:2e:43:d4:75:b0:21:aa:05:b8: c4:5c:9d:46:46:7e:48:0d:96:01:ce:7b:c4:b2:c5: c2:4c:19:8d:1d:05:16:c1:a6:b9:7f:1d:37:b0:18: a9:f3:71:eb:9e:ab:77:20:f9:b0:73:7b:de:7f:1f: 20:15:4f:62:22:fb:ce:fa:23:5c:eb:fc:92:88:e1: 12:ef:5d:be:0d:eb:64:70:af:28:25:16:33:64:88: 89:1f:bc:a6:38:0d:7b:54:2d:94:f8:fa:3b:48:75: d0:92:f1:d3:90:0b:b2:b5:e4:9c:5d:a7:b4:70:7f: 25:88:21:d3:07:65:87:af:86:48:44:db:ca:f0:8a: 4b:af:ee:83:e3:1a:c5:bd:f8:e2:07:4f:25:e9:f0: 53:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:0F:42:5D:93:91:44:29:04:0D:F2:1D:AD:B7:55:D9:9D:5D:8C:E1 X509v3 Authority Key Identifier: keyid:2C:99:79:EA:38:B9:DB:DD:CA:74:B7:BF:A7:37:68:B5:7B:FF:C1:2F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJl56ji5293KdLe_pzdotXv_wS8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6155f0-4dcb-48ce-a4ed-ac332f8d8c48/1/Zg9CXZORRCkEDfIdrbdV2Z1djOE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6155f0-4dcb-48ce-a4ed-ac332f8d8c48/1/LJl56ji5293KdLe_pzdotXv_wS8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a12:9ac0::/29 Signature Algorithm: sha256WithRSAEncryption aa:eb:73:e1:c6:5f:35:78:c3:7e:3e:58:40:b4:4d:e9:86:f2: 9e:00:2c:c5:d8:2d:fd:d8:1e:6f:be:40:08:30:0e:83:a7:14: eb:69:1f:69:06:2d:47:fb:3f:54:36:1d:ee:33:81:9f:94:38: 68:b2:b1:0e:a1:85:75:4a:aa:6b:7d:c5:15:21:6f:16:2c:82: 46:b0:c0:04:74:c2:d8:8a:6a:07:1a:d0:02:55:29:5c:33:52: ef:a7:d2:c6:1b:17:f0:1d:1a:10:51:0e:41:a0:f3:39:b9:f0: 31:45:c0:59:8a:d6:15:ca:9d:6f:6a:c1:9b:aa:f8:ac:22:b5: cd:ee:59:6d:c7:36:8c:42:f8:b9:f8:2c:b2:f7:81:45:66:c2: c8:fb:eb:53:46:80:92:a4:a3:28:2b:9d:7a:7e:62:bc:d1:1b: 4f:b7:5a:1f:ba:61:3d:4b:9f:0c:d4:21:bb:3c:00:46:53:49: 25:1e:e5:c6:a4:35:99:62:ea:e7:02:fa:15:8a:72:62:64:16: 8b:b4:bb:00:ac:66:11:df:1b:0e:4d:29:43:e2:5a:9a:16:9e: 93:b4:12:89:e7:e5:e4:74:03:45:2a:ce:18:36:f3:1b:d0:07: 59:1c:be:d2:ab:a3:31:46:c2:85:d6:2e:cc:62:54:aa:ba:70: 74:b4:bf:6c -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt/g8jB/EAlL9644HtWjxLuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJjOTk3OWVhMzhiOWRiZGRjYTc0YjdiZmE3Mzc2OGI1N2Jm ZmMxMmYwHhcNMjYwMTAyMTYyMTQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NjBmNDI1ZDkzOTE0NDI5MDQwZGYyMWRhZGI3NTVkOTlkNWQ4Y2UxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKzHUDDdsmhqnlS29YRUyxYzr51e weD2Qe92LbgmDbDhPOpdfshel4PMZkwis1po7W0tCJ+6XfyGrGBzNZd1ZEPsrqHx 55ypH1/MMV1ZaMw7kcnNP44o2h8TmyuprStnShV6SJIMnA6eguD9geYuQ9R1sCGq BbjEXJ1GRn5IDZYBznvEssXCTBmNHQUWwaa5fx03sBip83Hrnqt3IPmwc3vefx8g FU9iIvvO+iNc6/ySiOES712+DetkcK8oJRYzZIiJH7ymOA17VC2U+Po7SHXQkvHT kAuyteScXae0cH8liCHTB2WHr4ZIRNvK8IpLr+6D4xrFvfjiB08l6fBTnQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFGYPQl2TkUQpBA3yHa23VdmdXYzhMB8GA1UdIwQY MBaAFCyZeeo4udvdynS3v6c3aLV7/8EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTEpsNTZqaTUyOTNLZExlX3B6ZG90WHZfd1M4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82MTU1ZjAtNGRjYi00OGNlLWE0ZWQt YWMzMzJmOGQ4YzQ4LzEvWmc5Q1haT1JSQ2tFRGZJZHJiZFYyWjFkak9FLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC82MTU1ZjAtNGRjYi00OGNlLWE0ZWQtYWMzMzJmOGQ4YzQ4 LzEvTEpsNTZqaTUyOTNLZExlX3B6ZG90WHZfd1M4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhKawDAN BgkqhkiG9w0BAQsFAAOCAQEAqutz4cZfNXjDfj5YQLRN6YbyngAsxdgt/dgeb75A CDAOg6cU62kfaQYtR/s/VDYd7jOBn5Q4aLKxDqGFdUqqa33FFSFvFiyCRrDABHTC 2IpqBxrQAlUpXDNS76fSxhsX8B0aEFEOQaDzObnwMUXAWYrWFcqdb2rBm6r4rCK1 ze5Zbcc2jEL4ufgssveBRWbCyPvrU0aAkqSjKCuden5ivNEbT7daH7phPUufDNQh uzwARlNJJR7lxqQ1mWLq5wL6FYpyYmQWi7S7AKxmEd8bDk0pQ+Jamhaek7QSiefl 5HQDRSrOGDbzG9AHWRy+0qujMUbChdYuzGJUqrpwdLS/bA== -----END CERTIFICATE-----Generated at Sun Jan 25 18:05:20 2026 by rpki-client