This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/8d939f-87a6-496f-9008-656dbc2f2436/1/M-ZAizH3Jyc9LZTBrwMFMfJ5Pjs.roa File: M-ZAizH3Jyc9LZTBrwMFMfJ5Pjs.roa (raw, json) Hash identifier: ewZ193jdLfT/L5MLXvV3UajNvvWjflDdyAMOaO98puY= Subject key identifier: 33:E6:40:8B:31:F7:27:27:3D:2D:94:C1:AF:03:05:31:F2:79:3E:3B Certificate issuer: /CN=5dca17fc8d39e043ea769af28b548c9d39831d21 Certificate serial: 019B7DCA83CE177E2C12866E77CDB1688192 Authority key identifier: 5D:CA:17:FC:8D:39:E0:43:EA:76:9A:F2:8B:54:8C:9D:39:83:1D:21 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XcoX_I054EPqdpryi1SMnTmDHSE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/8d939f-87a6-496f-9008-656dbc2f2436/1/M-ZAizH3Jyc9LZTBrwMFMfJ5Pjs.roa Signing time: Fri 02 Jan 2026 08:19:42 +0000 ROA not before: Fri 02 Jan 2026 08:19:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3303 IP address blocks: 2001:67c:273c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/8d939f-87a6-496f-9008-656dbc2f2436/1/XcoX_I054EPqdpryi1SMnTmDHSE.crl rsync://rpki.ripe.net/repository/DEFAULT/79/8d939f-87a6-496f-9008-656dbc2f2436/1/XcoX_I054EPqdpryi1SMnTmDHSE.mft rsync://rpki.ripe.net/repository/DEFAULT/XcoX_I054EPqdpryi1SMnTmDHSE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:83:ce:17:7e:2c:12:86:6e:77:cd:b1:68:81:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5dca17fc8d39e043ea769af28b548c9d39831d21 Validity Not Before: Jan 2 08:19:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=33e6408b31f727273d2d94c1af030531f2793e3b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:00:a2:7d:c8:3c:14:84:77:d5:11:20:f1:9a: d4:ec:7b:9b:c8:ae:b2:75:be:97:5c:21:ea:8c:70: d3:cf:cf:86:82:8a:95:84:3b:04:f7:a5:65:7e:1c: 76:3f:06:aa:3f:50:67:42:76:d6:98:23:08:91:78: a4:99:bb:8e:68:04:c3:3d:7f:d2:eb:17:3f:36:69: ba:55:c8:13:0f:eb:30:fb:12:48:df:5f:54:31:92: c6:aa:16:56:c3:3a:1c:51:cd:93:eb:33:29:31:c7: 36:06:07:e6:7b:44:2a:9b:87:e0:af:26:62:4f:f4: 9c:67:1f:57:83:36:02:ec:02:79:a5:cf:a8:22:39: d7:1d:9b:36:5f:fe:ad:d5:a7:1a:58:7f:9f:89:75: 71:58:fc:6c:f6:73:a2:3d:49:fc:22:67:d2:f0:11: 52:ae:c4:14:45:6b:6f:b2:b3:fb:13:b2:9b:20:60: 8c:c3:df:c0:b6:6e:6f:48:bb:8f:46:a0:19:0c:b5: f1:f3:ae:88:00:03:a0:65:b4:08:13:87:3f:67:c6: 1c:8f:0b:1a:60:87:b2:f2:d6:02:f7:1a:8f:8d:24: fd:69:14:50:b3:0b:de:87:1a:fb:a5:8a:0e:4d:b8: 62:20:69:11:e3:6f:af:b1:b0:49:64:12:dc:a5:df: 28:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:E6:40:8B:31:F7:27:27:3D:2D:94:C1:AF:03:05:31:F2:79:3E:3B X509v3 Authority Key Identifier: keyid:5D:CA:17:FC:8D:39:E0:43:EA:76:9A:F2:8B:54:8C:9D:39:83:1D:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XcoX_I054EPqdpryi1SMnTmDHSE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/8d939f-87a6-496f-9008-656dbc2f2436/1/M-ZAizH3Jyc9LZTBrwMFMfJ5Pjs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/79/8d939f-87a6-496f-9008-656dbc2f2436/1/XcoX_I054EPqdpryi1SMnTmDHSE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:273c::/48 Signature Algorithm: sha256WithRSAEncryption 53:e5:ee:17:4d:7b:2d:cc:f1:0a:9b:2a:ad:fa:47:f0:90:5c: 2b:2d:bc:a8:c1:55:13:0c:a3:78:2c:9a:96:55:95:83:03:97: 9c:3e:e9:ca:cf:2d:05:66:65:46:d1:05:77:a7:84:75:c4:ba: 88:55:b6:fe:a1:b7:85:95:1b:f3:e9:bc:9d:9b:78:27:ed:a8: f0:92:39:1c:5b:94:d5:98:f7:25:b5:bd:67:50:7e:cd:ac:a5: 37:fa:79:ac:bc:0b:d8:be:30:17:66:26:f6:8f:0b:4b:35:b4: 18:3f:4f:46:35:55:d4:a8:e5:81:7c:b1:81:79:dd:13:6a:ce: ba:20:9d:d6:17:aa:4a:94:91:0e:3a:a8:32:eb:94:d3:e2:af: ff:af:f0:2b:4d:1a:69:b7:00:8e:47:c3:32:ef:6a:92:f8:84: 81:1c:51:d2:b6:dc:c9:46:19:0c:ae:ff:2a:00:ec:35:87:0b: e9:fe:20:27:dc:cd:64:a6:ee:c8:f7:8d:d5:fa:ff:f2:bb:93: 84:cf:28:98:84:41:c1:8f:c5:0c:8a:f9:b3:52:f7:8b:ce:f9: 97:ed:d8:de:72:65:16:ca:f4:9f:f8:52:c1:7e:8f:64:c9:84: aa:9a:22:7e:f5:a8:42:bd:d8:c9:53:6e:e2:ef:6b:2a:01:ad: 5a:f2:cd:7c -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt9yoPOF34sEoZud82xaIGSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkY2ExN2ZjOGQzOWUwNDNlYTc2OWFmMjhiNTQ4YzlkMzk4 MzFkMjEwHhcNMjYwMTAyMDgxOTQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzM2U2NDA4YjMxZjcyNzI3M2QyZDk0YzFhZjAzMDUzMWYyNzkzZTNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ACifcg8FIR31REg8ZrU7HubyK6y db6XXCHqjHDTz8+GgoqVhDsE96Vlfhx2PwaqP1BnQnbWmCMIkXikmbuOaATDPX/S 6xc/Nmm6VcgTD+sw+xJI319UMZLGqhZWwzocUc2T6zMpMcc2Bgfme0Qqm4fgryZi T/ScZx9XgzYC7AJ5pc+oIjnXHZs2X/6t1acaWH+fiXVxWPxs9nOiPUn8ImfS8BFS rsQURWtvsrP7E7KbIGCMw9/Atm5vSLuPRqAZDLXx866IAAOgZbQIE4c/Z8Ycjwsa YIey8tYC9xqPjST9aRRQswvehxr7pYoOTbhiIGkR42+vsbBJZBLcpd8oYwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFDPmQIsx9ycnPS2Uwa8DBTHyeT47MB8GA1UdIwQY MBaAFF3KF/yNOeBD6naa8otUjJ05gx0hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGNvWF9JMDU0RVBxZHByeWkxU01uVG1ESFNFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS84ZDkzOWYtODdhNi00OTZmLTkwMDgt NjU2ZGJjMmYyNDM2LzEvTS1aQWl6SDNKeWM5TFpUQnJ3TUZNZko1UGpzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OS84ZDkzOWYtODdhNi00OTZmLTkwMDgtNjU2ZGJjMmYyNDM2 LzEvWGNvWF9JMDU0RVBxZHByeWkxU01uVG1ESFNFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCc8 MA0GCSqGSIb3DQEBCwUAA4IBAQBT5e4XTXstzPEKmyqt+kfwkFwrLbyowVUTDKN4 LJqWVZWDA5ecPunKzy0FZmVG0QV3p4R1xLqIVbb+obeFlRvz6bydm3gn7ajwkjkc W5TVmPcltb1nUH7NrKU3+nmsvAvYvjAXZib2jwtLNbQYP09GNVXUqOWBfLGBed0T as66IJ3WF6pKlJEOOqgy65TT4q//r/ArTRpptwCOR8My72qS+ISBHFHSttzJRhkM rv8qAOw1hwvp/iAn3M1kpu7I943V+v/yu5OEzyiYhEHBj8UMivmzUveLzvmX7dje cmUWyvSf+FLBfo9kyYSqmiJ+9ahCvdjJU27i72sqAa1a8s18 -----END CERTIFICATE-----Generated at Sun Jan 25 17:22:25 2026 by rpki-client