This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/z92krxSw-hPFAOTzqyVkWwbmwSQ.roa File: z92krxSw-hPFAOTzqyVkWwbmwSQ.roa (raw, json) Hash identifier: UmaQR3RHLDeTPrQrX1Vr4JMThGImksq/AjUcliH2e2A= Subject key identifier: CF:DD:A4:AF:14:B0:FA:13:C5:00:E4:F3:AB:25:64:5B:06:E6:C1:24 Certificate issuer: /CN=df904155ee3acfe3fea8bbfee86e97c58c8991f4 Certificate serial: 019B79ED2E0AE15EBF23D6188E714CBC86B6 Authority key identifier: DF:90:41:55:EE:3A:CF:E3:FE:A8:BB:FE:E8:6E:97:C5:8C:89:91:F4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/35BBVe46z-P-qLv-6G6XxYyJkfQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/z92krxSw-hPFAOTzqyVkWwbmwSQ.roa Signing time: Thu 01 Jan 2026 14:19:05 +0000 ROA not before: Thu 01 Jan 2026 14:19:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44356 IP address blocks: 31.13.152.0/21 maxlen: 24 79.99.192.0/21 maxlen: 24 2a00:1538::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/35BBVe46z-P-qLv-6G6XxYyJkfQ.crl rsync://rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/35BBVe46z-P-qLv-6G6XxYyJkfQ.mft rsync://rpki.ripe.net/repository/DEFAULT/35BBVe46z-P-qLv-6G6XxYyJkfQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ed:2e:0a:e1:5e:bf:23:d6:18:8e:71:4c:bc:86:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df904155ee3acfe3fea8bbfee86e97c58c8991f4 Validity Not Before: Jan 1 14:19:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cfdda4af14b0fa13c500e4f3ab25645b06e6c124 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:dc:5b:b1:bc:36:1a:43:d5:ed:09:29:f8:d7: 89:a1:26:3b:83:b0:36:36:37:34:96:2e:a3:c9:13: b3:7c:fc:af:ad:86:46:36:fd:6e:47:81:04:9c:f4: 69:de:dc:98:bd:71:a5:ea:45:0e:06:b1:7e:04:e8: cf:37:8d:52:ef:c6:67:94:ff:78:d1:3d:d2:d6:78: e9:e7:f2:4e:43:91:77:de:f9:e4:88:0b:7e:d3:c2: 08:bd:66:9d:13:d4:29:ae:3d:6d:63:39:d4:8e:e5: f1:fe:03:ce:55:9d:e8:b5:c0:43:4f:9f:37:bb:84: ad:0e:1e:e6:b8:23:f2:e4:d5:df:98:40:ab:a9:0a: 1a:5a:17:59:54:69:34:b9:41:31:ba:bf:77:58:54: d0:20:0c:f4:99:46:1a:89:28:e0:ab:98:6c:b1:0c: 3c:ea:c3:28:46:b6:4e:3b:b7:50:e8:6e:85:65:f0: 2b:21:df:5a:a3:63:3d:4c:b5:47:73:b9:b7:82:22: db:55:69:f9:92:26:0b:85:10:85:bd:f3:df:67:67: 3f:03:7d:42:d7:08:f3:74:5b:e2:88:c3:52:13:bd: 88:8c:b2:45:21:90:e3:a6:ab:99:5f:20:14:0c:cb: d8:1d:ad:82:b9:f7:24:d1:b7:ed:14:b3:c7:45:53: e5:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:DD:A4:AF:14:B0:FA:13:C5:00:E4:F3:AB:25:64:5B:06:E6:C1:24 X509v3 Authority Key Identifier: keyid:DF:90:41:55:EE:3A:CF:E3:FE:A8:BB:FE:E8:6E:97:C5:8C:89:91:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/35BBVe46z-P-qLv-6G6XxYyJkfQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/z92krxSw-hPFAOTzqyVkWwbmwSQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/35BBVe46z-P-qLv-6G6XxYyJkfQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.13.152.0/21 79.99.192.0/21 IPv6: 2a00:1538::/32 Signature Algorithm: sha256WithRSAEncryption 60:57:31:03:60:aa:65:60:07:df:fe:25:73:10:91:7c:e4:b2: 5b:b3:04:e7:1e:b4:4d:35:f9:54:22:cf:e3:04:48:de:6a:cd: 6d:81:d6:8d:bf:ac:f0:39:5e:a8:4e:e0:d3:5b:f1:03:c1:64: 28:4e:6c:52:0e:82:65:1b:16:e8:3b:4f:2b:97:e9:a7:16:0d: c6:06:85:1c:e2:13:b5:2e:3f:5c:14:55:42:14:ef:bd:a1:41: 7b:88:3e:68:12:6c:e1:fe:e1:9f:dc:e4:c7:8e:c6:b1:44:9f: 38:83:90:55:81:df:05:60:7e:f7:d9:47:c0:2d:b1:c1:fc:5e: 46:a5:1d:4a:82:08:58:cb:3c:08:99:0f:95:51:51:2a:59:12: 79:13:6c:96:01:9f:3e:31:04:47:3a:7d:54:6d:38:7d:12:48: 72:02:19:49:aa:71:4a:47:45:90:32:45:aa:21:b4:60:ae:a9: de:23:29:34:72:de:0d:50:8b:d8:c5:b5:36:f4:38:89:96:d7: ee:0f:5b:27:a8:b6:3e:fc:59:aa:bc:d6:31:a8:a8:c0:98:f1: b1:23:ce:f1:85:2d:c8:70:27:a8:cd:80:23:25:61:3a:11:c8: ca:3b:e1:83:42:8c:fa:4d:13:e8:49:ac:96:fc:68:c3:0a:6a: ca:4a:01:2e -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt57S4K4V6/I9YYjnFMvIa2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRmOTA0MTU1ZWUzYWNmZTNmZWE4YmJmZWU4NmU5N2M1OGM4 OTkxZjQwHhcNMjYwMTAxMTQxOTA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZmRkYTRhZjE0YjBmYTEzYzUwMGU0ZjNhYjI1NjQ1YjA2ZTZjMTI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtxbsbw2GkPV7Qkp+NeJoSY7g7A2 Njc0li6jyROzfPyvrYZGNv1uR4EEnPRp3tyYvXGl6kUOBrF+BOjPN41S78ZnlP94 0T3S1njp5/JOQ5F33vnkiAt+08IIvWadE9Qprj1tYznUjuXx/gPOVZ3otcBDT583 u4StDh7muCPy5NXfmECrqQoaWhdZVGk0uUExur93WFTQIAz0mUYaiSjgq5hssQw8 6sMoRrZOO7dQ6G6FZfArId9ao2M9TLVHc7m3giLbVWn5kiYLhRCFvfPfZ2c/A31C 1wjzdFviiMNSE72IjLJFIZDjpquZXyAUDMvYHa2Cufck0bftFLPHRVPltwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFM/dpK8UsPoTxQDk86slZFsG5sEkMB8GA1UdIwQY MBaAFN+QQVXuOs/j/qi7/uhul8WMiZH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMzVCQlZlNDZ6LVAtcUx2LTZHNlh4WXlKa2ZRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS80NDJlMTctNDE5OC00MzViLTk2ZjQt NjQ2N2Y0NGI0M2JmLzEvejkya3J4U3ctaFBGQU9UenF5VmtXd2Jtd1NRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83YS80NDJlMTctNDE5OC00MzViLTk2ZjQtNjQ2N2Y0NGI0M2Jm LzEvMzVCQlZlNDZ6LVAtcUx2LTZHNlh4WXlKa2ZRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDHw2YAwQD T2PAMA0EAgACMAcDBQAqABU4MA0GCSqGSIb3DQEBCwUAA4IBAQBgVzEDYKplYAff /iVzEJF85LJbswTnHrRNNflUIs/jBEjeas1tgdaNv6zwOV6oTuDTW/EDwWQoTmxS DoJlGxboO08rl+mnFg3GBoUc4hO1Lj9cFFVCFO+9oUF7iD5oEmzh/uGf3OTHjsax RJ84g5BVgd8FYH732UfALbHB/F5GpR1KgghYyzwImQ+VUVEqWRJ5E2yWAZ8+MQRH On1UbTh9EkhyAhlJqnFKR0WQMkWqIbRgrqneIyk0ct4NUIvYxbU29DiJltfuD1sn qLY+/FmqvNYxqKjAmPGxI87xhS3IcCeozYAjJWE6EcjKO+GDQoz6TRPoSayW/GjD CmrKSgEu -----END CERTIFICATE-----Generated at Sun Jan 25 20:31:08 2026 by rpki-client