This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/ZyjNynpH1Sd3iZflEwkYCvSf2zQ.roa File: ZyjNynpH1Sd3iZflEwkYCvSf2zQ.roa (raw, json) Hash identifier: 0cR77B7pMjaFTEO1Opv0sWqFJFren4DQVM3QfUXJoFQ= Subject key identifier: 67:28:CD:CA:7A:47:D5:27:77:89:97:E5:13:09:18:0A:F4:9F:DB:34 Certificate issuer: /CN=0ae4bc9401d9f87772c8c9c69834077512f42611 Certificate serial: 019B8AD7CE5FFE7AA5094FECAA089A871CFF Authority key identifier: 0A:E4:BC:94:01:D9:F8:77:72:C8:C9:C6:98:34:07:75:12:F4:26:11 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/ZyjNynpH1Sd3iZflEwkYCvSf2zQ.roa Signing time: Sun 04 Jan 2026 21:09:17 +0000 ROA not before: Sun 04 Jan 2026 21:09:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49791 IP address blocks: 81.85.73.0/24 maxlen: 24 185.9.27.0/24 maxlen: 24 213.155.29.0/24 maxlen: 24 2a11:2cc0:12::/47 maxlen: 47 2a11:2cc0:14::/47 maxlen: 47 2a11:2cc0:16::/47 maxlen: 47 2a11:2cc0:18::/47 maxlen: 47 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.crl rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.mft rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:8a:d7:ce:5f:fe:7a:a5:09:4f:ec:aa:08:9a:87:1c:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0ae4bc9401d9f87772c8c9c69834077512f42611 Validity Not Before: Jan 4 21:09:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6728cdca7a47d527778997e51309180af49fdb34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:8c:52:7b:16:cf:d9:e2:46:bd:40:21:72:45: 84:4e:37:b7:bd:73:ca:ba:7e:93:2f:ce:62:ef:16: 2b:97:79:08:33:5d:8a:fc:7b:b8:0e:f6:ba:63:db: 58:4a:bc:f2:e2:32:79:99:c7:15:5b:b8:e2:13:a6: 79:f2:cd:a6:d3:31:a1:74:91:81:6c:e3:3d:c1:67: 5a:1b:e2:3b:81:32:77:39:7d:0d:39:bb:0c:4e:d6: 5c:48:f9:f4:9d:73:5b:5e:78:3e:75:99:2f:57:87: aa:15:e3:36:eb:b5:dc:86:ff:02:66:5e:e7:08:4a: a1:b1:35:e1:db:32:56:19:53:7a:6b:4f:2a:8b:e6: e6:02:ba:34:b6:cb:fe:e9:3b:be:53:02:72:19:e5: db:f7:64:78:8a:68:95:9b:f0:da:f8:0f:37:7b:6f: c7:36:52:43:b8:ab:70:47:9d:3e:5d:6f:bc:f0:41: 1a:28:9b:98:99:64:38:31:07:a8:f3:a6:95:34:7d: 41:bd:74:54:44:61:f4:4e:ab:70:e4:a3:ae:d9:45: 23:23:0e:b4:ee:80:f7:8a:ac:73:97:30:ab:0c:07: df:2e:2c:8d:01:94:6b:a2:e7:12:81:19:37:bf:bf: 01:17:c2:fb:11:45:35:cb:49:34:88:8a:86:94:2f: 10:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:28:CD:CA:7A:47:D5:27:77:89:97:E5:13:09:18:0A:F4:9F:DB:34 X509v3 Authority Key Identifier: keyid:0A:E4:BC:94:01:D9:F8:77:72:C8:C9:C6:98:34:07:75:12:F4:26:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/ZyjNynpH1Sd3iZflEwkYCvSf2zQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.85.73.0/24 185.9.27.0/24 213.155.29.0/24 IPv6: 2a11:2cc0:12::-2a11:2cc0:19:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 38:ea:f2:74:a7:18:dd:7f:99:5d:87:04:80:0d:f7:5b:41:ba: 14:aa:01:7c:c8:13:ba:92:24:60:ef:16:70:98:86:99:12:8a: 0e:e7:d7:21:1d:eb:81:ee:e8:ff:f0:66:c8:5e:ca:c0:bf:9f: dc:f1:66:f7:ef:de:d3:8c:a7:89:04:6b:b1:be:2c:3b:ce:57: 16:7f:c8:0e:f8:37:9f:31:69:fb:19:fc:57:44:df:40:36:dc: c8:b0:25:fe:46:a0:76:aa:c3:7d:79:76:e5:85:2e:8b:2d:e1: 44:80:52:a2:00:44:a6:26:1a:d7:2f:82:f6:56:6c:8e:14:e3: 89:a0:f8:be:99:b7:8f:53:70:39:df:54:e3:ae:03:f2:4a:00: 08:64:bc:46:63:4e:9c:fe:5f:94:55:2c:66:ef:e0:1e:85:ff: bd:26:64:f1:1e:cb:59:a4:fd:50:2c:81:b8:68:11:08:2e:3b: 19:35:22:97:14:cb:83:c4:6e:84:45:d6:14:66:90:13:58:1e: b5:0d:ec:39:1d:82:4a:56:4c:49:9c:59:7e:c2:5a:a2:06:7d: 14:07:a7:5e:75:8c:c8:ad:50:bf:23:0c:f5:9e:93:0b:3a:a5: 4a:ef:3f:08:d9:1a:16:49:e1:a0:cd:43:ff:3b:2c:9b:06:1f: 3e:e2:d4:a3 -----BEGIN CERTIFICATE----- MIIFJTCCBA2gAwIBAgISAZuK185f/nqlCU/sqgiahxz/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBhZTRiYzk0MDFkOWY4Nzc3MmM4YzljNjk4MzQwNzc1MTJm NDI2MTEwHhcNMjYwMTA0MjEwOTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NzI4Y2RjYTdhNDdkNTI3Nzc4OTk3ZTUxMzA5MTgwYWY0OWZkYjM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4xSexbP2eJGvUAhckWETje3vXPK un6TL85i7xYrl3kIM12K/Hu4Dva6Y9tYSrzy4jJ5mccVW7jiE6Z58s2m0zGhdJGB bOM9wWdaG+I7gTJ3OX0NObsMTtZcSPn0nXNbXng+dZkvV4eqFeM267Xchv8CZl7n CEqhsTXh2zJWGVN6a08qi+bmAro0tsv+6Tu+UwJyGeXb92R4imiVm/Da+A83e2/H NlJDuKtwR50+XW+88EEaKJuYmWQ4MQeo86aVNH1BvXRURGH0Tqtw5KOu2UUjIw60 7oD3iqxzlzCrDAffLiyNAZRroucSgRk3v78BF8L7EUU1y0k0iIqGlC8QnQIDAQAB o4ICMTCCAi0wHQYDVR0OBBYEFGcozcp6R9Und4mX5RMJGAr0n9s0MB8GA1UdIwQY MBaAFArkvJQB2fh3csjJxpg0B3US9CYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ3VTOGxBSFotSGR5eU1uR21EUUhkUkwwSmhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9hNDA3YTAtOGJjMS00NDE2LTk0Mzct MjQyNDY2ODJiZjAwLzEvWnlqTnlucEgxU2QzaVpmbEV3a1lDdlNmMnpRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NC9hNDA3YTAtOGJjMS00NDE2LTk0MzctMjQyNDY2ODJiZjAw LzEvQ3VTOGxBSFotSGR5eU1uR21EUUhkUkwwSmhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAYBAIAATASAwQAUVVJAwQA uQkbAwQA1ZsdMBoEAgACMBQwEgMHASoRLMAAEgMHASoRLMAAGDANBgkqhkiG9w0B AQsFAAOCAQEAOOrydKcY3X+ZXYcEgA33W0G6FKoBfMgTupIkYO8WcJiGmRKKDufX IR3rge7o//BmyF7KwL+f3PFm9+/e04yniQRrsb4sO85XFn/IDvg3nzFp+xn8V0Tf QDbcyLAl/kagdqrDfXl25YUuiy3hRIBSogBEpiYa1y+C9lZsjhTjiaD4vpm3j1Nw Od9U464D8koACGS8RmNOnP5flFUsZu/gHoX/vSZk8R7LWaT9UCyBuGgRCC47GTUi lxTLg8RuhEXWFGaQE1getQ3sOR2CSlZMSZxZfsJaogZ9FAenXnWMyK1QvyMM9Z6T CzqlSu8/CNkaFknhoM1D/zssmwYfPuLUow== -----END CERTIFICATE-----Generated at Sun Jan 25 16:27:38 2026 by rpki-client