This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/ZEKNnhq17yejQ4Z0gjU3nn_toU0.roa File: ZEKNnhq17yejQ4Z0gjU3nn_toU0.roa (raw, json) Hash identifier: EUpitN/3TGt+oHjyrfLNSQIrzxo6Ur79kR5bOCLjMOw= Subject key identifier: 64:42:8D:9E:1A:B5:EF:27:A3:43:86:74:82:35:37:9E:7F:ED:A1:4D Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Certificate serial: 019BE5F6BBA7D0BD7DEDFD34B0D44EE0F70B Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/ZEKNnhq17yejQ4Z0gjU3nn_toU0.roa Signing time: Thu 22 Jan 2026 13:48:30 +0000 ROA not before: Thu 22 Jan 2026 13:48:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205126 IP address blocks: 2a12:bec4:1cf0::/48 maxlen: 48 2a12:bec4:1cf1::/48 maxlen: 48 2a12:bec4:1cf2::/47 maxlen: 47 2a12:bec4:1cff::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 05:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:e5:f6:bb:a7:d0:bd:7d:ed:fd:34:b0:d4:4e:e0:f7:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Validity Not Before: Jan 22 13:48:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=64428d9e1ab5ef27a34386748235379e7feda14d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:26:a9:75:ac:9e:fb:b1:58:28:6a:d9:69:95: d5:58:4c:42:bf:65:64:40:6e:2f:1b:c6:2d:0c:a3: 7a:35:9b:e3:b1:c3:ee:d8:e5:0b:a7:48:0b:81:53: 86:bd:18:82:41:71:6e:c1:7e:ff:2b:87:e2:a6:8f: 71:f9:a9:7c:de:1f:16:c0:26:b0:f5:a0:ff:7c:64: 70:db:51:16:be:82:df:c7:bd:b4:76:26:bb:37:2c: c5:f8:72:18:74:e6:8b:5c:37:d1:6e:88:4a:36:a7: 82:00:ff:88:bc:5c:c2:bb:ae:b0:5a:a0:fc:d3:cb: ba:71:b7:a7:64:7a:45:a9:54:a4:2a:3d:fb:1d:cf: 1f:e9:f5:a1:2d:a3:de:26:94:c3:15:45:3e:26:01: f9:fa:01:24:8e:f9:b2:70:c8:dd:52:ce:4d:e2:8a: 3e:43:68:ec:d0:dd:40:55:67:d6:6f:0a:b5:f3:8b: 32:80:45:c2:c8:a9:bf:2a:88:fd:65:28:9f:7e:5b: 61:ed:04:a7:31:01:eb:45:70:fe:b3:df:1a:60:d9: 79:ce:6e:38:24:a7:17:ea:15:10:9d:a6:00:f6:b6: 20:6a:ce:0f:d2:46:31:7d:df:e2:c6:09:85:6e:d3: db:23:11:80:a6:56:4e:fa:b9:dc:97:f8:0e:46:42: 03:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:42:8D:9E:1A:B5:EF:27:A3:43:86:74:82:35:37:9E:7F:ED:A1:4D X509v3 Authority Key Identifier: keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/ZEKNnhq17yejQ4Z0gjU3nn_toU0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a12:bec4:1cf0::/46 2a12:bec4:1cff::/48 Signature Algorithm: sha256WithRSAEncryption 7a:76:6c:b1:c7:64:a3:55:d5:27:e5:f9:08:05:55:ed:f2:12: 7e:9d:c5:c3:24:59:50:00:38:e3:02:7c:df:6c:df:b5:d9:ed: 5e:34:3d:76:b4:e7:2a:fa:c1:01:44:c9:ce:e8:e1:3d:2e:98: 25:75:d6:d2:0d:38:bc:34:3f:c8:40:44:b2:22:a7:07:e8:93: ad:c5:23:32:a7:ea:c7:69:63:e3:9c:83:95:c1:7b:a9:b8:7c: 16:7f:49:a4:3f:27:c5:9c:35:65:55:db:20:4f:e8:2d:0d:c1: cf:a0:17:2e:67:96:1d:1c:23:c2:fd:bb:8a:93:96:c9:d9:d0: 2f:8f:47:35:18:45:23:45:5f:08:fa:0b:8d:1d:31:a2:7d:df: 81:e1:66:7c:1a:59:8c:8e:81:fd:79:12:31:78:e8:27:09:d9: 5f:4a:dd:2b:e2:95:06:69:6e:e0:ba:8c:93:c5:6b:19:46:7c: f5:fa:38:19:da:b2:ce:e6:c4:36:74:42:df:75:28:f1:e2:28: e0:29:e0:f2:e8:f9:35:de:db:1a:b1:89:36:33:38:ed:62:d7: 3a:a2:f1:76:83:5b:6a:8a:c7:56:5a:12:2b:c4:fa:ec:5f:13: 9a:a8:0d:15:ad:01:9a:77:43:4b:7f:78:a2:34:09:f9:20:7a: e7:2d:ea:80 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZvl9run0L197f00sNRO4PcLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj M2Q2NmYwHhcNMjYwMTIyMTM0ODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NDQyOGQ5ZTFhYjVlZjI3YTM0Mzg2NzQ4MjM1Mzc5ZTdmZWRhMTRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCapdaye+7FYKGrZaZXVWExCv2Vk QG4vG8YtDKN6NZvjscPu2OULp0gLgVOGvRiCQXFuwX7/K4fipo9x+al83h8WwCaw 9aD/fGRw21EWvoLfx720dia7NyzF+HIYdOaLXDfRbohKNqeCAP+IvFzCu66wWqD8 08u6cbenZHpFqVSkKj37Hc8f6fWhLaPeJpTDFUU+JgH5+gEkjvmycMjdUs5N4oo+ Q2js0N1AVWfWbwq184sygEXCyKm/Koj9ZSifflth7QSnMQHrRXD+s98aYNl5zm44 JKcX6hUQnaYA9rYgas4P0kYxfd/ixgmFbtPbIxGAplZO+rncl/gORkIDIwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFGRCjZ4ate8no0OGdII1N55/7aFNMB8GA1UdIwQY MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt NTUzNjljZjUwN2VlLzEvWkVLTm5ocTE3eWVqUTRaMGdqVTNubl90b1UwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcCKhK+xBzw AwcAKhK+xBz/MA0GCSqGSIb3DQEBCwUAA4IBAQB6dmyxx2SjVdUn5fkIBVXt8hJ+ ncXDJFlQADjjAnzfbN+12e1eND12tOcq+sEBRMnO6OE9LpglddbSDTi8ND/IQESy IqcH6JOtxSMyp+rHaWPjnIOVwXupuHwWf0mkPyfFnDVlVdsgT+gtDcHPoBcuZ5Yd HCPC/buKk5bJ2dAvj0c1GEUjRV8I+guNHTGifd+B4WZ8GlmMjoH9eRIxeOgnCdlf St0r4pUGaW7guoyTxWsZRnz1+jgZ2rLO5sQ2dELfdSjx4ijgKeDy6Pk13tsasYk2 MzjtYtc6ovF2g1tqisdWWhIrxPrsXxOaqA0VrQGad0NLf3iiNAn5IHrnLeqA -----END CERTIFICATE-----Generated at Sun Jan 25 14:19:25 2026 by rpki-client