This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/00d45d-5e48-458d-92f7-ae52e156b77e/1/ZxLR_I6eiLsRd1oV4IP5PeLu7DE.roa File: ZxLR_I6eiLsRd1oV4IP5PeLu7DE.roa (raw, json) Hash identifier: kZngczWI+T3GrCv/8Yja3kQMBd7RGIDrozKXhV53UWY= Subject key identifier: 67:12:D1:FC:8E:9E:88:BB:11:77:5A:15:E0:83:F9:3D:E2:EE:EC:31 Certificate issuer: /CN=88e719f426793b1e9063771460abd311a3dff116 Certificate serial: 019B7D5CAC856DC4C5C175ECB1CF44624A4B Authority key identifier: 88:E7:19:F4:26:79:3B:1E:90:63:77:14:60:AB:D3:11:A3:DF:F1:16 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iOcZ9CZ5Ox6QY3cUYKvTEaPf8RY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/00d45d-5e48-458d-92f7-ae52e156b77e/1/ZxLR_I6eiLsRd1oV4IP5PeLu7DE.roa Signing time: Fri 02 Jan 2026 06:19:43 +0000 ROA not before: Fri 02 Jan 2026 06:19:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25623 IP address blocks: 2a06:ee05::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/00d45d-5e48-458d-92f7-ae52e156b77e/1/iOcZ9CZ5Ox6QY3cUYKvTEaPf8RY.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/00d45d-5e48-458d-92f7-ae52e156b77e/1/iOcZ9CZ5Ox6QY3cUYKvTEaPf8RY.mft rsync://rpki.ripe.net/repository/DEFAULT/iOcZ9CZ5Ox6QY3cUYKvTEaPf8RY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 21:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:ac:85:6d:c4:c5:c1:75:ec:b1:cf:44:62:4a:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88e719f426793b1e9063771460abd311a3dff116 Validity Not Before: Jan 2 06:19:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6712d1fc8e9e88bb11775a15e083f93de2eeec31 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:aa:1c:a3:b9:cf:97:e5:03:a4:5d:3c:ec:20: c1:b5:8e:5e:ca:5b:ae:d8:2e:b4:66:d5:20:14:76: 6c:65:a4:37:50:3b:ad:8a:b8:77:1e:f3:b4:d7:12: 39:38:a8:b4:50:12:6b:c2:13:7f:7a:8f:c2:71:54: ea:a8:5e:3f:66:46:f3:c0:eb:d5:f0:5f:ad:5e:55: 94:fd:64:f4:10:c7:d1:7d:63:f2:e1:96:a9:cb:b1: e6:2a:b5:e2:1b:5f:83:94:da:98:9d:dc:0e:c7:79: aa:22:e0:15:f2:9b:02:fc:e2:96:ed:91:4a:7c:3e: 1d:aa:9f:d6:7a:fa:d0:fb:c5:3a:7e:ef:ec:ab:8b: 95:9f:a3:51:0c:10:7c:2c:1b:4e:8f:9d:93:0d:70: 7c:5f:fe:3c:69:a5:23:93:17:fd:38:0d:79:8a:9b: bb:b0:5c:02:4f:d9:49:b4:bc:e7:6e:69:3e:76:d1: 28:c0:c4:0a:ab:7f:36:7a:47:05:c2:a0:ad:4c:42: 1b:bd:eb:70:9a:89:bb:42:f0:70:2c:17:35:68:f3: dc:ec:cf:66:5e:79:ca:7c:1a:80:fd:a9:d1:1c:54: b7:c7:fd:4b:e6:56:72:78:05:41:d7:9f:d1:bc:a8: 62:74:78:2a:7d:35:c7:0c:db:4d:cd:d4:17:08:c0: e7:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:12:D1:FC:8E:9E:88:BB:11:77:5A:15:E0:83:F9:3D:E2:EE:EC:31 X509v3 Authority Key Identifier: keyid:88:E7:19:F4:26:79:3B:1E:90:63:77:14:60:AB:D3:11:A3:DF:F1:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOcZ9CZ5Ox6QY3cUYKvTEaPf8RY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/00d45d-5e48-458d-92f7-ae52e156b77e/1/ZxLR_I6eiLsRd1oV4IP5PeLu7DE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/00d45d-5e48-458d-92f7-ae52e156b77e/1/iOcZ9CZ5Ox6QY3cUYKvTEaPf8RY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a06:ee05::/32 Signature Algorithm: sha256WithRSAEncryption 0d:aa:83:99:97:27:ac:b5:a8:0c:d1:88:a3:7a:d2:5c:fa:21: 83:ef:eb:f9:a8:14:d7:9b:ab:24:b3:33:cf:1f:1b:cc:cc:c4: 71:51:93:56:41:ff:91:d5:0f:bb:64:8d:09:a0:27:6f:2d:8e: 2d:5a:fb:a3:f4:ab:8e:31:25:35:59:8c:ba:f6:35:bd:16:05: cf:7d:0d:99:a6:36:d4:5e:bd:13:7a:c1:e4:e5:57:54:a6:a8: d8:5c:14:c3:5d:32:c4:2f:7c:bf:a7:8c:ee:b8:ff:2b:d9:7b: 42:35:89:f7:b9:94:fd:7f:34:b4:32:c4:62:6e:91:0c:66:c7: 8f:e8:6a:f7:22:70:95:c0:c4:9d:50:5f:48:3d:83:11:f3:c1: fb:aa:ae:4c:9a:2d:53:b3:9c:49:c2:d7:ea:43:70:28:1c:3e: 5e:0e:7c:bb:cf:d1:87:21:34:49:b8:43:23:99:55:b4:5c:d6: 41:a4:79:6f:1f:e6:19:2d:af:54:c7:e0:1b:46:ea:c4:64:d2: c0:a8:cf:6e:95:bc:ed:9a:ac:61:ba:80:5d:93:a8:df:03:d1: c2:9e:c8:86:9d:7a:31:fd:78:c9:5c:64:c0:43:6a:4b:fc:c7: 28:38:93:18:4f:60:7c:dc:75:1a:6e:77:e5:e2:0c:a9:1f:fa: c3:11:5b:aa -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt9XKyFbcTFwXXssc9EYkpLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4ZTcxOWY0MjY3OTNiMWU5MDYzNzcxNDYwYWJkMzExYTNk ZmYxMTYwHhcNMjYwMTAyMDYxOTQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NzEyZDFmYzhlOWU4OGJiMTE3NzVhMTVlMDgzZjkzZGUyZWVlYzMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6oco7nPl+UDpF087CDBtY5eyluu 2C60ZtUgFHZsZaQ3UDutirh3HvO01xI5OKi0UBJrwhN/eo/CcVTqqF4/ZkbzwOvV 8F+tXlWU/WT0EMfRfWPy4Zapy7HmKrXiG1+DlNqYndwOx3mqIuAV8psC/OKW7ZFK fD4dqp/WevrQ+8U6fu/sq4uVn6NRDBB8LBtOj52TDXB8X/48aaUjkxf9OA15ipu7 sFwCT9lJtLznbmk+dtEowMQKq382ekcFwqCtTEIbvetwmom7QvBwLBc1aPPc7M9m XnnKfBqA/anRHFS3x/1L5lZyeAVB15/RvKhidHgqfTXHDNtNzdQXCMDnrQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFGcS0fyOnoi7EXdaFeCD+T3i7uwxMB8GA1UdIwQY MBaAFIjnGfQmeTsekGN3FGCr0xGj3/EWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaU9jWjlDWjVPeDZRWTNjVVlLdlRFYVBmOFJZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8wMGQ0NWQtNWU0OC00NThkLTkyZjct YWU1MmUxNTZiNzdlLzEvWnhMUl9JNmVpTHNSZDFvVjRJUDVQZUx1N0RFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS8wMGQ0NWQtNWU0OC00NThkLTkyZjctYWU1MmUxNTZiNzdl LzEvaU9jWjlDWjVPeDZRWTNjVVlLdlRFYVBmOFJZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgbuBTAN BgkqhkiG9w0BAQsFAAOCAQEADaqDmZcnrLWoDNGIo3rSXPohg+/r+agU15urJLMz zx8bzMzEcVGTVkH/kdUPu2SNCaAnby2OLVr7o/SrjjElNVmMuvY1vRYFz30NmaY2 1F69E3rB5OVXVKao2FwUw10yxC98v6eM7rj/K9l7QjWJ97mU/X80tDLEYm6RDGbH j+hq9yJwlcDEnVBfSD2DEfPB+6quTJotU7OcScLX6kNwKBw+Xg58u8/RhyE0SbhD I5lVtFzWQaR5bx/mGS2vVMfgG0bqxGTSwKjPbpW87ZqsYbqAXZOo3wPRwp7Ihp16 Mf14yVxkwENqS/zHKDiTGE9gfNx1Gm535eIMqR/6wxFbqg== -----END CERTIFICATE-----Generated at Mon Jan 26 07:07:23 2026 by rpki-client