This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/ZCMZ-1UwT3b3lqSd6fte3-kAkDc.roa File: ZCMZ-1UwT3b3lqSd6fte3-kAkDc.roa (raw, json) Hash identifier: U8pcB10Hs4c3BBGS9R0wnHntW+8UzpsVQ3d+JV3U8j8= Subject key identifier: 64:23:19:FB:55:30:4F:76:F7:96:A4:9D:E9:FB:5E:DF:E9:00:90:37 Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a Certificate serial: 019B77C72B3693F7002BEAB8A1B3818C321A Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/ZCMZ-1UwT3b3lqSd6fte3-kAkDc.roa Signing time: Thu 01 Jan 2026 04:18:20 +0000 ROA not before: Thu 01 Jan 2026 04:18:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3351 IP address blocks: 194.85.224.0/21 maxlen: 24 194.85.236.0/23 maxlen: 24 194.85.238.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:2b:36:93:f7:00:2b:ea:b8:a1:b3:81:8c:32:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a Validity Not Before: Jan 1 04:18:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=642319fb55304f76f796a49de9fb5edfe9009037 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:7c:73:9b:10:01:dc:89:59:62:fd:a5:1c:d6: b1:68:b5:89:27:bd:67:2c:7d:1f:f1:55:da:20:c4: a3:8e:c9:d3:1e:2b:c6:fc:59:8d:00:85:d3:58:2c: 31:d5:38:47:94:6d:ed:fe:0d:bf:fd:7a:b7:b5:d4: 95:3b:ee:9c:52:d9:ba:64:0b:21:2d:35:4f:78:e5: 7c:44:79:15:e2:4a:1c:5d:4c:0d:92:8b:e3:bf:50: 2b:8b:21:da:86:30:f4:a0:e4:cd:ef:a1:8c:75:70: c6:42:73:7e:21:da:55:68:a6:49:99:69:d1:37:85: 00:7c:c4:e0:6b:ec:e7:97:52:2c:fc:95:68:35:3e: 0c:5a:ce:84:45:52:a4:84:3f:ba:6b:05:bd:ca:dd: b7:a3:e0:86:83:7b:8e:63:77:b1:09:a3:aa:8f:27: df:fb:77:81:60:b2:11:1b:df:3f:f0:ee:43:ca:70: 08:31:a4:84:c2:cd:97:43:a0:4c:9a:b0:45:a4:0c: 52:4b:66:ff:45:c2:52:86:64:ad:0d:5f:e0:d4:9f: f5:01:81:c9:e3:62:f8:63:1b:1e:58:4c:65:0f:2b: cb:75:d4:38:5e:22:51:ec:bd:12:4c:a4:94:49:37: bc:13:76:3b:5b:ab:d8:b7:15:69:c6:76:e2:40:d6: f1:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:23:19:FB:55:30:4F:76:F7:96:A4:9D:E9:FB:5E:DF:E9:00:90:37 X509v3 Authority Key Identifier: keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/ZCMZ-1UwT3b3lqSd6fte3-kAkDc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.85.224.0/21 194.85.236.0-194.85.238.255 Signature Algorithm: sha256WithRSAEncryption 44:7e:1e:11:f9:ae:9e:a8:cb:07:e5:7a:96:e9:fe:13:6f:1a: 7f:16:71:5a:2e:c0:4a:78:c4:62:c2:59:d5:80:fd:60:a7:0b: bc:51:98:28:51:44:35:c3:1b:dc:48:bf:f6:b6:54:6b:1e:70: b4:dc:45:01:4c:98:56:b4:6e:4f:0e:25:7f:5e:4f:17:5e:88: 11:19:39:a0:28:17:e4:3b:b2:4d:db:5b:62:fe:5b:63:e7:9e: a2:ce:cb:10:8e:67:8c:24:f4:69:1b:66:71:01:da:c8:8d:a0: 8f:d8:69:33:fb:04:7f:ed:2a:dc:83:48:da:39:7c:3a:d8:42: 73:d4:52:45:3b:3f:c6:ed:75:a9:14:7d:74:0e:cf:ab:67:c5: 41:6f:8b:fb:df:c9:14:ed:3f:07:6c:eb:3b:6c:f5:d6:44:b3: d4:57:67:fd:36:7f:2c:c7:9a:cf:30:a9:8e:e5:5f:a9:02:53: 1a:f6:61:b6:d3:35:67:2a:77:f4:21:68:1d:0b:37:6b:49:cc: ad:01:69:71:cb:74:dd:1a:89:25:8e:99:5c:06:b1:5c:b2:51: 71:7a:75:e1:7c:26:78:4e:79:bd:30:44:e3:ff:f1:73:b5:85: a8:99:00:92:78:a5:48:5d:d4:c6:8d:5d:ce:fe:b7:9a:c7:9e: e6:93:85:da -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt3xys2k/cAK+q4obOBjDIaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx NjQ2NGEwHhcNMjYwMTAxMDQxODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NDIzMTlmYjU1MzA0Zjc2Zjc5NmE0OWRlOWZiNWVkZmU5MDA5MDM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHxzmxAB3IlZYv2lHNaxaLWJJ71n LH0f8VXaIMSjjsnTHivG/FmNAIXTWCwx1ThHlG3t/g2//Xq3tdSVO+6cUtm6ZAsh LTVPeOV8RHkV4kocXUwNkovjv1AriyHahjD0oOTN76GMdXDGQnN+IdpVaKZJmWnR N4UAfMTga+znl1Is/JVoNT4MWs6ERVKkhD+6awW9yt23o+CGg3uOY3exCaOqjyff +3eBYLIRG98/8O5DynAIMaSEws2XQ6BMmrBFpAxSS2b/RcJShmStDV/g1J/1AYHJ 42L4YxseWExlDyvLddQ4XiJR7L0STKSUSTe8E3Y7W6vYtxVpxnbiQNbxbQIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFGQjGftVME9295aknen7Xt/pAJA3MB8GA1UdIwQY MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt OWU5YTFlMDM3MzhlLzEvWkNNWi0xVXdUM2IzbHFTZDZmdGUzLWtBa0RjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDwlXgMAwD BALCVewDBADCVe4wDQYJKoZIhvcNAQELBQADggEBAER+HhH5rp6oywflepbp/hNv Gn8WcVouwEp4xGLCWdWA/WCnC7xRmChRRDXDG9xIv/a2VGsecLTcRQFMmFa0bk8O JX9eTxdeiBEZOaAoF+Q7sk3bW2L+W2PnnqLOyxCOZ4wk9GkbZnEB2siNoI/YaTP7 BH/tKtyDSNo5fDrYQnPUUkU7P8btdakUfXQOz6tnxUFvi/vfyRTtPwds6zts9dZE s9RXZ/02fyzHms8wqY7lX6kCUxr2YbbTNWcqd/QhaB0LN2tJzK0BaXHLdN0aiSWO mVwGsVyyUXF6deF8JnhOeb0wROP/8XO1haiZAJJ4pUhd1MaNXc7+t5rHnuaThdo= -----END CERTIFICATE-----Generated at Sun Jan 25 17:33:42 2026 by rpki-client