This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/8f88de-daed-48d2-b701-6bb5fe665750/1/ZLPqhzCBZnWKf6Ejj9mHPZInK0A.roa File: ZLPqhzCBZnWKf6Ejj9mHPZInK0A.roa (raw, json) Hash identifier: fDVxJt+eTWzb1YGH406MqF2UxgyF9iK3BrieNaTLjIM= Subject key identifier: 64:B3:EA:87:30:81:66:75:8A:7F:A1:23:8F:D9:87:3D:92:27:2B:40 Certificate issuer: /CN=abc1918c1f45e6ec17daca67a7ad193caf04b7b2 Certificate serial: 019B7BA38DE7DEF79325D9844C8EADC68924 Authority key identifier: AB:C1:91:8C:1F:45:E6:EC:17:DA:CA:67:A7:AD:19:3C:AF:04:B7:B2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q8GRjB9F5uwX2spnp60ZPK8Et7I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/8f88de-daed-48d2-b701-6bb5fe665750/1/ZLPqhzCBZnWKf6Ejj9mHPZInK0A.roa Signing time: Thu 01 Jan 2026 22:17:54 +0000 ROA not before: Thu 01 Jan 2026 22:17:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214192 IP address blocks: 2a14:52c0:ae43::/48 maxlen: 48 2a14:52c0:af44::/48 maxlen: 48 2a14:52c0:f045::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/8f88de-daed-48d2-b701-6bb5fe665750/1/q8GRjB9F5uwX2spnp60ZPK8Et7I.crl rsync://rpki.ripe.net/repository/DEFAULT/a2/8f88de-daed-48d2-b701-6bb5fe665750/1/q8GRjB9F5uwX2spnp60ZPK8Et7I.mft rsync://rpki.ripe.net/repository/DEFAULT/q8GRjB9F5uwX2spnp60ZPK8Et7I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:8d:e7:de:f7:93:25:d9:84:4c:8e:ad:c6:89:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=abc1918c1f45e6ec17daca67a7ad193caf04b7b2 Validity Not Before: Jan 1 22:17:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=64b3ea87308166758a7fa1238fd9873d92272b40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:49:18:b8:f9:2d:f6:45:44:4e:c0:0b:ad:20: 73:d1:21:d6:82:55:31:30:57:9d:8f:cb:06:5f:f6: 7d:13:dc:bf:81:8f:1c:e2:73:7b:f2:70:b0:7b:04: 05:93:11:24:c1:25:f3:f3:ba:06:76:04:18:1e:dd: c5:43:d3:03:a2:4c:b8:a5:06:26:73:69:a8:40:c0: 2e:c4:02:fe:53:4c:e3:c1:d7:a0:42:70:2d:e8:47: 94:41:06:1a:25:e8:40:c0:41:3d:07:74:90:52:05: cf:30:04:4a:77:10:77:15:d1:24:94:83:48:cd:11: 4e:57:2c:c7:17:45:56:a3:03:10:cf:fc:db:02:41: bc:3e:76:ca:38:5e:b3:2f:bd:ec:28:52:1d:58:ad: 41:77:55:51:57:d6:75:d8:fe:e4:b9:01:df:54:53: 30:0c:e5:a3:5e:95:67:5c:ac:7e:d2:84:49:f5:32: 6c:3e:7d:be:f0:21:9f:55:ae:20:6c:96:6a:45:e9: 84:18:8a:aa:a4:9d:e5:57:aa:8a:12:7b:8e:ac:ae: fe:2c:e8:d1:df:84:a3:49:12:a5:0b:22:17:a2:5f: 3c:e1:17:fb:1d:e0:2e:fd:d9:81:55:75:d8:55:7a: 59:05:27:23:13:f5:aa:eb:d6:75:b8:db:08:ef:1a: de:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:B3:EA:87:30:81:66:75:8A:7F:A1:23:8F:D9:87:3D:92:27:2B:40 X509v3 Authority Key Identifier: keyid:AB:C1:91:8C:1F:45:E6:EC:17:DA:CA:67:A7:AD:19:3C:AF:04:B7:B2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q8GRjB9F5uwX2spnp60ZPK8Et7I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8f88de-daed-48d2-b701-6bb5fe665750/1/ZLPqhzCBZnWKf6Ejj9mHPZInK0A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8f88de-daed-48d2-b701-6bb5fe665750/1/q8GRjB9F5uwX2spnp60ZPK8Et7I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:52c0:ae43::/48 2a14:52c0:af44::/48 2a14:52c0:f045::/48 Signature Algorithm: sha256WithRSAEncryption 23:39:76:9c:84:a1:23:d6:74:b4:ce:b2:63:96:3a:56:10:6a: cb:47:61:d1:09:d6:76:84:fa:52:b2:65:84:a6:2b:d2:57:44: c0:f3:07:e1:fe:e0:73:28:64:d8:9c:33:47:16:14:1f:36:78: 88:f2:1f:3b:db:bb:69:31:dd:e9:cd:11:95:07:88:72:8e:cf: 94:50:28:a5:10:22:52:78:65:71:1c:64:df:5b:7f:32:7b:07: aa:c4:bd:02:a6:b4:03:74:77:ce:f3:72:f6:6d:79:10:18:b6: 8b:5c:db:3a:6f:02:8a:9d:a0:64:a1:bc:28:5e:cb:a6:de:c3: f8:a8:08:30:96:1b:65:cc:e1:16:5a:4a:b7:02:c9:32:fd:d8: 30:3c:3b:a6:46:60:de:54:f5:9a:9c:a0:99:c1:d0:94:f0:62: 20:84:ce:20:23:0e:61:c5:8b:b6:88:d2:80:6a:50:4a:76:4b: ee:84:7d:dc:c7:19:19:0a:70:d1:a7:3c:4d:c8:2d:d6:6e:61: 05:e4:d5:1e:18:57:63:c5:31:59:00:9c:bb:83:81:cb:1b:9e: 7b:dc:86:21:5c:a2:ba:fe:9d:e8:63:dd:be:22:9e:2f:0c:06: 31:a2:76:92:85:22:09:b5:d6:cd:84:bb:d4:77:f1:e9:b6:84: be:6c:09:f9 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt7o43n3veTJdmETI6txokkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFiYzE5MThjMWY0NWU2ZWMxN2RhY2E2N2E3YWQxOTNjYWYw NGI3YjIwHhcNMjYwMTAxMjIxNzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NGIzZWE4NzMwODE2Njc1OGE3ZmExMjM4ZmQ5ODczZDkyMjcyYjQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0kYuPkt9kVETsALrSBz0SHWglUx MFedj8sGX/Z9E9y/gY8c4nN78nCwewQFkxEkwSXz87oGdgQYHt3FQ9MDoky4pQYm c2moQMAuxAL+U0zjwdegQnAt6EeUQQYaJehAwEE9B3SQUgXPMARKdxB3FdEklINI zRFOVyzHF0VWowMQz/zbAkG8PnbKOF6zL73sKFIdWK1Bd1VRV9Z12P7kuQHfVFMw DOWjXpVnXKx+0oRJ9TJsPn2+8CGfVa4gbJZqRemEGIqqpJ3lV6qKEnuOrK7+LOjR 34SjSRKlCyIXol884Rf7HeAu/dmBVXXYVXpZBScjE/Wq69Z1uNsI7xre6wIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFGSz6ocwgWZ1in+hI4/Zhz2SJytAMB8GA1UdIwQY MBaAFKvBkYwfRebsF9rKZ6etGTyvBLeyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcThHUmpCOUY1dXdYMnNwbnA2MFpQSzhFdDdJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi84Zjg4ZGUtZGFlZC00OGQyLWI3MDEt NmJiNWZlNjY1NzUwLzEvWkxQcWh6Q0JabldLZjZFamo5bUhQWkluSzBBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMi84Zjg4ZGUtZGFlZC00OGQyLWI3MDEtNmJiNWZlNjY1NzUw LzEvcThHUmpCOUY1dXdYMnNwbnA2MFpQSzhFdDdJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKhRSwK5D AwcAKhRSwK9EAwcAKhRSwPBFMA0GCSqGSIb3DQEBCwUAA4IBAQAjOXachKEj1nS0 zrJjljpWEGrLR2HRCdZ2hPpSsmWEpivSV0TA8wfh/uBzKGTYnDNHFhQfNniI8h87 27tpMd3pzRGVB4hyjs+UUCilECJSeGVxHGTfW38yeweqxL0CprQDdHfO83L2bXkQ GLaLXNs6bwKKnaBkobwoXsum3sP4qAgwlhtlzOEWWkq3Asky/dgwPDumRmDeVPWa nKCZwdCU8GIghM4gIw5hxYu2iNKAalBKdkvuhH3cxxkZCnDRpzxNyC3WbmEF5NUe GFdjxTFZAJy7g4HLG5573IYhXKK6/p3oY92+Ip4vDAYxonaShSIJtdbNhLvUd/Hp toS+bAn5 -----END CERTIFICATE-----Generated at Sun Jan 25 22:12:35 2026 by rpki-client