This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/4b2e49-f667-494a-afe9-6df3e4a4eeb1/1/zXFwqAAnYrIjiWd8TXgaxxMmw0s.roa File: zXFwqAAnYrIjiWd8TXgaxxMmw0s.roa (raw, json) Hash identifier: Ovzx2APxYoxGQIUTR5wFv0olnXJaY9uRnLcnYqntG64= Subject key identifier: CD:71:70:A8:00:27:62:B2:23:89:67:7C:4D:78:1A:C7:13:26:C3:4B Certificate issuer: /CN=8324c5df19789d5259104e0ae0dcd4672a8e2bab Certificate serial: 019B7C11B8B7555907E2306BEAEFFED75BB6 Authority key identifier: 83:24:C5:DF:19:78:9D:52:59:10:4E:0A:E0:DC:D4:67:2A:8E:2B:AB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gyTF3xl4nVJZEE4K4NzUZyqOK6s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/4b2e49-f667-494a-afe9-6df3e4a4eeb1/1/zXFwqAAnYrIjiWd8TXgaxxMmw0s.roa Signing time: Fri 02 Jan 2026 00:18:14 +0000 ROA not before: Fri 02 Jan 2026 00:18:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8680 IP address blocks: 5.42.128.0/21 maxlen: 24 46.254.248.0/21 maxlen: 24 83.137.248.0/21 maxlen: 24 93.191.200.0/21 maxlen: 24 93.191.200.0/22 maxlen: 22 93.191.200.0/23 maxlen: 23 93.191.202.0/23 maxlen: 23 93.191.204.0/23 maxlen: 23 93.191.206.0/23 maxlen: 23 185.48.60.0/22 maxlen: 24 2a01:94a0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/4b2e49-f667-494a-afe9-6df3e4a4eeb1/1/gyTF3xl4nVJZEE4K4NzUZyqOK6s.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/4b2e49-f667-494a-afe9-6df3e4a4eeb1/1/gyTF3xl4nVJZEE4K4NzUZyqOK6s.mft rsync://rpki.ripe.net/repository/DEFAULT/gyTF3xl4nVJZEE4K4NzUZyqOK6s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:11:b8:b7:55:59:07:e2:30:6b:ea:ef:fe:d7:5b:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8324c5df19789d5259104e0ae0dcd4672a8e2bab Validity Not Before: Jan 2 00:18:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cd7170a8002762b22389677c4d781ac71326c34b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:88:c6:80:e0:43:09:6a:a7:69:0d:de:2c:e7: 65:6e:87:79:7d:8c:db:6e:1f:72:01:92:80:d9:04: 39:ef:c7:3b:73:3e:d1:10:7c:25:83:7b:24:b8:f9: 2b:3e:a8:51:f0:d7:96:ba:e7:f1:02:4a:c0:63:2c: 24:4f:57:9f:6e:9e:9c:47:5f:28:34:9f:b4:45:4c: 0b:e5:29:f8:c4:57:47:6b:c0:f4:9d:70:67:90:35: c9:5d:27:a7:9b:ca:75:93:a6:41:49:b6:14:c5:1d: 8d:67:06:5a:30:f1:ec:16:ab:94:df:87:be:50:dc: 5d:f8:1a:63:a4:ea:fb:c4:cc:71:52:8c:fb:3b:92: be:25:fe:c7:59:8a:bb:40:37:a8:f9:e9:da:dc:c9: 87:9a:b8:16:87:da:e2:5c:e0:36:3c:bb:1f:62:42: 9f:75:af:10:fd:97:f6:49:87:7f:70:d0:98:77:70: 15:12:b9:e8:7e:79:95:84:89:33:d3:f1:6f:cd:bb: 7e:85:aa:04:18:66:cb:5a:e8:a3:a3:cc:5b:a8:1d: 0e:3a:01:03:2d:46:89:04:5e:a7:d7:d2:0d:17:d4: 08:05:4a:7b:f9:e6:cb:ad:54:88:24:ea:55:52:8a: ad:8b:c3:39:e9:6d:5e:2a:3b:44:14:4e:db:64:45: 29:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:71:70:A8:00:27:62:B2:23:89:67:7C:4D:78:1A:C7:13:26:C3:4B X509v3 Authority Key Identifier: keyid:83:24:C5:DF:19:78:9D:52:59:10:4E:0A:E0:DC:D4:67:2A:8E:2B:AB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gyTF3xl4nVJZEE4K4NzUZyqOK6s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4b2e49-f667-494a-afe9-6df3e4a4eeb1/1/zXFwqAAnYrIjiWd8TXgaxxMmw0s.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4b2e49-f667-494a-afe9-6df3e4a4eeb1/1/gyTF3xl4nVJZEE4K4NzUZyqOK6s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.42.128.0/21 46.254.248.0/21 83.137.248.0/21 93.191.200.0/21 185.48.60.0/22 IPv6: 2a01:94a0::/32 Signature Algorithm: sha256WithRSAEncryption 4d:3a:18:34:e9:10:c0:9e:04:52:79:88:06:01:a7:56:44:ef: 46:4a:88:5e:27:8a:29:d0:c1:30:ee:82:ad:34:dc:b9:33:84: f6:e7:05:31:ac:a3:db:24:09:24:0a:44:5a:b6:37:7b:28:3f: a9:95:22:41:7c:49:e6:b0:cc:c7:be:73:9d:8d:16:99:e0:0e: fe:c1:41:b3:f6:09:73:63:57:8d:af:99:bb:19:b4:da:df:42: f5:e9:d7:2d:f5:12:84:db:2a:c0:61:97:9c:a1:f3:74:de:ad: af:34:5d:d4:1e:3f:05:58:1a:34:0e:d8:1f:ea:e9:0d:cf:57: 8c:38:a1:71:0d:cf:06:89:4f:cb:f9:01:e4:f8:bc:e3:94:7a: 81:b1:bc:56:53:82:b1:a3:55:ba:1c:3e:c4:66:4c:70:b1:21: d9:9f:bc:9d:8e:40:80:da:a3:70:73:1b:3c:a6:f0:7a:37:2c: 16:a4:26:5c:7d:ab:85:d9:84:e8:80:ab:5e:89:e4:4a:2c:4d: 5d:e5:af:0e:d0:c0:23:ca:0b:20:7c:e8:a6:e0:e8:e3:42:b3: d5:e1:21:62:24:46:7b:e4:39:b9:9f:db:fc:7c:3f:72:10:ba: 08:92:80:3b:74:cb:ab:76:d5:b8:6b:04:68:51:b1:58:43:50: ac:8e:cd:2c -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZt8Ebi3VVkH4jBr6u/+11u2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgzMjRjNWRmMTk3ODlkNTI1OTEwNGUwYWUwZGNkNDY3MmE4 ZTJiYWIwHhcNMjYwMTAyMDAxODE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZDcxNzBhODAwMjc2MmIyMjM4OTY3N2M0ZDc4MWFjNzEzMjZjMzRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoojGgOBDCWqnaQ3eLOdlbod5fYzb bh9yAZKA2QQ578c7cz7REHwlg3skuPkrPqhR8NeWuufxAkrAYywkT1efbp6cR18o NJ+0RUwL5Sn4xFdHa8D0nXBnkDXJXSenm8p1k6ZBSbYUxR2NZwZaMPHsFquU34e+ UNxd+BpjpOr7xMxxUoz7O5K+Jf7HWYq7QDeo+ena3MmHmrgWh9riXOA2PLsfYkKf da8Q/Zf2SYd/cNCYd3AVErnofnmVhIkz0/Fvzbt+haoEGGbLWuijo8xbqB0OOgED LUaJBF6n19INF9QIBUp7+ebLrVSIJOpVUoqti8M56W1eKjtEFE7bZEUpnQIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFM1xcKgAJ2KyI4lnfE14GscTJsNLMB8GA1UdIwQY MBaAFIMkxd8ZeJ1SWRBOCuDc1GcqjiurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ3lURjN4bDRuVkpaRUU0SzROelVaeXFPSzZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80YjJlNDktZjY2Ny00OTRhLWFmZTkt NmRmM2U0YTRlZWIxLzEvelhGd3FBQW5ZcklqaVdkOFRYZ2F4eE1tdzBzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy80YjJlNDktZjY2Ny00OTRhLWFmZTktNmRmM2U0YTRlZWIx LzEvZ3lURjN4bDRuVkpaRUU0SzROelVaeXFPSzZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBSqAAwQD Lv74AwQDU4n4AwQDXb/IAwQCuTA8MA0EAgACMAcDBQAqAZSgMA0GCSqGSIb3DQEB CwUAA4IBAQBNOhg06RDAngRSeYgGAadWRO9GSoheJ4op0MEw7oKtNNy5M4T25wUx rKPbJAkkCkRatjd7KD+plSJBfEnmsMzHvnOdjRaZ4A7+wUGz9glzY1eNr5m7GbTa 30L16dct9RKE2yrAYZecofN03q2vNF3UHj8FWBo0Dtgf6ukNz1eMOKFxDc8GiU/L +QHk+LzjlHqBsbxWU4Kxo1W6HD7EZkxwsSHZn7ydjkCA2qNwcxs8pvB6NywWpCZc fauF2YTogKteieRKLE1d5a8O0MAjygsgfOim4OjjQrPV4SFiJEZ75Dm5n9v8fD9y ELoIkoA7dMurdtW4awRoUbFYQ1Csjs0s -----END CERTIFICATE-----Generated at Mon Jan 26 09:25:51 2026 by rpki-client