This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/mzEPgdHmNv6bVe96qDtXIbjnZeI.roa File: mzEPgdHmNv6bVe96qDtXIbjnZeI.roa (raw, json) Hash identifier: tpqt79V0TYHF3bsLDiHBBd9SAjg/wnNF2aCiJu5NIss= Subject key identifier: 9B:31:0F:81:D1:E6:36:FE:9B:55:EF:7A:A8:3B:57:21:B8:E7:65:E2 Certificate issuer: /CN=651bad95276947c7be536af4c870a3721f0b7761 Certificate serial: 019B76EB75CECAAF5E1BF73E8FD4573BA893 Authority key identifier: 65:1B:AD:95:27:69:47:C7:BE:53:6A:F4:C8:70:A3:72:1F:0B:77:61 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZRutlSdpR8e-U2r0yHCjch8Ld2E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/mzEPgdHmNv6bVe96qDtXIbjnZeI.roa Signing time: Thu 01 Jan 2026 00:18:21 +0000 ROA not before: Thu 01 Jan 2026 00:18:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200299 IP address blocks: 2a09:3a00:2000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/ZRutlSdpR8e-U2r0yHCjch8Ld2E.crl rsync://rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/ZRutlSdpR8e-U2r0yHCjch8Ld2E.mft rsync://rpki.ripe.net/repository/DEFAULT/ZRutlSdpR8e-U2r0yHCjch8Ld2E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:75:ce:ca:af:5e:1b:f7:3e:8f:d4:57:3b:a8:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=651bad95276947c7be536af4c870a3721f0b7761 Validity Not Before: Jan 1 00:18:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9b310f81d1e636fe9b55ef7aa83b5721b8e765e2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:60:65:f4:18:7b:45:40:ee:08:dd:aa:f0:d0: 8c:a1:1f:05:99:97:c9:25:2e:30:1d:dd:9b:c5:c7: 7a:3c:97:c2:50:c2:59:96:55:ff:db:c8:81:2a:56: f9:e6:fb:5d:c7:98:65:42:18:8b:66:58:eb:ef:99: 7a:97:6f:0e:cf:36:9b:1c:63:5b:69:62:27:4e:43: ad:d7:c9:3d:fc:0d:e7:92:0a:b4:79:cc:79:bb:6a: 14:36:64:19:34:74:3b:b9:c3:0b:ed:b7:6f:3e:3e: d3:8a:bd:c3:6a:3a:24:8b:83:5e:c1:e5:7b:55:a3: a8:d2:21:4d:b8:6b:75:e0:4b:e1:75:5b:2e:81:03: 2f:14:9a:64:fc:aa:4f:ed:dc:64:72:73:40:ac:da: ba:38:cc:16:6c:8a:fd:a3:45:1e:54:8c:09:b6:71: 42:c8:d5:b3:63:f3:f5:05:5d:e6:a2:44:0f:aa:4a: 82:2b:30:0b:c9:67:75:f0:95:d9:9c:17:3e:70:1c: 3a:2d:41:89:ae:6e:14:f3:40:97:7c:21:1f:0d:f2: 3a:60:aa:7b:98:2b:d9:6c:a4:f1:2f:68:45:6d:93: 08:4c:1c:29:fc:32:dc:7d:f4:d1:a5:de:b2:90:71: 78:95:37:ac:12:78:b1:08:18:01:a8:77:12:6d:7b: 60:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:31:0F:81:D1:E6:36:FE:9B:55:EF:7A:A8:3B:57:21:B8:E7:65:E2 X509v3 Authority Key Identifier: keyid:65:1B:AD:95:27:69:47:C7:BE:53:6A:F4:C8:70:A3:72:1F:0B:77:61 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZRutlSdpR8e-U2r0yHCjch8Ld2E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/mzEPgdHmNv6bVe96qDtXIbjnZeI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/ZRutlSdpR8e-U2r0yHCjch8Ld2E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a09:3a00:2000::/48 Signature Algorithm: sha256WithRSAEncryption 3e:76:27:e6:cf:49:65:4d:ec:43:31:32:9c:d4:10:2c:8c:bc: 06:f6:f5:86:f7:27:74:cf:a1:4a:da:7e:45:c2:35:df:fe:28: 1f:32:b4:32:8e:98:e7:1a:c5:15:49:29:38:93:51:53:3a:a2: f5:e5:a8:bb:19:7c:5e:d9:42:4e:89:2d:15:1d:4a:d9:9f:45: 01:de:0b:e4:66:7c:46:14:77:5c:39:fb:70:94:e8:44:e1:8d: ae:6a:27:a1:14:aa:1e:5a:94:cb:4c:23:78:e7:46:c2:2c:62: f1:f1:19:e7:8a:6f:fe:1a:f4:2f:d3:e2:5a:84:1a:e5:07:48: 3c:0e:e4:d3:91:57:32:b6:1f:a2:66:ee:f2:b8:d0:3d:18:9d: 03:86:38:ed:3e:e7:e7:e9:d8:d3:99:b0:3c:44:02:ad:88:0a: fd:b1:2c:32:60:ca:f3:ab:48:35:9c:26:df:bc:2d:89:3c:ad: c7:d9:96:de:a9:bb:c9:d4:0f:13:7e:91:1c:2f:c1:01:8e:6f: db:d9:c4:8a:bb:f8:6b:fa:0e:5f:ee:c4:11:11:ad:50:ad:6c: 43:ba:4d:95:81:cd:93:03:ba:d1:1f:ce:de:3a:48:ed:01:35: 4c:6d:cc:1b:0a:07:5a:a8:be:7b:3c:b7:b8:4f:38:01:aa:81: 4f:98:08:34 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt263XOyq9eG/c+j9RXO6iTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY1MWJhZDk1Mjc2OTQ3YzdiZTUzNmFmNGM4NzBhMzcyMWYw Yjc3NjEwHhcNMjYwMTAxMDAxODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5YjMxMGY4MWQxZTYzNmZlOWI1NWVmN2FhODNiNTcyMWI4ZTc2NWUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWBl9Bh7RUDuCN2q8NCMoR8FmZfJ JS4wHd2bxcd6PJfCUMJZllX/28iBKlb55vtdx5hlQhiLZljr75l6l28OzzabHGNb aWInTkOt18k9/A3nkgq0ecx5u2oUNmQZNHQ7ucML7bdvPj7Tir3Dajoki4NeweV7 VaOo0iFNuGt14EvhdVsugQMvFJpk/KpP7dxkcnNArNq6OMwWbIr9o0UeVIwJtnFC yNWzY/P1BV3mokQPqkqCKzALyWd18JXZnBc+cBw6LUGJrm4U80CXfCEfDfI6YKp7 mCvZbKTxL2hFbZMITBwp/DLcffTRpd6ykHF4lTesEnixCBgBqHcSbXtg7QIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFJsxD4HR5jb+m1Xveqg7VyG452XiMB8GA1UdIwQY MBaAFGUbrZUnaUfHvlNq9Mhwo3IfC3dhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWlJ1dGxTZHBSOGUtVTJyMHlIQ2pjaDhMZDJFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xZGJkNmItMzVjYy00ZjA5LWI5MmUt MTk4YjZhNjFjZTg1LzEvbXpFUGdkSG1OdjZiVmU5NnFEdFhJYmpuWmVJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNC8xZGJkNmItMzVjYy00ZjA5LWI5MmUtMTk4YjZhNjFjZTg1 LzEvWlJ1dGxTZHBSOGUtVTJyMHlIQ2pjaDhMZDJFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgk6ACAA MA0GCSqGSIb3DQEBCwUAA4IBAQA+difmz0llTexDMTKc1BAsjLwG9vWG9yd0z6FK 2n5FwjXf/igfMrQyjpjnGsUVSSk4k1FTOqL15ai7GXxe2UJOiS0VHUrZn0UB3gvk ZnxGFHdcOftwlOhE4Y2uaiehFKoeWpTLTCN450bCLGLx8Rnnim/+GvQv0+JahBrl B0g8DuTTkVcyth+iZu7yuNA9GJ0DhjjtPufn6djTmbA8RAKtiAr9sSwyYMrzq0g1 nCbfvC2JPK3H2ZbeqbvJ1A8TfpEcL8EBjm/b2cSKu/hr+g5f7sQREa1QrWxDuk2V gc2TA7rRH87eOkjtATVMbcwbCgdaqL57PLe4TzgBqoFPmAg0 -----END CERTIFICATE-----Generated at Mon Jan 26 02:23:31 2026 by rpki-client