This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/c89a46-7911-4fdb-a93b-29922b2d291b/1/ZohyHfqFv67z4908u3_QeIT8zVw.roa File: ZohyHfqFv67z4908u3_QeIT8zVw.roa (raw, json) Hash identifier: F/BjQl+7N2tQfUywKhEzc2DzriEJ3gerXgEGzUTdIDE= Subject key identifier: 66:88:72:1D:FA:85:BF:AE:F3:E3:DD:3C:BB:7F:D0:78:84:FC:CD:5C Certificate issuer: /CN=1a9b70ef99760a0659deaefa660345a0e6115423 Certificate serial: 019B7C7F0142ECAFAEB9400BA8A6632C4541 Authority key identifier: 1A:9B:70:EF:99:76:0A:06:59:DE:AE:FA:66:03:45:A0:E6:11:54:23 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gptw75l2CgZZ3q76ZgNFoOYRVCM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/c89a46-7911-4fdb-a93b-29922b2d291b/1/ZohyHfqFv67z4908u3_QeIT8zVw.roa Signing time: Fri 02 Jan 2026 02:17:36 +0000 ROA not before: Fri 02 Jan 2026 02:17:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 559 IP address blocks: 128.178.0.0/15 maxlen: 16 192.26.28.0/22 maxlen: 22 192.26.32.0/21 maxlen: 21 192.26.40.0/22 maxlen: 22 192.26.44.0/24 maxlen: 24 192.26.46.0/23 maxlen: 23 192.33.192.0/20 maxlen: 20 192.33.208.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/c89a46-7911-4fdb-a93b-29922b2d291b/1/Gptw75l2CgZZ3q76ZgNFoOYRVCM.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/c89a46-7911-4fdb-a93b-29922b2d291b/1/Gptw75l2CgZZ3q76ZgNFoOYRVCM.mft rsync://rpki.ripe.net/repository/DEFAULT/Gptw75l2CgZZ3q76ZgNFoOYRVCM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:01:42:ec:af:ae:b9:40:0b:a8:a6:63:2c:45:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1a9b70ef99760a0659deaefa660345a0e6115423 Validity Not Before: Jan 2 02:17:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6688721dfa85bfaef3e3dd3cbb7fd07884fccd5c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:50:6c:34:0d:56:85:1e:df:36:66:aa:63:13: 1a:c1:ac:0c:19:fb:fa:1b:fe:11:a5:7c:30:f1:80: 3a:16:67:2f:e8:dd:66:cd:66:5b:8b:17:42:f1:bb: ae:7b:79:f3:e5:99:b9:91:99:6f:be:3e:80:37:1c: f5:01:6d:da:f9:84:49:a3:e8:5b:3c:19:b3:f3:ba: 3c:35:cd:c9:86:a9:35:40:75:83:03:9d:e3:f7:65: ca:6e:2d:07:a2:18:59:ba:18:55:8d:ba:78:45:33: 17:5d:70:12:a0:47:a4:e1:1c:e5:8a:70:3d:ba:26: 32:96:29:a5:1c:0c:04:a8:e8:b5:1c:6b:1d:3e:7c: 28:a6:d5:d5:1b:8c:de:55:89:3f:c5:7a:8e:a5:1b: f8:ff:30:bb:b4:b8:41:14:38:f4:ef:9d:9e:ea:2d: 6f:d0:1b:1e:0c:c0:f6:da:63:6b:d6:83:a9:40:3b: 4d:85:43:14:bf:cc:52:82:73:89:b5:93:a0:9f:58: b2:ff:8e:bb:5f:88:62:e9:b1:c8:b6:be:c1:bb:80: 0f:67:79:38:9d:e6:c8:90:07:e4:f8:a4:14:b0:54: d4:6d:f5:7a:84:e5:65:39:20:5d:72:f4:f2:99:ca: da:41:d3:b7:a3:5d:d5:fe:b4:2c:ee:c8:6b:7c:d4: 3e:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:88:72:1D:FA:85:BF:AE:F3:E3:DD:3C:BB:7F:D0:78:84:FC:CD:5C X509v3 Authority Key Identifier: keyid:1A:9B:70:EF:99:76:0A:06:59:DE:AE:FA:66:03:45:A0:E6:11:54:23 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gptw75l2CgZZ3q76ZgNFoOYRVCM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/c89a46-7911-4fdb-a93b-29922b2d291b/1/ZohyHfqFv67z4908u3_QeIT8zVw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/c89a46-7911-4fdb-a93b-29922b2d291b/1/Gptw75l2CgZZ3q76ZgNFoOYRVCM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 128.178.0.0/15 192.26.28.0-192.26.44.255 192.26.46.0/23 192.33.192.0-192.33.211.255 Signature Algorithm: sha256WithRSAEncryption 33:c4:94:1d:aa:70:2d:bc:e0:d7:41:62:7c:f6:c5:c5:1a:d3: 5b:3b:75:a2:7f:97:a3:ad:79:da:59:40:a3:d1:9b:6d:be:6e: 11:dd:04:d4:85:c8:cd:bf:53:0a:00:59:c3:1c:23:4a:3a:ec: e6:73:96:d6:32:9c:20:e6:1e:16:76:9f:43:2b:62:61:29:0d: 62:b0:6a:0a:e5:5b:f7:d4:20:ed:1f:ea:43:53:72:1f:95:fe: 90:8f:91:2f:44:b5:90:f0:b2:26:62:2a:8f:eb:4d:c1:c3:24: f0:b6:b0:5d:ed:c9:4f:d1:9d:06:e7:7f:e9:04:53:c7:50:e6: 34:ae:8e:1b:85:72:06:01:2b:0d:bf:1b:28:bd:b9:01:a7:5a: bf:06:cb:06:ee:f7:b6:0a:07:b6:84:16:71:7e:7b:0c:e8:92: 1b:35:1b:d8:bf:1f:70:b4:91:c3:54:82:b7:5e:b7:9f:3e:c1: dd:2c:40:4d:30:f2:58:16:b8:81:88:42:cd:c2:79:83:a9:f3: c5:46:fe:00:15:8e:29:0a:b2:ea:b5:56:36:ef:ee:f7:6e:1d: 93:a0:db:0d:67:20:e1:42:f3:18:b6:ac:cb:eb:3c:65:d5:e4: 71:6b:13:68:46:74:85:72:71:68:c9:fa:7f:b2:c8:2b:98:fd: f6:12:26:9a -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt8fwFC7K+uuUALqKZjLEVBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFhOWI3MGVmOTk3NjBhMDY1OWRlYWVmYTY2MDM0NWEwZTYx MTU0MjMwHhcNMjYwMTAyMDIxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2Njg4NzIxZGZhODViZmFlZjNlM2RkM2NiYjdmZDA3ODg0ZmNjZDVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVBsNA1WhR7fNmaqYxMawawMGfv6 G/4RpXww8YA6Fmcv6N1mzWZbixdC8buue3nz5Zm5kZlvvj6ANxz1AW3a+YRJo+hb PBmz87o8Nc3Jhqk1QHWDA53j92XKbi0HohhZuhhVjbp4RTMXXXASoEek4RzlinA9 uiYylimlHAwEqOi1HGsdPnwoptXVG4zeVYk/xXqOpRv4/zC7tLhBFDj0752e6i1v 0BseDMD22mNr1oOpQDtNhUMUv8xSgnOJtZOgn1iy/467X4hi6bHItr7Bu4APZ3k4 nebIkAfk+KQUsFTUbfV6hOVlOSBdcvTymcraQdO3o13V/rQs7shrfNQ+cwIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFGaIch36hb+u8+PdPLt/0HiE/M1cMB8GA1UdIwQY MBaAFBqbcO+ZdgoGWd6u+mYDRaDmEVQjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR3B0dzc1bDJDZ1paM3E3NlpnTkZvT1lSVkNNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jODlhNDYtNzkxMS00ZmRiLWE5M2It Mjk5MjJiMmQyOTFiLzEvWm9oeUhmcUZ2Njd6NDkwOHUzX1FlSVQ4elZ3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS9jODlhNDYtNzkxMS00ZmRiLWE5M2ItMjk5MjJiMmQyOTFi LzEvR3B0dzc1bDJDZ1paM3E3NlpnTkZvT1lSVkNNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAATAnAwMBgLIwDAME AsAaHAMEAMAaLAMEAcAaLjAMAwQGwCHAAwQCwCHQMA0GCSqGSIb3DQEBCwUAA4IB AQAzxJQdqnAtvODXQWJ89sXFGtNbO3Wif5ejrXnaWUCj0Zttvm4R3QTUhcjNv1MK AFnDHCNKOuzmc5bWMpwg5h4Wdp9DK2JhKQ1isGoK5Vv31CDtH+pDU3Iflf6Qj5Ev RLWQ8LImYiqP603BwyTwtrBd7clP0Z0G53/pBFPHUOY0ro4bhXIGASsNvxsovbkB p1q/BssG7ve2Cge2hBZxfnsM6JIbNRvYvx9wtJHDVIK3XrefPsHdLEBNMPJYFriB iELNwnmDqfPFRv4AFY4pCrLqtVY27+73bh2ToNsNZyDhQvMYtqzL6zxl1eRxaxNo RnSFcnFoyfp/ssgrmP32Eiaa -----END CERTIFICATE-----Generated at Sun Jan 25 21:06:26 2026 by rpki-client