This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/zrlAYru86sKNfdp41yXXW-vHWVA.roa File: zrlAYru86sKNfdp41yXXW-vHWVA.roa (raw, json) Hash identifier: OeRsLdUmyVY56D+kTeE010Uoy9wfuuFNR8ruGwb2Hwk= Subject key identifier: CE:B9:40:62:BB:BC:EA:C2:8D:7D:DA:78:D7:25:D7:5B:EB:C7:59:50 Certificate issuer: /CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb Certificate serial: 019B7B35D9F32BC3286CA608FE3F65137DEF Authority key identifier: 43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/zrlAYru86sKNfdp41yXXW-vHWVA.roa Signing time: Thu 01 Jan 2026 20:18:05 +0000 ROA not before: Thu 01 Jan 2026 20:18:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202029 IP address blocks: 91.213.151.0/24 maxlen: 24 185.212.194.0/24 maxlen: 24 185.221.193.0/24 maxlen: 24 195.8.102.0/24 maxlen: 24 195.230.107.0/24 maxlen: 24 2a04:acc0:10::/44 maxlen: 44 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.mft rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:d9:f3:2b:c3:28:6c:a6:08:fe:3f:65:13:7d:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb Validity Not Before: Jan 1 20:18:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ceb94062bbbceac28d7dda78d725d75bebc75950 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:3d:fb:ea:40:72:e7:94:ea:4c:f7:00:41:2a: 38:4a:8e:71:d6:78:56:f2:a1:86:6f:70:70:39:d0: 72:8a:bc:ab:ee:5e:bb:a7:dc:ea:36:2c:98:6d:4b: cc:d1:35:ff:63:e6:a2:f2:e5:b2:9b:93:55:7f:ab: 21:7a:48:9b:63:98:80:af:ac:0d:3d:1e:c0:e2:b8: fa:86:22:6c:8f:af:97:d9:ce:43:5c:09:50:b1:86: 4e:8b:89:b9:cb:a9:72:c5:5f:50:3d:f9:01:21:ab: 80:7e:77:f6:1a:32:75:0b:aa:78:ac:00:6f:e8:5e: 06:e0:bc:73:30:93:26:99:a9:42:e9:09:e5:a6:ca: 04:a9:18:6f:41:0a:79:e6:7b:90:d7:35:97:80:db: 01:8e:e8:5c:4a:7b:fd:25:05:3b:3c:33:1e:ba:32: 8b:f1:0d:e1:2e:ba:8a:cd:2e:df:7c:d0:5f:44:91: d8:77:f7:ab:61:71:bb:c4:94:c4:c8:a3:62:49:7f: 17:95:7e:d9:55:14:97:28:4c:e3:65:ca:f9:6f:ee: e3:55:76:c3:be:71:92:78:18:bf:e6:05:c3:d7:90: 88:fa:40:6a:b4:0a:7d:b8:48:b6:1b:dd:23:1a:a3: fb:72:ed:04:56:86:91:82:b3:1f:6f:8f:66:59:dc: 54:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:B9:40:62:BB:BC:EA:C2:8D:7D:DA:78:D7:25:D7:5B:EB:C7:59:50 X509v3 Authority Key Identifier: keyid:43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/zrlAYru86sKNfdp41yXXW-vHWVA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.213.151.0/24 185.212.194.0/24 185.221.193.0/24 195.8.102.0/24 195.230.107.0/24 IPv6: 2a04:acc0:10::/44 Signature Algorithm: sha256WithRSAEncryption 12:8f:94:c0:34:a4:4a:a2:dd:89:c8:0b:fd:8a:f8:96:ac:4a: 79:fb:78:a2:ed:22:ab:e7:2c:04:c9:03:e8:82:0d:dc:d8:14: 22:c6:99:35:53:bc:3b:b3:41:5e:5f:d1:82:48:11:c7:96:13: 84:50:3a:69:30:0d:c2:00:8e:4e:d3:a1:11:8d:2d:86:94:4a: 80:4b:99:2d:c7:a3:e1:b9:40:3a:5b:ec:5f:27:26:fb:12:d5: fe:07:65:77:14:94:ed:2b:c7:63:1e:03:49:0b:6e:54:2f:42: 09:56:d4:4c:01:41:45:ee:ed:02:b4:54:7d:f4:aa:0e:a9:a7: 42:fb:ac:be:b9:3b:8b:9e:24:7a:e7:01:30:13:48:14:7a:20: b1:13:fa:3a:f2:87:43:21:b0:d8:d0:0f:90:84:31:1b:b9:9d: 34:d2:96:b2:36:e3:91:c3:2d:bd:8a:9a:ad:d5:6e:5f:c9:a2: 5b:f3:2c:44:5f:06:ff:a5:cf:36:97:5d:c1:c9:71:21:57:e2: d5:f9:c1:e1:26:a7:6a:cf:e8:27:a5:d0:29:b0:a9:b7:ca:6e: 86:ae:99:60:fe:03:a5:48:bf:52:6e:42:80:e5:81:69:d6:70: 0e:df:de:83:d0:e5:aa:b9:1a:cd:78:d7:02:0d:4c:d3:81:e2: be:8b:8e:32 -----BEGIN CERTIFICATE----- MIIFJjCCBA6gAwIBAgISAZt7NdnzK8MobKYI/j9lE33vMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzOTY1ZGQxZjZmMjRhNDZkN2NjNGJjY2ZlY2Q0MTUxYzZk ZDFiZmIwHhcNMjYwMTAxMjAxODA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZWI5NDA2MmJiYmNlYWMyOGQ3ZGRhNzhkNzI1ZDc1YmViYzc1OTUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApT376kBy55TqTPcAQSo4So5x1nhW 8qGGb3BwOdByiryr7l67p9zqNiyYbUvM0TX/Y+ai8uWym5NVf6shekibY5iAr6wN PR7A4rj6hiJsj6+X2c5DXAlQsYZOi4m5y6lyxV9QPfkBIauAfnf2GjJ1C6p4rABv 6F4G4LxzMJMmmalC6QnlpsoEqRhvQQp55nuQ1zWXgNsBjuhcSnv9JQU7PDMeujKL 8Q3hLrqKzS7ffNBfRJHYd/erYXG7xJTEyKNiSX8XlX7ZVRSXKEzjZcr5b+7jVXbD vnGSeBi/5gXD15CI+kBqtAp9uEi2G90jGqP7cu0EVoaRgrMfb49mWdxUxQIDAQAB o4ICMjCCAi4wHQYDVR0OBBYEFM65QGK7vOrCjX3aeNcl11vrx1lQMB8GA1UdIwQY MBaAFEOWXdH28kpG18xLzP7NQVHG3Rv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUTVaZDBmYnlTa2JYekV2TV9zMUJVY2JkR19zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9jNzMxYzQtOTE4My00ZGIzLWI3MGEt MzM5ODBjMDNmMDhlLzEvenJsQVlydTg2c0tOZmRwNDF5WFhXLXZIV1ZBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy9jNzMxYzQtOTE4My00ZGIzLWI3MGEtMzM5ODBjMDNmMDhl LzEvUTVaZDBmYnlTa2JYekV2TV9zMUJVY2JkR19zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAW9WXAwQA udTCAwQAud3BAwQAwwhmAwQAw+ZrMA8EAgACMAkDBwQqBKzAABAwDQYJKoZIhvcN AQELBQADggEBABKPlMA0pEqi3YnIC/2K+JasSnn7eKLtIqvnLATJA+iCDdzYFCLG mTVTvDuzQV5f0YJIEceWE4RQOmkwDcIAjk7ToRGNLYaUSoBLmS3Ho+G5QDpb7F8n JvsS1f4HZXcUlO0rx2MeA0kLblQvQglW1EwBQUXu7QK0VH30qg6pp0L7rL65O4ue JHrnATATSBR6ILET+jryh0MhsNjQD5CEMRu5nTTSlrI245HDLb2Kmq3Vbl/Jolvz LERfBv+lzzaXXcHJcSFX4tX5weEmp2rP6Cel0CmwqbfKboaumWD+A6VIv1JuQoDl gWnWcA7f3oPQ5aq5Gs141wINTNOB4r6LjjI= -----END CERTIFICATE-----Generated at Mon Jan 26 07:08:30 2026 by rpki-client