This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/2ZaoqGM6aCKm2bNlZEaeL94Fv10.roa File: 2ZaoqGM6aCKm2bNlZEaeL94Fv10.roa (raw, json) Hash identifier: S0GcAEqKxfe6Q+R2X0UdUocPpyMaBe0EXrwdyrx4AUA= Subject key identifier: D9:96:A8:A8:63:3A:68:22:A6:D9:B3:65:64:46:9E:2F:DE:05:BF:5D Certificate issuer: /CN=b467367967dc763349fd0b50e31f75b823028590 Certificate serial: 019B7B36B5212AC7F04B042B86C90853C512 Authority key identifier: B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/2ZaoqGM6aCKm2bNlZEaeL94Fv10.roa Signing time: Thu 01 Jan 2026 20:19:01 +0000 ROA not before: Thu 01 Jan 2026 20:19:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60232 IP address blocks: 37.75.8.0/21 maxlen: 24 185.28.0.0/22 maxlen: 24 185.81.236.0/22 maxlen: 24 195.142.0.0/22 maxlen: 24 195.142.104.0/21 maxlen: 24 195.142.132.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/tGc2eWfcdjNJ_QtQ4x91uCMChZA.crl rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/tGc2eWfcdjNJ_QtQ4x91uCMChZA.mft rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:b5:21:2a:c7:f0:4b:04:2b:86:c9:08:53:c5:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b467367967dc763349fd0b50e31f75b823028590 Validity Not Before: Jan 1 20:19:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d996a8a8633a6822a6d9b36564469e2fde05bf5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:a7:5b:4a:5f:95:84:e4:36:8d:f2:ce:e6:41: 22:e4:82:d1:08:37:b6:29:57:9e:99:15:d3:bb:f6: 4c:7b:fc:dd:fc:56:92:63:c8:1d:8b:0b:d1:0c:44: 01:7b:71:1d:ab:bc:b6:bd:01:a2:dc:3c:04:1b:b6: 60:30:8b:65:bd:0b:73:ee:e0:1e:4d:5d:c3:b7:dc: 74:68:b5:b7:03:fe:08:22:51:ff:08:7b:c1:86:ef: 1c:dd:49:48:33:24:9f:05:90:f9:6f:d6:e8:9c:54: 64:1c:90:23:8b:40:68:24:fb:32:21:60:34:a8:08: dd:58:c7:d9:d5:4c:0f:16:84:e4:c0:26:98:ee:b6: 68:44:c1:ae:0b:aa:18:c2:b0:3e:87:37:79:13:d9: c4:de:63:01:63:fb:c9:3a:d6:a3:b9:0a:67:8e:42: 72:5b:bc:85:a1:bc:70:33:70:18:10:81:2e:6d:ab: ad:87:9e:60:49:95:18:a5:db:82:bf:a6:23:11:f6: 6b:56:6b:77:64:9f:15:5a:5a:67:95:79:82:4c:ca: 4a:e7:fc:fe:64:f6:bb:f8:5f:43:b2:3f:9b:06:56: bf:6f:6b:c0:16:87:8f:93:00:96:37:cc:02:f8:2c: 34:69:d4:62:70:d6:19:b4:58:87:8a:be:6d:bf:a5: d1:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:96:A8:A8:63:3A:68:22:A6:D9:B3:65:64:46:9E:2F:DE:05:BF:5D X509v3 Authority Key Identifier: keyid:B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/2ZaoqGM6aCKm2bNlZEaeL94Fv10.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/tGc2eWfcdjNJ_QtQ4x91uCMChZA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.75.8.0/21 185.28.0.0/22 185.81.236.0/22 195.142.0.0/22 195.142.104.0/21 195.142.132.0/22 Signature Algorithm: sha256WithRSAEncryption 01:7a:7c:1d:0e:33:c9:c4:d6:c2:9d:fd:e8:6e:29:26:f0:59: f1:28:bb:b4:e9:ae:28:c8:f7:b9:6e:51:24:7d:9c:17:c6:26: b8:40:26:a0:ce:10:89:a4:aa:e7:f0:92:25:cd:ce:26:52:51: 87:8e:34:09:5f:25:43:07:36:65:de:ed:8e:4f:97:b6:7e:9d: 42:fa:0b:7a:1e:20:8c:82:90:d0:9b:72:a8:3a:fa:43:e5:d8: 14:4a:c9:87:ca:c4:2b:18:cf:c5:d1:ac:0e:56:26:53:d4:f6: f9:f2:85:f0:c9:48:18:8e:69:19:31:50:dc:e0:76:5d:92:e7: 9f:bb:4d:d6:b3:91:25:68:91:77:e1:83:2e:de:ba:4a:2a:c2: 1c:c5:1d:a4:fd:50:14:2b:ab:1e:72:05:59:d1:c1:4e:e4:9b: 31:ed:49:04:8b:4f:2f:6e:64:2e:bf:8a:aa:ba:1e:f3:af:35: 58:4f:d7:05:a8:f6:da:0b:bc:5c:66:4c:79:2b:90:f4:7e:f5: f8:b5:9e:a3:c0:f4:8d:09:ef:1e:a4:af:5c:18:3c:28:44:02: 76:3d:16:7e:dc:1f:55:bb:cf:0b:be:e7:b9:d8:f0:be:b5:18: d5:d7:2e:86:0a:46:bd:97:3b:5d:cd:b6:3e:79:b9:0e:39:1e: 52:42:b0:ce -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt7NrUhKsfwSwQrhskIU8USMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0NjczNjc5NjdkYzc2MzM0OWZkMGI1MGUzMWY3NWI4MjMw Mjg1OTAwHhcNMjYwMTAxMjAxOTAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOTk2YThhODYzM2E2ODIyYTZkOWIzNjU2NDQ2OWUyZmRlMDViZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKdbSl+VhOQ2jfLO5kEi5ILRCDe2 KVeemRXTu/ZMe/zd/FaSY8gdiwvRDEQBe3Edq7y2vQGi3DwEG7ZgMItlvQtz7uAe TV3Dt9x0aLW3A/4IIlH/CHvBhu8c3UlIMySfBZD5b9bonFRkHJAji0BoJPsyIWA0 qAjdWMfZ1UwPFoTkwCaY7rZoRMGuC6oYwrA+hzd5E9nE3mMBY/vJOtajuQpnjkJy W7yFobxwM3AYEIEubauth55gSZUYpduCv6YjEfZrVmt3ZJ8VWlpnlXmCTMpK5/z+ ZPa7+F9Dsj+bBla/b2vAFoePkwCWN8wC+Cw0adRicNYZtFiHir5tv6XRFQIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFNmWqKhjOmgiptmzZWRGni/eBb9dMB8GA1UdIwQY MBaAFLRnNnln3HYzSf0LUOMfdbgjAoWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMt YjgxMzczYzQwZGM5LzEvMlphb3FHTTZhQ0ttMmJObFpFYWVMOTRGdjEwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMtYjgxMzczYzQwZGM5 LzEvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDJUsIAwQC uRwAAwQCuVHsAwQCw44AAwQDw45oAwQCw46EMA0GCSqGSIb3DQEBCwUAA4IBAQAB enwdDjPJxNbCnf3obikm8FnxKLu06a4oyPe5blEkfZwXxia4QCagzhCJpKrn8JIl zc4mUlGHjjQJXyVDBzZl3u2OT5e2fp1C+gt6HiCMgpDQm3KoOvpD5dgUSsmHysQr GM/F0awOViZT1Pb58oXwyUgYjmkZMVDc4HZdkuefu03Ws5ElaJF34YMu3rpKKsIc xR2k/VAUK6secgVZ0cFO5Jsx7UkEi08vbmQuv4qquh7zrzVYT9cFqPbaC7xcZkx5 K5D0fvX4tZ6jwPSNCe8epK9cGDwoRAJ2PRZ+3B9Vu88Lvue52PC+tRjV1y6GCka9 lztdzbY+ebkOOR5SQrDO -----END CERTIFICATE-----Generated at Sun Jan 25 22:41:47 2026 by rpki-client