This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/3c076b-aea1-4a33-a9e9-99128bf6a841/1/Z7zYg0UKWOu3I7v4pemSPhkT-8Q.roa File: Z7zYg0UKWOu3I7v4pemSPhkT-8Q.roa (raw, json) Hash identifier: 2HDljRveeQxMYwclc1swW9g1JCkhHlo1eeNjxRkdL8I= Subject key identifier: 67:BC:D8:83:45:0A:58:EB:B7:23:BB:F8:A5:E9:92:3E:19:13:FB:C4 Certificate issuer: /CN=d8d3ca2c231afdf3b0355c77a7cbb226f81b74de Certificate serial: 019A82A1DECF6A9C7923FE61459F11A419E0 Authority key identifier: D8:D3:CA:2C:23:1A:FD:F3:B0:35:5C:77:A7:CB:B2:26:F8:1B:74:DE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2NPKLCMa_fOwNVx3p8uyJvgbdN4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/3c076b-aea1-4a33-a9e9-99128bf6a841/1/Z7zYg0UKWOu3I7v4pemSPhkT-8Q.roa Signing time: Fri 14 Nov 2025 13:50:37 +0000 ROA not before: Fri 14 Nov 2025 13:50:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 211575 IP address blocks: 2a14:7dc0:500::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/3c076b-aea1-4a33-a9e9-99128bf6a841/1/2NPKLCMa_fOwNVx3p8uyJvgbdN4.crl rsync://rpki.ripe.net/repository/DEFAULT/c9/3c076b-aea1-4a33-a9e9-99128bf6a841/1/2NPKLCMa_fOwNVx3p8uyJvgbdN4.mft rsync://rpki.ripe.net/repository/DEFAULT/2NPKLCMa_fOwNVx3p8uyJvgbdN4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 20:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:82:a1:de:cf:6a:9c:79:23:fe:61:45:9f:11:a4:19:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8d3ca2c231afdf3b0355c77a7cbb226f81b74de Validity Not Before: Nov 14 13:50:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=67bcd883450a58ebb723bbf8a5e9923e1913fbc4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:e3:4e:8a:1c:6e:85:b7:94:e0:fb:a7:47:c7: 31:f9:64:7c:c9:29:da:1a:66:c7:fe:16:ea:1e:56: 58:af:35:b4:8d:23:0e:f8:82:ef:5a:21:6c:05:3a: 4d:a4:3c:2d:7d:06:e0:0f:04:1f:54:ef:f6:0c:cf: 35:8f:d2:c8:9c:c1:56:e7:df:fe:55:ca:a4:61:17: 75:31:ac:9c:e9:9d:24:9f:27:1c:ea:08:3a:e2:94: cc:ff:c2:35:c2:a0:70:bc:61:bf:d0:4d:9d:3e:5d: 2f:2f:64:57:32:56:1b:83:04:a6:d0:44:95:fb:00: 5e:c8:63:16:f5:2f:78:ac:93:39:e2:11:85:12:f3: 71:73:e3:fd:b4:ab:d7:a7:70:55:14:76:17:50:f1: a5:df:6c:f4:b6:18:20:aa:ff:ba:d0:4b:29:d6:95: 49:34:75:d3:26:a3:b6:3a:02:91:d0:36:9e:60:0e: 81:93:74:e2:90:72:28:7d:e1:7b:29:a1:b8:8f:46: ee:18:d3:03:af:85:bb:45:06:70:1c:54:fc:26:ce: 96:8b:19:c5:1e:38:32:b9:8b:c6:44:23:45:68:98: 56:5b:aa:78:d0:2c:ff:8a:7b:2c:03:bf:3b:50:72: 73:54:b1:76:f8:b6:13:4c:81:f4:f4:e3:73:5c:b6: ec:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:BC:D8:83:45:0A:58:EB:B7:23:BB:F8:A5:E9:92:3E:19:13:FB:C4 X509v3 Authority Key Identifier: keyid:D8:D3:CA:2C:23:1A:FD:F3:B0:35:5C:77:A7:CB:B2:26:F8:1B:74:DE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NPKLCMa_fOwNVx3p8uyJvgbdN4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/3c076b-aea1-4a33-a9e9-99128bf6a841/1/Z7zYg0UKWOu3I7v4pemSPhkT-8Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/3c076b-aea1-4a33-a9e9-99128bf6a841/1/2NPKLCMa_fOwNVx3p8uyJvgbdN4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7dc0:500::/44 Signature Algorithm: sha256WithRSAEncryption 27:30:fe:c2:0b:63:b7:41:48:4f:74:eb:b9:5d:3f:e4:6b:58: ce:65:67:3f:b6:29:2a:40:24:c3:ad:19:2a:b5:85:4c:50:ed: 61:c7:c0:e5:49:dc:62:f9:73:9e:ed:89:11:c9:b3:2b:68:5e: 97:19:a3:d1:cc:14:a8:20:1f:c9:e8:6d:b1:80:ff:3f:48:b0: 8a:b1:0c:2d:b2:90:c1:ab:bc:f7:7f:fb:66:2f:f3:4a:a3:7f: 2f:b5:50:16:08:5a:14:7e:ae:76:7c:c4:55:5c:49:3c:f5:67: d2:b9:2b:35:c6:40:ff:6e:fd:ea:0d:11:e9:3b:4f:05:ed:b7: 26:c5:eb:13:e2:fd:56:ea:cb:53:2e:11:4f:60:fd:1d:80:20: 7e:ca:e3:42:1e:e8:c4:d9:74:f9:f8:33:ce:2c:ca:96:76:b9: 98:96:8a:9a:d5:a6:00:b5:d1:30:00:87:78:ac:6a:7a:43:00: 48:25:ec:24:d7:ee:8a:2e:8b:63:34:b4:e0:21:3d:7f:a0:69: c3:ca:12:51:31:9d:69:cf:96:a6:48:de:6a:63:4c:4d:5c:e7: a7:c6:a5:49:5f:c7:f7:b8:bc:61:a7:04:99:be:1b:6b:c4:b4: 26:12:cc:57:3d:36:9f:68:f0:02:d8:de:57:87:4d:77:1e:88: e5:de:70:f0 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZqCod7Papx5I/5hRZ8RpBngMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4ZDNjYTJjMjMxYWZkZjNiMDM1NWM3N2E3Y2JiMjI2Zjgx Yjc0ZGUwHhcNMjUxMTE0MTM1MDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2N2JjZDg4MzQ1MGE1OGViYjcyM2JiZjhhNWU5OTIzZTE5MTNmYmM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+NOihxuhbeU4PunR8cx+WR8ySna GmbH/hbqHlZYrzW0jSMO+ILvWiFsBTpNpDwtfQbgDwQfVO/2DM81j9LInMFW59/+ VcqkYRd1Mayc6Z0knycc6gg64pTM/8I1wqBwvGG/0E2dPl0vL2RXMlYbgwSm0ESV +wBeyGMW9S94rJM54hGFEvNxc+P9tKvXp3BVFHYXUPGl32z0thggqv+60Esp1pVJ NHXTJqO2OgKR0DaeYA6Bk3TikHIofeF7KaG4j0buGNMDr4W7RQZwHFT8Js6WixnF HjgyuYvGRCNFaJhWW6p40Cz/inssA787UHJzVLF2+LYTTIH09ONzXLbsewIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFGe82INFCljrtyO7+KXpkj4ZE/vEMB8GA1UdIwQY MBaAFNjTyiwjGv3zsDVcd6fLsib4G3TeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMk5QS0xDTWFfZk93TlZ4M3A4dXlKdmdiZE40LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8zYzA3NmItYWVhMS00YTMzLWE5ZTkt OTkxMjhiZjZhODQxLzEvWjd6WWcwVUtXT3UzSTd2NHBlbVNQaGtULThRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOS8zYzA3NmItYWVhMS00YTMzLWE5ZTktOTkxMjhiZjZhODQx LzEvMk5QS0xDTWFfZk93TlZ4M3A4dXlKdmdiZE40LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhR9wAUA MA0GCSqGSIb3DQEBCwUAA4IBAQAnMP7CC2O3QUhPdOu5XT/ka1jOZWc/tikqQCTD rRkqtYVMUO1hx8DlSdxi+XOe7YkRybMraF6XGaPRzBSoIB/J6G2xgP8/SLCKsQwt spDBq7z3f/tmL/NKo38vtVAWCFoUfq52fMRVXEk89WfSuSs1xkD/bv3qDRHpO08F 7bcmxesT4v1W6stTLhFPYP0dgCB+yuNCHujE2XT5+DPOLMqWdrmYloqa1aYAtdEw AId4rGp6QwBIJewk1+6KLotjNLTgIT1/oGnDyhJRMZ1pz5amSN5qY0xNXOenxqVJ X8f3uLxhpwSZvhtrxLQmEsxXPTafaPAC2N5Xh013Hojl3nDw -----END CERTIFICATE-----Generated at Sat Dec 6 05:37:22 2025 by rpki-client