This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/z1U74n3Bwqh9cLzRjWZYerB5n54.roa File: z1U74n3Bwqh9cLzRjWZYerB5n54.roa (raw, json) Hash identifier: Odhjr9FDFuG6FvTw4sLHqZZzcsc3KTFEM336lZkm7Dc= Subject key identifier: CF:55:3B:E2:7D:C1:C2:A8:7D:70:BC:D1:8D:66:58:7A:B0:79:9F:9E Certificate issuer: /CN=b220d91b4e9d70f034fa16a16a887d4255792ade Certificate serial: 019B7C80C671B7794B527C3BC16BFEB20534 Authority key identifier: B2:20:D9:1B:4E:9D:70:F0:34:FA:16:A1:6A:88:7D:42:55:79:2A:DE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/siDZG06dcPA0-hahaoh9QlV5Kt4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/z1U74n3Bwqh9cLzRjWZYerB5n54.roa Signing time: Fri 02 Jan 2026 02:19:32 +0000 ROA not before: Fri 02 Jan 2026 02:19:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42010 IP address blocks: 5.28.48.0/21 maxlen: 24 91.103.184.0/21 maxlen: 24 128.65.96.0/21 maxlen: 21 128.65.96.0/24 maxlen: 24 128.65.97.0/24 maxlen: 24 128.65.98.0/23 maxlen: 23 128.65.100.0/22 maxlen: 22 185.91.20.0/22 maxlen: 24 185.135.168.0/23 maxlen: 23 185.135.170.0/23 maxlen: 23 2a03:7f80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.crl rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.mft rsync://rpki.ripe.net/repository/DEFAULT/siDZG06dcPA0-hahaoh9QlV5Kt4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:c6:71:b7:79:4b:52:7c:3b:c1:6b:fe:b2:05:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b220d91b4e9d70f034fa16a16a887d4255792ade Validity Not Before: Jan 2 02:19:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cf553be27dc1c2a87d70bcd18d66587ab0799f9e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:d2:ec:55:74:14:b1:b0:ea:61:87:f2:2c:35: 19:b8:24:5e:1a:52:07:b9:64:b0:72:c9:1f:08:3e: ea:09:7b:49:c2:3e:9f:8e:18:4f:f8:f5:21:68:db: 61:4b:ac:f7:82:02:c2:fa:73:31:b8:89:cf:15:89: af:56:97:c3:d8:c9:80:0b:ad:e7:3b:94:cc:a8:18: 91:8b:f3:5e:55:2b:de:3d:38:8a:58:ca:73:2d:ad: b9:a6:29:a4:e2:fb:a2:2e:ae:fe:70:67:98:f1:b2: 82:72:36:18:2b:2e:81:3d:2c:90:cb:98:cb:d7:8d: 72:1a:75:54:ea:9a:b5:1f:7c:f7:d2:18:ca:45:7b: 33:30:9f:c4:12:87:51:f6:b3:00:1b:73:a0:3a:43: b6:23:f6:e4:92:c1:10:13:8e:ee:de:0e:cf:4e:53: be:11:ce:ab:54:e7:da:51:f9:1d:63:2a:1a:e4:a1: 93:84:15:57:db:e1:df:7b:5e:e5:a8:58:67:51:36: 62:a8:13:f0:4f:c8:c4:1f:af:81:2f:fa:0a:06:35: ff:3b:1e:52:fd:f2:5c:dc:9f:24:7c:7f:2a:d7:52: 14:9b:d0:ad:5f:03:e4:fa:82:a8:f9:a4:d1:17:5b: ee:3b:a8:ff:67:f2:69:c1:de:fa:5d:4a:43:89:6d: 39:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:55:3B:E2:7D:C1:C2:A8:7D:70:BC:D1:8D:66:58:7A:B0:79:9F:9E X509v3 Authority Key Identifier: keyid:B2:20:D9:1B:4E:9D:70:F0:34:FA:16:A1:6A:88:7D:42:55:79:2A:DE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/siDZG06dcPA0-hahaoh9QlV5Kt4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/z1U74n3Bwqh9cLzRjWZYerB5n54.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.28.48.0/21 91.103.184.0/21 128.65.96.0/21 185.91.20.0/22 185.135.168.0/22 IPv6: 2a03:7f80::/32 Signature Algorithm: sha256WithRSAEncryption 33:05:6d:aa:9d:bc:19:e6:95:64:c5:05:5e:40:36:12:cc:81: ae:86:d1:6b:a3:c4:1c:43:fc:38:c5:00:a6:ab:32:65:8a:0f: 19:99:32:71:81:4c:15:59:c1:41:b4:3d:92:7c:ec:23:80:ba: e7:88:c2:51:ec:23:7b:b7:b9:4d:36:b4:90:32:df:3b:06:22: 73:bf:a2:2f:80:ae:e2:4f:5f:31:77:a0:1a:c4:31:31:1b:39: 73:25:2c:a2:5d:5c:b3:b7:bd:bc:c3:80:2d:9b:21:2c:44:30: 46:ef:da:ee:20:03:4d:b2:5b:f3:52:3c:d2:94:61:f0:40:bf: 10:c0:bd:e6:d5:f8:6a:48:4c:be:eb:50:8a:0b:3b:f4:b8:73: b6:7e:a6:14:17:7d:43:f4:6f:1e:57:9e:f1:47:0c:cb:7e:f8: a2:db:ac:24:0b:bb:d2:a5:22:9b:68:5d:b7:88:38:81:96:14: aa:d1:df:04:f2:55:b4:c7:45:35:33:95:b2:45:5b:62:60:b7: 76:54:b1:3d:a9:e9:b1:88:36:6b:35:7e:7d:6c:e3:d0:7a:f8: 6c:a3:ba:51:cc:6a:e7:2d:c3:92:05:e5:8e:5e:89:8b:6e:87: e0:88:1f:15:de:88:a8:9d:fc:90:27:3a:61:41:a7:35:4b:15: 2b:59:14:74 -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZt8gMZxt3lLUnw7wWv+sgU0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyMjBkOTFiNGU5ZDcwZjAzNGZhMTZhMTZhODg3ZDQyNTU3 OTJhZGUwHhcNMjYwMTAyMDIxOTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZjU1M2JlMjdkYzFjMmE4N2Q3MGJjZDE4ZDY2NTg3YWIwNzk5ZjllMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstLsVXQUsbDqYYfyLDUZuCReGlIH uWSwcskfCD7qCXtJwj6fjhhP+PUhaNthS6z3ggLC+nMxuInPFYmvVpfD2MmAC63n O5TMqBiRi/NeVSvePTiKWMpzLa25pimk4vuiLq7+cGeY8bKCcjYYKy6BPSyQy5jL 141yGnVU6pq1H3z30hjKRXszMJ/EEodR9rMAG3OgOkO2I/bkksEQE47u3g7PTlO+ Ec6rVOfaUfkdYyoa5KGThBVX2+Hfe17lqFhnUTZiqBPwT8jEH6+BL/oKBjX/Ox5S /fJc3J8kfH8q11IUm9CtXwPk+oKo+aTRF1vuO6j/Z/Jpwd76XUpDiW05zQIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFM9VO+J9wcKofXC80Y1mWHqweZ+eMB8GA1UdIwQY MBaAFLIg2RtOnXDwNPoWoWqIfUJVeSreMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2lEWkcwNmRjUEEwLWhhaGFvaDlRbFY1S3Q0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi81NDMyMjEtZjI2Ny00NzMxLWE3YWQt OTg3MTczYjllOTg3LzEvejFVNzRuM0J3cWg5Y0x6UmpXWlllckI1bjU0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYi81NDMyMjEtZjI2Ny00NzMxLWE3YWQtOTg3MTczYjllOTg3 LzEvc2lEWkcwNmRjUEEwLWhhaGFvaDlRbFY1S3Q0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBRwwAwQD W2e4AwQDgEFgAwQCuVsUAwQCuYeoMA0EAgACMAcDBQAqA3+AMA0GCSqGSIb3DQEB CwUAA4IBAQAzBW2qnbwZ5pVkxQVeQDYSzIGuhtFro8QcQ/w4xQCmqzJlig8ZmTJx gUwVWcFBtD2SfOwjgLrniMJR7CN7t7lNNrSQMt87BiJzv6IvgK7iT18xd6AaxDEx GzlzJSyiXVyzt728w4AtmyEsRDBG79ruIANNslvzUjzSlGHwQL8QwL3m1fhqSEy+ 61CKCzv0uHO2fqYUF31D9G8eV57xRwzLfvii26wkC7vSpSKbaF23iDiBlhSq0d8E 8lW0x0U1M5WyRVtiYLd2VLE9qemxiDZrNX59bOPQevhso7pRzGrnLcOSBeWOXomL bofgiB8V3oionfyQJzphQac1SxUrWRR0 -----END CERTIFICATE-----Generated at Mon Jan 26 09:26:15 2026 by rpki-client