This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/zj1m99tPwrcxyT6BDJGJ3CugkIQ.roa File: zj1m99tPwrcxyT6BDJGJ3CugkIQ.roa (raw, json) Hash identifier: twU1/m+1xw/8GtDgcT70cwUdWMg3Z1khilZnPoO3Wpc= Subject key identifier: CE:3D:66:F7:DB:4F:C2:B7:31:C9:3E:81:0C:91:89:DC:2B:A0:90:84 Certificate issuer: /CN=d447813ce52a823ea1efc9a0f4933c5d3353ee2b Certificate serial: 019B78348DFE2B78001768E256DBA4212C3E Authority key identifier: D4:47:81:3C:E5:2A:82:3E:A1:EF:C9:A0:F4:93:3C:5D:33:53:EE:2B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1EeBPOUqgj6h78mg9JM8XTNT7is.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/zj1m99tPwrcxyT6BDJGJ3CugkIQ.roa Signing time: Thu 01 Jan 2026 06:17:48 +0000 ROA not before: Thu 01 Jan 2026 06:17:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213925 IP address blocks: 194.147.211.0/24 maxlen: 24 2a12:66c6::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/1EeBPOUqgj6h78mg9JM8XTNT7is.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/1EeBPOUqgj6h78mg9JM8XTNT7is.mft rsync://rpki.ripe.net/repository/DEFAULT/1EeBPOUqgj6h78mg9JM8XTNT7is.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:8d:fe:2b:78:00:17:68:e2:56:db:a4:21:2c:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d447813ce52a823ea1efc9a0f4933c5d3353ee2b Validity Not Before: Jan 1 06:17:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ce3d66f7db4fc2b731c93e810c9189dc2ba09084 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:7f:f7:23:e1:71:f5:31:da:79:c0:c8:b3:c7: 20:c3:37:a6:e4:e9:36:06:fb:dd:3a:32:91:90:47: 08:8a:91:b3:0d:42:2e:a9:ba:8f:cc:5a:74:97:29: 69:8e:09:65:d9:27:8d:8c:10:4b:76:b9:3e:6f:00: 92:70:e2:0b:a8:42:41:86:a1:8b:3c:a8:16:da:57: 31:89:19:06:7a:e4:44:7b:57:2f:d2:73:25:b2:af: bf:0a:78:9d:a2:ec:46:e0:65:33:5a:02:52:2b:2d: 05:d4:df:26:ab:7d:6e:9a:10:50:dd:a7:44:33:ed: 77:ee:a0:7a:2d:37:05:db:e6:6c:ad:1e:3b:30:76: 72:ee:93:6b:5f:3f:07:bf:0e:47:0b:f4:d6:ad:87: 32:98:94:b7:5d:49:4c:8b:73:17:9c:6f:e3:61:57: 59:73:3c:8c:4e:78:62:eb:6e:67:ed:60:f2:6b:4f: bf:88:64:c8:39:a0:ba:37:af:eb:01:39:71:2a:bd: 0c:25:10:61:1a:cc:37:ec:8d:e1:53:bd:c4:a3:b8: 64:7f:61:b3:48:f0:73:ff:a4:20:85:5b:19:3f:fe: 7e:41:3c:7f:fe:7f:ee:1a:48:0f:a5:4c:39:80:77: 2b:6e:01:e9:8d:2b:44:16:e8:50:12:61:b5:28:f8: b4:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:3D:66:F7:DB:4F:C2:B7:31:C9:3E:81:0C:91:89:DC:2B:A0:90:84 X509v3 Authority Key Identifier: keyid:D4:47:81:3C:E5:2A:82:3E:A1:EF:C9:A0:F4:93:3C:5D:33:53:EE:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1EeBPOUqgj6h78mg9JM8XTNT7is.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/zj1m99tPwrcxyT6BDJGJ3CugkIQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/1EeBPOUqgj6h78mg9JM8XTNT7is.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.147.211.0/24 IPv6: 2a12:66c6::/32 Signature Algorithm: sha256WithRSAEncryption 09:27:ae:4d:0e:b9:66:15:88:ab:c0:6f:27:9d:a0:fd:24:85: 1e:3e:54:a2:a4:ad:72:2a:2d:d9:82:cb:b8:d1:51:19:55:b6: 45:19:d3:64:e1:44:81:87:03:02:19:18:b0:c9:35:1f:19:f3: 30:fd:fb:5b:f1:0a:f4:08:d3:19:e1:79:e1:45:00:06:cc:87: d7:a5:b3:1b:15:94:ca:d8:5a:8d:3f:bf:d7:75:cf:39:93:d5: e9:46:4a:4c:f2:da:e4:2b:ca:69:fb:4c:d4:00:5c:fa:4b:41: 7c:10:0f:5b:ec:90:f6:d6:f0:2b:e0:c2:a1:9b:55:34:94:b1: 6d:c0:9d:66:36:d8:cd:72:ae:e9:7f:0b:2a:d5:35:95:a8:69: 08:c8:3d:3d:48:2d:f2:ad:d8:90:1c:5f:83:c0:af:25:32:f3: 9d:1d:27:ec:2b:46:ef:ef:2a:20:38:cf:9b:c0:6d:38:c8:fd: 91:dc:8d:9c:cf:6a:c2:57:e2:dc:e3:84:e4:5d:1e:32:6b:81: b2:de:e1:01:28:6f:5d:f8:cb:b9:3f:7b:ff:8c:ad:00:b4:e8: 1d:a6:84:a5:fe:0a:31:3a:0d:64:6e:4f:60:52:36:1f:61:cb: 80:2f:1f:17:fe:ce:d4:92:ac:14:01:78:5e:ab:76:ea:2c:a9: 7d:af:93:5d -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt4NI3+K3gAF2jiVtukISw+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0NDc4MTNjZTUyYTgyM2VhMWVmYzlhMGY0OTMzYzVkMzM1 M2VlMmIwHhcNMjYwMTAxMDYxNzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZTNkNjZmN2RiNGZjMmI3MzFjOTNlODEwYzkxODlkYzJiYTA5MDg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2H/3I+Fx9THaecDIs8cgwzem5Ok2 BvvdOjKRkEcIipGzDUIuqbqPzFp0lylpjgll2SeNjBBLdrk+bwCScOILqEJBhqGL PKgW2lcxiRkGeuREe1cv0nMlsq+/CnidouxG4GUzWgJSKy0F1N8mq31umhBQ3adE M+137qB6LTcF2+ZsrR47MHZy7pNrXz8Hvw5HC/TWrYcymJS3XUlMi3MXnG/jYVdZ czyMTnhi625n7WDya0+/iGTIOaC6N6/rATlxKr0MJRBhGsw37I3hU73Eo7hkf2Gz SPBz/6QghVsZP/5+QTx//n/uGkgPpUw5gHcrbgHpjStEFuhQEmG1KPi0PwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFM49ZvfbT8K3Mck+gQyRidwroJCEMB8GA1UdIwQY MBaAFNRHgTzlKoI+oe/JoPSTPF0zU+4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUVlQlBPVXFnajZoNzhtZzlKTThYVE5UN2lzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9mYTc3ZDMtY2VkYi00NTlkLTk1Y2Yt ZGM3ZTEyNmNhMjM0LzEvemoxbTk5dFB3cmN4eVQ2QkRKR0ozQ3Vna0lRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy9mYTc3ZDMtY2VkYi00NTlkLTk1Y2YtZGM3ZTEyNmNhMjM0 LzEvMUVlQlBPVXFnajZoNzhtZzlKTThYVE5UN2lzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwpPTMA0E AgACMAcDBQAqEmbGMA0GCSqGSIb3DQEBCwUAA4IBAQAJJ65NDrlmFYirwG8nnaD9 JIUePlSipK1yKi3Zgsu40VEZVbZFGdNk4USBhwMCGRiwyTUfGfMw/ftb8Qr0CNMZ 4XnhRQAGzIfXpbMbFZTK2FqNP7/Xdc85k9XpRkpM8trkK8pp+0zUAFz6S0F8EA9b 7JD21vAr4MKhm1U0lLFtwJ1mNtjNcq7pfwsq1TWVqGkIyD09SC3yrdiQHF+DwK8l MvOdHSfsK0bv7yogOM+bwG04yP2R3I2cz2rCV+Lc44TkXR4ya4Gy3uEBKG9d+Mu5 P3v/jK0AtOgdpoSl/goxOg1kbk9gUjYfYcuALx8X/s7UkqwUAXheq3bqLKl9r5Nd -----END CERTIFICATE-----Generated at Mon Jan 26 08:39:01 2026 by rpki-client