This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/zGFidJVxuTu9KH5b4d3VGZTYegM.roa File: zGFidJVxuTu9KH5b4d3VGZTYegM.roa (raw, json) Hash identifier: Ji3FtAcnoNG7mxNcTUoEkVEyW2JerxSrWG66UXu8Ptg= Subject key identifier: CC:61:62:74:95:71:B9:3B:BD:28:7E:5B:E1:DD:D5:19:94:D8:7A:03 Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b Certificate serial: 019B783444D534458EEBA8FE2940C5D794AF Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/zGFidJVxuTu9KH5b4d3VGZTYegM.roa Signing time: Thu 01 Jan 2026 06:17:29 +0000 ROA not before: Thu 01 Jan 2026 06:17:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8434 IP address blocks: 192.36.37.0/24 maxlen: 24 192.71.97.0/24 maxlen: 24 192.71.158.0/24 maxlen: 24 192.121.21.0/24 maxlen: 24 192.121.172.0/24 maxlen: 24 192.121.192.0/24 maxlen: 24 192.165.65.0/24 maxlen: 24 192.165.86.0/24 maxlen: 24 192.176.161.0/24 maxlen: 24 193.180.61.0/24 maxlen: 24 193.181.0.0/24 maxlen: 24 193.181.187.0/24 maxlen: 24 193.183.3.0/24 maxlen: 24 193.183.118.0/24 maxlen: 24 193.234.68.0/23 maxlen: 23 193.234.220.0/23 maxlen: 23 193.234.237.0/24 maxlen: 24 193.235.142.0/23 maxlen: 24 194.14.129.0/24 maxlen: 24 194.14.212.0/24 maxlen: 24 194.68.56.0/23 maxlen: 23 194.68.99.0/24 maxlen: 24 194.68.126.0/24 maxlen: 24 194.68.194.0/23 maxlen: 23 194.71.27.0/24 maxlen: 24 194.71.83.0/24 maxlen: 24 194.71.140.0/23 maxlen: 23 194.71.168.0/24 maxlen: 24 194.103.50.0/24 maxlen: 24 194.132.108.0/23 maxlen: 24 194.132.174.0/24 maxlen: 24 194.132.175.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 05:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:44:d5:34:45:8e:eb:a8:fe:29:40:c5:d7:94:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b Validity Not Before: Jan 1 06:17:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cc6162749571b93bbd287e5be1ddd51994d87a03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:5c:eb:d9:34:6b:aa:a5:ef:ae:d9:e7:72:c8: dd:07:b2:c4:40:08:d2:e4:26:65:07:4b:ef:90:23: dc:b9:56:a5:3c:43:87:51:b2:69:f0:68:4b:8a:00: 8d:11:3f:1c:61:ee:f2:d5:37:c8:d6:fa:c6:51:bc: 2c:65:ba:41:84:17:a3:78:86:54:22:20:03:e8:18: 9c:ed:64:83:b8:31:82:6d:4e:a0:94:92:b1:28:bc: de:63:4c:b4:cb:f3:8d:c7:d4:ee:8a:45:dd:d3:ca: 63:e7:6c:e8:65:67:74:07:54:55:34:a5:75:a0:a8: 75:23:7e:9d:0d:d7:b2:62:96:53:82:20:85:df:28: ac:f7:a0:b9:aa:69:13:26:99:44:6a:84:ee:19:28: 4d:71:73:a2:81:41:5d:79:96:40:d9:e0:56:44:07: a5:6a:7e:5b:9b:9c:f2:bc:4f:ef:09:c9:8f:aa:85: c7:60:93:89:f6:67:50:51:33:e1:6c:39:62:85:00: 1d:f8:e0:52:95:3e:e1:4b:48:5d:43:79:ee:dd:e1: 2a:36:ff:f9:49:2d:44:15:85:2f:1a:f7:8c:cc:70: 11:d7:b2:7b:5e:ab:12:49:62:b1:79:8f:67:29:c7: 05:76:1a:b9:de:cc:57:0b:2e:96:d2:e1:75:9c:fd: ff:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:61:62:74:95:71:B9:3B:BD:28:7E:5B:E1:DD:D5:19:94:D8:7A:03 X509v3 Authority Key Identifier: keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/zGFidJVxuTu9KH5b4d3VGZTYegM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.36.37.0/24 192.71.97.0/24 192.71.158.0/24 192.121.21.0/24 192.121.172.0/24 192.121.192.0/24 192.165.65.0/24 192.165.86.0/24 192.176.161.0/24 193.180.61.0/24 193.181.0.0/24 193.181.187.0/24 193.183.3.0/24 193.183.118.0/24 193.234.68.0/23 193.234.220.0/23 193.234.237.0/24 193.235.142.0/23 194.14.129.0/24 194.14.212.0/24 194.68.56.0/23 194.68.99.0/24 194.68.126.0/24 194.68.194.0/23 194.71.27.0/24 194.71.83.0/24 194.71.140.0/23 194.71.168.0/24 194.103.50.0/24 194.132.108.0/23 194.132.174.0/23 Signature Algorithm: sha256WithRSAEncryption c4:19:18:ef:9c:9d:3d:a7:0a:25:5a:7b:60:70:ec:5b:6c:a9: 7c:79:8f:2f:8c:e4:8b:42:ea:2b:ab:45:2a:f7:11:6e:de:31: 6c:db:ee:21:ea:aa:49:73:5c:36:67:f5:af:2f:05:0a:67:7e: e3:3a:95:01:87:8f:2d:d8:1d:f0:96:62:bd:0c:11:08:6c:ab: 34:13:1a:3a:ea:a7:47:25:d5:74:86:9f:de:76:5f:68:78:e1: 9a:20:c6:ac:4a:0c:52:ee:7f:2c:17:9e:88:c6:98:f2:3a:d8: 69:41:e6:f7:4d:a3:97:f5:af:0c:0e:1c:c6:96:90:24:cf:ef: cc:c5:2d:de:3b:46:b1:d1:4e:11:63:39:15:a0:29:e2:92:d7: 8d:ab:dc:86:fd:d7:81:54:7b:79:35:b2:d9:8e:81:90:49:a1: 3d:05:32:fc:64:07:86:8d:0e:60:7b:c7:88:b0:07:18:ba:0e: cf:41:8f:c8:a2:f3:c7:12:e2:ad:d2:6e:5d:28:87:53:cb:6b: a9:d9:02:c9:2c:f9:e1:57:db:af:d4:ce:b9:74:b6:47:c6:ca: f5:c4:b4:d2:16:13:f3:1a:1b:b5:52:a2:76:fe:92:50:15:cf: 2e:59:24:b4:8d:96:fe:43:9b:db:ff:1b:0f:1c:85:9a:f9:d4: 01:ce:1b:9e -----BEGIN CERTIFICATE----- MIIFtjCCBJ6gAwIBAgISAZt4NETVNEWO66j+KUDF15SvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh ZGFmMWIwHhcNMjYwMTAxMDYxNzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYzYxNjI3NDk1NzFiOTNiYmQyODdlNWJlMWRkZDUxOTk0ZDg3YTAzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFzr2TRrqqXvrtnncsjdB7LEQAjS 5CZlB0vvkCPcuValPEOHUbJp8GhLigCNET8cYe7y1TfI1vrGUbwsZbpBhBejeIZU IiAD6Bic7WSDuDGCbU6glJKxKLzeY0y0y/ONx9TuikXd08pj52zoZWd0B1RVNKV1 oKh1I36dDdeyYpZTgiCF3yis96C5qmkTJplEaoTuGShNcXOigUFdeZZA2eBWRAel an5bm5zyvE/vCcmPqoXHYJOJ9mdQUTPhbDlihQAd+OBSlT7hS0hdQ3nu3eEqNv/5 SS1EFYUvGveMzHAR17J7XqsSSWKxeY9nKccFdhq53sxXCy6W0uF1nP3/TQIDAQAB o4ICwjCCAr4wHQYDVR0OBBYEFMxhYnSVcbk7vSh+W+Hd1RmU2HoDMB8GA1UdIwQY MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt OTQzZDAzMzIxMzI2LzEvekdGaWRKVnh1VHU5S0g1YjRkM1ZHWlRZZWdNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2 LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHXBggrBgEFBQcBBwEB/wSBxzCBxDCBwQQCAAEwgboDBADA JCUDBADAR2EDBADAR54DBADAeRUDBADAeawDBADAecADBADApUEDBADApVYDBADA sKEDBADBtD0DBADBtQADBADBtbsDBADBtwMDBADBt3YDBAHB6kQDBAHB6twDBADB 6u0DBAHB644DBADCDoEDBADCDtQDBAHCRDgDBADCRGMDBADCRH4DBAHCRMIDBADC RxsDBADCR1MDBAHCR4wDBADCR6gDBADCZzIDBAHChGwDBAHChK4wDQYJKoZIhvcN AQELBQADggEBAMQZGO+cnT2nCiVae2Bw7FtsqXx5jy+M5ItC6iurRSr3EW7eMWzb 7iHqqklzXDZn9a8vBQpnfuM6lQGHjy3YHfCWYr0MEQhsqzQTGjrqp0cl1XSGn952 X2h44ZogxqxKDFLufywXnojGmPI62GlB5vdNo5f1rwwOHMaWkCTP78zFLd47RrHR ThFjORWgKeKS142r3Ib914FUe3k1stmOgZBJoT0FMvxkB4aNDmB7x4iwBxi6Ds9B j8ii88cS4q3Sbl0oh1PLa6nZAsks+eFX26/Uzrl0tkfGyvXEtNIWE/MaG7VSonb+ klAVzy5ZJLSNlv5Dm9v/Gw8chZr51AHOG54= -----END CERTIFICATE-----Generated at Sun Jan 25 15:01:35 2026 by rpki-client