This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/Zcg2z_FmMMZv2rKPHV-prkCEEoc.roa File: Zcg2z_FmMMZv2rKPHV-prkCEEoc.roa (raw, json) Hash identifier: Iy4Ah5HraRu4lHUUcID+QrNRdmnn5d0MqDieV9MLnKk= Subject key identifier: 65:C8:36:CF:F1:66:30:C6:6F:DA:B2:8F:1D:5F:A9:AE:40:84:12:87 Certificate issuer: /CN=411dea53467b6c7143eb23d284569a8183b2e82f Certificate serial: 019B7B364C2F7BC59DF7CEEEB92829249B5C Authority key identifier: 41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/Zcg2z_FmMMZv2rKPHV-prkCEEoc.roa Signing time: Thu 01 Jan 2026 20:18:34 +0000 ROA not before: Thu 01 Jan 2026 20:18:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44679 IP address blocks: 84.239.4.0/24 maxlen: 24 84.239.8.0/24 maxlen: 24 84.239.9.0/24 maxlen: 24 84.239.11.0/24 maxlen: 24 84.239.13.0/24 maxlen: 24 84.239.14.0/24 maxlen: 24 84.239.15.0/24 maxlen: 24 84.239.29.0/24 maxlen: 24 84.239.32.0/24 maxlen: 24 84.239.34.0/24 maxlen: 24 84.239.35.0/24 maxlen: 24 84.239.36.0/24 maxlen: 24 84.239.38.0/24 maxlen: 24 84.239.39.0/24 maxlen: 24 84.239.40.0/24 maxlen: 24 84.239.44.0/24 maxlen: 24 84.239.46.0/24 maxlen: 24 84.239.49.0/24 maxlen: 24 84.239.51.0/24 maxlen: 24 84.239.55.0/24 maxlen: 24 84.239.56.0/24 maxlen: 24 84.239.57.0/24 maxlen: 24 84.239.58.0/24 maxlen: 24 84.239.59.0/24 maxlen: 24 185.193.52.0/24 maxlen: 24 185.193.53.0/24 maxlen: 24 185.193.54.0/24 maxlen: 24 185.193.55.0/24 maxlen: 24 2a02:2160:8000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.mft rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:4c:2f:7b:c5:9d:f7:ce:ee:b9:28:29:24:9b:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=411dea53467b6c7143eb23d284569a8183b2e82f Validity Not Before: Jan 1 20:18:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=65c836cff16630c66fdab28f1d5fa9ae40841287 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:8b:3b:43:19:a3:00:a5:63:03:6f:98:b2:c3: 3e:20:04:32:7a:16:8f:7a:5d:3c:79:69:85:74:79: b2:33:e7:a7:a8:6c:a0:a4:1c:c1:7b:49:23:c7:64: 3f:cf:d0:01:a5:da:70:05:86:c0:c7:31:b5:7f:1c: 83:64:23:95:0f:0f:de:a3:66:58:8a:5f:82:e5:c3: 36:3f:6f:26:72:70:90:da:e4:c5:0e:a2:85:51:32: 01:70:bd:c2:aa:4e:14:90:06:e4:66:1b:05:f3:1f: ba:be:5f:7f:18:55:48:80:98:c2:47:02:9e:09:95: a9:a0:ce:78:47:4f:df:9b:0f:63:f4:c2:2b:0d:60: 37:49:dc:85:61:55:c6:41:f1:0d:fd:99:91:35:92: 04:68:e0:b4:55:21:0a:f3:38:75:53:2f:b6:67:d1: 3f:56:e0:fb:f3:eb:f8:1d:83:96:66:58:c0:dd:e4: 02:3a:4b:aa:40:7c:19:33:94:2e:66:6e:b0:5c:40: e9:04:de:e5:b9:1a:56:d6:c5:77:89:5f:34:c0:f6: f6:bb:42:9b:06:a3:e1:00:f7:69:6a:08:2c:8f:9c: 5f:44:e2:e6:0b:25:ed:28:d8:54:df:1e:d2:60:a1: a4:2a:b0:e9:96:12:a3:eb:49:63:1f:f4:b7:db:13: 43:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:C8:36:CF:F1:66:30:C6:6F:DA:B2:8F:1D:5F:A9:AE:40:84:12:87 X509v3 Authority Key Identifier: keyid:41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/Zcg2z_FmMMZv2rKPHV-prkCEEoc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 84.239.4.0/24 84.239.8.0/23 84.239.11.0/24 84.239.13.0-84.239.15.255 84.239.29.0/24 84.239.32.0/24 84.239.34.0-84.239.36.255 84.239.38.0-84.239.40.255 84.239.44.0/24 84.239.46.0/24 84.239.49.0/24 84.239.51.0/24 84.239.55.0-84.239.59.255 185.193.52.0/22 IPv6: 2a02:2160:8000::/36 Signature Algorithm: sha256WithRSAEncryption 7a:3d:c7:58:7d:00:e8:76:e9:ed:5e:85:32:10:0d:3b:8f:3a: 4a:c6:63:f9:d8:76:3e:0d:35:7c:62:5e:67:c8:fb:07:3b:f9: b8:a8:21:e1:33:29:09:72:95:05:73:43:f8:ca:17:a8:1f:17: fe:e5:82:21:ba:3d:33:a4:8f:2d:0d:3b:d0:5d:36:40:d4:bd: e0:16:78:86:99:b7:71:82:ec:af:70:fa:ab:e4:b1:be:1a:6d: c8:a6:35:84:2b:87:28:2a:2c:49:79:3b:b5:e7:53:a0:2f:59: 4c:90:8d:cb:0b:33:68:44:d7:7a:38:2f:9e:60:81:64:7f:d3: 58:f3:b3:2a:c6:dd:2a:0e:b7:fc:7b:0d:cf:5b:11:3b:c2:39: 57:11:44:60:f3:b1:b3:2b:73:07:9f:8e:56:cd:be:a2:90:d4: 91:fa:42:0b:44:b0:4d:67:04:4d:b1:94:c7:28:83:b9:d6:6f: 72:a0:47:c5:fe:d8:c4:5f:27:e6:76:03:68:4c:44:63:11:6b: 45:a5:fc:ea:40:69:90:44:61:5b:3a:cc:91:35:9b:aa:c2:32: bb:6c:ef:33:4c:45:5a:53:f3:8c:fc:1a:d9:d5:24:ab:53:2f: 85:48:f2:67:04:96:16:78:ab:f7:b8:44:e3:0f:6d:31:05:14: cd:91:21:29 -----BEGIN CERTIFICATE----- MIIFfjCCBGagAwIBAgISAZt7Nkwve8Wd987uuSgpJJtcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxMWRlYTUzNDY3YjZjNzE0M2ViMjNkMjg0NTY5YTgxODNi MmU4MmYwHhcNMjYwMTAxMjAxODM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NWM4MzZjZmYxNjYzMGM2NmZkYWIyOGYxZDVmYTlhZTQwODQxMjg3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwos7QxmjAKVjA2+YssM+IAQyehaP el08eWmFdHmyM+enqGygpBzBe0kjx2Q/z9ABpdpwBYbAxzG1fxyDZCOVDw/eo2ZY il+C5cM2P28mcnCQ2uTFDqKFUTIBcL3Cqk4UkAbkZhsF8x+6vl9/GFVIgJjCRwKe CZWpoM54R0/fmw9j9MIrDWA3SdyFYVXGQfEN/ZmRNZIEaOC0VSEK8zh1Uy+2Z9E/ VuD78+v4HYOWZljA3eQCOkuqQHwZM5QuZm6wXEDpBN7luRpW1sV3iV80wPb2u0Kb BqPhAPdpaggsj5xfROLmCyXtKNhU3x7SYKGkKrDplhKj60ljH/S32xNDJQIDAQAB o4ICijCCAoYwHQYDVR0OBBYEFGXINs/xZjDGb9qyjx1fqa5AhBKHMB8GA1UdIwQY MBaAFEEd6lNGe2xxQ+sj0oRWmoGDsugvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEt NDcxMjBiOTA2OWI3LzEvWmNnMnpfRm1NTVp2MnJLUEhWLXBya0NFRW9jLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEtNDcxMjBiOTA2OWI3 LzEvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDB6BAIAATB0AwQAVO8E AwQBVO8IAwQAVO8LMAwDBABU7w0DBARU7wADBABU7x0DBABU7yAwDAMEAVTvIgME AFTvJDAMAwQBVO8mAwQAVO8oAwQAVO8sAwQAVO8uAwQAVO8xAwQAVO8zMAwDBABU 7zcDBAJU7zgDBAK5wTQwDgQCAAIwCAMGBCoCIWCAMA0GCSqGSIb3DQEBCwUAA4IB AQB6PcdYfQDoduntXoUyEA07jzpKxmP52HY+DTV8Yl5nyPsHO/m4qCHhMykJcpUF c0P4yheoHxf+5YIhuj0zpI8tDTvQXTZA1L3gFniGmbdxguyvcPqr5LG+Gm3IpjWE K4coKixJeTu151OgL1lMkI3LCzNoRNd6OC+eYIFkf9NY87Mqxt0qDrf8ew3PWxE7 wjlXEURg87GzK3MHn45Wzb6ikNSR+kILRLBNZwRNsZTHKIO51m9yoEfF/tjEXyfm dgNoTERjEWtFpfzqQGmQRGFbOsyRNZuqwjK7bO8zTEVaU/OM/BrZ1SSrUy+FSPJn BJYWeKv3uETjD20xBRTNkSEp -----END CERTIFICATE-----Generated at Sun Jan 25 22:49:41 2026 by rpki-client