This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/z2kZxAf0sstSr43Tliv-9wcbn9Y.roa File: z2kZxAf0sstSr43Tliv-9wcbn9Y.roa (raw, json) Hash identifier: 5Lr5045ZBArfMH8wAePGwKZYSNE38nbZ3QRnd+6wX20= Subject key identifier: CF:69:19:C4:07:F4:B2:CB:52:AF:8D:D3:96:2B:FE:F7:07:1B:9F:D6 Certificate issuer: /CN=411dea53467b6c7143eb23d284569a8183b2e82f Certificate serial: 019B7B364C95091D84CB3ABA556C2CD33ADD Authority key identifier: 41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/z2kZxAf0sstSr43Tliv-9wcbn9Y.roa Signing time: Thu 01 Jan 2026 20:18:34 +0000 ROA not before: Thu 01 Jan 2026 20:18:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49915 IP address blocks: 84.239.18.0/24 maxlen: 24 84.239.30.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.mft rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:4c:95:09:1d:84:cb:3a:ba:55:6c:2c:d3:3a:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=411dea53467b6c7143eb23d284569a8183b2e82f Validity Not Before: Jan 1 20:18:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cf6919c407f4b2cb52af8dd3962bfef7071b9fd6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:16:7d:d1:87:9c:58:2e:4c:c1:ab:ad:5c:fa: c3:d7:aa:df:d5:fd:5c:4f:3e:d4:b1:7d:7b:e1:cc: f5:84:cf:a6:46:e4:95:b2:66:2b:34:7b:32:c8:41: 8c:de:12:bf:67:79:5d:87:e1:a5:dd:5c:8c:53:fd: af:8f:da:fe:9a:fe:5e:c5:28:07:28:ae:b6:f6:87: 92:57:0a:bb:cc:43:2b:fb:77:01:0e:f7:5e:0f:4b: a3:e6:42:46:0c:8e:ab:cd:af:4f:9d:90:dd:1e:51: 7c:b1:92:28:e1:be:82:ea:f9:b3:59:32:b2:05:69: 88:67:65:e7:e3:d3:f5:16:e9:ad:89:cc:5b:ea:9a: 37:34:1c:4b:d7:ae:8d:ce:bd:f7:79:ca:86:69:d3: ca:55:56:c1:b7:d7:76:ca:69:ea:cc:6f:0c:b3:7a: 13:28:d3:13:d2:92:9c:50:42:04:f5:e9:81:64:0c: 51:60:85:f4:2d:d1:51:64:0b:51:65:60:75:a9:c2: 17:55:ac:bc:47:37:f6:4e:60:b2:b3:04:5d:1e:6f: b6:0a:61:4e:f1:ed:82:b1:a4:c8:91:2a:77:d6:dc: 75:0c:29:a0:58:2c:47:76:21:cd:c2:73:93:11:92: f7:91:c0:b4:5f:7e:cf:24:e4:c1:26:73:1f:ac:a1: 17:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:69:19:C4:07:F4:B2:CB:52:AF:8D:D3:96:2B:FE:F7:07:1B:9F:D6 X509v3 Authority Key Identifier: keyid:41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/z2kZxAf0sstSr43Tliv-9wcbn9Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 84.239.18.0/24 84.239.30.0/24 Signature Algorithm: sha256WithRSAEncryption 30:78:24:b8:1b:f0:8e:2c:c7:20:f9:91:82:55:51:0d:5c:22: cc:60:35:c6:04:53:d7:9a:68:60:0b:c1:c4:3c:92:0c:e7:2c: c8:2c:17:af:d7:34:3f:63:18:69:92:c4:76:37:63:48:f2:2d: 94:d8:fd:86:62:7b:84:cf:89:d6:ee:1e:ec:7c:98:d0:f4:e1: d3:15:8c:e8:0d:60:75:71:f5:23:56:88:4c:92:90:30:96:0e: 0c:86:37:c0:d5:a3:86:26:5b:43:6b:f6:30:d8:33:08:24:82: 5a:9e:0f:a4:14:b1:20:d5:11:f8:cb:c1:f7:3e:ac:cc:92:d7: 1c:b2:0d:da:9d:c2:df:f5:24:f7:c5:46:00:91:40:88:d2:bf: 51:79:b2:90:7d:49:bd:08:92:68:79:14:e0:c5:2f:39:2b:d0: df:ff:9d:56:2a:ec:88:57:a2:c6:fe:77:8e:c9:93:18:4e:2a: de:85:06:79:25:e3:b8:2d:14:32:b6:49:45:48:25:6c:b0:0a: 20:a5:ca:0b:67:e0:35:1f:38:69:7d:90:e4:4e:aa:ca:af:bd: 51:db:c9:d0:ba:09:d0:f6:a8:75:dd:4a:74:a1:38:09:79:ba: a9:aa:0e:fe:a9:f0:ac:67:f8:35:e4:88:47:e8:6a:f6:4d:2c: 9f:e8:d9:2e -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt7NkyVCR2Eyzq6VWws0zrdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxMWRlYTUzNDY3YjZjNzE0M2ViMjNkMjg0NTY5YTgxODNi MmU4MmYwHhcNMjYwMTAxMjAxODM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZjY5MTljNDA3ZjRiMmNiNTJhZjhkZDM5NjJiZmVmNzA3MWI5ZmQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhZ90YecWC5MwautXPrD16rf1f1c Tz7UsX174cz1hM+mRuSVsmYrNHsyyEGM3hK/Z3ldh+Gl3VyMU/2vj9r+mv5exSgH KK629oeSVwq7zEMr+3cBDvdeD0uj5kJGDI6rza9PnZDdHlF8sZIo4b6C6vmzWTKy BWmIZ2Xn49P1Fumticxb6po3NBxL166Nzr33ecqGadPKVVbBt9d2ymnqzG8Ms3oT KNMT0pKcUEIE9emBZAxRYIX0LdFRZAtRZWB1qcIXVay8Rzf2TmCyswRdHm+2CmFO 8e2CsaTIkSp31tx1DCmgWCxHdiHNwnOTEZL3kcC0X37PJOTBJnMfrKEXUwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFM9pGcQH9LLLUq+N05Yr/vcHG5/WMB8GA1UdIwQY MBaAFEEd6lNGe2xxQ+sj0oRWmoGDsugvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEt NDcxMjBiOTA2OWI3LzEvejJrWnhBZjBzc3RTcjQzVGxpdi05d2NibjlZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEtNDcxMjBiOTA2OWI3 LzEvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVO8SAwQA VO8eMA0GCSqGSIb3DQEBCwUAA4IBAQAweCS4G/COLMcg+ZGCVVENXCLMYDXGBFPX mmhgC8HEPJIM5yzILBev1zQ/YxhpksR2N2NI8i2U2P2GYnuEz4nW7h7sfJjQ9OHT FYzoDWB1cfUjVohMkpAwlg4MhjfA1aOGJltDa/Yw2DMIJIJang+kFLEg1RH4y8H3 PqzMktccsg3ancLf9ST3xUYAkUCI0r9RebKQfUm9CJJoeRTgxS85K9Df/51WKuyI V6LG/neOyZMYTirehQZ5JeO4LRQytklFSCVssAogpcoLZ+A1HzhpfZDkTqrKr71R 28nQugnQ9qh13Up0oTgJebqpqg7+qfCsZ/g15IhH6Gr2TSyf6Nku -----END CERTIFICATE-----Generated at Sun Jan 25 16:37:44 2026 by rpki-client