This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/092570-512a-44fa-a4fe-dbca8c31ebc8/1/zmgz5RIVTXxCjLUGHC57LPwTTL8.roa File: zmgz5RIVTXxCjLUGHC57LPwTTL8.roa (raw, json) Hash identifier: xA1x3FAZvSwLZpJ7ksojvpjV1O0X4GhOLfsswPY/tiI= Subject key identifier: CE:68:33:E5:12:15:4D:7C:42:8C:B5:06:1C:2E:7B:2C:FC:13:4C:BF Certificate issuer: /CN=bfd09a87743817c56f8088007a5746eb69ff2e30 Certificate serial: 019B7AC93A33613F2583EDE432D73233394E Authority key identifier: BF:D0:9A:87:74:38:17:C5:6F:80:88:00:7A:57:46:EB:69:FF:2E:30 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v9Cah3Q4F8VvgIgAeldG62n_LjA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/092570-512a-44fa-a4fe-dbca8c31ebc8/1/zmgz5RIVTXxCjLUGHC57LPwTTL8.roa Signing time: Thu 01 Jan 2026 18:19:26 +0000 ROA not before: Thu 01 Jan 2026 18:19:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3302 IP address blocks: 185.82.224.0/22 maxlen: 22 2a05:9540::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/092570-512a-44fa-a4fe-dbca8c31ebc8/1/v9Cah3Q4F8VvgIgAeldG62n_LjA.crl rsync://rpki.ripe.net/repository/DEFAULT/ef/092570-512a-44fa-a4fe-dbca8c31ebc8/1/v9Cah3Q4F8VvgIgAeldG62n_LjA.mft rsync://rpki.ripe.net/repository/DEFAULT/v9Cah3Q4F8VvgIgAeldG62n_LjA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 09:01:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c9:3a:33:61:3f:25:83:ed:e4:32:d7:32:33:39:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bfd09a87743817c56f8088007a5746eb69ff2e30 Validity Not Before: Jan 1 18:19:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ce6833e512154d7c428cb5061c2e7b2cfc134cbf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:3f:ae:b5:65:cd:b6:87:74:1f:1d:f2:fc:8f: f3:2c:9c:a3:3e:ae:d8:57:d1:8b:ee:c4:48:ae:93: 4f:2f:70:03:82:e0:e9:47:94:46:82:be:45:d2:19: 6b:5c:1b:3a:7d:3c:59:79:f3:70:d8:e6:f7:59:c2: 72:95:23:c3:7e:06:2c:0e:53:da:76:08:4c:0f:d7: 60:b0:54:b0:8f:5a:f6:e6:55:96:d5:e7:a1:f9:ce: ff:cb:df:9b:1f:11:e1:6b:ad:7d:3e:32:b4:75:87: 2d:d7:b6:c4:72:1c:29:22:5b:81:69:98:7f:f5:6b: 0d:34:56:81:a6:41:6a:99:28:e5:90:fd:cf:5b:27: bc:da:01:c3:f4:1f:90:a8:91:9e:02:dc:60:4e:3e: 9c:18:b0:29:05:ed:eb:bb:22:35:f9:fc:85:3e:d7: 64:bc:76:f0:f7:57:96:59:eb:6e:e0:55:1d:0a:b9: b7:34:09:d7:09:82:ef:fa:03:ec:53:13:e4:83:46: b8:14:f6:f1:99:30:88:23:36:5a:ed:a7:a0:f4:13: f1:35:c9:fe:33:c0:0a:e3:93:48:30:3a:81:53:8e: 7a:6f:8c:13:48:0e:41:9d:96:59:68:d6:be:e4:34: 28:9c:79:8f:46:40:37:ca:9d:25:d1:68:19:f6:cd: 71:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:68:33:E5:12:15:4D:7C:42:8C:B5:06:1C:2E:7B:2C:FC:13:4C:BF X509v3 Authority Key Identifier: keyid:BF:D0:9A:87:74:38:17:C5:6F:80:88:00:7A:57:46:EB:69:FF:2E:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v9Cah3Q4F8VvgIgAeldG62n_LjA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/092570-512a-44fa-a4fe-dbca8c31ebc8/1/zmgz5RIVTXxCjLUGHC57LPwTTL8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/092570-512a-44fa-a4fe-dbca8c31ebc8/1/v9Cah3Q4F8VvgIgAeldG62n_LjA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.82.224.0/22 IPv6: 2a05:9540::/29 Signature Algorithm: sha256WithRSAEncryption a6:f6:b9:a8:83:e5:44:21:a9:c1:64:81:a6:f7:74:82:35:bc: 21:c5:cf:67:1d:f7:dc:d1:5f:98:bc:9a:71:95:9b:69:7e:5e: 2d:2b:f7:24:14:d9:a7:72:74:e5:69:62:f5:09:c0:38:a2:23: 0b:1e:ab:a8:dd:64:1c:86:5f:f3:d4:fb:36:9d:a5:e4:92:d6: fc:f4:76:f5:c4:1b:ac:0b:0d:af:db:e3:aa:32:5c:e9:9f:dc: 49:c6:dc:e5:a5:72:ba:42:a2:a8:d4:8e:7b:9c:98:eb:41:14: 83:34:87:aa:67:d6:c9:1a:f7:05:50:2c:74:b2:02:2d:1c:7a: 98:15:79:36:54:eb:f2:ea:7a:44:d1:22:57:b2:72:d6:05:14: 25:d0:62:f2:13:42:e4:fc:44:04:a9:0e:5d:1a:40:02:7f:26: cf:14:14:d9:5e:05:6f:82:76:2f:00:dd:cc:6d:27:24:bc:f3: 08:09:c7:f4:b9:e5:7a:45:76:ec:f9:1b:97:77:b3:b1:4f:bb: ae:4f:ad:84:ab:20:d7:5b:0c:ba:2d:00:34:f0:52:20:d3:b1: c0:98:f8:ef:d4:43:da:3d:c6:0d:f3:15:33:8a:89:73:e4:e5: 00:7f:b0:59:70:2d:73:c0:af:a1:b7:c3:2e:7a:e3:4c:95:80: ff:a3:92:31 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt6yTozYT8lg+3kMtcyMzlOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJmZDA5YTg3NzQzODE3YzU2ZjgwODgwMDdhNTc0NmViNjlm ZjJlMzAwHhcNMjYwMTAxMTgxOTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZTY4MzNlNTEyMTU0ZDdjNDI4Y2I1MDYxYzJlN2IyY2ZjMTM0Y2JmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoj+utWXNtod0Hx3y/I/zLJyjPq7Y V9GL7sRIrpNPL3ADguDpR5RGgr5F0hlrXBs6fTxZefNw2Ob3WcJylSPDfgYsDlPa dghMD9dgsFSwj1r25lWW1eeh+c7/y9+bHxHha619PjK0dYct17bEchwpIluBaZh/ 9WsNNFaBpkFqmSjlkP3PWye82gHD9B+QqJGeAtxgTj6cGLApBe3ruyI1+fyFPtdk vHbw91eWWetu4FUdCrm3NAnXCYLv+gPsUxPkg0a4FPbxmTCIIzZa7aeg9BPxNcn+ M8AK45NIMDqBU456b4wTSA5BnZZZaNa+5DQonHmPRkA3yp0l0WgZ9s1xVwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFM5oM+USFU18Qoy1Bhwueyz8E0y/MB8GA1UdIwQY MBaAFL/Qmod0OBfFb4CIAHpXRutp/y4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdjlDYWgzUTRGOFZ2Z0lnQWVsZEc2Mm5fTGpBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8wOTI1NzAtNTEyYS00NGZhLWE0ZmUt ZGJjYThjMzFlYmM4LzEvem1nejVSSVZUWHhDakxVR0hDNTdMUHdUVEw4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZi8wOTI1NzAtNTEyYS00NGZhLWE0ZmUtZGJjYThjMzFlYmM4 LzEvdjlDYWgzUTRGOFZ2Z0lnQWVsZEc2Mm5fTGpBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVLgMA0E AgACMAcDBQMqBZVAMA0GCSqGSIb3DQEBCwUAA4IBAQCm9rmog+VEIanBZIGm93SC Nbwhxc9nHffc0V+YvJpxlZtpfl4tK/ckFNmncnTlaWL1CcA4oiMLHquo3WQchl/z 1Ps2naXkktb89Hb1xBusCw2v2+OqMlzpn9xJxtzlpXK6QqKo1I57nJjrQRSDNIeq Z9bJGvcFUCx0sgItHHqYFXk2VOvy6npE0SJXsnLWBRQl0GLyE0Lk/EQEqQ5dGkAC fybPFBTZXgVvgnYvAN3MbSckvPMICcf0ueV6RXbs+RuXd7OxT7uuT62EqyDXWwy6 LQA08FIg07HAmPjv1EPaPcYN8xUziolz5OUAf7BZcC1zwK+ht8MueuNMlYD/o5Ix -----END CERTIFICATE-----Generated at Sun Jan 25 19:35:29 2026 by rpki-client