This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/600789-d71d-4968-8ba9-afb7e8e730cc/1/PZKZVJbLIiC-nyKzbha8Q1plbB0.roa File: PZKZVJbLIiC-nyKzbha8Q1plbB0.roa (raw, json) Hash identifier: OGaxQzQU67t4LsOvlqtFqnosSDCkJ4cDH47PaItpnpE= Subject key identifier: 3D:92:99:54:96:CB:22:20:BE:9F:22:B3:6E:16:BC:43:5A:65:6C:1D Certificate issuer: /CN=a08c296a9fe5a6051582e5ade4754985f6f11b31 Certificate serial: 019BD72FF003D77D5F148C26800795D9AA66 Authority key identifier: A0:8C:29:6A:9F:E5:A6:05:15:82:E5:AD:E4:75:49:85:F6:F1:1B:31 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oIwpap_lpgUVguWt5HVJhfbxGzE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/600789-d71d-4968-8ba9-afb7e8e730cc/1/PZKZVJbLIiC-nyKzbha8Q1plbB0.roa Signing time: Mon 19 Jan 2026 16:56:41 +0000 ROA not before: Mon 19 Jan 2026 16:56:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39686 IP address blocks: 91.198.203.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/600789-d71d-4968-8ba9-afb7e8e730cc/1/oIwpap_lpgUVguWt5HVJhfbxGzE.crl rsync://rpki.ripe.net/repository/DEFAULT/f4/600789-d71d-4968-8ba9-afb7e8e730cc/1/oIwpap_lpgUVguWt5HVJhfbxGzE.mft rsync://rpki.ripe.net/repository/DEFAULT/oIwpap_lpgUVguWt5HVJhfbxGzE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:d7:2f:f0:03:d7:7d:5f:14:8c:26:80:07:95:d9:aa:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a08c296a9fe5a6051582e5ade4754985f6f11b31 Validity Not Before: Jan 19 16:56:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3d92995496cb2220be9f22b36e16bc435a656c1d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:11:0f:76:0d:9a:c7:54:16:77:3f:0c:b2:c6: 18:fd:d6:54:64:64:9a:6c:10:02:48:69:ae:46:c8: 97:ea:b2:a5:f6:da:18:98:34:0f:89:b1:32:61:de: 51:48:aa:69:68:a0:80:c8:fc:e2:cd:55:18:ac:a3: e5:f2:b8:ed:64:82:75:ba:bb:34:07:86:9e:87:7e: 49:39:5c:83:c2:fc:79:09:d5:3c:d6:4e:68:ea:3a: 34:52:1a:a1:76:f1:fe:4e:ee:4c:f7:35:44:12:66: 8b:94:85:f2:19:68:07:6b:99:17:51:9d:de:f5:11: bf:62:e3:54:1e:b2:a8:27:1d:3e:de:c8:ad:5d:e7: 2f:42:ee:7e:88:26:5a:34:d0:c9:41:7d:34:25:15: 0a:92:85:72:8c:81:cc:b2:6f:74:db:2d:5e:fc:87: 6a:bd:8c:50:14:d2:b4:22:bc:a8:1a:0c:34:41:45: 0c:12:a5:6a:cf:32:d1:db:d1:30:2a:a1:fa:25:27: 65:cc:78:e2:ad:ad:94:c0:28:1b:d6:15:cd:6f:ac: 27:fc:f2:44:1b:12:d9:7c:ea:62:5b:60:55:f4:42: 2f:46:79:8f:62:6a:2d:a6:82:f6:0d:5f:0c:22:f1: e7:0b:bb:76:68:82:b4:6e:a8:df:54:90:f2:61:a5: 3e:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:92:99:54:96:CB:22:20:BE:9F:22:B3:6E:16:BC:43:5A:65:6C:1D X509v3 Authority Key Identifier: keyid:A0:8C:29:6A:9F:E5:A6:05:15:82:E5:AD:E4:75:49:85:F6:F1:1B:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oIwpap_lpgUVguWt5HVJhfbxGzE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/600789-d71d-4968-8ba9-afb7e8e730cc/1/PZKZVJbLIiC-nyKzbha8Q1plbB0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/600789-d71d-4968-8ba9-afb7e8e730cc/1/oIwpap_lpgUVguWt5HVJhfbxGzE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.198.203.0/24 Signature Algorithm: sha256WithRSAEncryption ab:c5:26:40:85:c7:d7:54:c4:64:6d:2a:c3:1d:7c:db:ec:69: 9b:28:ef:7e:69:e2:27:5c:be:ef:11:54:25:b9:39:a5:82:5d: 0e:06:44:a0:14:03:75:d1:23:fd:2f:04:12:ec:53:a5:1c:44: 3d:51:7e:bc:08:de:15:2c:21:22:36:21:67:8b:17:ef:15:11: e3:2e:0a:62:4c:b4:16:62:ed:55:37:75:41:0e:01:c8:3c:69: 74:d9:93:ff:ad:5b:e8:e2:7d:f0:92:28:d6:86:f5:1e:2d:7d: 20:18:00:3d:6c:36:1b:00:74:b4:2f:ff:13:95:24:5b:78:7a: 67:30:a0:d0:6c:5c:f9:79:99:32:d7:71:8a:55:6a:b9:74:56: 48:45:75:97:3f:4e:32:fc:18:6b:b9:20:69:fe:75:66:dd:06: b4:ff:1f:0d:d9:a5:61:e1:64:84:83:b5:31:19:99:9b:c9:c5: 6e:31:27:d0:80:3b:bd:60:51:d5:e6:89:7f:0b:c3:8e:07:5a: 22:ca:79:93:02:eb:24:a4:cb:49:e9:14:bb:15:8d:b3:7a:c6: 03:ba:f6:a1:d3:66:80:87:f2:de:cc:98:30:e9:3f:bc:ea:2b: 5d:d1:84:79:09:0e:7a:99:62:ff:aa:b4:b0:b5:5c:13:0f:38: f6:f0:7a:53 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZvXL/AD131fFIwmgAeV2apmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwOGMyOTZhOWZlNWE2MDUxNTgyZTVhZGU0NzU0OTg1ZjZm MTFiMzEwHhcNMjYwMTE5MTY1NjQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZDkyOTk1NDk2Y2IyMjIwYmU5ZjIyYjM2ZTE2YmM0MzVhNjU2YzFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0hEPdg2ax1QWdz8MssYY/dZUZGSa bBACSGmuRsiX6rKl9toYmDQPibEyYd5RSKppaKCAyPzizVUYrKPl8rjtZIJ1urs0 B4aeh35JOVyDwvx5CdU81k5o6jo0UhqhdvH+Tu5M9zVEEmaLlIXyGWgHa5kXUZ3e 9RG/YuNUHrKoJx0+3sitXecvQu5+iCZaNNDJQX00JRUKkoVyjIHMsm902y1e/Idq vYxQFNK0IryoGgw0QUUMEqVqzzLR29EwKqH6JSdlzHjira2UwCgb1hXNb6wn/PJE GxLZfOpiW2BV9EIvRnmPYmotpoL2DV8MIvHnC7t2aIK0bqjfVJDyYaU+2wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFD2SmVSWyyIgvp8is24WvENaZWwdMB8GA1UdIwQY MBaAFKCMKWqf5aYFFYLlreR1SYX28RsxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0l3cGFwX2xwZ1VWZ3VXdDVIVkpoZmJ4R3pFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82MDA3ODktZDcxZC00OTY4LThiYTkt YWZiN2U4ZTczMGNjLzEvUFpLWlZKYkxJaUMtbnlLemJoYThRMXBsYkIwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNC82MDA3ODktZDcxZC00OTY4LThiYTktYWZiN2U4ZTczMGNj LzEvb0l3cGFwX2xwZ1VWZ3VXdDVIVkpoZmJ4R3pFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8bLMA0G CSqGSIb3DQEBCwUAA4IBAQCrxSZAhcfXVMRkbSrDHXzb7GmbKO9+aeInXL7vEVQl uTmlgl0OBkSgFAN10SP9LwQS7FOlHEQ9UX68CN4VLCEiNiFnixfvFRHjLgpiTLQW Yu1VN3VBDgHIPGl02ZP/rVvo4n3wkijWhvUeLX0gGAA9bDYbAHS0L/8TlSRbeHpn MKDQbFz5eZky13GKVWq5dFZIRXWXP04y/BhruSBp/nVm3Qa0/x8N2aVh4WSEg7Ux GZmbycVuMSfQgDu9YFHV5ol/C8OOB1oiynmTAuskpMtJ6RS7FY2zesYDuvah02aA h/LezJgw6T+86itd0YR5CQ56mWL/qrSwtVwTDzj28HpT -----END CERTIFICATE-----Generated at Sun Jan 25 17:22:16 2026 by rpki-client