This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/ZxfrRJ42N864fqoCGNdV8e5sGH4.roa File: ZxfrRJ42N864fqoCGNdV8e5sGH4.roa (raw, json) Hash identifier: hdsEdW8ToiHQHARxlx1C3Kc+KZwbcjjygYM8OziO6pU= Subject key identifier: 67:17:EB:44:9E:36:37:CE:B8:7E:AA:02:18:D7:55:F1:EE:6C:18:7E Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da Certificate serial: 019B7E37C8A3F66D45F63D8543847CC90AB9 Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/ZxfrRJ42N864fqoCGNdV8e5sGH4.roa Signing time: Fri 02 Jan 2026 10:19:03 +0000 ROA not before: Fri 02 Jan 2026 10:19:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210558 IP address blocks: 124.198.131.0/24 maxlen: 24 124.198.132.0/24 maxlen: 24 203.188.171.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 24 Jan 2026 00:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:c8:a3:f6:6d:45:f6:3d:85:43:84:7c:c9:0a:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da Validity Not Before: Jan 2 10:19:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6717eb449e3637ceb87eaa0218d755f1ee6c187e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:c6:06:47:c2:f5:bc:50:03:45:2b:6f:23:be: 65:d1:d1:c0:87:c1:46:cf:89:df:5b:39:2c:08:6f: 40:ba:83:33:f4:dd:66:74:33:f3:2a:14:44:b5:9b: fd:3c:55:3a:84:91:6b:7d:34:e1:16:d6:e1:1b:36: c8:f2:be:c4:db:03:a2:8a:ac:06:fd:7d:ad:6e:ab: 2f:48:33:b9:5d:4f:65:59:57:bb:04:7e:b8:8b:63: 89:06:b4:31:d8:83:a7:d4:8f:33:9c:6a:2b:fa:a9: 46:b2:5f:7f:71:c7:d6:61:b7:e9:fd:51:e5:2f:25: 39:db:30:34:8e:7b:82:eb:29:3c:5a:24:8b:9d:c0: 82:d1:34:86:3d:28:5a:d2:59:03:6d:f1:e3:b8:7f: 36:49:5b:a2:9e:17:42:dc:8e:78:34:a8:8b:00:42: b8:8a:99:31:27:2a:c1:6c:1e:a0:c6:13:e0:cb:5a: 55:b1:fe:9a:97:7d:2f:c7:69:09:7d:25:a7:1b:58: 59:3f:e0:df:2f:d3:e8:0c:41:44:48:b7:65:78:76: b7:ab:23:17:62:b0:8e:81:90:03:d1:43:59:e1:3d: 7a:a5:0f:89:bc:24:97:95:04:2c:66:55:cf:d2:2d: d2:db:26:b3:f4:72:9c:a0:2d:67:b5:4e:fc:70:ba: 04:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:17:EB:44:9E:36:37:CE:B8:7E:AA:02:18:D7:55:F1:EE:6C:18:7E X509v3 Authority Key Identifier: keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/ZxfrRJ42N864fqoCGNdV8e5sGH4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 124.198.131.0-124.198.132.255 203.188.171.0/24 Signature Algorithm: sha256WithRSAEncryption 09:c6:2e:4d:5d:7e:74:7e:82:7f:b0:3d:22:4e:82:64:75:3d: 22:d9:e4:c6:db:b0:45:3d:42:60:db:a2:0c:d5:2a:f4:2f:4b: c2:f6:88:dd:0e:a3:2c:5f:dc:c2:0e:81:c8:9d:b2:fe:4b:f2: ff:42:e3:a8:be:b0:77:6c:7e:34:4d:bb:86:05:2b:e2:82:3e: 97:29:5b:6d:7c:d2:cc:51:fb:de:6f:e2:3b:ad:cd:51:65:90: 9b:91:05:1d:ba:7a:ec:1c:3a:54:23:2c:e8:ad:89:d4:27:78: 69:64:c2:6c:2a:88:36:6b:99:b4:60:c6:64:c4:e8:40:83:d4: 71:cd:a7:e2:7d:a3:be:06:a8:6a:7a:73:95:f4:59:1f:b0:b3: 2f:27:34:b2:4e:c9:96:83:e1:d1:54:f0:bd:ba:5f:82:fa:ba: 59:26:7e:30:2c:02:77:b3:9c:15:87:0b:ea:1b:d0:1e:0f:aa: 11:30:af:e9:ca:85:ba:60:8e:fe:f0:e0:59:70:ea:c9:dc:4c: 25:4c:59:ff:ea:6e:7b:d1:b0:74:be:57:63:d4:10:8f:d7:ed: 51:ec:f2:00:2e:23:13:38:94:f2:5b:df:ad:f6:35:3d:b9:88: bd:63:10:6c:d0:d0:d2:41:b4:a1:13:a3:bc:27:71:fd:59:54: fd:b9:8e:be -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt+N8ij9m1F9j2FQ4R8yQq5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5 NTkyZGEwHhcNMjYwMTAyMTAxOTAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NzE3ZWI0NDllMzYzN2NlYjg3ZWFhMDIxOGQ3NTVmMWVlNmMxODdlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4MYGR8L1vFADRStvI75l0dHAh8FG z4nfWzksCG9AuoMz9N1mdDPzKhREtZv9PFU6hJFrfTThFtbhGzbI8r7E2wOiiqwG /X2tbqsvSDO5XU9lWVe7BH64i2OJBrQx2IOn1I8znGor+qlGsl9/ccfWYbfp/VHl LyU52zA0jnuC6yk8WiSLncCC0TSGPSha0lkDbfHjuH82SVuinhdC3I54NKiLAEK4 ipkxJyrBbB6gxhPgy1pVsf6al30vx2kJfSWnG1hZP+DfL9PoDEFESLdleHa3qyMX YrCOgZAD0UNZ4T16pQ+JvCSXlQQsZlXP0i3S2yaz9HKcoC1ntU78cLoEFQIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFGcX60SeNjfOuH6qAhjXVfHubBh+MB8GA1UdIwQY MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt ZjVmYjcxYjlhNTFmLzEvWnhmclJKNDJOODY0ZnFvQ0dOZFY4ZTVzR0g0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAB8xoMD BAB8xoQDBADLvKswDQYJKoZIhvcNAQELBQADggEBAAnGLk1dfnR+gn+wPSJOgmR1 PSLZ5MbbsEU9QmDbogzVKvQvS8L2iN0Ooyxf3MIOgcidsv5L8v9C46i+sHdsfjRN u4YFK+KCPpcpW2180sxR+95v4jutzVFlkJuRBR26euwcOlQjLOitidQneGlkwmwq iDZrmbRgxmTE6ECD1HHNp+J9o74GqGp6c5X0WR+wsy8nNLJOyZaD4dFU8L26X4L6 ulkmfjAsAneznBWHC+ob0B4PqhEwr+nKhbpgjv7w4Flw6sncTCVMWf/qbnvRsHS+ V2PUEI/X7VHs8gAuIxM4lPJb3632NT25iL1jEGzQ0NJBtKETo7wncf1ZVP25jr4= -----END CERTIFICATE-----Generated at Fri Jan 23 04:39:10 2026 by rpki-client