This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/cd97cc-ce2b-4264-9e79-c8f9be7d19df/1/ZpiZYChv03XcXjWFsXMCV1QM0HU.roa File: ZpiZYChv03XcXjWFsXMCV1QM0HU.roa (raw, json) Hash identifier: wmoSAUcGUPypcaj5YjtRFn3oVWGJ3KsONwwVdodfB08= Subject key identifier: 66:98:99:60:28:6F:D3:75:DC:5E:35:85:B1:73:02:57:54:0C:D0:75 Certificate issuer: /CN=8e3f1663996be1707611fdce1ddea8920dd398a3 Certificate serial: 019B7B3578D146793C80058191F2E98C4751 Authority key identifier: 8E:3F:16:63:99:6B:E1:70:76:11:FD:CE:1D:DE:A8:92:0D:D3:98:A3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jj8WY5lr4XB2Ef3OHd6okg3TmKM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/cd97cc-ce2b-4264-9e79-c8f9be7d19df/1/ZpiZYChv03XcXjWFsXMCV1QM0HU.roa Signing time: Thu 01 Jan 2026 20:17:40 +0000 ROA not before: Thu 01 Jan 2026 20:17:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 174 IP address blocks: 2a01:e300::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/cd97cc-ce2b-4264-9e79-c8f9be7d19df/1/jj8WY5lr4XB2Ef3OHd6okg3TmKM.crl rsync://rpki.ripe.net/repository/DEFAULT/6e/cd97cc-ce2b-4264-9e79-c8f9be7d19df/1/jj8WY5lr4XB2Ef3OHd6okg3TmKM.mft rsync://rpki.ripe.net/repository/DEFAULT/jj8WY5lr4XB2Ef3OHd6okg3TmKM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 14:01:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:78:d1:46:79:3c:80:05:81:91:f2:e9:8c:47:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8e3f1663996be1707611fdce1ddea8920dd398a3 Validity Not Before: Jan 1 20:17:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=66989960286fd375dc5e3585b1730257540cd075 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:47:d4:cc:1e:22:33:fe:2e:2c:06:d7:e0:08: 6c:3c:d5:27:31:a1:e3:d8:a2:f0:d7:ef:ce:c7:7a: 34:b4:d2:ef:e5:d6:2a:3e:6e:2e:3e:8a:65:be:62: 95:72:e5:e5:c1:13:e8:b0:0f:4a:68:38:f3:72:9c: c0:9f:0f:38:80:56:a3:d4:53:77:a4:2e:72:fd:8d: e8:3d:1c:79:ac:e3:0c:61:6b:9d:11:3a:36:a1:2b: 54:43:bb:40:ac:c7:a9:c8:83:77:8d:1d:4d:43:68: e1:87:bb:7d:f6:85:f9:ae:c8:ea:cc:a7:ce:56:1b: 6b:dc:a9:c7:49:a8:c5:58:45:c0:0d:1e:31:5f:95: 7c:ca:60:7d:a4:17:ec:ad:eb:bf:73:7b:d0:77:68: 42:f8:ae:42:a1:99:14:49:1d:19:57:53:c8:1f:6c: 84:da:c6:1c:f6:a1:b2:7a:02:92:41:3c:93:c1:f6: 62:2b:7e:94:29:bb:95:17:07:6c:87:3a:68:29:80: d2:77:2c:df:d0:ee:1d:84:9c:41:b8:43:22:bb:8b: d0:04:89:97:ed:3c:07:39:7e:56:96:42:5d:a7:f3: ed:d3:7b:f5:22:4a:a0:80:5d:da:3d:e4:4f:03:7a: a6:8b:40:60:7c:59:9d:3f:8e:f4:78:a2:cb:89:b5: 85:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:98:99:60:28:6F:D3:75:DC:5E:35:85:B1:73:02:57:54:0C:D0:75 X509v3 Authority Key Identifier: keyid:8E:3F:16:63:99:6B:E1:70:76:11:FD:CE:1D:DE:A8:92:0D:D3:98:A3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jj8WY5lr4XB2Ef3OHd6okg3TmKM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/cd97cc-ce2b-4264-9e79-c8f9be7d19df/1/ZpiZYChv03XcXjWFsXMCV1QM0HU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/cd97cc-ce2b-4264-9e79-c8f9be7d19df/1/jj8WY5lr4XB2Ef3OHd6okg3TmKM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:e300::/29 Signature Algorithm: sha256WithRSAEncryption 9d:f1:65:d3:9b:d7:70:61:33:e1:71:db:ce:f9:51:2c:79:bb: c8:9d:cb:93:20:d3:54:3d:bd:53:95:4f:b5:14:bc:d9:ef:c1: a3:cf:c7:be:10:9c:3e:e1:8f:9a:b2:cc:38:72:bd:bf:6f:f9: e3:4b:f4:5f:bf:9c:08:55:f3:ea:69:02:f4:e0:d6:9f:27:83: f8:74:ff:1b:44:dd:66:09:5c:62:aa:ba:d8:b1:d9:53:e2:b8: fb:5a:13:cc:a2:ff:9e:a9:31:c6:c3:be:fc:25:a8:63:be:9f: 2a:95:77:60:51:3f:8b:98:f9:40:57:47:d9:8d:6d:cc:f8:8a: 50:ce:25:c2:6f:f9:c3:69:2a:18:d2:05:5b:92:a8:55:a9:39: 46:0b:e9:14:79:e0:59:b7:c4:86:64:f9:cc:e3:70:fd:4a:37: 4a:1b:94:61:2e:af:b5:c7:a9:46:fc:11:fd:0d:55:07:b5:f0: da:c0:a7:d7:fd:d5:eb:dc:f6:0e:86:4c:80:90:42:1b:a5:84: c1:1e:0a:89:99:a6:4a:9c:be:66:0e:cb:64:dc:b8:4d:67:40: 9e:b7:a1:9d:af:ad:9f:ed:d1:10:dd:e3:0f:bc:ae:57:bd:bc: 24:93:9f:e4:0c:e4:55:7d:3b:9d:d6:0d:9d:1c:0f:9d:c6:c0: 15:5e:b4:14 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt7NXjRRnk8gAWBkfLpjEdRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhlM2YxNjYzOTk2YmUxNzA3NjExZmRjZTFkZGVhODkyMGRk Mzk4YTMwHhcNMjYwMTAxMjAxNzQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2Njk4OTk2MDI4NmZkMzc1ZGM1ZTM1ODViMTczMDI1NzU0MGNkMDc1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokfUzB4iM/4uLAbX4AhsPNUnMaHj 2KLw1+/Ox3o0tNLv5dYqPm4uPoplvmKVcuXlwRPosA9KaDjzcpzAnw84gFaj1FN3 pC5y/Y3oPRx5rOMMYWudETo2oStUQ7tArMepyIN3jR1NQ2jhh7t99oX5rsjqzKfO Vhtr3KnHSajFWEXADR4xX5V8ymB9pBfsreu/c3vQd2hC+K5CoZkUSR0ZV1PIH2yE 2sYc9qGyegKSQTyTwfZiK36UKbuVFwdshzpoKYDSdyzf0O4dhJxBuEMiu4vQBImX 7TwHOX5WlkJdp/Pt03v1IkqggF3aPeRPA3qmi0BgfFmdP470eKLLibWFEwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFGaYmWAob9N13F41hbFzAldUDNB1MB8GA1UdIwQY MBaAFI4/FmOZa+FwdhH9zh3eqJIN05ijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvamo4V1k1bHI0WEIyRWYzT0hkNm9rZzNUbUtNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9jZDk3Y2MtY2UyYi00MjY0LTllNzkt YzhmOWJlN2QxOWRmLzEvWnBpWllDaHYwM1hjWGpXRnNYTUNWMVFNMEhVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82ZS9jZDk3Y2MtY2UyYi00MjY0LTllNzktYzhmOWJlN2QxOWRm LzEvamo4V1k1bHI0WEIyRWYzT0hkNm9rZzNUbUtNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgHjADAN BgkqhkiG9w0BAQsFAAOCAQEAnfFl05vXcGEz4XHbzvlRLHm7yJ3LkyDTVD29U5VP tRS82e/Bo8/HvhCcPuGPmrLMOHK9v2/540v0X7+cCFXz6mkC9ODWnyeD+HT/G0Td ZglcYqq62LHZU+K4+1oTzKL/nqkxxsO+/CWoY76fKpV3YFE/i5j5QFdH2Y1tzPiK UM4lwm/5w2kqGNIFW5KoVak5RgvpFHngWbfEhmT5zONw/Uo3ShuUYS6vtcepRvwR /Q1VB7Xw2sCn1/3V69z2DoZMgJBCG6WEwR4KiZmmSpy+Zg7LZNy4TWdAnrehna+t n+3REN3jD7yuV728JJOf5AzkVX07ndYNnRwPncbAFV60FA== -----END CERTIFICATE-----Generated at Mon Jan 12 00:49:31 2026 by rpki-client