This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/57ea8d-c680-40a7-8a29-f076a08e6003/1/ztIzxf93QWsYAnlPRmW4J8mPKU8.roa File: ztIzxf93QWsYAnlPRmW4J8mPKU8.roa (raw, json) Hash identifier: 1lDUE3T/JTJqUXqe8vPaaGkCY1xNEzM3Qzz5NIUDqZE= Subject key identifier: CE:D2:33:C5:FF:77:41:6B:18:02:79:4F:46:65:B8:27:C9:8F:29:4F Certificate issuer: /CN=3e8c1897624f57be34e0f760b97f110ad5b5da3a Certificate serial: 019B7C800706A2A0EE43770E855C25F0C784 Authority key identifier: 3E:8C:18:97:62:4F:57:BE:34:E0:F7:60:B9:7F:11:0A:D5:B5:DA:3A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PowYl2JPV7404PdguX8RCtW12jo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/57ea8d-c680-40a7-8a29-f076a08e6003/1/ztIzxf93QWsYAnlPRmW4J8mPKU8.roa Signing time: Fri 02 Jan 2026 02:18:43 +0000 ROA not before: Fri 02 Jan 2026 02:18:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41437 IP address blocks: 89.207.120.0/21 maxlen: 21 89.207.120.0/24 maxlen: 24 89.207.121.0/24 maxlen: 24 89.207.123.0/24 maxlen: 24 89.207.124.0/24 maxlen: 24 89.207.127.0/24 maxlen: 24 2001:a00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/57ea8d-c680-40a7-8a29-f076a08e6003/1/PowYl2JPV7404PdguX8RCtW12jo.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/57ea8d-c680-40a7-8a29-f076a08e6003/1/PowYl2JPV7404PdguX8RCtW12jo.mft rsync://rpki.ripe.net/repository/DEFAULT/PowYl2JPV7404PdguX8RCtW12jo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 17:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:07:06:a2:a0:ee:43:77:0e:85:5c:25:f0:c7:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3e8c1897624f57be34e0f760b97f110ad5b5da3a Validity Not Before: Jan 2 02:18:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ced233c5ff77416b1802794f4665b827c98f294f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:60:dd:d1:c0:2c:ba:f5:cf:9d:44:f2:4d:fe: 76:dd:d3:19:f0:1e:57:4a:ae:2c:b7:dc:6f:00:80: f1:aa:84:bc:8d:51:f7:bd:99:97:2f:ea:d3:a1:01: 66:11:91:f3:20:8d:20:1e:f2:dc:72:5a:e2:b5:90: ff:03:2c:d6:e3:5f:14:5f:6c:79:1f:42:58:ab:95: 60:0b:d9:69:2a:9a:d2:03:c1:01:ff:43:0f:fc:84: b9:d0:4f:91:4d:1d:1b:60:4d:4f:79:37:21:d6:67: 53:10:a4:7b:cd:ef:c6:1f:33:a0:d5:b8:d3:e2:e6: 08:7b:dd:4b:78:92:04:b9:dc:13:94:9b:21:74:4d: 0b:74:2f:3a:9d:5f:5e:9f:f4:9e:e9:3a:c9:0e:5d: 19:98:9e:33:f2:e8:3c:0e:47:01:ff:2b:66:fd:ab: ca:59:b1:fe:c5:24:d5:0d:35:18:bc:c5:03:9d:ec: 3e:98:44:51:73:5f:67:28:19:55:d9:0b:12:c4:cd: 67:98:9d:a1:49:e3:a2:50:ea:31:da:bc:dc:24:70: 64:1e:b5:fe:27:76:49:d3:88:67:5a:f9:0c:68:94: 86:54:3e:c1:7a:cb:9e:42:9c:ef:ef:52:1a:05:9b: c6:cd:fa:2f:f8:e9:12:b7:9f:8c:f3:f1:3b:2d:47: 40:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:D2:33:C5:FF:77:41:6B:18:02:79:4F:46:65:B8:27:C9:8F:29:4F X509v3 Authority Key Identifier: keyid:3E:8C:18:97:62:4F:57:BE:34:E0:F7:60:B9:7F:11:0A:D5:B5:DA:3A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PowYl2JPV7404PdguX8RCtW12jo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/57ea8d-c680-40a7-8a29-f076a08e6003/1/ztIzxf93QWsYAnlPRmW4J8mPKU8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/57ea8d-c680-40a7-8a29-f076a08e6003/1/PowYl2JPV7404PdguX8RCtW12jo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.207.120.0/21 IPv6: 2001:a00::/32 Signature Algorithm: sha256WithRSAEncryption 14:df:61:ea:66:1a:a5:57:28:e7:2f:56:a9:c6:f4:41:74:6d: f1:b2:c0:7b:a7:98:3c:0d:c2:4b:df:28:b6:d5:d9:69:03:b9: dc:c6:a8:d1:02:a1:40:b9:c3:66:9a:d9:d4:77:02:92:12:5c: d2:9d:15:26:06:10:70:3a:6c:63:3d:41:bf:c0:0d:b3:d1:26: 1d:58:d4:68:ad:0d:5f:20:f8:54:33:db:ec:95:00:9a:3d:85: 17:5a:b0:65:1f:63:67:31:1a:32:e9:0e:e2:d4:20:6b:90:aa: 5d:72:30:a9:41:01:82:d9:fb:60:5b:5c:9e:f6:1c:17:77:d6: 0f:79:38:79:77:ee:3e:4d:1e:18:ca:30:12:80:ea:fe:4a:f3: 51:93:da:f5:1f:94:9d:78:cf:61:31:35:b3:88:b0:bd:1a:cf: 0b:1d:ee:cd:37:33:e3:df:4f:5f:71:0a:22:f3:f4:3c:f3:c4: 5e:7c:f0:0a:c1:15:2d:ca:5c:78:f2:76:2c:9d:06:73:41:ea: 58:87:56:43:47:de:de:08:6b:a5:2a:5f:94:ea:68:37:b9:d5: 33:af:e5:ae:3f:f4:67:80:2e:66:cd:5e:89:3a:6a:e1:73:0b: e0:fd:e8:02:c8:2c:ff:32:b1:94:f8:b6:7f:e3:e8:54:55:f7: f7:09:ef:bf -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt8gAcGoqDuQ3cOhVwl8MeEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNlOGMxODk3NjI0ZjU3YmUzNGUwZjc2MGI5N2YxMTBhZDVi NWRhM2EwHhcNMjYwMTAyMDIxODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZWQyMzNjNWZmNzc0MTZiMTgwMjc5NGY0NjY1YjgyN2M5OGYyOTRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWDd0cAsuvXPnUTyTf523dMZ8B5X Sq4st9xvAIDxqoS8jVH3vZmXL+rToQFmEZHzII0gHvLcclritZD/AyzW418UX2x5 H0JYq5VgC9lpKprSA8EB/0MP/IS50E+RTR0bYE1PeTch1mdTEKR7ze/GHzOg1bjT 4uYIe91LeJIEudwTlJshdE0LdC86nV9en/Se6TrJDl0ZmJ4z8ug8DkcB/ytm/avK WbH+xSTVDTUYvMUDnew+mERRc19nKBlV2QsSxM1nmJ2hSeOiUOox2rzcJHBkHrX+ J3ZJ04hnWvkMaJSGVD7BesueQpzv71IaBZvGzfov+OkSt5+M8/E7LUdAmwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFM7SM8X/d0FrGAJ5T0ZluCfJjylPMB8GA1UdIwQY MBaAFD6MGJdiT1e+NOD3YLl/EQrVtdo6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUG93WWwySlBWNzQwNFBkZ3VYOFJDdFcxMmpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy81N2VhOGQtYzY4MC00MGE3LThhMjkt ZjA3NmEwOGU2MDAzLzEvenRJenhmOTNRV3NZQW5sUFJtVzRKOG1QS1U4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy81N2VhOGQtYzY4MC00MGE3LThhMjktZjA3NmEwOGU2MDAz LzEvUG93WWwySlBWNzQwNFBkZ3VYOFJDdFcxMmpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDWc94MA0E AgACMAcDBQAgAQoAMA0GCSqGSIb3DQEBCwUAA4IBAQAU32HqZhqlVyjnL1apxvRB dG3xssB7p5g8DcJL3yi21dlpA7ncxqjRAqFAucNmmtnUdwKSElzSnRUmBhBwOmxj PUG/wA2z0SYdWNRorQ1fIPhUM9vslQCaPYUXWrBlH2NnMRoy6Q7i1CBrkKpdcjCp QQGC2ftgW1ye9hwXd9YPeTh5d+4+TR4YyjASgOr+SvNRk9r1H5SdeM9hMTWziLC9 Gs8LHe7NNzPj309fcQoi8/Q888RefPAKwRUtylx48nYsnQZzQepYh1ZDR97eCGul Kl+U6mg3udUzr+WuP/RngC5mzV6JOmrhcwvg/egCyCz/MrGU+LZ/4+hUVff3Ce+/ -----END CERTIFICATE-----Generated at Tue Feb 10 03:10:59 2026 by rpki-client