This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/zSQtHn132zkYiODR-nP8aHtUQYA.roa File: zSQtHn132zkYiODR-nP8aHtUQYA.roa (raw, json) Hash identifier: 0IThsqQjeAvQaaBM3736hRL6ffPhT8HNYOS2v2AnKs0= Subject key identifier: CD:24:2D:1E:7D:77:DB:39:18:88:E0:D1:FA:73:FC:68:7B:54:41:80 Certificate issuer: /CN=0e64f81b9e36b849917787678d014db4bfcef311 Certificate serial: 019B78A2A849806D56E775295B38A60A39E0 Authority key identifier: 0E:64:F8:1B:9E:36:B8:49:91:77:87:67:8D:01:4D:B4:BF:CE:F3:11 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DmT4G542uEmRd4dnjQFNtL_O8xE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/zSQtHn132zkYiODR-nP8aHtUQYA.roa Signing time: Thu 01 Jan 2026 08:18:04 +0000 ROA not before: Thu 01 Jan 2026 08:18:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 134666 IP address blocks: 2a12:a307:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/DmT4G542uEmRd4dnjQFNtL_O8xE.crl rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/DmT4G542uEmRd4dnjQFNtL_O8xE.mft rsync://rpki.ripe.net/repository/DEFAULT/DmT4G542uEmRd4dnjQFNtL_O8xE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 21:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:a8:49:80:6d:56:e7:75:29:5b:38:a6:0a:39:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0e64f81b9e36b849917787678d014db4bfcef311 Validity Not Before: Jan 1 08:18:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cd242d1e7d77db391888e0d1fa73fc687b544180 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:ba:9b:00:c3:d2:53:1b:a4:d1:9e:59:ab:5b: 7d:73:1f:9e:c4:7e:3e:ae:a8:8c:79:60:3e:14:25: ec:61:e4:a5:a6:a2:6e:bd:34:70:44:01:91:d2:a2: 6e:5f:95:28:5f:c5:7e:64:a0:29:fe:69:bd:7f:b4: 1c:ab:89:bc:43:5b:0b:a9:8c:99:65:4f:7d:f2:60: 40:1a:79:9c:6c:25:18:8e:3e:96:58:01:81:a4:31: c0:1e:8b:dd:d7:be:ea:5e:7a:40:80:96:76:b1:e0: c1:a1:de:d5:3b:3b:21:b7:a8:8e:ae:37:90:b1:f3: 19:fc:28:0c:27:87:b6:d4:7e:40:e8:91:e8:92:7b: 34:e0:70:20:ab:13:77:44:ce:37:25:f8:96:f8:24: 90:eb:e0:ec:ae:27:ec:94:ed:83:f4:de:4f:8b:e0: 91:b3:c9:aa:7d:2c:71:f0:73:c2:78:0c:5c:18:96: 2e:9f:e7:99:fa:f1:8a:2b:73:45:48:12:2a:74:42: 31:15:4e:b4:41:ab:54:82:9a:dc:41:90:1f:98:14: cc:da:00:af:c7:1a:87:39:47:ef:8f:e2:6f:b0:7e: 05:88:70:1d:26:46:6f:9d:1d:24:09:41:1b:57:2c: 5d:6e:65:40:a0:d8:ba:52:41:a0:69:49:e5:09:2b: 80:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:24:2D:1E:7D:77:DB:39:18:88:E0:D1:FA:73:FC:68:7B:54:41:80 X509v3 Authority Key Identifier: keyid:0E:64:F8:1B:9E:36:B8:49:91:77:87:67:8D:01:4D:B4:BF:CE:F3:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DmT4G542uEmRd4dnjQFNtL_O8xE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/zSQtHn132zkYiODR-nP8aHtUQYA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/DmT4G542uEmRd4dnjQFNtL_O8xE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a12:a307:2::/48 Signature Algorithm: sha256WithRSAEncryption 69:a6:42:4f:c1:b0:18:0d:09:7c:13:74:78:2b:73:b4:6e:67: a7:96:f3:f6:ff:b8:3a:ca:e7:82:9e:0a:25:c5:85:30:ba:e1: 05:a6:26:1b:e7:9f:4e:c5:ce:3c:81:b9:59:54:b3:87:76:8e: a4:c9:f8:a4:04:50:d8:0c:9b:06:18:42:45:7f:c8:97:71:b7: bc:9f:a3:98:21:93:85:0c:0b:19:fa:5d:40:31:7b:a6:9b:b3: 17:64:69:cb:c6:14:e5:0d:8e:f3:3d:23:c6:62:f6:75:46:bd: 73:bb:8a:eb:a4:dd:8f:7f:76:3a:f4:ff:4b:1c:f7:d9:0d:1e: 86:40:bf:78:31:09:9f:d7:77:b4:cd:25:79:ed:43:d0:2f:0e: e4:46:4e:33:a0:72:31:29:eb:d2:43:3f:c1:76:29:15:3a:a8: 52:9c:18:1d:62:31:fe:21:07:21:69:74:cd:a9:fc:a3:ee:84: 6e:94:b0:b4:99:90:26:f5:a6:f6:7a:4b:62:5e:07:9c:ea:73: e8:1d:bd:a1:36:e6:d4:05:c5:e9:eb:c8:eb:f1:14:28:51:f2: 98:1b:6c:d7:46:4b:41:33:ef:af:83:26:24:2b:8f:55:dd:68: f3:48:80:78:c7:a0:10:0c:48:51:6e:3d:56:48:d4:b5:ff:06: 2a:d6:4c:7b -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt4oqhJgG1W53UpWzimCjngMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBlNjRmODFiOWUzNmI4NDk5MTc3ODc2NzhkMDE0ZGI0YmZj ZWYzMTEwHhcNMjYwMTAxMDgxODA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZDI0MmQxZTdkNzdkYjM5MTg4OGUwZDFmYTczZmM2ODdiNTQ0MTgwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrqbAMPSUxuk0Z5Zq1t9cx+exH4+ rqiMeWA+FCXsYeSlpqJuvTRwRAGR0qJuX5UoX8V+ZKAp/mm9f7Qcq4m8Q1sLqYyZ ZU998mBAGnmcbCUYjj6WWAGBpDHAHovd177qXnpAgJZ2seDBod7VOzsht6iOrjeQ sfMZ/CgMJ4e21H5A6JHokns04HAgqxN3RM43JfiW+CSQ6+DsrifslO2D9N5Pi+CR s8mqfSxx8HPCeAxcGJYun+eZ+vGKK3NFSBIqdEIxFU60QatUgprcQZAfmBTM2gCv xxqHOUfvj+JvsH4FiHAdJkZvnR0kCUEbVyxdbmVAoNi6UkGgaUnlCSuAgwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFM0kLR59d9s5GIjg0fpz/Gh7VEGAMB8GA1UdIwQY MBaAFA5k+BueNrhJkXeHZ40BTbS/zvMRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRG1UNEc1NDJ1RW1SZDRkbmpRRk50TF9POHhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy81OTRkMjUtZjFjNi00MDQ0LWE4YTct YzhmMTgyZTk1ZWE1LzEvelNRdEhuMTMyemtZaU9EUi1uUDhhSHRVUVlBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy81OTRkMjUtZjFjNi00MDQ0LWE4YTctYzhmMTgyZTk1ZWE1 LzEvRG1UNEc1NDJ1RW1SZDRkbmpRRk50TF9POHhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhKjBwAC MA0GCSqGSIb3DQEBCwUAA4IBAQBppkJPwbAYDQl8E3R4K3O0bmenlvP2/7g6yueC ngolxYUwuuEFpiYb559Oxc48gblZVLOHdo6kyfikBFDYDJsGGEJFf8iXcbe8n6OY IZOFDAsZ+l1AMXumm7MXZGnLxhTlDY7zPSPGYvZ1Rr1zu4rrpN2Pf3Y69P9LHPfZ DR6GQL94MQmf13e0zSV57UPQLw7kRk4zoHIxKevSQz/BdikVOqhSnBgdYjH+IQch aXTNqfyj7oRulLC0mZAm9ab2ektiXgec6nPoHb2hNubUBcXp68jr8RQoUfKYG2zX RktBM++vgyYkK49V3WjzSIB4x6AQDEhRbj1WSNS1/wYq1kx7 -----END CERTIFICATE-----Generated at Sat Jan 10 06:37:48 2026 by rpki-client