This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/ZHNIPk525HnjpaYJdapYFSEJVlE.roa File: ZHNIPk525HnjpaYJdapYFSEJVlE.roa (raw, json) Hash identifier: iCSZbMokESyNsRANISRHlixFVv5VMk/yKpUyaMS7uho= Subject key identifier: 64:73:48:3E:4E:76:E4:79:E3:A5:A6:09:75:AA:58:15:21:09:56:51 Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba Certificate serial: 019B7E38B23B00B198105CDD20AD150EFA75 Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/ZHNIPk525HnjpaYJdapYFSEJVlE.roa Signing time: Fri 02 Jan 2026 10:20:03 +0000 ROA not before: Fri 02 Jan 2026 10:20:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 1239 IP address blocks: 2.56.32.0/22 maxlen: 22 45.81.160.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.mft rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:b2:3b:00:b1:98:10:5c:dd:20:ad:15:0e:fa:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba Validity Not Before: Jan 2 10:20:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6473483e4e76e479e3a5a60975aa581521095651 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:1c:9d:1b:ad:4d:f9:30:c7:59:af:21:59:71: 9a:70:96:36:cd:1b:2d:65:d4:fb:97:ae:39:ed:73: 1d:b0:2a:80:7c:81:ab:94:ac:eb:26:fc:40:f1:9c: 2d:5a:41:20:f7:20:8b:f6:59:89:77:2d:62:3b:b7: cc:74:c2:fb:4c:b7:d9:61:4b:32:94:1a:b9:4a:fb: 34:07:70:8b:7d:fb:7c:bd:60:2f:a5:6b:a9:5e:17: 9b:ca:c4:e9:e4:4f:3d:df:f4:08:98:50:8f:96:b2: 0a:f2:a9:21:7a:c6:a5:25:b8:66:23:5d:f0:90:33: f3:cf:07:54:29:8b:fd:06:1e:0e:47:5e:a1:5f:94: cc:be:18:52:a4:cb:5f:50:88:2e:2a:ce:a4:68:be: 56:2e:3e:01:de:13:48:62:e1:61:9b:e5:01:e0:ce: 61:f7:4d:73:cb:b6:20:f2:ba:1c:94:55:b8:07:02: 64:85:dc:8e:82:11:62:64:28:34:56:a1:af:00:bb: 3e:9e:83:9d:e4:a5:53:0b:d5:a7:39:a0:90:67:56: 9b:5b:40:e4:68:ae:f8:e5:bc:39:15:dc:83:02:de: ee:af:1b:19:6f:11:b3:33:04:ed:89:0f:20:9c:4d: 58:a4:e5:00:42:cc:c3:99:fe:35:43:3e:96:ac:22: 2f:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:73:48:3E:4E:76:E4:79:E3:A5:A6:09:75:AA:58:15:21:09:56:51 X509v3 Authority Key Identifier: keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/ZHNIPk525HnjpaYJdapYFSEJVlE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.56.32.0/22 45.81.160.0/24 Signature Algorithm: sha256WithRSAEncryption 35:6f:83:e1:24:71:05:65:ef:e1:94:42:44:27:2a:c4:1e:72: 9f:9e:fb:c4:01:a4:71:11:48:5b:41:25:f8:32:e7:17:cc:6f: fe:37:00:a8:20:2d:91:f6:97:a0:6c:f8:56:ea:78:0e:29:e0: 2e:ba:fe:46:12:7f:eb:3a:0f:91:d5:e4:c9:34:4d:1b:68:bd: 12:7b:e4:f4:ca:2c:64:2e:fc:49:57:aa:9d:21:0a:44:90:5a: 8e:fe:c8:8d:de:a5:10:59:94:2f:59:03:72:e0:88:91:0d:de: 9d:d1:15:f1:1b:51:be:35:e5:82:31:bf:f7:62:78:62:ff:91: 89:da:08:8b:9a:23:70:7c:08:61:47:02:6b:2f:26:83:a8:78: ce:1d:21:f6:a2:fb:e7:ab:c8:e8:25:32:ba:d3:13:fc:39:e0: 81:4e:5d:60:cf:7e:b3:a0:ab:41:8f:ee:d5:31:0c:e2:cf:5d: da:ca:4b:99:2f:bd:17:dd:a8:78:2b:1e:01:00:7b:92:8b:f1: 96:e4:0c:cf:79:76:33:97:74:65:2b:ba:b4:d4:ff:c3:09:a5: 34:7c:e0:d8:2c:46:f7:3a:25:00:30:cf:4f:07:18:66:21:c5: 5c:de:c0:03:8a:bb:81:73:25:fa:97:84:f5:de:16:44:73:ff: ab:2b:90:73 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+OLI7ALGYEFzdIK0VDvp1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz MGJiYmEwHhcNMjYwMTAyMTAyMDAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NDczNDgzZTRlNzZlNDc5ZTNhNWE2MDk3NWFhNTgxNTIxMDk1NjUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhydG61N+TDHWa8hWXGacJY2zRst ZdT7l6457XMdsCqAfIGrlKzrJvxA8ZwtWkEg9yCL9lmJdy1iO7fMdML7TLfZYUsy lBq5Svs0B3CLfft8vWAvpWupXhebysTp5E893/QImFCPlrIK8qkhesalJbhmI13w kDPzzwdUKYv9Bh4OR16hX5TMvhhSpMtfUIguKs6kaL5WLj4B3hNIYuFhm+UB4M5h 901zy7Yg8roclFW4BwJkhdyOghFiZCg0VqGvALs+noOd5KVTC9WnOaCQZ1abW0Dk aK745bw5FdyDAt7urxsZbxGzMwTtiQ8gnE1YpOUAQszDmf41Qz6WrCIvEQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFGRzSD5OduR546WmCXWqWBUhCVZRMB8GA1UdIwQY MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt YmU0NWYwZDJhYmJiLzEvWkhOSVBrNTI1SG5qcGFZSmRhcFlGU0VKVmxFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCAjggAwQA LVGgMA0GCSqGSIb3DQEBCwUAA4IBAQA1b4PhJHEFZe/hlEJEJyrEHnKfnvvEAaRx EUhbQSX4MucXzG/+NwCoIC2R9pegbPhW6ngOKeAuuv5GEn/rOg+R1eTJNE0baL0S e+T0yixkLvxJV6qdIQpEkFqO/siN3qUQWZQvWQNy4IiRDd6d0RXxG1G+NeWCMb/3 Ynhi/5GJ2giLmiNwfAhhRwJrLyaDqHjOHSH2ovvnq8joJTK60xP8OeCBTl1gz36z oKtBj+7VMQziz13aykuZL70X3ah4Kx4BAHuSi/GW5AzPeXYzl3RlK7q01P/DCaU0 fODYLEb3OiUAMM9PBxhmIcVc3sADiruBcyX6l4T13hZEc/+rK5Bz -----END CERTIFICATE-----Generated at Mon Jan 19 20:00:45 2026 by rpki-client