This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/zDRyq7GZVHBwWjuDxN0VCA5Bnuo.roa File: zDRyq7GZVHBwWjuDxN0VCA5Bnuo.roa (raw, json) Hash identifier: X4HMDM0F5U+1Ervgfj4WtC+F1dAOGqN+qUjxRYOQpF8= Subject key identifier: CC:34:72:AB:B1:99:54:70:70:5A:3B:83:C4:DD:15:08:0E:41:9E:EA Certificate issuer: /CN=bcfd2da5447d007616ebddc2a70feac5e77c4a8b Certificate serial: 019B9359E1D7CC597CC08EDC2C1E9B9CDE16 Authority key identifier: BC:FD:2D:A5:44:7D:00:76:16:EB:DD:C2:A7:0F:EA:C5:E7:7C:4A:8B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP0tpUR9AHYW693Cpw_qxed8Sos.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/zDRyq7GZVHBwWjuDxN0VCA5Bnuo.roa Signing time: Tue 06 Jan 2026 12:48:19 +0000 ROA not before: Tue 06 Jan 2026 12:48:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50873 IP address blocks: 185.237.176.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/vP0tpUR9AHYW693Cpw_qxed8Sos.crl rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/vP0tpUR9AHYW693Cpw_qxed8Sos.mft rsync://rpki.ripe.net/repository/DEFAULT/vP0tpUR9AHYW693Cpw_qxed8Sos.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Feb 2026 23:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:93:59:e1:d7:cc:59:7c:c0:8e:dc:2c:1e:9b:9c:de:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bcfd2da5447d007616ebddc2a70feac5e77c4a8b Validity Not Before: Jan 6 12:48:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cc3472abb1995470705a3b83c4dd15080e419eea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:32:32:e7:9a:86:ce:c0:2e:b7:98:0f:d3:51: e2:4f:f6:2f:26:3c:ad:28:09:12:9c:1a:2a:4b:67: 71:94:c4:98:2a:dc:1d:1a:41:ce:f2:65:ec:5e:7d: 53:f9:dd:4e:20:f6:41:19:64:ca:ad:df:64:03:c3: 42:71:ce:25:70:77:a7:08:f9:eb:b8:46:66:8b:86: c2:38:0a:78:a6:74:bf:dd:b2:bb:53:91:ef:c8:bf: ba:1c:ac:c6:ec:37:42:28:84:80:8a:28:0d:63:6a: c0:aa:da:2e:7d:4f:49:af:b9:4c:f4:0a:19:92:33: ca:4f:54:ee:4c:e6:f0:29:24:74:72:b7:9a:3e:02: e2:47:ce:96:cd:8b:04:20:92:19:af:5b:e0:5a:fb: 9b:78:5b:5a:8c:5e:6b:c1:31:34:14:ba:e2:d6:17: f4:19:fa:62:cd:79:9c:48:74:6d:b4:78:ce:c7:26: 36:ef:a5:f6:73:26:31:71:4c:fc:11:1a:5f:3f:29: ed:3d:f4:c8:cd:f3:d7:04:e3:a1:fc:6a:4f:05:17: 1d:cf:49:18:6e:86:7c:e0:e0:29:9b:4c:4d:b4:62: 82:24:8d:2d:1d:d0:d9:e7:31:c6:02:a8:28:15:5d: 61:16:a2:b2:b7:3a:d2:b8:69:b7:fd:ba:86:24:bc: ba:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:34:72:AB:B1:99:54:70:70:5A:3B:83:C4:DD:15:08:0E:41:9E:EA X509v3 Authority Key Identifier: keyid:BC:FD:2D:A5:44:7D:00:76:16:EB:DD:C2:A7:0F:EA:C5:E7:7C:4A:8B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP0tpUR9AHYW693Cpw_qxed8Sos.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/zDRyq7GZVHBwWjuDxN0VCA5Bnuo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/vP0tpUR9AHYW693Cpw_qxed8Sos.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.237.176.0/24 Signature Algorithm: sha256WithRSAEncryption 01:2f:db:e8:a5:27:aa:8b:e3:d9:76:47:28:96:bc:94:67:11: 8e:f9:17:8c:fe:87:5c:dc:ff:c4:bf:a4:5f:bc:df:36:cd:e9: 7f:56:35:65:32:6c:62:07:b3:b6:ec:28:eb:58:d3:fd:c8:c7: e1:14:a2:27:8e:b8:b8:00:70:62:80:55:d7:f5:fc:f4:44:a0: 96:2d:4f:d1:63:56:36:33:72:df:2e:1f:32:d0:45:52:91:14: 3a:b1:4f:dd:05:db:6f:15:a6:cf:b2:42:df:34:89:8b:a9:40: d1:90:0f:e5:bb:c1:b4:bc:fc:1a:a3:0d:a5:8d:bb:fb:34:98: aa:d3:e8:3f:9f:12:07:e3:13:de:41:b6:e9:09:98:42:cb:bf: e8:ca:6f:c0:0d:fd:7d:91:1f:bc:f7:cb:c7:76:e5:45:0a:e8: 9d:77:df:55:68:44:3e:eb:b4:a5:a5:6f:3a:8f:2a:02:7b:83: 84:7e:11:ae:f6:32:3f:e9:dd:3e:bb:05:f3:fb:f2:b5:63:83: ee:6b:bb:49:5c:49:e9:b9:11:66:64:c1:1c:57:1a:a5:86:f9: 58:a5:42:d7:4d:98:74:5c:d3:18:76:6a:83:4d:64:36:9a:fe: 49:55:ca:aa:c0:cf:6e:e7:c6:82:ce:88:0b:3f:16:98:0c:f6: d2:62:b0:00 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZuTWeHXzFl8wI7cLB6bnN4WMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJjZmQyZGE1NDQ3ZDAwNzYxNmViZGRjMmE3MGZlYWM1ZTc3 YzRhOGIwHhcNMjYwMTA2MTI0ODE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYzM0NzJhYmIxOTk1NDcwNzA1YTNiODNjNGRkMTUwODBlNDE5ZWVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjIy55qGzsAut5gP01HiT/YvJjyt KAkSnBoqS2dxlMSYKtwdGkHO8mXsXn1T+d1OIPZBGWTKrd9kA8NCcc4lcHenCPnr uEZmi4bCOAp4pnS/3bK7U5HvyL+6HKzG7DdCKISAiigNY2rAqtoufU9Jr7lM9AoZ kjPKT1TuTObwKSR0creaPgLiR86WzYsEIJIZr1vgWvubeFtajF5rwTE0FLri1hf0 GfpizXmcSHRttHjOxyY276X2cyYxcUz8ERpfPyntPfTIzfPXBOOh/GpPBRcdz0kY boZ84OApm0xNtGKCJI0tHdDZ5zHGAqgoFV1hFqKytzrSuGm3/bqGJLy60QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFMw0cquxmVRwcFo7g8TdFQgOQZ7qMB8GA1UdIwQY MBaAFLz9LaVEfQB2FuvdwqcP6sXnfEqLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdlAwdHBVUjlBSFlXNjkzQ3B3X3F4ZWQ4U29zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85MTlmZmYtMjUyZi00NzIwLWFkZTQt YmJmZTIxOTZjNmFmLzEvekRSeXE3R1pWSEJ3V2p1RHhOMFZDQTVCbnVvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS85MTlmZmYtMjUyZi00NzIwLWFkZTQtYmJmZTIxOTZjNmFm LzEvdlAwdHBVUjlBSFlXNjkzQ3B3X3F4ZWQ4U29zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAue2wMA0G CSqGSIb3DQEBCwUAA4IBAQABL9vopSeqi+PZdkcolryUZxGO+ReM/odc3P/Ev6Rf vN82zel/VjVlMmxiB7O27CjrWNP9yMfhFKInjri4AHBigFXX9fz0RKCWLU/RY1Y2 M3LfLh8y0EVSkRQ6sU/dBdtvFabPskLfNImLqUDRkA/lu8G0vPwaow2ljbv7NJiq 0+g/nxIH4xPeQbbpCZhCy7/oym/ADf19kR+898vHduVFCuidd99VaEQ+67SlpW86 jyoCe4OEfhGu9jI/6d0+uwXz+/K1Y4Pua7tJXEnpuRFmZMEcVxqlhvlYpULXTZh0 XNMYdmqDTWQ2mv5JVcqqwM9u58aCzogLPxaYDPbSYrAA -----END CERTIFICATE-----Generated at Mon Feb 2 09:39:30 2026 by rpki-client