This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/zHDZKlPpiC9mNSi75YANWN-9pfc.roa File: zHDZKlPpiC9mNSi75YANWN-9pfc.roa (raw, json) Hash identifier: sCpbmLX4H/uxDdeAxS3tMfhuNZF5NKbcyUoh0/DI8mY= Subject key identifier: CC:70:D9:2A:53:E9:88:2F:66:35:28:BB:E5:80:0D:58:DF:BD:A5:F7 Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16 Certificate serial: 019B082D5EEFDC07C7BF2E2F252162310C06 Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/zHDZKlPpiC9mNSi75YANWN-9pfc.roa Signing time: Wed 10 Dec 2025 12:12:29 +0000 ROA not before: Wed 10 Dec 2025 12:12:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 174 IP address blocks: 5.172.36.0/24 maxlen: 24 178.254.178.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.mft rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 19:20:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:08:2d:5e:ef:dc:07:c7:bf:2e:2f:25:21:62:31:0c:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16 Validity Not Before: Dec 10 12:12:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=cc70d92a53e9882f663528bbe5800d58dfbda5f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:b2:3d:c9:32:38:04:2d:37:12:81:7e:47:36: 7e:0a:b2:77:da:5e:7f:48:93:66:eb:4b:8e:df:dd: a9:1d:da:36:ed:77:38:f7:02:6a:9b:f6:f9:cf:26: f7:59:1d:a0:ff:c4:56:a3:38:cd:e4:5c:5a:99:ca: 3a:ea:cf:06:57:ed:c5:36:ae:fd:e3:1d:ac:90:a8: ca:39:df:ca:21:ad:1e:f5:1a:c6:84:c3:0f:b7:ce: 34:b2:9c:e3:1d:e8:35:9f:c7:51:d9:8d:f5:a8:e9: 3b:69:5b:c5:9a:55:9d:df:bd:9c:f7:c6:ea:8d:5a: ad:e0:2d:ad:39:e1:6f:4c:80:d6:83:13:98:6b:e5: 2f:af:33:e4:3c:7c:5a:3c:e4:e9:2c:0d:59:30:46: 10:8b:0e:a8:8d:07:d2:98:c9:0e:0a:05:b2:e2:54: 0c:a2:21:94:84:c7:49:ca:92:b5:d7:3f:9a:4b:23: 62:fb:b3:fa:e7:4c:8b:bf:29:68:35:a7:a8:65:ad: 64:d3:0f:85:d4:2a:14:49:34:6b:5a:63:be:09:ff: d7:0e:d8:62:ba:af:c9:61:b6:72:4b:7a:98:04:1e: 2c:ef:b5:5e:3b:a7:3d:20:2a:61:4c:09:3b:8b:21: 9f:9e:1a:26:59:d6:47:93:a9:79:d7:98:0a:ef:eb: 5e:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:70:D9:2A:53:E9:88:2F:66:35:28:BB:E5:80:0D:58:DF:BD:A5:F7 X509v3 Authority Key Identifier: keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/zHDZKlPpiC9mNSi75YANWN-9pfc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.172.36.0/24 178.254.178.0/24 Signature Algorithm: sha256WithRSAEncryption 66:96:7a:0a:9b:74:3a:98:2b:0c:9c:ef:db:a3:58:e5:5e:8e: ba:9d:46:cb:56:fc:56:ee:97:ef:2b:5e:3d:b3:05:7c:fc:a3: 9e:15:47:e9:c1:a3:c6:1d:b8:ae:ec:63:9f:3f:64:eb:dc:51: 5a:af:f7:e4:34:ac:a0:f6:80:0e:71:24:61:bb:a3:f3:17:b1: ff:a7:19:b4:16:92:22:a1:5f:53:4a:3d:55:11:ac:51:58:a8: f0:c0:fb:7b:d9:d9:c4:8b:38:fc:ce:6a:89:d3:93:18:83:aa: 86:c8:c8:7c:d8:ef:d9:53:0f:e9:e9:15:28:41:f1:5a:1b:9f: 17:ee:b2:0a:5f:e9:71:8b:cf:bc:55:22:18:0d:b7:45:d4:db: 53:3c:8d:e3:07:14:68:4a:55:fa:c8:42:b8:18:45:c7:8a:7d: 57:c6:82:88:fb:77:dd:d1:ce:c5:9a:08:67:0a:c1:c9:95:75: 45:7b:f0:d6:0f:3a:3c:73:8f:b6:30:76:fe:b3:cc:24:ac:40: de:30:93:b4:15:d0:e7:98:fe:5a:15:72:15:4d:a5:40:be:97: 24:42:6f:03:dc:94:4b:be:f1:e5:14:ee:20:98:4b:7a:7c:27: 42:63:f6:72:d4:39:f5:6f:cd:8c:74:3b:8b:8d:8e:7c:1e:da: 9c:6c:4b:01 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZsILV7v3AfHvy4vJSFiMQwGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk OWNlMTYwHhcNMjUxMjEwMTIxMjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYzcwZDkyYTUzZTk4ODJmNjYzNTI4YmJlNTgwMGQ1OGRmYmRhNWY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bI9yTI4BC03EoF+RzZ+CrJ32l5/ SJNm60uO392pHdo27Xc49wJqm/b5zyb3WR2g/8RWozjN5Fxamco66s8GV+3FNq79 4x2skKjKOd/KIa0e9RrGhMMPt840spzjHeg1n8dR2Y31qOk7aVvFmlWd372c98bq jVqt4C2tOeFvTIDWgxOYa+UvrzPkPHxaPOTpLA1ZMEYQiw6ojQfSmMkOCgWy4lQM oiGUhMdJypK11z+aSyNi+7P650yLvyloNaeoZa1k0w+F1CoUSTRrWmO+Cf/XDthi uq/JYbZyS3qYBB4s77VeO6c9ICphTAk7iyGfnhomWdZHk6l515gK7+teewIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFMxw2SpT6YgvZjUou+WADVjfvaX3MB8GA1UdIwQY MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt MGY2NmMxODg3OTE2LzEvekhEWktsUHBpQzltTlNpNzVZQU5XTi05cGZjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2 LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABawkAwQA sv6yMA0GCSqGSIb3DQEBCwUAA4IBAQBmlnoKm3Q6mCsMnO/bo1jlXo66nUbLVvxW 7pfvK149swV8/KOeFUfpwaPGHbiu7GOfP2Tr3FFar/fkNKyg9oAOcSRhu6PzF7H/ pxm0FpIioV9TSj1VEaxRWKjwwPt72dnEizj8zmqJ05MYg6qGyMh82O/ZUw/p6RUo QfFaG58X7rIKX+lxi8+8VSIYDbdF1NtTPI3jBxRoSlX6yEK4GEXHin1XxoKI+3fd 0c7FmghnCsHJlXVFe/DWDzo8c4+2MHb+s8wkrEDeMJO0FdDnmP5aFXIVTaVAvpck Qm8D3JRLvvHlFO4gmEt6fCdCY/Zy1Dn1b82MdDuLjY58HtqcbEsB -----END CERTIFICATE-----Generated at Wed Dec 17 03:35:40 2025 by rpki-client