This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/rzxMYEL8BKNR02VR6It9IPmftps.roa File: rzxMYEL8BKNR02VR6It9IPmftps.roa (raw, json) Hash identifier: 9y+RUm2eWl0SkVwbpclKO/OAFTw8zaeRZoG7TQq0yY0= Subject key identifier: AF:3C:4C:60:42:FC:04:A3:51:D3:65:51:E8:8B:7D:20:F9:9F:B6:9B Certificate issuer: /CN=dc1089c942b68033683b4dd506c0c36f74be0ea3 Certificate serial: 019B7D5B113C90DE7E1DB732A91C7FC318D1 Authority key identifier: DC:10:89:C9:42:B6:80:33:68:3B:4D:D5:06:C0:C3:6F:74:BE:0E:A3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BCJyUK2gDNoO03VBsDDb3S-DqM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/rzxMYEL8BKNR02VR6It9IPmftps.roa Signing time: Fri 02 Jan 2026 06:17:58 +0000 ROA not before: Fri 02 Jan 2026 06:17:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205479 IP address blocks: 92.118.28.0/22 maxlen: 24 92.118.29.0/24 maxlen: 24 2a09:a440::/29 maxlen: 48 2a09:a443::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/3BCJyUK2gDNoO03VBsDDb3S-DqM.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/3BCJyUK2gDNoO03VBsDDb3S-DqM.mft rsync://rpki.ripe.net/repository/DEFAULT/3BCJyUK2gDNoO03VBsDDb3S-DqM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:01:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5b:11:3c:90:de:7e:1d:b7:32:a9:1c:7f:c3:18:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc1089c942b68033683b4dd506c0c36f74be0ea3 Validity Not Before: Jan 2 06:17:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=af3c4c6042fc04a351d36551e88b7d20f99fb69b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:7f:fb:3f:f9:48:88:07:10:b7:9c:f7:86:65: cc:a4:62:94:b6:fe:bb:a8:64:21:b7:a1:3a:75:6e: 41:3f:68:76:b1:46:c1:1f:a3:45:51:01:1b:a8:c5: ca:88:b6:cb:13:37:38:c7:6b:00:2d:a6:fe:e6:92: 74:6a:ec:f5:52:5e:e7:ea:01:ef:a2:62:73:e7:28: 21:26:04:3c:5c:a8:6a:b0:ca:2b:e7:93:49:58:28: 08:cd:5b:42:9f:bf:24:ca:1f:59:7c:79:92:a6:9d: 84:8b:b8:bf:cd:bb:4f:4d:12:99:67:e1:7b:8d:18: 8e:0f:bb:3f:3e:e4:55:c9:62:ee:5c:84:e9:f6:57: dd:b2:ae:49:ef:2f:78:4a:37:90:3f:25:ae:1b:e9: 27:88:53:39:98:e3:61:d3:81:79:57:22:38:6e:9c: f6:1d:2e:92:a5:f4:24:f8:7b:35:d2:1d:21:74:f1: 96:56:35:03:3b:88:5a:30:08:81:cc:8c:c9:12:ad: 87:97:81:a5:74:19:44:c0:65:4e:3f:0c:4f:35:2c: 93:f6:5f:ec:5e:92:81:27:81:8b:a1:e4:e2:db:a9: fe:c3:47:67:d5:87:dc:71:47:d8:69:b2:83:af:9b: 5e:e8:5b:f9:6f:a8:99:69:f6:50:c7:81:c6:71:44: 05:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:3C:4C:60:42:FC:04:A3:51:D3:65:51:E8:8B:7D:20:F9:9F:B6:9B X509v3 Authority Key Identifier: keyid:DC:10:89:C9:42:B6:80:33:68:3B:4D:D5:06:C0:C3:6F:74:BE:0E:A3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BCJyUK2gDNoO03VBsDDb3S-DqM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/rzxMYEL8BKNR02VR6It9IPmftps.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/3BCJyUK2gDNoO03VBsDDb3S-DqM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 92.118.28.0/22 IPv6: 2a09:a440::/29 Signature Algorithm: sha256WithRSAEncryption 12:63:69:eb:02:e9:74:47:e6:f4:38:2b:11:ee:4a:a9:6b:a4: 6f:56:c2:4e:38:6c:1d:af:40:ce:06:50:3e:8d:5c:29:3d:10: 68:8b:16:25:8d:89:cb:7c:6d:82:0d:7e:8e:63:4d:43:ab:b6: f3:a5:d9:f2:53:78:02:24:4f:b0:ba:27:ee:8e:20:39:e1:1b: 4a:14:aa:b8:3b:a4:a0:cd:fd:72:3e:f1:c8:ac:6d:b4:72:2c: 38:82:cc:1c:88:93:68:5c:3f:1a:91:93:d1:81:f9:99:d8:66: 1e:95:fa:e2:8c:32:c7:46:40:6f:09:4d:5d:a5:3c:71:77:7e: 6a:26:e5:02:90:f1:ff:39:d9:6e:d8:f0:b6:e0:d5:28:bd:e2: 43:34:49:2c:35:33:bf:0a:ac:7f:3e:cb:76:b7:7b:94:a1:d1: 7f:af:56:a8:59:af:d1:7f:61:91:8e:fb:c6:e2:6e:ae:70:18: 14:7b:36:0f:55:eb:c6:98:79:ef:57:78:ad:06:8c:87:a8:cd: 4c:e6:d1:b4:a1:8d:ef:f1:c8:12:96:28:36:bf:99:9a:5f:48: bd:62:d2:ef:50:66:cb:3a:6a:7f:d5:67:92:d9:da:03:2e:92: 68:1b:9f:48:16:e5:c0:68:fb:c4:b1:25:c3:b2:4c:2d:e7:9e: 0d:9b:44:87 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt9WxE8kN5+HbcyqRx/wxjRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjMTA4OWM5NDJiNjgwMzM2ODNiNGRkNTA2YzBjMzZmNzRi ZTBlYTMwHhcNMjYwMTAyMDYxNzU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZjNjNGM2MDQyZmMwNGEzNTFkMzY1NTFlODhiN2QyMGY5OWZiNjliMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3/7P/lIiAcQt5z3hmXMpGKUtv67 qGQht6E6dW5BP2h2sUbBH6NFUQEbqMXKiLbLEzc4x2sALab+5pJ0auz1Ul7n6gHv omJz5yghJgQ8XKhqsMor55NJWCgIzVtCn78kyh9ZfHmSpp2Ei7i/zbtPTRKZZ+F7 jRiOD7s/PuRVyWLuXITp9lfdsq5J7y94SjeQPyWuG+kniFM5mONh04F5VyI4bpz2 HS6SpfQk+Hs10h0hdPGWVjUDO4haMAiBzIzJEq2Hl4GldBlEwGVOPwxPNSyT9l/s XpKBJ4GLoeTi26n+w0dn1YfccUfYabKDr5te6Fv5b6iZafZQx4HGcUQFYQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFK88TGBC/ASjUdNlUeiLfSD5n7abMB8GA1UdIwQY MBaAFNwQiclCtoAzaDtN1QbAw290vg6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM0JDSnlVSzJnRE5vTzAzVkJzRERiM1MtRHFNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8yNDE0OWQtZDExNS00MzMwLWJkNDkt Y2I1NmVkM2VhN2ZhLzEvcnp4TVlFTDhCS05SMDJWUjZJdDlJUG1mdHBzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy8yNDE0OWQtZDExNS00MzMwLWJkNDktY2I1NmVkM2VhN2Zh LzEvM0JDSnlVSzJnRE5vTzAzVkJzRERiM1MtRHFNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCXHYcMA0E AgACMAcDBQMqCaRAMA0GCSqGSIb3DQEBCwUAA4IBAQASY2nrAul0R+b0OCsR7kqp a6RvVsJOOGwdr0DOBlA+jVwpPRBoixYljYnLfG2CDX6OY01Dq7bzpdnyU3gCJE+w uifujiA54RtKFKq4O6Sgzf1yPvHIrG20ciw4gswciJNoXD8akZPRgfmZ2GYelfri jDLHRkBvCU1dpTxxd35qJuUCkPH/Odlu2PC24NUoveJDNEksNTO/Cqx/Pst2t3uU odF/r1aoWa/Rf2GRjvvG4m6ucBgUezYPVevGmHnvV3itBoyHqM1M5tG0oY3v8cgS lig2v5maX0i9YtLvUGbLOmp/1WeS2doDLpJoG59IFuXAaPvEsSXDskwt554Nm0SH -----END CERTIFICATE-----Generated at Tue Feb 10 04:48:59 2026 by rpki-client