This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/zKPJ1aUk7U9x8WVHRd4-RzORH30.roa File: zKPJ1aUk7U9x8WVHRd4-RzORH30.roa (raw, json) Hash identifier: oMQrL9GvdJqmjmfNbo6U4V/JwihFWzU7V32F6VSp6yg= Subject key identifier: CC:A3:C9:D5:A5:24:ED:4F:71:F1:65:47:45:DE:3E:47:33:91:1F:7D Certificate issuer: /CN=6eab53640b0931924b73f760925845150a6ccca5 Certificate serial: 019B7BA53017741824F81AA8ADEB960C8130 Authority key identifier: 6E:AB:53:64:0B:09:31:92:4B:73:F7:60:92:58:45:15:0A:6C:CC:A5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bqtTZAsJMZJLc_dgklhFFQpszKU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/zKPJ1aUk7U9x8WVHRd4-RzORH30.roa Signing time: Thu 01 Jan 2026 22:19:41 +0000 ROA not before: Thu 01 Jan 2026 22:19:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43848 IP address blocks: 185.51.220.0/23 maxlen: 24 185.51.220.0/24 maxlen: 24 185.51.221.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/bqtTZAsJMZJLc_dgklhFFQpszKU.crl rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/bqtTZAsJMZJLc_dgklhFFQpszKU.mft rsync://rpki.ripe.net/repository/DEFAULT/bqtTZAsJMZJLc_dgklhFFQpszKU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:30:17:74:18:24:f8:1a:a8:ad:eb:96:0c:81:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6eab53640b0931924b73f760925845150a6ccca5 Validity Not Before: Jan 1 22:19:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cca3c9d5a524ed4f71f1654745de3e4733911f7d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:a4:6a:bf:f6:54:e9:78:a9:9a:94:6b:ff:b3: 10:ca:af:8d:40:5d:ea:82:35:29:e7:30:58:42:55: 36:85:ea:a7:88:b6:79:fc:2a:e7:b3:30:cd:65:91: 8c:1c:ca:a3:92:a9:b9:c8:31:0d:eb:87:00:fa:67: 13:dc:58:78:9f:40:9e:bb:47:1b:9c:30:9f:42:c0: 73:f1:99:01:2a:0a:ae:ab:76:1c:ab:61:14:76:11: 68:51:7b:3b:69:e4:97:24:2c:72:a5:b3:38:29:d8: 77:ac:e0:0f:fb:3c:c2:d8:90:ea:b6:85:32:d6:8c: 88:22:e4:41:5c:d9:cb:e1:c7:00:bb:ee:1b:8a:36: 73:fb:d1:88:00:05:51:84:cb:10:14:c0:df:c7:89: 88:00:55:e3:8d:e3:87:e5:5c:28:7d:56:e7:8d:59: 50:dc:db:c3:d3:a1:95:a0:fa:2e:65:fc:ff:e3:6a: fa:a6:dd:84:f9:c5:5a:5e:7b:9d:f3:40:19:fa:30: 0b:15:e1:d1:e2:89:54:2a:3e:40:90:a3:32:69:8d: 8f:a1:9f:b5:c1:7d:99:24:98:3d:99:b1:25:05:38: aa:af:10:49:59:8e:ae:d1:74:96:24:e2:00:75:ad: 76:08:81:0b:16:31:bd:a9:57:f3:92:d9:61:6e:ae: 88:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:A3:C9:D5:A5:24:ED:4F:71:F1:65:47:45:DE:3E:47:33:91:1F:7D X509v3 Authority Key Identifier: keyid:6E:AB:53:64:0B:09:31:92:4B:73:F7:60:92:58:45:15:0A:6C:CC:A5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bqtTZAsJMZJLc_dgklhFFQpszKU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/zKPJ1aUk7U9x8WVHRd4-RzORH30.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/bqtTZAsJMZJLc_dgklhFFQpszKU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.51.220.0/23 Signature Algorithm: sha256WithRSAEncryption be:a0:b9:89:77:c9:ef:2d:d8:dd:7c:cd:83:f2:65:fe:1a:04: e6:12:73:3c:59:0a:87:b5:1a:20:14:5c:07:4e:cf:f3:11:5e: c0:92:c4:3b:7d:14:a3:55:6b:89:89:0d:3d:98:e3:2f:4c:49: c6:7d:a4:2e:eb:77:7d:9d:21:18:1f:43:d7:36:e9:62:bf:38: 38:af:dc:fa:c1:cc:71:16:a9:0e:71:36:22:35:f1:5d:e2:8e: 38:60:e1:2a:de:a3:3f:22:58:41:33:70:40:74:47:db:2b:a3: e2:8a:a8:7e:7b:6c:87:8c:45:15:8c:64:85:d1:38:d8:2f:14: d7:f2:ee:3f:9a:3d:c3:fd:ec:94:8b:fc:7b:ec:77:d9:55:27: a7:cf:5f:7f:96:b5:03:12:69:87:7e:17:21:ec:a3:5c:12:19: 06:64:b9:74:9b:f2:dc:31:69:36:11:72:5a:19:e9:d9:e9:36: b1:12:49:9b:32:7d:67:3f:57:8e:e5:a6:42:74:69:53:07:75: 62:9f:89:e6:bb:fa:26:54:d3:f9:f6:19:ac:12:64:11:69:63: 67:54:81:0b:ec:dd:16:25:f8:2a:11:3a:a7:f6:94:64:ef:89: c0:03:98:ec:16:a5:3b:65:a5:7a:de:a3:df:3b:8e:6f:b4:77: 9f:d7:4e:65 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7pTAXdBgk+BqoreuWDIEwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZlYWI1MzY0MGIwOTMxOTI0YjczZjc2MDkyNTg0NTE1MGE2 Y2NjYTUwHhcNMjYwMTAxMjIxOTQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjY2EzYzlkNWE1MjRlZDRmNzFmMTY1NDc0NWRlM2U0NzMzOTExZjdkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6Rqv/ZU6XipmpRr/7MQyq+NQF3q gjUp5zBYQlU2heqniLZ5/CrnszDNZZGMHMqjkqm5yDEN64cA+mcT3Fh4n0Ceu0cb nDCfQsBz8ZkBKgquq3Ycq2EUdhFoUXs7aeSXJCxypbM4Kdh3rOAP+zzC2JDqtoUy 1oyIIuRBXNnL4ccAu+4bijZz+9GIAAVRhMsQFMDfx4mIAFXjjeOH5VwofVbnjVlQ 3NvD06GVoPouZfz/42r6pt2E+cVaXnud80AZ+jALFeHR4olUKj5AkKMyaY2PoZ+1 wX2ZJJg9mbElBTiqrxBJWY6u0XSWJOIAda12CIELFjG9qVfzktlhbq6I7wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFMyjydWlJO1PcfFlR0XePkczkR99MB8GA1UdIwQY MBaAFG6rU2QLCTGSS3P3YJJYRRUKbMylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYnF0VFpBc0pNWkpMY19kZ2tsaEZGUXBzektVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yYTM4ZTYtMjk0ZS00ZmEzLWE1YTAt NTMwNDYzMjM5NTFmLzEvektQSjFhVWs3VTl4OFdWSFJkNC1Sek9SSDMwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZC8yYTM4ZTYtMjk0ZS00ZmEzLWE1YTAtNTMwNDYzMjM5NTFm LzEvYnF0VFpBc0pNWkpMY19kZ2tsaEZGUXBzektVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuTPcMA0G CSqGSIb3DQEBCwUAA4IBAQC+oLmJd8nvLdjdfM2D8mX+GgTmEnM8WQqHtRogFFwH Ts/zEV7AksQ7fRSjVWuJiQ09mOMvTEnGfaQu63d9nSEYH0PXNulivzg4r9z6wcxx FqkOcTYiNfFd4o44YOEq3qM/IlhBM3BAdEfbK6Piiqh+e2yHjEUVjGSF0TjYLxTX 8u4/mj3D/eyUi/x77HfZVSenz19/lrUDEmmHfhch7KNcEhkGZLl0m/LcMWk2EXJa GenZ6TaxEkmbMn1nP1eO5aZCdGlTB3Vin4nmu/omVNP59hmsEmQRaWNnVIEL7N0W JfgqETqn9pRk74nAA5jsFqU7ZaV63qPfO45vtHef105l -----END CERTIFICATE-----Generated at Mon Feb 9 22:15:28 2026 by rpki-client