This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/zKosVsnnSwnan5xK-AKXc-6q3RA.roa File: zKosVsnnSwnan5xK-AKXc-6q3RA.roa (raw, json) Hash identifier: AR+C5oOYJwVvPymmFfXk0qR5THoCvoOhDXOz0Nd5wXE= Subject key identifier: CC:AA:2C:56:C9:E7:4B:09:DA:9F:9C:4A:F8:02:97:73:EE:AA:DD:10 Certificate issuer: /CN=04cbe5b4623dab42f15a905002db7ce62e854f29 Certificate serial: 019BDB12337E0D8DFE815E0F6D0E4A581436 Authority key identifier: 04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/zKosVsnnSwnan5xK-AKXc-6q3RA.roa Signing time: Tue 20 Jan 2026 11:02:41 +0000 ROA not before: Tue 20 Jan 2026 11:02:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 6672 IP address blocks: 37.202.8.0/21 maxlen: 21 212.113.96.0/19 maxlen: 19 2a02:9d8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/BMvltGI9q0LxWpBQAtt85i6FTyk.crl rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/BMvltGI9q0LxWpBQAtt85i6FTyk.mft rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:db:12:33:7e:0d:8d:fe:81:5e:0f:6d:0e:4a:58:14:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=04cbe5b4623dab42f15a905002db7ce62e854f29 Validity Not Before: Jan 20 11:02:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ccaa2c56c9e74b09da9f9c4af8029773eeaadd10 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:b1:87:14:d3:a8:2f:19:f1:02:46:2f:cd:25: a3:57:b7:b3:c9:a8:5b:7f:85:08:b8:da:a6:72:27: eb:24:09:ab:8c:51:ce:cd:3f:02:c3:87:cf:ba:20: 85:1e:55:e2:8b:de:7a:3c:c5:fe:c7:8f:1b:1f:ae: 06:54:e8:42:df:8d:2a:3f:97:79:c9:69:a6:78:d1: ae:a6:61:5f:5a:6b:af:d4:ea:b6:a9:f5:92:0a:29: 0b:c8:5e:78:cb:5e:d8:b9:a0:13:bd:00:35:bb:24: 2c:ee:92:70:4d:01:f3:f2:76:41:91:fe:66:bd:39: fc:32:c0:20:87:3d:5a:40:82:d9:0d:e2:d1:0e:25: 87:84:ef:2f:be:76:c1:2c:f0:41:a8:ec:6f:63:7d: b2:7a:e8:13:57:f7:2f:9c:97:ea:bd:21:c5:5d:ba: 51:06:98:c7:78:7b:96:e0:ad:c0:25:57:14:69:1d: 7b:a4:64:80:dd:7c:d5:85:42:af:d4:8c:bb:ea:8d: 0b:d1:bd:7a:7d:f5:6e:93:bf:f3:64:ec:da:55:bd: 12:d3:d9:dc:e9:fe:dc:32:44:68:6a:a1:e6:e6:81: fd:98:6b:bc:86:2e:ca:7c:f9:61:d7:61:e0:71:81: bf:f2:3a:de:25:b9:91:6e:18:4c:6a:8c:b8:62:98: 22:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:AA:2C:56:C9:E7:4B:09:DA:9F:9C:4A:F8:02:97:73:EE:AA:DD:10 X509v3 Authority Key Identifier: keyid:04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/zKosVsnnSwnan5xK-AKXc-6q3RA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/BMvltGI9q0LxWpBQAtt85i6FTyk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.202.8.0/21 212.113.96.0/19 IPv6: 2a02:9d8::/32 Signature Algorithm: sha256WithRSAEncryption 3d:ee:58:b8:32:4c:4a:49:98:bd:f0:5a:87:ba:59:49:05:bf: ac:b1:be:f2:9d:dd:03:b7:62:19:04:3e:b6:bd:a8:e0:7a:7f: b4:bc:45:c3:d4:6d:5c:71:f2:f8:45:94:27:33:7d:e6:05:36: 9a:0b:8f:de:b2:e1:79:d6:19:22:a8:88:5f:5d:c8:5d:01:28: ca:e0:d8:d4:56:3a:59:07:da:64:f6:1e:7a:67:0e:45:f4:85: df:02:ba:43:51:d9:84:c1:8a:fc:83:66:47:13:cd:a5:10:91: 42:1c:48:4a:cf:13:dc:82:1d:ec:f6:99:7a:09:ea:89:ef:c9: 29:ed:d6:8f:39:0c:1f:1e:ed:43:53:16:b1:26:9a:ac:fc:62: d7:76:7a:d4:06:22:42:2e:87:70:46:58:ec:09:f3:70:d3:57: 1e:7a:b1:0d:68:d3:34:81:ea:c9:66:4f:5a:94:67:6c:d5:4f: c7:24:2b:87:97:39:8e:1f:1b:f6:6a:75:88:67:56:0e:c0:78: 10:af:22:fb:1b:5b:b4:7c:b5:e1:13:7e:e5:81:8b:ed:a4:e9: a8:97:a3:70:d3:a3:85:7a:38:e2:5d:35:a6:68:74:04:02:d4: 8c:9c:7a:88:bd:77:8d:e6:c6:e2:a1:6d:d6:5b:b8:81:b1:2c: 5d:c1:a3:44 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZvbEjN+DY3+gV4PbQ5KWBQ2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA0Y2JlNWI0NjIzZGFiNDJmMTVhOTA1MDAyZGI3Y2U2MmU4 NTRmMjkwHhcNMjYwMTIwMTEwMjQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjY2FhMmM1NmM5ZTc0YjA5ZGE5ZjljNGFmODAyOTc3M2VlYWFkZDEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLGHFNOoLxnxAkYvzSWjV7ezyahb f4UIuNqmcifrJAmrjFHOzT8Cw4fPuiCFHlXii956PMX+x48bH64GVOhC340qP5d5 yWmmeNGupmFfWmuv1Oq2qfWSCikLyF54y17YuaATvQA1uyQs7pJwTQHz8nZBkf5m vTn8MsAghz1aQILZDeLRDiWHhO8vvnbBLPBBqOxvY32yeugTV/cvnJfqvSHFXbpR BpjHeHuW4K3AJVcUaR17pGSA3XzVhUKv1Iy76o0L0b16ffVuk7/zZOzaVb0S09nc 6f7cMkRoaqHm5oH9mGu8hi7KfPlh12HgcYG/8jreJbmRbhhMaoy4YpgiqwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFMyqLFbJ50sJ2p+cSvgCl3Puqt0QMB8GA1UdIwQY MBaAFATL5bRiPatC8VqQUALbfOYuhU8pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODct MDU3ODE3YmE5ZmI3LzEvektvc1Zzbm5Td25hbjV4Sy1BS1hjLTZxM1JBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODctMDU3ODE3YmE5ZmI3 LzEvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJcoIAwQF 1HFgMA0EAgACMAcDBQAqAgnYMA0GCSqGSIb3DQEBCwUAA4IBAQA97li4MkxKSZi9 8FqHullJBb+ssb7ynd0Dt2IZBD62vajgen+0vEXD1G1ccfL4RZQnM33mBTaaC4/e suF51hkiqIhfXchdASjK4NjUVjpZB9pk9h56Zw5F9IXfArpDUdmEwYr8g2ZHE82l EJFCHEhKzxPcgh3s9pl6CeqJ78kp7daPOQwfHu1DUxaxJpqs/GLXdnrUBiJCLodw RljsCfNw01ceerENaNM0gerJZk9alGds1U/HJCuHlzmOHxv2anWIZ1YOwHgQryL7 G1u0fLXhE37lgYvtpOmol6Nw06OFejjiXTWmaHQEAtSMnHqIvXeN5sbioW3WW7iB sSxdwaNE -----END CERTIFICATE-----Generated at Sun Jan 25 22:42:15 2026 by rpki-client