This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/zTHzOEqQcltybi7DBNKBPAcfHpQ.roa File: zTHzOEqQcltybi7DBNKBPAcfHpQ.roa (raw, json) Hash identifier: UUDJzDF/iymccBvu68uLYzY/OC+w/F8uHvgpfAmjIMM= Subject key identifier: CD:31:F3:38:4A:90:72:5B:72:6E:2E:C3:04:D2:81:3C:07:1F:1E:94 Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56 Certificate serial: 019B7B35F61B7D4A8B5F330288014E44BFC8 Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/zTHzOEqQcltybi7DBNKBPAcfHpQ.roa Signing time: Thu 01 Jan 2026 20:18:12 +0000 ROA not before: Thu 01 Jan 2026 20:18:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 33993 IP address blocks: 45.138.157.0/24 maxlen: 24 193.201.126.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 16 Jan 2026 04:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:f6:1b:7d:4a:8b:5f:33:02:88:01:4e:44:bf:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56 Validity Not Before: Jan 1 20:18:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cd31f3384a90725b726e2ec304d2813c071f1e94 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:08:aa:23:b7:eb:24:5e:d5:19:26:f3:f2:cc: ed:1d:5a:f1:3b:12:8f:df:3c:59:48:44:9c:37:50: 10:90:f1:d9:71:fe:3c:d2:9c:f3:7b:7c:ac:16:ed: 8d:63:c2:22:23:5e:80:df:47:f3:cd:b2:04:39:0c: 74:38:d4:cb:4c:61:d3:80:02:79:34:0a:2a:fb:a6: 4f:c1:ba:4b:16:a6:da:87:8f:27:97:ad:44:a1:87: 60:0d:a1:5f:70:1f:56:be:c6:c6:8f:8f:d2:20:ef: 7f:2c:7c:9e:5e:6e:fb:21:8f:05:64:85:0c:c5:7e: 1e:a9:0e:66:c1:96:29:48:65:c8:98:d5:7f:40:ac: 7f:2e:72:7e:32:dd:42:d5:a7:37:c7:cd:02:7b:87: 9b:9f:60:81:56:5d:f6:22:10:a1:91:f1:07:9a:f3: 06:3d:98:87:f0:ec:f6:f3:54:3f:bd:de:c0:46:f7: 4d:6c:34:80:5c:2a:4c:18:43:f4:c8:29:11:b4:f8: ba:2d:69:2b:18:7e:92:ab:4c:ef:6d:b6:16:97:94: c6:53:f3:06:4e:67:62:3d:5f:a4:43:f4:c5:37:d0: f6:98:53:cb:ca:5b:4b:59:54:75:ed:89:b8:39:48: f4:5e:2f:88:4a:62:54:bd:88:1e:81:34:ed:d4:32: 99:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:31:F3:38:4A:90:72:5B:72:6E:2E:C3:04:D2:81:3C:07:1F:1E:94 X509v3 Authority Key Identifier: keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/zTHzOEqQcltybi7DBNKBPAcfHpQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.138.157.0/24 193.201.126.0/24 Signature Algorithm: sha256WithRSAEncryption 7a:56:20:4d:5a:38:35:56:d6:af:07:4c:4f:fc:b3:7f:88:78: 21:94:59:f1:26:3e:b8:dd:d5:2b:cc:d8:17:ed:7b:9d:1b:0a: 34:60:0a:41:73:9d:33:6a:3b:cb:ce:5f:2f:b9:b2:42:00:6a: 23:88:a9:e7:99:70:7b:da:74:a9:a3:4d:fa:ac:50:75:2d:d0: 23:6c:29:23:c2:99:83:18:73:41:d7:09:0a:91:ad:ec:d2:45: 24:38:e9:16:da:90:89:a9:cb:34:7d:3f:69:62:7a:74:f2:1d: 95:76:58:25:e2:c3:31:9c:f2:2b:46:9e:b5:ef:21:13:85:97: 47:fe:e4:fa:20:41:67:2c:47:23:d1:92:37:fd:33:db:61:39: be:eb:3e:89:42:84:46:e2:73:70:96:e0:de:75:98:68:e8:9e: fc:c0:ea:c3:87:84:ab:e5:2b:1f:38:4d:a9:e8:27:da:dc:5d: 84:1d:18:2b:19:40:37:24:fe:5f:f9:96:2f:49:27:4e:d6:08: 45:d6:53:5b:b4:ec:64:e1:27:33:1c:1c:4d:91:c4:8d:92:f1: 2a:22:d0:83:be:ea:6f:6e:1b:41:61:d1:2f:d5:54:e8:7a:c9: 7e:68:9d:6d:02:93:87:46:99:72:1f:94:d9:c4:61:13:ac:af: 5a:c9:31:f8 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt7NfYbfUqLXzMCiAFORL/IMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw N2VlNTYwHhcNMjYwMTAxMjAxODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZDMxZjMzODRhOTA3MjViNzI2ZTJlYzMwNGQyODEzYzA3MWYxZTk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQiqI7frJF7VGSbz8sztHVrxOxKP 3zxZSEScN1AQkPHZcf480pzze3ysFu2NY8IiI16A30fzzbIEOQx0ONTLTGHTgAJ5 NAoq+6ZPwbpLFqbah48nl61EoYdgDaFfcB9WvsbGj4/SIO9/LHyeXm77IY8FZIUM xX4eqQ5mwZYpSGXImNV/QKx/LnJ+Mt1C1ac3x80Ce4ebn2CBVl32IhChkfEHmvMG PZiH8Oz281Q/vd7ARvdNbDSAXCpMGEP0yCkRtPi6LWkrGH6Sq0zvbbYWl5TGU/MG TmdiPV+kQ/TFN9D2mFPLyltLWVR17Ym4OUj0Xi+ISmJUvYgegTTt1DKZ8wIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFM0x8zhKkHJbcm4uwwTSgTwHHx6UMB8GA1UdIwQY MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt OGJmYmRkNDVjYjYyLzEvelRIek9FcVFjbHR5Ymk3REJOS0JQQWNmSHBRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYqdAwQA wcl+MA0GCSqGSIb3DQEBCwUAA4IBAQB6ViBNWjg1VtavB0xP/LN/iHghlFnxJj64 3dUrzNgX7XudGwo0YApBc50zajvLzl8vubJCAGojiKnnmXB72nSpo036rFB1LdAj bCkjwpmDGHNB1wkKka3s0kUkOOkW2pCJqcs0fT9pYnp08h2Vdlgl4sMxnPIrRp61 7yEThZdH/uT6IEFnLEcj0ZI3/TPbYTm+6z6JQoRG4nNwluDedZho6J78wOrDh4Sr 5SsfOE2p6Cfa3F2EHRgrGUA3JP5f+ZYvSSdO1ghF1lNbtOxk4SczHBxNkcSNkvEq ItCDvupvbhtBYdEv1VToesl+aJ1tApOHRplyH5TZxGETrK9ayTH4 -----END CERTIFICATE-----Generated at Thu Jan 15 13:17:00 2026 by rpki-client