This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/ZuK1S3Ghc42zA0OJKwC9zhMPjd8.roa File: ZuK1S3Ghc42zA0OJKwC9zhMPjd8.roa (raw, json) Hash identifier: qj8u0n4HOzKDi6033J2/YLNKzCyWyCiJX2ywZI9NyUk= Subject key identifier: 66:E2:B5:4B:71:A1:73:8D:B3:03:43:89:2B:00:BD:CE:13:0F:8D:DF Certificate issuer: /CN=345ae646ea34ad2688aca2fdd1a6f3340356495e Certificate serial: 019B78A365571A82402AD6D1524F482BC7BC Authority key identifier: 34:5A:E6:46:EA:34:AD:26:88:AC:A2:FD:D1:A6:F3:34:03:56:49:5E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NFrmRuo0rSaIrKL90abzNANWSV4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/ZuK1S3Ghc42zA0OJKwC9zhMPjd8.roa Signing time: Thu 01 Jan 2026 08:18:52 +0000 ROA not before: Thu 01 Jan 2026 08:18:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14618 IP address blocks: 185.120.172.0/24 maxlen: 24 185.120.173.0/24 maxlen: 24 185.120.174.0/24 maxlen: 24 185.120.175.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/NFrmRuo0rSaIrKL90abzNANWSV4.crl rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/NFrmRuo0rSaIrKL90abzNANWSV4.mft rsync://rpki.ripe.net/repository/DEFAULT/NFrmRuo0rSaIrKL90abzNANWSV4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 15:30:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:65:57:1a:82:40:2a:d6:d1:52:4f:48:2b:c7:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=345ae646ea34ad2688aca2fdd1a6f3340356495e Validity Not Before: Jan 1 08:18:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=66e2b54b71a1738db30343892b00bdce130f8ddf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:47:48:7b:8b:e7:f4:09:ca:9b:33:69:17:81: b4:9c:be:d6:a0:e3:3b:ec:cf:95:b5:60:17:cc:dc: 95:df:29:b2:87:b7:ec:b0:88:17:d1:8c:44:84:fe: 28:65:dc:c9:89:b8:72:8d:5f:e4:86:06:c5:3f:1c: d2:70:42:6f:8e:bf:fe:2e:a7:a0:c2:cf:94:24:96: 6e:09:87:3e:bd:bc:4d:d7:e4:4b:fc:3d:04:1f:81: ab:ba:69:f5:12:79:07:c8:82:a3:d6:07:ae:e2:9e: a4:87:c4:0c:05:c6:aa:78:f4:09:63:58:c9:15:d5: db:c4:36:93:73:d5:66:e9:11:cc:61:4c:6e:4d:b4: ee:a6:d8:2b:7e:28:da:b4:a4:b0:66:07:e1:5a:e2: b4:73:07:f1:df:c2:2d:92:32:91:5e:8d:fb:e8:4f: 63:58:aa:f7:c1:a5:87:3d:6d:82:6e:a6:d0:90:72: 16:dc:0b:87:08:1a:c5:a7:17:76:00:29:54:cd:07: da:f6:d7:91:3a:66:d1:ea:40:51:37:bc:68:12:fd: ba:5c:a0:c1:0d:4a:36:72:93:68:e6:70:79:87:81: 4d:6c:1b:7d:70:9b:39:cb:f8:5d:5d:c1:75:5e:6e: 59:c4:9d:b6:d3:3b:05:ad:5e:3f:44:bc:c8:ef:13: e3:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:E2:B5:4B:71:A1:73:8D:B3:03:43:89:2B:00:BD:CE:13:0F:8D:DF X509v3 Authority Key Identifier: keyid:34:5A:E6:46:EA:34:AD:26:88:AC:A2:FD:D1:A6:F3:34:03:56:49:5E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NFrmRuo0rSaIrKL90abzNANWSV4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/ZuK1S3Ghc42zA0OJKwC9zhMPjd8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/NFrmRuo0rSaIrKL90abzNANWSV4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.120.172.0/22 Signature Algorithm: sha256WithRSAEncryption b8:09:44:fd:57:f7:4f:e9:3d:52:8a:92:9a:94:67:a3:10:65: c7:2f:ab:72:43:ff:1c:f0:fc:34:bc:25:7d:16:a9:86:36:91: 25:84:3d:ac:24:84:99:d1:43:89:f9:27:7a:00:28:75:62:6c: f8:8b:cd:5b:6d:a5:91:16:58:fc:00:d7:c9:b4:25:ca:f9:6b: a3:da:8b:af:35:6c:03:d7:81:a8:11:b0:63:97:8c:f8:b0:63: d4:3e:fb:98:ea:8c:58:13:c2:53:17:7b:f8:38:25:99:71:ba: 91:c9:00:4c:8f:7d:d4:9c:b2:8f:fc:e1:7a:31:db:42:35:07: ec:0d:ae:19:89:a5:73:6b:a6:7d:aa:97:59:36:d2:27:3e:05: 71:09:96:27:e2:4a:88:3d:f0:e7:8c:4f:f0:13:6b:63:f5:56: b2:9f:46:ea:aa:01:2b:94:74:fd:6a:70:95:78:3c:81:e5:df: 68:1d:4a:bc:e8:cb:78:b7:6f:59:c4:09:28:e1:f5:60:70:bb: df:29:f7:68:12:2a:68:a3:ff:92:6f:5a:b5:ed:f2:21:55:b5: ae:39:fb:e0:eb:e3:c3:1f:6b:2c:22:d2:2b:06:ac:cf:bc:3e: f5:ac:7a:6c:d0:4e:ab:dd:b8:27:ee:05:4a:70:a4:0b:ff:0e: d2:ba:b4:a8 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4o2VXGoJAKtbRUk9IK8e8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0NWFlNjQ2ZWEzNGFkMjY4OGFjYTJmZGQxYTZmMzM0MDM1 NjQ5NWUwHhcNMjYwMTAxMDgxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NmUyYjU0YjcxYTE3MzhkYjMwMzQzODkyYjAwYmRjZTEzMGY4ZGRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0dIe4vn9AnKmzNpF4G0nL7WoOM7 7M+VtWAXzNyV3ymyh7fssIgX0YxEhP4oZdzJibhyjV/khgbFPxzScEJvjr/+Lqeg ws+UJJZuCYc+vbxN1+RL/D0EH4Grumn1EnkHyIKj1geu4p6kh8QMBcaqePQJY1jJ FdXbxDaTc9Vm6RHMYUxuTbTuptgrfijatKSwZgfhWuK0cwfx38ItkjKRXo376E9j WKr3waWHPW2CbqbQkHIW3AuHCBrFpxd2AClUzQfa9teROmbR6kBRN7xoEv26XKDB DUo2cpNo5nB5h4FNbBt9cJs5y/hdXcF1Xm5ZxJ220zsFrV4/RLzI7xPjnQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFGbitUtxoXONswNDiSsAvc4TD43fMB8GA1UdIwQY MBaAFDRa5kbqNK0miKyi/dGm8zQDVkleMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkZybVJ1bzByU2FJcktMOTBhYnpOQU5XU1Y0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8zY2MxMzUtZjE2Ni00MmViLTgyMDMt ZjQ5MTIwYmVkNTFjLzEvWnVLMVMzR2hjNDJ6QTBPSkt3Qzl6aE1QamQ4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My8zY2MxMzUtZjE2Ni00MmViLTgyMDMtZjQ5MTIwYmVkNTFj LzEvTkZybVJ1bzByU2FJcktMOTBhYnpOQU5XU1Y0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXisMA0G CSqGSIb3DQEBCwUAA4IBAQC4CUT9V/dP6T1SipKalGejEGXHL6tyQ/8c8Pw0vCV9 FqmGNpElhD2sJISZ0UOJ+Sd6ACh1Ymz4i81bbaWRFlj8ANfJtCXK+Wuj2ouvNWwD 14GoEbBjl4z4sGPUPvuY6oxYE8JTF3v4OCWZcbqRyQBMj33UnLKP/OF6MdtCNQfs Da4ZiaVza6Z9qpdZNtInPgVxCZYn4kqIPfDnjE/wE2tj9Vayn0bqqgErlHT9anCV eDyB5d9oHUq86Mt4t29ZxAko4fVgcLvfKfdoEipoo/+Sb1q17fIhVbWuOfvg6+PD H2ssItIrBqzPvD71rHps0E6r3bgn7gVKcKQL/w7SurSo -----END CERTIFICATE-----Generated at Wed Jan 7 23:47:55 2026 by rpki-client