This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/2eed24-0dff-4400-a57c-459ddc631bcc/1/rzSZWBGG1mILDZWq_ejHiNaagug.roa File: rzSZWBGG1mILDZWq_ejHiNaagug.roa (raw, json) Hash identifier: E4TzWT1DdcBtP+Tvjygnl6VcTwVaPGsD2eWFKuV7qQA= Subject key identifier: AF:34:99:58:11:86:D6:62:0B:0D:95:AA:FD:E8:C7:88:D6:9A:82:E8 Certificate issuer: /CN=5a02ca81b9f0a9713b099687dc81551c45e3f8fc Certificate serial: 019B7835225C7526B53C7DFD17CF321FE9D1 Authority key identifier: 5A:02:CA:81:B9:F0:A9:71:3B:09:96:87:DC:81:55:1C:45:E3:F8:FC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WgLKgbnwqXE7CZaH3IFVHEXj-Pw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/2eed24-0dff-4400-a57c-459ddc631bcc/1/rzSZWBGG1mILDZWq_ejHiNaagug.roa Signing time: Thu 01 Jan 2026 06:18:26 +0000 ROA not before: Thu 01 Jan 2026 06:18:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 680 IP address blocks: 141.30.0.0/16 maxlen: 16 141.76.0.0/16 maxlen: 16 2a13:dd80::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/2eed24-0dff-4400-a57c-459ddc631bcc/1/WgLKgbnwqXE7CZaH3IFVHEXj-Pw.crl rsync://rpki.ripe.net/repository/DEFAULT/46/2eed24-0dff-4400-a57c-459ddc631bcc/1/WgLKgbnwqXE7CZaH3IFVHEXj-Pw.mft rsync://rpki.ripe.net/repository/DEFAULT/WgLKgbnwqXE7CZaH3IFVHEXj-Pw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:35:22:5c:75:26:b5:3c:7d:fd:17:cf:32:1f:e9:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5a02ca81b9f0a9713b099687dc81551c45e3f8fc Validity Not Before: Jan 1 06:18:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=af3499581186d6620b0d95aafde8c788d69a82e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:3a:bb:6a:87:c0:33:c5:d4:3e:b1:49:b8:99: a5:82:25:1b:a0:b1:1c:34:54:f6:6c:cd:c9:1d:5a: d8:9f:88:bc:cf:a5:26:08:65:ea:cf:a2:97:a5:e1: db:27:6f:0e:0f:6d:0f:0d:2c:c3:4b:cf:87:a9:28: 2a:f5:18:b9:4e:1b:b7:08:47:06:60:97:c8:42:81: f5:75:83:18:50:c9:69:64:4d:0f:fc:39:6b:87:d5: 89:cf:b2:d1:e5:b2:f4:27:30:8b:0f:7b:38:22:f8: 48:64:d0:68:fe:dd:19:2c:80:d6:98:95:11:c8:17: 9e:b0:34:92:76:47:43:7f:09:ff:87:31:f4:f3:58: 31:07:9f:70:75:f7:a6:3c:5e:ec:0e:67:b4:23:85: db:71:c1:96:71:80:2e:57:0d:81:0a:3e:f6:d9:54: b1:47:33:de:73:9b:2d:83:77:51:6a:7a:9e:aa:f9: d2:ad:33:65:5b:ff:65:c3:11:bb:53:80:11:f6:0c: 56:c4:a8:b6:73:cd:18:ed:fd:66:01:02:31:f2:67: 92:e9:e5:8b:8e:47:f5:ce:ea:ed:71:cf:5c:7f:4c: 13:ca:8b:a9:23:84:6a:f6:d3:f0:a9:ef:61:84:e3: 0d:12:ff:c4:7c:f7:a2:13:3c:93:35:65:e6:86:43: 39:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:34:99:58:11:86:D6:62:0B:0D:95:AA:FD:E8:C7:88:D6:9A:82:E8 X509v3 Authority Key Identifier: keyid:5A:02:CA:81:B9:F0:A9:71:3B:09:96:87:DC:81:55:1C:45:E3:F8:FC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WgLKgbnwqXE7CZaH3IFVHEXj-Pw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/2eed24-0dff-4400-a57c-459ddc631bcc/1/rzSZWBGG1mILDZWq_ejHiNaagug.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/46/2eed24-0dff-4400-a57c-459ddc631bcc/1/WgLKgbnwqXE7CZaH3IFVHEXj-Pw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 141.30.0.0/16 141.76.0.0/16 IPv6: 2a13:dd80::/29 Signature Algorithm: sha256WithRSAEncryption 3f:ef:fa:3e:19:13:bb:03:0e:29:94:70:d1:9e:a6:e1:a3:12: 22:69:62:a2:f5:ee:55:bd:a5:c4:13:58:bd:6e:b9:2c:f7:7c: 8d:6e:7d:2f:72:a2:48:74:b5:b4:94:12:6d:ff:86:d3:c9:ac: c0:3d:af:c2:71:d0:e6:a3:10:94:a5:91:ec:0a:5c:76:85:27: c5:10:da:03:85:a6:60:e6:bd:6b:d4:f4:b7:cb:d4:40:12:d4: f7:87:81:c1:03:20:a1:21:6d:d0:eb:0e:71:f2:23:1e:56:a5: 71:ac:1f:22:07:74:d4:05:29:0d:29:38:18:ac:13:8a:ea:ed: 1d:07:3c:ea:3b:63:9e:b5:98:48:9c:47:fa:d7:69:91:72:df: 6a:5d:2c:c9:1a:0f:d2:57:2e:86:49:6c:f3:12:8d:b7:bf:33: 04:5e:89:26:69:41:93:7b:a3:e2:df:da:64:29:9e:3e:1f:61: 27:60:5f:50:d5:0c:4e:2d:bd:09:0a:74:f4:b0:af:91:99:3a: 91:03:f3:06:d5:14:17:93:64:13:62:4c:61:17:65:45:92:0e: a3:9a:01:06:73:24:88:59:46:fc:4a:f5:17:21:53:6a:e5:2a: db:b7:f6:df:59:90:07:8b:46:c5:5c:1e:f3:dc:2d:1d:d4:6a: 33:de:ff:45 -----BEGIN CERTIFICATE----- MIIFEDCCA/igAwIBAgISAZt4NSJcdSa1PH39F88yH+nRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVhMDJjYTgxYjlmMGE5NzEzYjA5OTY4N2RjODE1NTFjNDVl M2Y4ZmMwHhcNMjYwMTAxMDYxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZjM0OTk1ODExODZkNjYyMGIwZDk1YWFmZGU4Yzc4OGQ2OWE4MmU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDq7aofAM8XUPrFJuJmlgiUboLEc NFT2bM3JHVrYn4i8z6UmCGXqz6KXpeHbJ28OD20PDSzDS8+HqSgq9Ri5Thu3CEcG YJfIQoH1dYMYUMlpZE0P/Dlrh9WJz7LR5bL0JzCLD3s4IvhIZNBo/t0ZLIDWmJUR yBeesDSSdkdDfwn/hzH081gxB59wdfemPF7sDme0I4XbccGWcYAuVw2BCj722VSx RzPec5stg3dRanqeqvnSrTNlW/9lwxG7U4AR9gxWxKi2c80Y7f1mAQIx8meS6eWL jkf1zurtcc9cf0wTyoupI4Rq9tPwqe9hhOMNEv/EfPeiEzyTNWXmhkM5WQIDAQAB o4ICHDCCAhgwHQYDVR0OBBYEFK80mVgRhtZiCw2Vqv3ox4jWmoLoMB8GA1UdIwQY MBaAFFoCyoG58KlxOwmWh9yBVRxF4/j8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV2dMS2dibndxWEU3Q1phSDNJRlZIRVhqLVB3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8yZWVkMjQtMGRmZi00NDAwLWE1N2Mt NDU5ZGRjNjMxYmNjLzEvcnpTWldCR0cxbUlMRFpXcV9lakhpTmFhZ3VnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ni8yZWVkMjQtMGRmZi00NDAwLWE1N2MtNDU5ZGRjNjMxYmNj LzEvV2dMS2dibndxWEU3Q1phSDNJRlZIRVhqLVB3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAQBAIAATAKAwMAjR4DAwCN TDANBAIAAjAHAwUDKhPdgDANBgkqhkiG9w0BAQsFAAOCAQEAP+/6PhkTuwMOKZRw 0Z6m4aMSImliovXuVb2lxBNYvW65LPd8jW59L3KiSHS1tJQSbf+G08mswD2vwnHQ 5qMQlKWR7ApcdoUnxRDaA4WmYOa9a9T0t8vUQBLU94eBwQMgoSFt0OsOcfIjHlal cawfIgd01AUpDSk4GKwTiurtHQc86jtjnrWYSJxH+tdpkXLfal0syRoP0lcuhkls 8xKNt78zBF6JJmlBk3uj4t/aZCmePh9hJ2BfUNUMTi29CQp09LCvkZk6kQPzBtUU F5NkE2JMYRdlRZIOo5oBBnMkiFlG/Er1FyFTauUq27f231mQB4tGxVwe89wtHdRq M97/RQ== -----END CERTIFICATE-----Generated at Tue Jan 27 11:26:45 2026 by rpki-client