This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/ffef96-bac5-4126-b2b7-0135d9128e86/1/ZRxGcXvKI-87TaBioLr7loAqnqU.roa File: ZRxGcXvKI-87TaBioLr7loAqnqU.roa (raw, json) Hash identifier: fDFlR6aMmLPDNdY7x4FSn6o3uvA+KJ98lgCNqqUl5I8= Subject key identifier: 65:1C:46:71:7B:CA:23:EF:3B:4D:A0:62:A0:BA:FB:96:80:2A:9E:A5 Certificate issuer: /CN=a503b1dd410070ad62e4a2fc66a13b4eb61368f4 Certificate serial: 019B7E38F203CC8B59805149E890000AD9F3 Authority key identifier: A5:03:B1:DD:41:00:70:AD:62:E4:A2:FC:66:A1:3B:4E:B6:13:68:F4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/ffef96-bac5-4126-b2b7-0135d9128e86/1/ZRxGcXvKI-87TaBioLr7loAqnqU.roa Signing time: Fri 02 Jan 2026 10:20:19 +0000 ROA not before: Fri 02 Jan 2026 10:20:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207209 IP address blocks: 46.149.64.0/23 maxlen: 23 2001:678:9f4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/ffef96-bac5-4126-b2b7-0135d9128e86/1/pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.crl rsync://rpki.ripe.net/repository/DEFAULT/4b/ffef96-bac5-4126-b2b7-0135d9128e86/1/pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.mft rsync://rpki.ripe.net/repository/DEFAULT/pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:f2:03:cc:8b:59:80:51:49:e8:90:00:0a:d9:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a503b1dd410070ad62e4a2fc66a13b4eb61368f4 Validity Not Before: Jan 2 10:20:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=651c46717bca23ef3b4da062a0bafb96802a9ea5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:17:cc:63:09:0a:0f:22:b6:1e:4d:d1:a3:4f: f3:3e:d2:87:b7:03:56:9d:93:fb:c9:fa:d5:01:b9: 91:eb:e7:2d:c5:79:58:3e:7c:59:97:3a:ae:e5:f2: 07:d7:82:36:66:be:a1:21:e3:70:5f:5d:bb:24:f0: bb:7e:27:0a:d5:a1:1f:3f:2a:33:e6:ef:51:70:23: a2:f8:2b:8d:0b:b6:32:3a:80:d2:51:fe:fd:4a:85: 46:47:eb:fe:87:43:9f:dc:3b:ed:0b:8a:73:12:ef: c5:3c:39:69:8f:fd:23:9f:05:a3:14:8c:fa:af:cb: 72:27:15:df:f7:76:53:2a:65:4e:b5:9b:89:e1:5a: 6a:96:1e:72:ac:d6:fb:62:1f:bb:84:e8:e3:51:d9: dd:94:dd:1d:1a:d4:a6:33:a3:99:22:57:cd:ac:91: 1e:46:61:18:61:fb:ec:c9:58:f5:58:7d:58:f9:3e: ff:89:ac:b2:ba:4d:de:13:6c:a7:80:2c:da:cc:93: fa:81:88:2b:a0:03:55:48:2b:29:4f:9f:ef:08:92: 45:b7:a5:e9:91:ac:b4:84:4a:78:96:d8:78:61:6c: e9:9c:f3:ca:89:45:6e:f9:ee:0a:bd:2c:87:a2:f2: 92:53:d5:d6:d6:55:de:f5:3b:96:14:ef:71:39:33: a7:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:1C:46:71:7B:CA:23:EF:3B:4D:A0:62:A0:BA:FB:96:80:2A:9E:A5 X509v3 Authority Key Identifier: keyid:A5:03:B1:DD:41:00:70:AD:62:E4:A2:FC:66:A1:3B:4E:B6:13:68:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/ffef96-bac5-4126-b2b7-0135d9128e86/1/ZRxGcXvKI-87TaBioLr7loAqnqU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/ffef96-bac5-4126-b2b7-0135d9128e86/1/pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.149.64.0/23 IPv6: 2001:678:9f4::/48 Signature Algorithm: sha256WithRSAEncryption b0:4a:8e:08:e8:93:8f:1c:09:99:58:59:85:25:31:23:03:08: e6:32:67:dc:b2:19:85:b7:d4:df:0e:f3:b4:23:1c:65:c2:ec: 33:2a:32:8f:88:22:e6:67:50:f9:76:43:97:6d:66:b0:11:1d: 4f:49:68:c2:29:2e:55:4b:b1:11:c3:d2:3c:54:a9:30:95:f9: fd:91:4a:97:44:15:17:c9:37:55:4d:88:e9:c4:e2:db:14:69: 13:27:92:99:f5:e5:04:b7:24:cb:a5:31:60:81:07:c5:7d:55: 73:48:31:e6:2b:49:8f:e3:9d:c4:52:69:51:13:37:73:ee:24: aa:6b:90:4a:74:65:ce:a3:6b:fd:db:cc:02:be:4d:56:98:36: cf:87:09:ca:74:93:e1:d9:27:ff:06:6d:4d:b4:78:f0:8c:b9: 4c:9e:bb:cd:5f:68:22:c3:df:6c:ff:74:bf:53:19:3f:8f:88: 17:8c:c9:c3:16:aa:51:e0:7a:da:e9:5e:fb:ba:4c:9a:74:29: 84:e6:db:39:32:e1:19:e3:86:56:ed:09:6a:56:d3:26:42:c3: 28:51:b4:80:cf:25:28:b9:81:13:f8:96:a3:3e:1d:15:49:b7: 3c:46:83:87:4d:08:c6:44:80:cd:0b:0f:7d:91:1f:25:c7:28: ed:a6:9f:52 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt+OPIDzItZgFFJ6JAACtnzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1MDNiMWRkNDEwMDcwYWQ2MmU0YTJmYzY2YTEzYjRlYjYx MzY4ZjQwHhcNMjYwMTAyMTAyMDE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NTFjNDY3MTdiY2EyM2VmM2I0ZGEwNjJhMGJhZmI5NjgwMmE5ZWE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxfMYwkKDyK2Hk3Ro0/zPtKHtwNW nZP7yfrVAbmR6+ctxXlYPnxZlzqu5fIH14I2Zr6hIeNwX127JPC7ficK1aEfPyoz 5u9RcCOi+CuNC7YyOoDSUf79SoVGR+v+h0Of3DvtC4pzEu/FPDlpj/0jnwWjFIz6 r8tyJxXf93ZTKmVOtZuJ4Vpqlh5yrNb7Yh+7hOjjUdndlN0dGtSmM6OZIlfNrJEe RmEYYfvsyVj1WH1Y+T7/iayyuk3eE2yngCzazJP6gYgroANVSCspT5/vCJJFt6Xp kay0hEp4lth4YWzpnPPKiUVu+e4KvSyHovKSU9XW1lXe9TuWFO9xOTOnXwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFGUcRnF7yiPvO02gYqC6+5aAKp6lMB8GA1UdIwQY MBaAFKUDsd1BAHCtYuSi/GahO062E2j0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcFFPeDNVRUFjSzFpNUtMOFpxRTdUcllUYVBRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mZmVmOTYtYmFjNS00MTI2LWIyYjct MDEzNWQ5MTI4ZTg2LzEvWlJ4R2NYdktJLTg3VGFCaW9Mcjdsb0FxbnFVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yi9mZmVmOTYtYmFjNS00MTI2LWIyYjctMDEzNWQ5MTI4ZTg2 LzEvcFFPeDNVRUFjSzFpNUtMOFpxRTdUcllUYVBRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBLpVAMA8E AgACMAkDBwAgAQZ4CfQwDQYJKoZIhvcNAQELBQADggEBALBKjgjok48cCZlYWYUl MSMDCOYyZ9yyGYW31N8O87QjHGXC7DMqMo+IIuZnUPl2Q5dtZrARHU9JaMIpLlVL sRHD0jxUqTCV+f2RSpdEFRfJN1VNiOnE4tsUaRMnkpn15QS3JMulMWCBB8V9VXNI MeYrSY/jncRSaVETN3PuJKprkEp0Zc6ja/3bzAK+TVaYNs+HCcp0k+HZJ/8GbU20 ePCMuUyeu81faCLD32z/dL9TGT+PiBeMycMWqlHgetrpXvu6TJp0KYTm2zky4Rnj hlbtCWpW0yZCwyhRtIDPJSi5gRP4lqM+HRVJtzxGg4dNCMZEgM0LD32RHyXHKO2m n1I= -----END CERTIFICATE-----Generated at Mon Feb 9 22:36:58 2026 by rpki-client