This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZaGDRu6TWG_Ng8-xjTCRBgjwWDY.roa File: ZaGDRu6TWG_Ng8-xjTCRBgjwWDY.roa (raw, json) Hash identifier: Y4Obi7tMdYK8BoTAlTYgtfHw718FbWaNsV4UQ2QZ5X0= Subject key identifier: 65:A1:83:46:EE:93:58:6F:CD:83:CF:B1:8D:30:91:06:08:F0:58:36 Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Certificate serial: 019B7D5D43063FA21A0A0E5F4DAAD02F21E2 Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZaGDRu6TWG_Ng8-xjTCRBgjwWDY.roa Signing time: Fri 02 Jan 2026 06:20:22 +0000 ROA not before: Fri 02 Jan 2026 06:20:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211688 IP address blocks: 2a0e:97c0:240::/44 maxlen: 48 2a0e:97c1:110::/44 maxlen: 48 2a10:ccc0:120::/44 maxlen: 48 2a10:ccc0:130::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 03:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:43:06:3f:a2:1a:0a:0e:5f:4d:aa:d0:2f:21:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Validity Not Before: Jan 2 06:20:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=65a18346ee93586fcd83cfb18d30910608f05836 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:7d:a4:db:5c:f2:59:f0:3e:ae:64:e8:a1:2b: f9:3c:47:84:e2:d0:08:4a:4d:b1:2a:16:b7:c7:ff: c9:65:2d:8e:3d:e9:8e:8a:79:04:76:6e:97:68:6c: bf:75:a8:ba:6f:60:6d:f9:c8:b5:e1:43:9f:e2:d1: 68:30:10:ae:20:ec:64:69:91:e3:cf:e4:8e:52:d2: e2:00:b1:e6:15:2c:e2:7a:81:72:ba:de:5d:4f:4c: 12:8e:0c:bb:2a:1f:d3:02:53:55:7b:42:3f:66:3b: 44:29:4b:fe:8c:eb:e3:b8:11:39:65:e9:9d:a4:72: 5e:bb:c9:04:54:7a:7c:7d:92:a9:19:5b:cc:99:a7: d4:e8:44:88:0e:b9:32:45:ab:96:13:e3:89:6a:cb: 67:e2:a8:5e:00:01:c4:03:c9:5b:83:ca:0e:ee:cf: 17:c1:45:e8:b0:47:ff:c7:54:a9:48:34:00:95:63: 1b:0b:61:e8:92:08:c9:d1:d3:25:ae:6f:3f:07:32: ae:16:7c:38:8c:31:35:64:ed:97:a8:d5:28:f2:de: f4:e8:f8:21:bc:fd:50:86:5c:90:d4:a8:78:dc:f7: da:b6:3b:f9:f8:0b:38:f8:3d:10:1a:59:c7:07:e1: 4c:73:b3:5a:04:95:93:6d:9e:46:53:2a:d7:6c:32: 70:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:A1:83:46:EE:93:58:6F:CD:83:CF:B1:8D:30:91:06:08:F0:58:36 X509v3 Authority Key Identifier: keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZaGDRu6TWG_Ng8-xjTCRBgjwWDY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0e:97c0:240::/44 2a0e:97c1:110::/44 2a10:ccc0:120::/43 Signature Algorithm: sha256WithRSAEncryption 49:e9:d3:90:0f:2c:f0:09:3d:d2:e7:9b:d1:1f:ce:bb:58:db: ef:f4:ab:0b:30:32:80:11:b6:7c:f0:14:de:e6:2e:8b:f4:c3: 71:5d:be:62:52:0f:b3:46:a3:95:ac:82:48:cb:6c:77:05:9f: e9:fb:cb:18:c1:48:bc:f5:51:53:55:90:3e:55:77:4a:90:a7: 05:74:1e:cb:5b:6b:e4:c2:a6:4f:4b:cc:c1:81:15:de:39:42: 0b:07:b7:41:71:16:c6:64:c6:59:8a:17:7f:72:4f:a5:cf:67: 29:54:1f:d2:92:af:1f:35:eb:67:93:96:93:62:70:98:c9:cd: 5a:0d:58:39:1d:9d:e0:ec:e3:b5:82:7b:37:9c:24:bb:c7:63: 1a:66:10:92:3b:38:12:28:ad:fe:c0:d3:79:3f:78:86:30:af: bc:91:27:39:e4:c0:c8:6d:40:ee:57:ea:dc:66:89:70:ed:f6: c5:08:30:e9:ed:5c:98:c5:8a:6a:e6:68:ea:11:83:18:2a:d4: f0:4c:78:cd:7e:64:a0:8d:78:f1:6c:58:76:6a:88:c8:8f:6c: a7:a7:9d:8a:a2:1a:42:a2:49:a0:d6:09:b5:fb:51:a7:f2:74: 53:0a:67:65:6b:60:19:78:51:31:c2:44:28:ba:17:17:d4:c4: 73:1c:a9:3e -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt9XUMGP6IaCg5fTarQLyHiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw ZmFkOWIwHhcNMjYwMTAyMDYyMDIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NWExODM0NmVlOTM1ODZmY2Q4M2NmYjE4ZDMwOTEwNjA4ZjA1ODM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3H2k21zyWfA+rmTooSv5PEeE4tAI Sk2xKha3x//JZS2OPemOinkEdm6XaGy/dai6b2Bt+ci14UOf4tFoMBCuIOxkaZHj z+SOUtLiALHmFSzieoFyut5dT0wSjgy7Kh/TAlNVe0I/ZjtEKUv+jOvjuBE5Zemd pHJeu8kEVHp8fZKpGVvMmafU6ESIDrkyRauWE+OJastn4qheAAHEA8lbg8oO7s8X wUXosEf/x1SpSDQAlWMbC2HokgjJ0dMlrm8/BzKuFnw4jDE1ZO2XqNUo8t706Pgh vP1QhlyQ1Kh43Pfatjv5+As4+D0QGlnHB+FMc7NaBJWTbZ5GUyrXbDJwMwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFGWhg0buk1hvzYPPsY0wkQYI8Fg2MB8GA1UdIwQY MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt ZGM1ZWM3NDhmNmE1LzEvWmFHRFJ1NlRXR19OZzgteGpUQ1JCZ2p3V0RZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1 LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKg6XwAJA AwcEKg6XwQEQAwcFKhDMwAEgMA0GCSqGSIb3DQEBCwUAA4IBAQBJ6dOQDyzwCT3S 55vRH867WNvv9KsLMDKAEbZ88BTe5i6L9MNxXb5iUg+zRqOVrIJIy2x3BZ/p+8sY wUi89VFTVZA+VXdKkKcFdB7LW2vkwqZPS8zBgRXeOUILB7dBcRbGZMZZihd/ck+l z2cpVB/Skq8fNetnk5aTYnCYyc1aDVg5HZ3g7OO1gns3nCS7x2MaZhCSOzgSKK3+ wNN5P3iGMK+8kSc55MDIbUDuV+rcZolw7fbFCDDp7VyYxYpq5mjqEYMYKtTwTHjN fmSgjXjxbFh2aojIj2ynp52KohpCokmg1gm1+1Gn8nRTCmdla2AZeFExwkQouhcX 1MRzHKk+ -----END CERTIFICATE-----Generated at Fri Jan 9 13:12:03 2026 by rpki-client