This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3f2003-9210-44bb-8a27-db3ec75fa20c/1/Zq0MFv-zigl29QjEhRxZZ3ciMl8.roa File: Zq0MFv-zigl29QjEhRxZZ3ciMl8.roa (raw, json) Hash identifier: hYDRJ/YZvWpX6EoU2ePQIZV0D6A8L2Y7jJBr+AftG3w= Subject key identifier: 66:AD:0C:16:FF:B3:8A:09:76:F5:08:C4:85:1C:59:67:77:22:32:5F Certificate issuer: /CN=a9cad9a977bf8b6b40f0b8e998e5787c6ae641c0 Certificate serial: 019B7AC7C2A6039A2F01C700DE671D95843E Authority key identifier: A9:CA:D9:A9:77:BF:8B:6B:40:F0:B8:E9:98:E5:78:7C:6A:E6:41:C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qcrZqXe_i2tA8LjpmOV4fGrmQcA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3f2003-9210-44bb-8a27-db3ec75fa20c/1/Zq0MFv-zigl29QjEhRxZZ3ciMl8.roa Signing time: Thu 01 Jan 2026 18:17:50 +0000 ROA not before: Thu 01 Jan 2026 18:17:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9080 IP address blocks: 85.132.140.0/22 maxlen: 24 85.132.160.0/20 maxlen: 24 85.132.176.0/22 maxlen: 24 212.71.128.0/18 maxlen: 24 213.168.160.0/20 maxlen: 24 2001:ae8::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3f2003-9210-44bb-8a27-db3ec75fa20c/1/qcrZqXe_i2tA8LjpmOV4fGrmQcA.crl rsync://rpki.ripe.net/repository/DEFAULT/57/3f2003-9210-44bb-8a27-db3ec75fa20c/1/qcrZqXe_i2tA8LjpmOV4fGrmQcA.mft rsync://rpki.ripe.net/repository/DEFAULT/qcrZqXe_i2tA8LjpmOV4fGrmQcA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:c2:a6:03:9a:2f:01:c7:00:de:67:1d:95:84:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a9cad9a977bf8b6b40f0b8e998e5787c6ae641c0 Validity Not Before: Jan 1 18:17:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=66ad0c16ffb38a0976f508c4851c59677722325f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:ef:f2:53:8b:07:96:d6:8a:0a:a7:80:43:ed: 25:13:c1:3b:25:70:98:a1:a5:74:f4:08:a4:6f:1b: 53:83:ad:d9:0f:a8:8e:f5:07:ba:06:6a:9c:0c:51: d3:05:ce:94:e5:cd:e1:af:05:c7:d2:ef:86:40:c2: eb:77:12:aa:fb:d7:76:f2:1d:a9:e9:5b:57:49:0e: cd:51:f7:6b:f9:f0:6d:00:06:23:fd:96:61:48:c0: bb:1b:3b:0c:fd:2f:c0:5c:bb:99:92:c2:87:ec:9a: 9a:1e:d3:bc:e5:3b:e7:e5:89:cc:da:51:6f:5f:58: 6d:54:91:ef:03:a1:27:a4:33:1f:3b:8b:40:a7:06: c3:de:8f:ab:a7:1f:e3:4e:c6:ac:ef:60:b1:7f:50: dd:49:4f:b7:54:50:79:c6:08:86:90:59:77:cb:1c: f8:bd:52:5e:2c:e5:0b:77:1d:0d:00:ba:78:2d:0c: b5:57:cd:c2:b0:a4:f1:c1:51:60:54:48:ad:2c:44: 93:ad:c7:09:91:9c:47:af:50:6c:74:4f:e2:82:bf: a6:ed:22:a8:f4:8c:d9:eb:68:b0:45:7d:6c:8d:34: e5:64:c0:34:af:8e:f0:fc:9f:a0:c7:ca:36:c1:b5: 29:4b:3e:af:03:d3:e3:6c:25:e3:03:0b:ca:1e:74: 7d:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:AD:0C:16:FF:B3:8A:09:76:F5:08:C4:85:1C:59:67:77:22:32:5F X509v3 Authority Key Identifier: keyid:A9:CA:D9:A9:77:BF:8B:6B:40:F0:B8:E9:98:E5:78:7C:6A:E6:41:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qcrZqXe_i2tA8LjpmOV4fGrmQcA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3f2003-9210-44bb-8a27-db3ec75fa20c/1/Zq0MFv-zigl29QjEhRxZZ3ciMl8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3f2003-9210-44bb-8a27-db3ec75fa20c/1/qcrZqXe_i2tA8LjpmOV4fGrmQcA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.132.140.0/22 85.132.160.0-85.132.179.255 212.71.128.0/18 213.168.160.0/20 IPv6: 2001:ae8::/32 Signature Algorithm: sha256WithRSAEncryption 3c:66:51:f4:82:70:1d:f8:03:b3:3e:7e:c5:fb:ac:27:04:15: cf:14:71:0c:70:d2:30:6a:be:93:f8:7b:3f:3f:2a:38:d0:4c: 20:23:4a:68:fc:d4:1e:74:a7:c1:da:c6:3d:f3:3b:16:b7:7a: e2:dc:b5:82:07:ef:05:2d:50:67:c3:52:65:d4:38:07:e0:00: 65:95:a3:84:fe:95:06:34:fb:73:dc:5f:01:72:48:35:d9:56: a0:0c:5e:da:0c:f3:6f:f9:87:ad:ba:da:14:e3:63:54:e8:c6: f8:ef:2b:ff:c0:60:f6:a2:b1:9f:bf:40:5b:2c:9e:db:59:f6: cc:a9:27:df:f6:b5:c7:04:4b:2f:d3:ef:d1:51:b6:f1:02:5e: 62:00:90:d9:62:a9:af:ba:8f:75:72:94:ff:a4:25:69:37:2e: 13:b8:2c:82:21:be:8f:ad:39:32:95:de:99:ec:ef:90:36:26: e5:55:3c:1c:db:b4:fe:3e:e1:cf:06:46:14:15:a0:aa:de:a8: 01:4e:13:48:42:cd:12:b9:c2:26:23:ab:52:1e:19:a6:b1:63: 97:73:b7:94:6a:f6:6c:76:6f:27:4b:0e:1e:13:e1:25:ca:99: f9:e0:19:52:b7:db:ab:35:69:d1:eb:bb:93:54:82:75:7a:10: 3f:eb:2a:f9 -----BEGIN CERTIFICATE----- MIIFJjCCBA6gAwIBAgISAZt6x8KmA5ovAccA3mcdlYQ+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE5Y2FkOWE5NzdiZjhiNmI0MGYwYjhlOTk4ZTU3ODdjNmFl NjQxYzAwHhcNMjYwMTAxMTgxNzUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NmFkMGMxNmZmYjM4YTA5NzZmNTA4YzQ4NTFjNTk2Nzc3MjIzMjVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAku/yU4sHltaKCqeAQ+0lE8E7JXCY oaV09AikbxtTg63ZD6iO9Qe6BmqcDFHTBc6U5c3hrwXH0u+GQMLrdxKq+9d28h2p 6VtXSQ7NUfdr+fBtAAYj/ZZhSMC7GzsM/S/AXLuZksKH7JqaHtO85Tvn5YnM2lFv X1htVJHvA6EnpDMfO4tApwbD3o+rpx/jTsas72Cxf1DdSU+3VFB5xgiGkFl3yxz4 vVJeLOULdx0NALp4LQy1V83CsKTxwVFgVEitLESTrccJkZxHr1BsdE/igr+m7SKo 9IzZ62iwRX1sjTTlZMA0r47w/J+gx8o2wbUpSz6vA9PjbCXjAwvKHnR9LwIDAQAB o4ICMjCCAi4wHQYDVR0OBBYEFGatDBb/s4oJdvUIxIUcWWd3IjJfMB8GA1UdIwQY MBaAFKnK2al3v4trQPC46ZjleHxq5kHAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcWNyWnFYZV9pMnRBOExqcG1PVjRmR3JtUWNBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zZjIwMDMtOTIxMC00NGJiLThhMjct ZGIzZWM3NWZhMjBjLzEvWnEwTUZ2LXppZ2wyOVFqRWhSeFpaM2NpTWw4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny8zZjIwMDMtOTIxMC00NGJiLThhMjctZGIzZWM3NWZhMjBj LzEvcWNyWnFYZV9pMnRBOExqcG1PVjRmR3JtUWNBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQCVYSMMAwD BAVVhKADBAJVhLADBAbUR4ADBATVqKAwDQQCAAIwBwMFACABCugwDQYJKoZIhvcN AQELBQADggEBADxmUfSCcB34A7M+fsX7rCcEFc8UcQxw0jBqvpP4ez8/KjjQTCAj Smj81B50p8Haxj3zOxa3euLctYIH7wUtUGfDUmXUOAfgAGWVo4T+lQY0+3PcXwFy SDXZVqAMXtoM82/5h6262hTjY1ToxvjvK//AYPaisZ+/QFssnttZ9sypJ9/2tccE Sy/T79FRtvECXmIAkNliqa+6j3VylP+kJWk3LhO4LIIhvo+tOTKV3pns75A2JuVV PBzbtP4+4c8GRhQVoKreqAFOE0hCzRK5wiYjq1IeGaaxY5dzt5Rq9mx2bydLDh4T 4SXKmfngGVK326s1adHru5NUgnV6ED/rKvk= -----END CERTIFICATE-----Generated at Mon Feb 9 22:16:30 2026 by rpki-client