This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/ZBCQIeNgrde4iyQaFP8zgZ1YO_c.roa File: ZBCQIeNgrde4iyQaFP8zgZ1YO_c.roa (raw, json) Hash identifier: tzMfL0riJwp6ZY6igjnA5b6u6ej2moZ6cMotCYkdmK8= Subject key identifier: 64:10:90:21:E3:60:AD:D7:B8:8B:24:1A:14:FF:33:81:9D:58:3B:F7 Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9 Certificate serial: 019B7F845CC8E20F2765DDACB09631BA5881 Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/ZBCQIeNgrde4iyQaFP8zgZ1YO_c.roa Signing time: Fri 02 Jan 2026 16:22:19 +0000 ROA not before: Fri 02 Jan 2026 16:22:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16135 IP address blocks: 176.88.56.0/24 maxlen: 24 212.252.168.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.mft rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 10:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:5c:c8:e2:0f:27:65:dd:ac:b0:96:31:ba:58:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9 Validity Not Before: Jan 2 16:22:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=64109021e360add7b88b241a14ff33819d583bf7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:75:30:b4:29:b8:d9:0a:1a:00:78:08:09:95: 23:99:c7:f9:ce:4d:84:06:d6:46:70:ee:3a:02:aa: a7:5b:e9:0a:7c:ee:ed:bd:36:65:55:bd:3a:fb:43: 36:16:6b:25:bd:4e:3c:ef:1e:e5:65:d5:d3:07:3c: e9:09:e8:f6:53:d8:f2:23:53:23:47:13:b6:5d:8a: 38:38:34:8d:11:c2:ae:30:3a:bc:fa:8f:bc:4d:57: 02:8f:1a:b9:d3:6d:44:a0:66:bd:fb:d5:e1:4b:99: 1b:1a:ae:07:84:46:c6:48:c8:3e:48:ed:99:76:ba: 38:bb:de:98:1f:f7:cf:92:0c:1b:0c:9c:35:6f:a9: d1:75:b5:9e:f3:0a:ba:0d:e2:22:f0:f2:0d:c9:c3: 12:4d:2f:1f:65:10:a5:e4:bf:07:d6:86:e9:e8:fe: 71:6c:4a:d5:74:da:cd:4d:39:42:52:a9:28:e0:cf: 2e:3b:87:17:f3:71:a4:4b:e1:d8:e5:15:25:e3:7a: 99:d7:15:d8:72:8d:42:86:1d:93:84:b8:4f:3c:4d: 24:b1:45:48:55:2c:7d:ef:51:3b:18:93:9a:c3:dc: 08:6a:a6:9a:b2:d1:e3:6a:39:0e:11:bb:fa:a4:b6: 58:7b:f2:4f:2d:e0:e7:d4:a8:65:e0:b8:54:eb:d5: b8:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:10:90:21:E3:60:AD:D7:B8:8B:24:1A:14:FF:33:81:9D:58:3B:F7 X509v3 Authority Key Identifier: keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/ZBCQIeNgrde4iyQaFP8zgZ1YO_c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.88.56.0/24 212.252.168.0/24 Signature Algorithm: sha256WithRSAEncryption 1a:a6:9c:12:b4:05:4d:18:6d:60:f9:ee:25:5b:37:e7:0d:b7: 22:b1:66:e0:89:d7:2a:02:66:4a:6b:27:37:81:58:ba:08:57: 0c:8b:48:16:2f:5a:ff:60:af:8d:cb:ad:15:a2:3e:71:ac:5c: b1:7a:d8:4c:92:a9:89:09:57:a4:5d:9f:f9:21:cd:fd:a7:b9: 9c:4b:87:7d:1c:4b:37:89:f2:89:6c:bc:aa:f0:b4:9a:fb:95: ea:2d:0a:c5:b7:a0:57:a1:83:3f:8c:9a:de:2f:19:29:5f:73: b4:b3:c2:f1:11:78:4d:99:ed:27:7c:77:0a:ff:07:e8:34:1c: 5a:a0:61:47:b9:ed:78:0d:43:cc:94:89:7b:3a:f7:cb:e7:6b: 63:9a:52:79:b2:ea:2a:b9:c9:8b:cc:40:53:57:56:02:cd:8e: 45:2c:6c:eb:53:88:cd:4e:03:cc:de:0e:e3:b1:e5:85:d4:a7: ee:5e:3e:f3:3f:26:4e:1a:bc:54:f7:e0:44:a3:cf:25:4d:4a: d5:30:5e:2c:5f:84:8a:4e:30:91:8e:9b:56:38:48:47:30:2e: e7:33:91:d9:e3:10:e2:9f:fc:2c:eb:8e:8b:88:53:10:38:dd: 3e:f4:0a:65:84:c4:72:32:87:6a:12:c8:51:9a:c3:a0:a8:49: a4:04:14:3c -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/hFzI4g8nZd2ssJYxuliBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm YmQzZTkwHhcNMjYwMTAyMTYyMjE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NDEwOTAyMWUzNjBhZGQ3Yjg4YjI0MWExNGZmMzM4MTlkNTgzYmY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0nUwtCm42QoaAHgICZUjmcf5zk2E BtZGcO46AqqnW+kKfO7tvTZlVb06+0M2FmslvU487x7lZdXTBzzpCej2U9jyI1Mj RxO2XYo4ODSNEcKuMDq8+o+8TVcCjxq5021EoGa9+9XhS5kbGq4HhEbGSMg+SO2Z dro4u96YH/fPkgwbDJw1b6nRdbWe8wq6DeIi8PINycMSTS8fZRCl5L8H1obp6P5x bErVdNrNTTlCUqko4M8uO4cX83GkS+HY5RUl43qZ1xXYco1Chh2ThLhPPE0ksUVI VSx971E7GJOaw9wIaqaastHjajkOEbv6pLZYe/JPLeDn1Khl4LhU69W4dwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFGQQkCHjYK3XuIskGhT/M4GdWDv3MB8GA1UdIwQY MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt ZjJiZTlmNmM2NjRjLzEvWkJDUUllTmdyZGU0aXlRYUZQOHpnWjFZT19jLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsFg4AwQA 1PyoMA0GCSqGSIb3DQEBCwUAA4IBAQAappwStAVNGG1g+e4lWzfnDbcisWbgidcq AmZKayc3gVi6CFcMi0gWL1r/YK+Ny60Voj5xrFyxethMkqmJCVekXZ/5Ic39p7mc S4d9HEs3ifKJbLyq8LSa+5XqLQrFt6BXoYM/jJreLxkpX3O0s8LxEXhNme0nfHcK /wfoNBxaoGFHue14DUPMlIl7OvfL52tjmlJ5suoqucmLzEBTV1YCzY5FLGzrU4jN TgPM3g7jseWF1KfuXj7zPyZOGrxU9+BEo88lTUrVMF4sX4SKTjCRjptWOEhHMC7n M5HZ4xDin/ws646LiFMQON0+9AplhMRyModqEshRmsOgqEmkBBQ8 -----END CERTIFICATE-----Generated at Wed Jan 21 19:34:52 2026 by rpki-client