This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/Z_nQm5Hcyz02y8l9wwokqA7zV0Q.roa File: Z_nQm5Hcyz02y8l9wwokqA7zV0Q.roa (raw, json) Hash identifier: mjayXJb0g2oDPAEZia4R9ZXuVNi5j3yuSr5/SgUuNAY= Subject key identifier: 67:F9:D0:9B:91:DC:CB:3D:36:CB:C9:7D:C3:0A:24:A8:0E:F3:57:44 Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511 Certificate serial: 019B7C8006C6758EF95C24B7C2A7E21732D6 Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/Z_nQm5Hcyz02y8l9wwokqA7zV0Q.roa Signing time: Fri 02 Jan 2026 02:18:43 +0000 ROA not before: Fri 02 Jan 2026 02:18:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8567 IP address blocks: 212.234.160.0/24 maxlen: 24 212.234.161.0/24 maxlen: 24 217.167.116.0/24 maxlen: 24 217.167.117.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 23 Jan 2026 16:20:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:06:c6:75:8e:f9:5c:24:b7:c2:a7:e2:17:32:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511 Validity Not Before: Jan 2 02:18:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=67f9d09b91dccb3d36cbc97dc30a24a80ef35744 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:17:8f:6b:c3:72:e5:5b:0d:fc:81:9d:f6:8d: 46:0a:04:23:c8:6a:ee:81:cd:30:1f:fe:b1:76:66: 3a:ad:f5:9a:47:9e:31:52:da:fb:52:80:c6:aa:1f: c0:72:12:7b:c0:c7:b7:18:a5:92:6b:69:32:50:0f: 21:62:86:2e:75:3b:40:15:27:c9:29:bd:55:0f:1e: 4d:a4:9a:9e:30:e7:c4:52:60:4c:68:ac:f6:58:f9: c1:0b:b1:4f:26:c8:6d:d1:a1:14:a7:26:8d:31:70: 16:e0:24:7e:3c:8d:99:e4:3a:73:b3:e2:4a:5b:44: 48:42:3b:7f:b7:e8:be:81:31:96:24:68:ac:49:9d: 62:f8:ec:99:92:58:20:94:7b:b3:1a:83:9f:ce:0e: 27:ad:3f:d8:6b:bc:c9:d4:6b:bd:9f:57:c4:48:43: 28:cd:60:74:a7:ff:8c:df:fb:3e:73:0a:67:5c:12: 1d:bf:ac:5a:eb:d0:0f:f5:b8:5e:70:c8:db:1c:d7: fc:3b:b5:86:e5:b4:13:63:94:b4:2f:bb:e3:9b:de: a1:18:d9:db:38:ed:a8:d6:a9:62:ee:62:a4:46:1f: 73:28:86:5b:de:2a:76:d3:3e:3d:83:cc:8b:21:41: d5:13:17:f9:0e:d3:ad:34:9d:0a:eb:f8:e3:8e:ce: 23:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:F9:D0:9B:91:DC:CB:3D:36:CB:C9:7D:C3:0A:24:A8:0E:F3:57:44 X509v3 Authority Key Identifier: keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/Z_nQm5Hcyz02y8l9wwokqA7zV0Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 212.234.160.0/23 217.167.116.0/23 Signature Algorithm: sha256WithRSAEncryption 93:1d:6a:68:f7:4b:32:5d:3c:20:fa:3b:1a:dd:a0:0a:95:00: c1:e4:74:2c:19:21:8f:a5:d6:f6:bb:2a:44:0f:21:4e:79:35: 7e:a0:6b:72:87:41:89:d9:fd:48:6b:16:4b:64:15:e1:b4:22: e0:3e:10:c2:0a:55:85:61:19:92:01:4f:62:1b:78:ed:6b:14: e8:25:57:cf:bd:26:73:ae:51:92:b8:e1:0d:9f:28:e4:f1:77: e8:ca:e9:7b:b8:ba:37:85:fe:48:fd:ff:ce:72:d4:e1:f4:b6: 31:9c:bd:69:30:b4:ba:05:ff:f8:67:20:0d:35:2f:09:a5:91: ce:a3:86:2b:b2:0a:7a:c6:47:cb:cb:b4:cf:3f:20:ec:f3:51: 9a:c0:2e:31:af:7a:17:15:60:56:3d:c4:20:61:b6:bf:4d:3f: d9:6a:25:da:b5:bb:e7:0b:98:2e:45:f2:66:41:6f:02:fe:1e: 8e:23:14:49:c0:f5:74:67:e6:c7:aa:70:64:d9:d1:70:49:e5: 82:e1:70:ad:ed:58:e8:1d:5d:6c:64:f6:ac:4e:9f:f1:f4:b7: b5:00:f3:1a:7f:48:29:e0:f2:14:07:5b:53:7e:93:94:6e:39: b2:80:b7:93:34:ef:f6:01:6b:37:c9:66:22:13:37:09:8b:b7: cc:d0:53:27 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt8gAbGdY75XCS3wqfiFzLWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh MTA1MTEwHhcNMjYwMTAyMDIxODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2N2Y5ZDA5YjkxZGNjYjNkMzZjYmM5N2RjMzBhMjRhODBlZjM1NzQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhePa8Ny5VsN/IGd9o1GCgQjyGru gc0wH/6xdmY6rfWaR54xUtr7UoDGqh/AchJ7wMe3GKWSa2kyUA8hYoYudTtAFSfJ Kb1VDx5NpJqeMOfEUmBMaKz2WPnBC7FPJsht0aEUpyaNMXAW4CR+PI2Z5Dpzs+JK W0RIQjt/t+i+gTGWJGisSZ1i+OyZklgglHuzGoOfzg4nrT/Ya7zJ1Gu9n1fESEMo zWB0p/+M3/s+cwpnXBIdv6xa69AP9bhecMjbHNf8O7WG5bQTY5S0L7vjm96hGNnb OO2o1qli7mKkRh9zKIZb3ip20z49g8yLIUHVExf5DtOtNJ0K6/jjjs4jawIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFGf50JuR3Ms9NsvJfcMKJKgO81dEMB8GA1UdIwQY MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt NDU5MzVmNTA2YTEyLzEvWl9uUW01SGN5ejAyeThsOXd3b2txQTd6VjBRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQB1OqgAwQB 2ad0MA0GCSqGSIb3DQEBCwUAA4IBAQCTHWpo90syXTwg+jsa3aAKlQDB5HQsGSGP pdb2uypEDyFOeTV+oGtyh0GJ2f1IaxZLZBXhtCLgPhDCClWFYRmSAU9iG3jtaxTo JVfPvSZzrlGSuOENnyjk8Xfoyul7uLo3hf5I/f/OctTh9LYxnL1pMLS6Bf/4ZyAN NS8JpZHOo4Yrsgp6xkfLy7TPPyDs81GawC4xr3oXFWBWPcQgYba/TT/ZaiXatbvn C5guRfJmQW8C/h6OIxRJwPV0Z+bHqnBk2dFwSeWC4XCt7VjoHV1sZPasTp/x9Le1 APMaf0gp4PIUB1tTfpOUbjmygLeTNO/2AWs3yWYiEzcJi7fM0FMn -----END CERTIFICATE-----Generated at Thu Jan 22 23:35:13 2026 by rpki-client