This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/z9U8nnktCizSYk1_4LI0Qkbtcns.roa File: z9U8nnktCizSYk1_4LI0Qkbtcns.roa (raw, json) Hash identifier: POiizupDwGmr1N0Ok5nxERS6rP+EfVEg0CxJ8RCMqp0= Subject key identifier: CF:D5:3C:9E:79:2D:0A:2C:D2:62:4D:7F:E0:B2:34:42:46:ED:72:7B Certificate issuer: /CN=c4ff935057c3bdbadbdf49f343562c5e30016044 Certificate serial: 019B797EBEEAC7420533447CA6E48C27EF49 Authority key identifier: C4:FF:93:50:57:C3:BD:BA:DB:DF:49:F3:43:56:2C:5E:30:01:60:44 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xP-TUFfDvbrb30nzQ1YsXjABYEQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/z9U8nnktCizSYk1_4LI0Qkbtcns.roa Signing time: Thu 01 Jan 2026 12:18:28 +0000 ROA not before: Thu 01 Jan 2026 12:18:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41872 IP address blocks: 37.110.200.0/21 maxlen: 24 37.110.200.0/22 maxlen: 22 37.110.205.0/24 maxlen: 24 37.110.206.0/24 maxlen: 24 37.209.176.0/20 maxlen: 20 81.92.96.0/20 maxlen: 20 91.190.0.0/19 maxlen: 19 94.100.144.0/20 maxlen: 20 94.198.248.0/21 maxlen: 22 185.161.20.0/22 maxlen: 22 212.35.0.0/19 maxlen: 19 2a02:6500::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.crl rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.mft rsync://rpki.ripe.net/repository/DEFAULT/xP-TUFfDvbrb30nzQ1YsXjABYEQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 12:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:be:ea:c7:42:05:33:44:7c:a6:e4:8c:27:ef:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c4ff935057c3bdbadbdf49f343562c5e30016044 Validity Not Before: Jan 1 12:18:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cfd53c9e792d0a2cd2624d7fe0b2344246ed727b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:71:ba:3c:8a:42:a7:ca:79:0d:93:17:23:d0: 98:ef:80:25:b0:e6:57:2e:c6:a4:2a:fa:2d:d7:66: 46:89:9b:d2:c3:5e:f0:b1:32:27:c8:2f:87:4f:3d: 83:81:68:59:7e:41:17:13:44:22:72:21:1e:0a:46: f8:15:d8:fe:4c:c4:ab:36:6d:4a:db:36:0c:79:12: 10:fa:83:f4:eb:7f:0c:1b:09:82:8c:bf:d1:55:ec: de:39:d2:ba:47:65:5e:2a:e3:e7:cf:49:8e:fc:44: e1:de:ae:8d:da:dc:34:75:38:d2:78:d7:13:52:e9: b1:be:3f:95:74:46:64:70:07:e4:bc:7e:e1:33:b6: ff:e0:43:13:6d:76:8a:44:32:30:06:3f:bc:5c:41: 19:d7:a9:e7:b3:fe:87:d0:05:51:11:1f:cf:12:9d: a7:ac:40:8f:c5:de:22:e6:55:a3:6f:34:38:e4:b5: 80:5b:b6:37:4e:d5:f2:4e:0c:3e:63:d3:43:fc:62: a4:be:2a:a2:bb:db:06:d8:f9:3e:22:73:e6:25:5b: 21:f2:73:ce:e6:58:9a:df:0f:8f:1a:13:60:7e:4e: aa:5a:58:bc:7f:a0:05:48:7e:2e:53:c4:24:f7:74: ee:b4:b9:c8:7a:6a:b9:45:e0:8c:2b:05:f5:16:4f: 4b:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:D5:3C:9E:79:2D:0A:2C:D2:62:4D:7F:E0:B2:34:42:46:ED:72:7B X509v3 Authority Key Identifier: keyid:C4:FF:93:50:57:C3:BD:BA:DB:DF:49:F3:43:56:2C:5E:30:01:60:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xP-TUFfDvbrb30nzQ1YsXjABYEQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/z9U8nnktCizSYk1_4LI0Qkbtcns.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.110.200.0/21 37.209.176.0/20 81.92.96.0/20 91.190.0.0/19 94.100.144.0/20 94.198.248.0/21 185.161.20.0/22 212.35.0.0/19 IPv6: 2a02:6500::/32 Signature Algorithm: sha256WithRSAEncryption 89:93:06:66:bb:8c:17:e0:28:e7:b7:56:36:ae:49:a0:32:5c: cf:52:a0:c1:3d:a7:81:69:ba:37:a1:d4:8b:ce:ab:c8:ab:23: 22:93:fa:ab:13:eb:ff:e0:36:a3:94:ae:0d:34:45:87:1e:12: 8a:3c:d4:89:21:4c:cd:fd:9d:f1:0f:4e:ea:be:86:3b:50:86: e3:0a:1f:55:13:8a:9b:ab:5e:24:e0:e6:29:32:29:03:3c:12: 08:db:b6:2b:2d:21:29:f4:bc:42:fe:c6:22:78:db:4c:95:71: a1:27:e3:8e:34:9c:45:b2:2d:5f:86:a4:97:f0:3f:03:51:04: 4d:3d:31:07:f2:ab:dc:17:91:99:9d:9b:b3:14:88:9c:48:67: 5d:be:69:bf:cd:ce:3d:06:2d:a2:90:87:5b:c4:0d:4e:71:ab: e4:ff:7f:87:55:69:79:96:a6:16:4e:8b:f5:8e:e5:68:25:65: 60:8e:74:59:af:3a:36:1a:27:95:ba:21:92:d9:6a:6f:8b:5a: b5:bb:42:e0:c9:1c:da:18:90:4d:e1:fa:12:23:1c:d1:35:02: 9c:6f:d5:f1:83:94:5c:6c:4d:95:21:a5:da:13:f6:ca:30:e0: 4c:3d:80:4c:68:03:f4:9f:b0:9a:96:61:54:ac:27:65:ba:d2: eb:c9:af:64 -----BEGIN CERTIFICATE----- MIIFNjCCBB6gAwIBAgISAZt5fr7qx0IFM0R8puSMJ+9JMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0ZmY5MzUwNTdjM2JkYmFkYmRmNDlmMzQzNTYyYzVlMzAw MTYwNDQwHhcNMjYwMTAxMTIxODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZmQ1M2M5ZTc5MmQwYTJjZDI2MjRkN2ZlMGIyMzQ0MjQ2ZWQ3MjdiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HG6PIpCp8p5DZMXI9CY74AlsOZX LsakKvot12ZGiZvSw17wsTInyC+HTz2DgWhZfkEXE0QiciEeCkb4Fdj+TMSrNm1K 2zYMeRIQ+oP0638MGwmCjL/RVezeOdK6R2VeKuPnz0mO/ETh3q6N2tw0dTjSeNcT Uumxvj+VdEZkcAfkvH7hM7b/4EMTbXaKRDIwBj+8XEEZ16nns/6H0AVRER/PEp2n rECPxd4i5lWjbzQ45LWAW7Y3TtXyTgw+Y9ND/GKkviqiu9sG2Pk+InPmJVsh8nPO 5lia3w+PGhNgfk6qWli8f6AFSH4uU8Qk93TutLnIemq5ReCMKwX1Fk9LZQIDAQAB o4ICQjCCAj4wHQYDVR0OBBYEFM/VPJ55LQos0mJNf+CyNEJG7XJ7MB8GA1UdIwQY MBaAFMT/k1BXw726299J80NWLF4wAWBEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveFAtVFVGZkR2YnJiMzBuelExWXNYakFCWUVRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yYjA1OWEtMzI1ZC00Mzg1LTgxMWYt MTdlMWEyNTY5NTY4LzEvejlVOG5ua3RDaXpTWWsxXzRMSTBRa2J0Y25zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82ZC8yYjA1OWEtMzI1ZC00Mzg1LTgxMWYtMTdlMWEyNTY5NTY4 LzEveFAtVFVGZkR2YnJiMzBuelExWXNYakFCWUVRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDJW7IAwQE JdGwAwQEUVxgAwQFW74AAwQEXmSQAwQDXsb4AwQCuaEUAwQF1CMAMA0EAgACMAcD BQAqAmUAMA0GCSqGSIb3DQEBCwUAA4IBAQCJkwZmu4wX4Cjnt1Y2rkmgMlzPUqDB PaeBabo3odSLzqvIqyMik/qrE+v/4DajlK4NNEWHHhKKPNSJIUzN/Z3xD07qvoY7 UIbjCh9VE4qbq14k4OYpMikDPBII27YrLSEp9LxC/sYieNtMlXGhJ+OONJxFsi1f hqSX8D8DUQRNPTEH8qvcF5GZnZuzFIicSGddvmm/zc49Bi2ikIdbxA1Ocavk/3+H VWl5lqYWTov1juVoJWVgjnRZrzo2GieVuiGS2Wpvi1q1u0LgyRzaGJBN4foSIxzR NQKcb9Xxg5RcbE2VIaXaE/bKMOBMPYBMaAP0n7CalmFUrCdlutLrya9k -----END CERTIFICATE-----Generated at Mon Feb 9 18:44:25 2026 by rpki-client