This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/ZvxWZA5kab-IbwzdG5iBlPWGxj0.roa File: ZvxWZA5kab-IbwzdG5iBlPWGxj0.roa (raw, json) Hash identifier: oQZDeQiZdxo6pU+/PSZ+QhGg8bzyOow4m0K53COyTts= Subject key identifier: 66:FC:56:64:0E:64:69:BF:88:6F:0C:DD:1B:98:81:94:F5:86:C6:3D Certificate issuer: /CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813 Certificate serial: 019B7B3594CCA623574D6B03BA79A5D141C2 Authority key identifier: AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/ZvxWZA5kab-IbwzdG5iBlPWGxj0.roa Signing time: Thu 01 Jan 2026 20:17:47 +0000 ROA not before: Thu 01 Jan 2026 20:17:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39401 IP address blocks: 85.217.224.0/20 maxlen: 24 85.217.224.0/24 maxlen: 24 85.217.225.0/24 maxlen: 24 85.217.226.0/24 maxlen: 24 85.217.227.0/24 maxlen: 24 85.217.228.0/24 maxlen: 24 85.217.229.0/24 maxlen: 24 85.217.230.0/24 maxlen: 24 85.217.231.0/24 maxlen: 24 85.217.232.0/24 maxlen: 24 85.217.233.0/24 maxlen: 24 85.217.234.0/24 maxlen: 24 85.217.235.0/24 maxlen: 24 85.217.236.0/24 maxlen: 24 85.217.237.0/24 maxlen: 24 85.217.240.0/22 maxlen: 24 85.217.240.0/24 maxlen: 24 85.217.241.0/24 maxlen: 24 85.217.242.0/24 maxlen: 24 85.217.243.0/24 maxlen: 24 85.217.244.0/23 maxlen: 24 85.217.244.0/24 maxlen: 24 85.217.245.0/24 maxlen: 24 85.217.246.0/24 maxlen: 24 85.217.247.0/24 maxlen: 24 85.217.248.0/23 maxlen: 23 85.217.248.0/24 maxlen: 24 85.217.249.0/24 maxlen: 24 85.217.250.0/23 maxlen: 23 85.217.250.0/24 maxlen: 24 85.217.251.0/24 maxlen: 24 85.217.252.0/23 maxlen: 23 85.217.252.0/24 maxlen: 24 85.217.253.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.mft rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:01:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:94:cc:a6:23:57:4d:6b:03:ba:79:a5:d1:41:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813 Validity Not Before: Jan 1 20:17:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=66fc56640e6469bf886f0cdd1b988194f586c63d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:b5:f0:af:b3:c7:f7:39:13:b2:33:30:74:67: 43:27:15:c1:ad:d3:6e:59:a1:8b:d6:4e:5a:5a:a5: c5:33:43:1f:c5:12:5d:9e:76:b0:ad:cb:50:f9:ad: e8:97:9b:25:70:1f:95:51:20:8b:9b:d0:49:05:70: 74:98:56:da:c7:35:bf:85:b0:22:45:d1:4d:d7:0a: ca:af:af:ee:d2:f7:3a:55:29:96:0a:d5:ed:82:dc: bd:0f:2a:df:f9:7b:2d:10:cc:16:a4:36:f5:54:c6: ee:7a:67:16:45:a4:e1:47:9d:ac:7c:fb:48:b7:3c: ec:b2:a7:9d:ca:ef:62:2c:24:2e:25:6d:c6:4f:7e: 49:81:90:05:54:b8:88:1b:c3:b3:9e:b0:e5:79:4d: cf:bd:f8:be:c1:ba:91:61:52:84:39:06:2a:73:78: 3a:d2:be:61:fc:76:b7:db:99:8c:1c:94:9f:c2:87: f1:8d:0f:79:76:75:8a:12:ed:ba:cb:96:5f:6f:93: 1a:59:3b:5a:a7:2b:26:17:ed:a2:7e:7d:b7:b2:3b: 7e:a0:ce:ed:08:ab:37:1c:c7:50:1c:49:fb:d3:64: 8d:7f:5b:71:c7:50:2b:7a:b4:dc:dc:16:b7:73:9f: fa:a1:f4:78:7e:1c:e4:1c:83:f6:93:46:39:3f:bd: 2d:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:FC:56:64:0E:64:69:BF:88:6F:0C:DD:1B:98:81:94:F5:86:C6:3D X509v3 Authority Key Identifier: keyid:AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/ZvxWZA5kab-IbwzdG5iBlPWGxj0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.217.224.0-85.217.253.255 Signature Algorithm: sha256WithRSAEncryption a2:fa:85:a3:e7:89:03:3e:ea:21:9e:9c:cf:d2:e7:42:f1:8e: c6:29:5f:01:d9:38:e1:ff:72:4f:d4:2b:00:19:81:3f:70:75: 6f:0c:64:1f:7b:d2:9d:ca:77:48:d2:39:5b:a0:56:9a:db:f7: 78:25:2b:97:06:5b:96:9a:0b:6f:ea:5d:ee:ce:f9:d8:2c:4a: fc:78:94:e3:ea:3d:e3:58:3c:21:f1:57:b5:c5:04:b0:3f:74: e1:04:1b:a4:87:fe:cd:c9:8e:5b:c7:d3:c5:c9:7e:98:e4:a6: b5:d7:6d:c0:94:bc:16:84:4b:b7:ac:67:67:3a:a8:6e:40:98: b5:dc:fa:27:fa:cd:64:83:10:9f:4d:ad:9a:ca:a5:0b:78:c2: 1f:1b:4e:2c:14:fa:e3:f9:dc:14:07:af:64:de:1f:33:9d:b6: bd:90:61:75:e3:49:05:cf:22:d3:e9:40:39:96:c5:e2:bb:6c: 76:0d:74:e5:37:fe:a2:35:75:8c:f5:e8:b9:59:0e:ab:68:8a: bf:09:8a:7e:80:a6:ad:49:f4:3b:0d:1a:b8:52:4a:9c:89:b3: c5:5b:9c:d1:83:a6:9f:54:a2:a1:38:48:e4:7c:c7:c5:3b:5e: 33:34:fe:e5:c4:60:c6:d1:ed:6b:f7:48:09:fc:69:56:89:cd: 4f:6f:2e:0d -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt7NZTMpiNXTWsDunml0UHCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFjMWY3MjFiN2I3ZTZkMDQ5ZmJmZTUyMGUxY2E4OWMxY2Ey NTY4MTMwHhcNMjYwMTAxMjAxNzQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NmZjNTY2NDBlNjQ2OWJmODg2ZjBjZGQxYjk4ODE5NGY1ODZjNjNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27Xwr7PH9zkTsjMwdGdDJxXBrdNu WaGL1k5aWqXFM0MfxRJdnnawrctQ+a3ol5slcB+VUSCLm9BJBXB0mFbaxzW/hbAi RdFN1wrKr6/u0vc6VSmWCtXtgty9Dyrf+XstEMwWpDb1VMbuemcWRaThR52sfPtI tzzssqedyu9iLCQuJW3GT35JgZAFVLiIG8OznrDleU3Pvfi+wbqRYVKEOQYqc3g6 0r5h/Ha325mMHJSfwofxjQ95dnWKEu26y5Zfb5MaWTtapysmF+2ifn23sjt+oM7t CKs3HMdQHEn702SNf1txx1ArerTc3Ba3c5/6ofR4fhzkHIP2k0Y5P70ttwIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFGb8VmQOZGm/iG8M3RuYgZT1hsY9MB8GA1UdIwQY MBaAFKwfcht7fm0En7/lIOHKicHKJWgTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjIt NjRkMjljODZiZjNlLzEvWnZ4V1pBNWthYi1JYnd6ZEc1aUJsUFdHeGowLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjItNjRkMjljODZiZjNl LzEvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAVV2eAD BAFV2fwwDQYJKoZIhvcNAQELBQADggEBAKL6haPniQM+6iGenM/S50LxjsYpXwHZ OOH/ck/UKwAZgT9wdW8MZB970p3Kd0jSOVugVprb93glK5cGW5aaC2/qXe7O+dgs Svx4lOPqPeNYPCHxV7XFBLA/dOEEG6SH/s3JjlvH08XJfpjkprXXbcCUvBaES7es Z2c6qG5AmLXc+if6zWSDEJ9NrZrKpQt4wh8bTiwU+uP53BQHr2TeHzOdtr2QYXXj SQXPItPpQDmWxeK7bHYNdOU3/qI1dYz16LlZDqtoir8Jin6Apq1J9DsNGrhSSpyJ s8VbnNGDpp9UoqE4SOR8x8U7XjM0/uXEYMbR7Wv3SAn8aVaJzU9vLg0= -----END CERTIFICATE-----Generated at Mon Feb 9 21:24:20 2026 by rpki-client