This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/0zpkCzM_uofHYYZxFIrLXH86TtE.roa File: 0zpkCzM_uofHYYZxFIrLXH86TtE.roa (raw, json) Hash identifier: P57GZQJKHIYx63+D4T/Sc8PITT1O1syqnE0cmDkI1T8= Subject key identifier: D3:3A:64:0B:33:3F:BA:87:C7:61:86:71:14:8A:CB:5C:7F:3A:4E:D1 Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8 Certificate serial: 019BA4421B2E53EA1186E2FFF7B8DFF2A4ED Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/0zpkCzM_uofHYYZxFIrLXH86TtE.roa Signing time: Fri 09 Jan 2026 19:35:54 +0000 ROA not before: Fri 09 Jan 2026 19:35:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 7843 IP address blocks: 168.199.0.0/24 maxlen: 24 168.199.4.0/24 maxlen: 24 168.199.126.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 15:22:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:a4:42:1b:2e:53:ea:11:86:e2:ff:f7:b8:df:f2:a4:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8 Validity Not Before: Jan 9 19:35:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d33a640b333fba87c7618671148acb5c7f3a4ed1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:2b:8f:41:45:78:da:97:eb:ce:97:95:5b:b6: 00:f7:07:c0:f7:cf:3b:63:27:20:6c:a1:5b:a9:a1: ec:88:62:41:f7:cd:cb:08:b1:89:f7:48:14:da:e2: 29:78:83:52:60:9d:1b:5a:05:4c:a0:93:66:1f:15: 36:bd:4c:05:e3:fe:d4:3a:ec:ad:40:92:fa:92:b0: 11:6e:91:bd:34:fa:16:58:09:0b:7b:89:b2:32:67: 81:41:ab:f6:35:e0:16:33:55:d5:da:a0:04:86:0f: 59:14:bc:e4:ab:b9:67:ae:32:d7:c4:3c:f0:16:81: 37:0a:4d:a0:98:48:9c:f7:3a:62:6b:64:80:c7:e6: ea:c1:9e:8b:d3:9f:c3:bf:98:57:2d:c2:20:5f:a5: 95:0f:87:16:dd:83:82:cd:59:80:44:c3:f5:51:6d: 92:1a:e4:74:49:8a:6d:bf:5e:4f:8b:27:e4:e5:ff: e0:e2:c6:96:14:4f:f7:a9:ac:1e:a4:d1:76:c2:78: 16:0c:e5:1e:99:d6:f5:62:60:ca:8c:9f:4b:74:29: 13:54:d6:b1:e0:42:cc:61:c3:05:e3:90:b1:b0:23: 2f:03:fa:29:ce:bc:29:51:84:06:2f:44:b1:9b:f5: 09:90:6b:b1:60:b0:cd:46:58:f7:db:7d:7a:81:03: 70:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:3A:64:0B:33:3F:BA:87:C7:61:86:71:14:8A:CB:5C:7F:3A:4E:D1 X509v3 Authority Key Identifier: keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/0zpkCzM_uofHYYZxFIrLXH86TtE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 168.199.0.0/24 168.199.4.0/24 168.199.126.0/24 Signature Algorithm: sha256WithRSAEncryption a0:b7:42:a7:c5:9a:0b:b5:44:27:a7:7b:64:5d:60:dd:66:ec: f6:39:3e:66:d4:97:b7:08:4a:56:2f:c2:e5:9f:7d:7d:7e:68: 15:a5:b5:0f:af:ba:d8:9e:85:ea:77:49:09:f5:f8:ea:35:33: 5c:27:28:e8:01:26:66:86:6a:bf:46:5d:d4:ba:61:73:34:02: ee:b0:d7:16:20:cb:a3:77:76:0f:2f:3b:07:bd:3c:6d:f1:1c: 48:4c:bc:e0:3f:57:02:fd:a9:41:8c:c2:55:32:f4:88:be:19: b8:1d:3a:cb:c3:8f:31:89:85:4a:1b:eb:c2:ac:12:36:7c:a2: fd:fb:1f:38:68:a0:bf:7a:d2:df:3e:f3:23:42:11:73:86:31: fd:e1:d0:3f:aa:8e:65:c6:d6:5e:a6:3f:4a:eb:70:47:b6:7b: e1:2a:d0:cc:f7:ee:df:6d:98:fb:39:a5:db:b7:1b:27:8e:53: 7a:34:66:e0:7b:e7:c0:8a:82:4a:dc:fd:8f:35:2e:28:16:ae: 6e:dd:ed:03:84:5f:f4:ad:ec:7c:2a:cd:bb:38:cc:7d:9a:41: 6f:b9:2a:66:41:2a:6e:bb:f1:e8:f6:27:b7:73:11:8a:ad:5d: 82:bf:ed:60:a5:6d:10:ee:54:0a:e1:ab:7b:84:db:66:33:85: 25:97:e0:e0 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZukQhsuU+oRhuL/97jf8qTtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4 ODE3ZDgwHhcNMjYwMTA5MTkzNTU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMzNhNjQwYjMzM2ZiYTg3Yzc2MTg2NzExNDhhY2I1YzdmM2E0ZWQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyuPQUV42pfrzpeVW7YA9wfA9887 YycgbKFbqaHsiGJB983LCLGJ90gU2uIpeINSYJ0bWgVMoJNmHxU2vUwF4/7UOuyt QJL6krARbpG9NPoWWAkLe4myMmeBQav2NeAWM1XV2qAEhg9ZFLzkq7lnrjLXxDzw FoE3Ck2gmEic9zpia2SAx+bqwZ6L05/Dv5hXLcIgX6WVD4cW3YOCzVmARMP1UW2S GuR0SYptv15Piyfk5f/g4saWFE/3qawepNF2wngWDOUemdb1YmDKjJ9LdCkTVNax 4ELMYcMF45CxsCMvA/opzrwpUYQGL0Sxm/UJkGuxYLDNRlj32316gQNwvQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFNM6ZAszP7qHx2GGcRSKy1x/Ok7RMB8GA1UdIwQY MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt MmQxOTE4YmExYzBlLzEvMHpwa0N6TV91b2ZIWVlaeEZJckxYSDg2VHRFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAqMcAAwQA qMcEAwQAqMd+MA0GCSqGSIb3DQEBCwUAA4IBAQCgt0KnxZoLtUQnp3tkXWDdZuz2 OT5m1Je3CEpWL8Lln319fmgVpbUPr7rYnoXqd0kJ9fjqNTNcJyjoASZmhmq/Rl3U umFzNALusNcWIMujd3YPLzsHvTxt8RxITLzgP1cC/alBjMJVMvSIvhm4HTrLw48x iYVKG+vCrBI2fKL9+x84aKC/etLfPvMjQhFzhjH94dA/qo5lxtZepj9K63BHtnvh KtDM9+7fbZj7OaXbtxsnjlN6NGbge+fAioJK3P2PNS4oFq5u3e0DhF/0rex8Ks27 OMx9mkFvuSpmQSpuu/Ho9ie3cxGKrV2Cv+1gpW0Q7lQK4at7hNtmM4Ull+Dg -----END CERTIFICATE-----Generated at Wed Jan 21 23:47:32 2026 by rpki-client