This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/456c62-4746-41e0-8044-920599f52637/1/zcaWIGhkG55HVrp_LTvU2dDCIlw.roa File: zcaWIGhkG55HVrp_LTvU2dDCIlw.roa (raw, json) Hash identifier: kwl/J+DhlHUe4YxPvoDLnKqddS3rQt5tFVk3ZqLbgmE= Subject key identifier: CD:C6:96:20:68:64:1B:9E:47:56:BA:7F:2D:3B:D4:D9:D0:C2:22:5C Certificate issuer: /CN=1821cc908dfa91110d1119a6de1ec41e3ecff346 Certificate serial: 019B7C12B9FBC27C51AC9161BF4698FF37FE Authority key identifier: 18:21:CC:90:8D:FA:91:11:0D:11:19:A6:DE:1E:C4:1E:3E:CF:F3:46 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GCHMkI36kRENERmm3h7EHj7P80Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/456c62-4746-41e0-8044-920599f52637/1/zcaWIGhkG55HVrp_LTvU2dDCIlw.roa Signing time: Fri 02 Jan 2026 00:19:20 +0000 ROA not before: Fri 02 Jan 2026 00:19:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215434 IP address blocks: 2a01:f0c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/456c62-4746-41e0-8044-920599f52637/1/GCHMkI36kRENERmm3h7EHj7P80Y.crl rsync://rpki.ripe.net/repository/DEFAULT/88/456c62-4746-41e0-8044-920599f52637/1/GCHMkI36kRENERmm3h7EHj7P80Y.mft rsync://rpki.ripe.net/repository/DEFAULT/GCHMkI36kRENERmm3h7EHj7P80Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 15:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:b9:fb:c2:7c:51:ac:91:61:bf:46:98:ff:37:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1821cc908dfa91110d1119a6de1ec41e3ecff346 Validity Not Before: Jan 2 00:19:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cdc6962068641b9e4756ba7f2d3bd4d9d0c2225c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:22:81:a0:13:97:d9:df:8c:09:1f:91:f0:ca: af:25:85:92:c9:3d:57:ec:a0:ee:42:c6:bd:2d:b2: 06:e3:35:b6:a5:48:e6:df:6d:0b:c8:9b:b1:17:d1: 33:d6:6f:8e:f6:1b:25:0d:d6:5a:28:81:2a:bb:30: b3:53:73:37:81:05:84:e2:d3:eb:61:fb:92:83:2d: 99:f4:d0:e8:75:9f:f6:c6:90:98:c0:26:e6:dd:5c: d1:d1:d7:ba:b1:f9:01:4b:0f:24:b2:f6:f8:8a:25: 4c:b6:9a:fe:28:f4:5b:df:95:a5:5f:eb:ec:d1:3b: a4:fd:9e:0f:fa:30:8e:4b:5e:90:44:c5:39:99:7c: e4:c6:c6:11:ef:dc:01:d8:e1:6e:c3:bf:0a:cf:65: 76:f0:14:cc:17:6e:35:f5:48:1b:e5:49:25:f2:7e: eb:31:77:b3:b6:d3:75:a2:de:c2:15:e6:6f:03:47: 2b:b2:db:1d:c0:0b:7a:36:70:87:90:be:61:31:47: 59:4c:b4:a5:52:8d:4b:77:36:f9:df:7c:16:ac:a5: 1a:d1:a3:01:7f:ba:77:ce:5a:9c:4a:c3:73:ea:ea: 43:96:bc:b8:08:6f:86:66:ed:89:86:5a:0a:df:98: a2:bd:78:1a:39:7c:6b:ce:4d:3a:7f:67:3e:d5:cf: c1:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:C6:96:20:68:64:1B:9E:47:56:BA:7F:2D:3B:D4:D9:D0:C2:22:5C X509v3 Authority Key Identifier: keyid:18:21:CC:90:8D:FA:91:11:0D:11:19:A6:DE:1E:C4:1E:3E:CF:F3:46 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GCHMkI36kRENERmm3h7EHj7P80Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/456c62-4746-41e0-8044-920599f52637/1/zcaWIGhkG55HVrp_LTvU2dDCIlw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/88/456c62-4746-41e0-8044-920599f52637/1/GCHMkI36kRENERmm3h7EHj7P80Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:f0c0::/29 Signature Algorithm: sha256WithRSAEncryption 15:ef:d2:f4:ce:bf:64:9a:ab:c6:bc:d7:61:98:85:19:b0:a6: 8f:c6:7f:e8:97:9e:43:9f:a9:c1:74:3a:b0:f6:3d:d6:c9:36: 7b:d4:15:5e:b4:13:63:db:64:9a:ea:37:8c:3e:bd:6e:4e:80: 18:22:d7:ea:61:53:e0:fc:8e:5f:64:7d:0a:5f:11:aa:cd:1d: a9:eb:bb:93:3b:7c:65:41:97:0f:57:fb:b7:45:5c:5c:02:fb: 2a:a0:7d:55:5e:b6:ed:44:00:7e:84:d4:f1:3e:d4:b1:77:21: cb:27:02:b6:df:01:1a:76:06:0b:18:0b:45:3a:b3:70:34:51: f6:3f:b1:7c:22:7b:a3:6c:f9:99:2b:6f:ac:45:d3:68:73:3f: dd:e4:ac:53:d9:6b:c1:f2:b4:76:0d:9e:4a:b4:02:20:e8:10: cf:5b:1f:3f:d5:a6:09:69:a4:f2:52:4c:cd:75:50:f8:a0:2e: c8:24:e1:b8:23:c1:22:db:71:27:de:f9:0e:83:ff:d7:74:59: 41:b7:48:68:7e:29:39:cc:31:90:00:33:81:ed:3b:ae:ca:6a: f1:90:61:e3:6a:58:53:71:a5:a6:13:6d:40:cc:70:9f:12:e4: f8:97:a6:67:5e:bc:0f:a2:e6:6a:a1:e2:0d:f9:bd:42:b7:ff: 6b:b6:a8:e6 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt8Ern7wnxRrJFhv0aY/zf+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE4MjFjYzkwOGRmYTkxMTEwZDExMTlhNmRlMWVjNDFlM2Vj ZmYzNDYwHhcNMjYwMTAyMDAxOTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZGM2OTYyMDY4NjQxYjllNDc1NmJhN2YyZDNiZDRkOWQwYzIyMjVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCKBoBOX2d+MCR+R8MqvJYWSyT1X 7KDuQsa9LbIG4zW2pUjm320LyJuxF9Ez1m+O9hslDdZaKIEquzCzU3M3gQWE4tPr YfuSgy2Z9NDodZ/2xpCYwCbm3VzR0de6sfkBSw8ksvb4iiVMtpr+KPRb35WlX+vs 0Tuk/Z4P+jCOS16QRMU5mXzkxsYR79wB2OFuw78Kz2V28BTMF2419Ugb5Ukl8n7r MXezttN1ot7CFeZvA0crstsdwAt6NnCHkL5hMUdZTLSlUo1Ldzb533wWrKUa0aMB f7p3zlqcSsNz6upDlry4CG+GZu2JhloK35iivXgaOXxrzk06f2c+1c/BgQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFM3GliBoZBueR1a6fy071NnQwiJcMB8GA1UdIwQY MBaAFBghzJCN+pERDREZpt4exB4+z/NGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR0NITWtJMzZrUkVORVJtbTNoN0VIajdQODBZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC80NTZjNjItNDc0Ni00MWUwLTgwNDQt OTIwNTk5ZjUyNjM3LzEvemNhV0lHaGtHNTVIVnJwX0xUdlUyZERDSWx3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OC80NTZjNjItNDc0Ni00MWUwLTgwNDQtOTIwNTk5ZjUyNjM3 LzEvR0NITWtJMzZrUkVORVJtbTNoN0VIajdQODBZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgHwwDAN BgkqhkiG9w0BAQsFAAOCAQEAFe/S9M6/ZJqrxrzXYZiFGbCmj8Z/6JeeQ5+pwXQ6 sPY91sk2e9QVXrQTY9tkmuo3jD69bk6AGCLX6mFT4PyOX2R9Cl8Rqs0dqeu7kzt8 ZUGXD1f7t0VcXAL7KqB9VV627UQAfoTU8T7UsXchyycCtt8BGnYGCxgLRTqzcDRR 9j+xfCJ7o2z5mStvrEXTaHM/3eSsU9lrwfK0dg2eSrQCIOgQz1sfP9WmCWmk8lJM zXVQ+KAuyCThuCPBIttxJ975DoP/13RZQbdIaH4pOcwxkAAzge07rspq8ZBh42pY U3GlphNtQMxwnxLk+JemZ168D6LmaqHiDfm9Qrf/a7ao5g== -----END CERTIFICATE-----Generated at Mon Jan 19 23:23:34 2026 by rpki-client