This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/PzoJn7JmNA7HLgDJj3qABg4rdIg.roa File: PzoJn7JmNA7HLgDJj3qABg4rdIg.roa (raw, json) Hash identifier: Pu8elV3ASkAhzzlLq5cnqoeSEZGr98s46wDdEgSzMVE= Subject key identifier: 3F:3A:09:9F:B2:66:34:0E:C7:2E:00:C9:8F:7A:80:06:0E:2B:74:88 Certificate issuer: /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692 Certificate serial: 019B7F842B25F96D7D1C49B271AE2537A8A9 Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/PzoJn7JmNA7HLgDJj3qABg4rdIg.roa Signing time: Fri 02 Jan 2026 16:22:06 +0000 ROA not before: Fri 02 Jan 2026 16:22:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 0 IP address blocks: 2a00:4080::/29 maxlen: 29 2a04:1bc0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.mft rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 16:02:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:2b:25:f9:6d:7d:1c:49:b2:71:ae:25:37:a8:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692 Validity Not Before: Jan 2 16:22:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3f3a099fb266340ec72e00c98f7a80060e2b7488 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:e9:e0:e0:ec:65:9f:b0:cb:76:17:de:51:c2: d5:4b:08:f3:9b:da:5e:1e:29:d8:fe:ca:0e:20:88: ce:24:3f:e7:e8:6c:00:27:40:4f:d2:cd:14:7c:3b: 83:d8:53:9d:dc:0c:36:e8:a3:fc:69:e3:35:d4:db: 46:5b:b9:09:c0:c5:2a:93:4b:0f:20:b6:95:74:21: 48:04:30:69:48:8d:e3:74:56:52:7a:5a:a2:01:45: 30:52:ab:3f:d8:a2:05:98:1f:61:42:e4:a4:e4:65: c7:e7:e4:79:0c:a9:b9:dd:43:d3:93:ff:99:62:29: 3b:61:31:2d:36:97:0e:81:a8:a5:6e:df:6f:2d:99: ee:48:0c:a0:32:0a:f7:06:86:ac:4f:d8:5b:a2:f0: 03:7b:a7:87:e7:c0:70:cf:b5:58:5c:2f:0b:e8:a8: b0:ec:57:d4:97:91:cb:fe:d4:e2:45:71:11:df:38: 52:7d:11:d9:7a:d0:af:a5:ae:e5:a2:49:63:8c:2d: e7:c4:aa:70:2f:46:2f:d7:99:23:2b:a8:11:1c:c2: c2:37:9a:fb:ef:59:d4:fe:49:b8:b5:d3:6e:a9:56: a0:40:d8:6f:7d:05:d2:d3:4c:22:7d:70:58:a6:f3: fe:3a:4e:dd:49:ab:3c:b9:c2:eb:a3:29:70:8a:ab: 40:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:3A:09:9F:B2:66:34:0E:C7:2E:00:C9:8F:7A:80:06:0E:2B:74:88 X509v3 Authority Key Identifier: keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/PzoJn7JmNA7HLgDJj3qABg4rdIg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a00:4080::/29 2a04:1bc0::/29 Signature Algorithm: sha256WithRSAEncryption b0:e4:cb:17:60:c7:bc:95:85:51:fd:d6:d2:06:4b:80:95:50: 01:32:77:43:56:1f:c9:e2:29:54:8c:0a:fe:e4:77:33:d1:d8: 05:cb:05:20:08:1e:13:7d:fc:b0:49:8f:7f:53:cd:8a:cf:73: 3b:c1:88:a3:66:f1:2b:0a:5e:f1:f2:8e:3c:c5:1f:40:dd:3f: cd:a6:62:ac:2f:38:7a:ca:4c:81:61:82:76:c0:a1:04:aa:07: 15:97:97:be:c0:16:1c:8c:19:77:45:9f:8a:6f:83:f9:85:05: 04:ee:3f:95:a4:56:49:2a:21:48:b5:cb:7b:75:1b:13:bb:75: a9:09:5d:f6:9c:ca:29:b9:60:bd:55:ec:00:ad:9e:da:9a:a6: ca:35:1a:28:b8:68:23:35:b8:03:b1:2d:c0:02:c1:e2:5a:56: 3e:e2:92:20:3f:8f:a0:6a:bf:60:b5:06:72:94:67:ff:d2:04: 62:9b:9a:99:32:cb:39:e4:e3:5f:18:d0:06:11:dc:12:b8:df: f2:04:1b:06:18:d8:ab:2c:25:cf:15:6f:6b:f7:f7:26:89:70: b8:3c:d7:82:84:77:b8:3b:7b:3a:b2:58:cb:3a:fb:e1:56:1e: 5e:fa:19:12:bd:dc:8f:7c:54:b2:b2:ab:05:ff:61:04:87:3b: 3d:6b:5f:66 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt/hCsl+W19HEmyca4lN6ipMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi ZjA2OTIwHhcNMjYwMTAyMTYyMjA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZjNhMDk5ZmIyNjYzNDBlYzcyZTAwYzk4ZjdhODAwNjBlMmI3NDg4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOng4Oxln7DLdhfeUcLVSwjzm9pe HinY/soOIIjOJD/n6GwAJ0BP0s0UfDuD2FOd3Aw26KP8aeM11NtGW7kJwMUqk0sP ILaVdCFIBDBpSI3jdFZSelqiAUUwUqs/2KIFmB9hQuSk5GXH5+R5DKm53UPTk/+Z Yik7YTEtNpcOgailbt9vLZnuSAygMgr3BoasT9hbovADe6eH58Bwz7VYXC8L6Kiw 7FfUl5HL/tTiRXER3zhSfRHZetCvpa7lokljjC3nxKpwL0Yv15kjK6gRHMLCN5r7 71nU/km4tdNuqVagQNhvfQXS00wifXBYpvP+Ok7dSas8ucLroylwiqtALwIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFD86CZ+yZjQOxy4AyY96gAYOK3SIMB8GA1UdIwQY MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt YWE5ZDY5MTgxMWU3LzEvUHpvSm43Sm1OQTdITGdESmozcUFCZzRyZElnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3 LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgBAgAMF AyoEG8AwDQYJKoZIhvcNAQELBQADggEBALDkyxdgx7yVhVH91tIGS4CVUAEyd0NW H8niKVSMCv7kdzPR2AXLBSAIHhN9/LBJj39TzYrPczvBiKNm8SsKXvHyjjzFH0Dd P82mYqwvOHrKTIFhgnbAoQSqBxWXl77AFhyMGXdFn4pvg/mFBQTuP5WkVkkqIUi1 y3t1GxO7dakJXfacyim5YL1V7ACtntqapso1Gii4aCM1uAOxLcACweJaVj7ikiA/ j6Bqv2C1BnKUZ//SBGKbmpkyyznk418Y0AYR3BK43/IEGwYY2KssJc8Vb2v39yaJ cLg814KEd7g7ezqyWMs6++FWHl76GRK93I98VLKyqwX/YQSHOz1rX2Y= -----END CERTIFICATE-----Generated at Fri Jan 9 00:58:33 2026 by rpki-client