This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/1383aa-108b-46ef-ac9e-9cee23a60566/1/zcxoOaYQZVz0kyNkbAvoL7_cGOo.roa File: zcxoOaYQZVz0kyNkbAvoL7_cGOo.roa (raw, json) Hash identifier: cbQCnBDpdRHmtA6XlyYrBSpV92ISXXC3TjEjSfaVLUw= Subject key identifier: CD:CC:68:39:A6:10:65:5C:F4:93:23:64:6C:0B:E8:2F:BF:DC:18:EA Certificate issuer: /CN=9e94d5bf3db7d6734dcf1be622d5fdee2fec3b8f Certificate serial: 019B7F852F724F78748239FC8865F8F9D563 Authority key identifier: 9E:94:D5:BF:3D:B7:D6:73:4D:CF:1B:E6:22:D5:FD:EE:2F:EC:3B:8F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npTVvz231nNNzxvmItX97i_sO48.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/1383aa-108b-46ef-ac9e-9cee23a60566/1/zcxoOaYQZVz0kyNkbAvoL7_cGOo.roa Signing time: Fri 02 Jan 2026 16:23:13 +0000 ROA not before: Fri 02 Jan 2026 16:23:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206292 IP address blocks: 2001:67c:994::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/1383aa-108b-46ef-ac9e-9cee23a60566/1/npTVvz231nNNzxvmItX97i_sO48.crl rsync://rpki.ripe.net/repository/DEFAULT/8d/1383aa-108b-46ef-ac9e-9cee23a60566/1/npTVvz231nNNzxvmItX97i_sO48.mft rsync://rpki.ripe.net/repository/DEFAULT/npTVvz231nNNzxvmItX97i_sO48.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 11 Jan 2026 13:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:2f:72:4f:78:74:82:39:fc:88:65:f8:f9:d5:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9e94d5bf3db7d6734dcf1be622d5fdee2fec3b8f Validity Not Before: Jan 2 16:23:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cdcc6839a610655cf49323646c0be82fbfdc18ea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:b7:95:40:ff:d3:e5:e9:5a:90:05:84:3a:bc: 3b:2f:d0:a4:e4:11:59:7c:2f:1c:f2:db:a0:eb:42: ee:b3:df:37:fe:a4:d1:97:b6:3d:64:d9:1e:03:5b: 04:3e:8e:32:01:87:5e:e7:4b:38:92:52:aa:3b:cc: c9:32:63:89:54:eb:ac:63:43:fb:36:05:77:b8:50: e9:4d:67:3b:c0:33:f7:79:ea:d1:dd:ca:34:60:bc: 92:41:ea:45:46:e9:50:7f:cc:b9:fc:03:87:f4:8d: 98:66:54:0c:c2:2d:e6:50:78:a8:fd:51:ff:bc:cd: e5:7a:c0:c5:e6:a8:5a:6e:64:82:e2:08:0a:39:90: bf:d4:b2:df:1d:89:85:48:26:bf:d1:6e:fc:0c:98: 2f:f9:50:51:0c:6d:29:c5:53:67:b7:8d:56:ee:e1: 90:8e:03:c9:eb:91:54:06:bd:fe:4f:74:56:b1:65: 38:c8:0f:27:06:49:33:f6:9f:19:6f:9f:e2:5c:60: e1:a0:92:0a:21:3b:b5:7a:19:59:0b:9e:08:9e:4f: d3:0a:9b:b2:4b:1c:e5:73:c9:cf:b0:27:6d:28:e4: d2:91:11:6f:ba:2a:31:ae:a0:1b:2e:3c:8f:26:0d: a0:fa:9e:70:5d:88:53:b0:05:99:66:10:a6:12:a2: 5f:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:CC:68:39:A6:10:65:5C:F4:93:23:64:6C:0B:E8:2F:BF:DC:18:EA X509v3 Authority Key Identifier: keyid:9E:94:D5:BF:3D:B7:D6:73:4D:CF:1B:E6:22:D5:FD:EE:2F:EC:3B:8F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npTVvz231nNNzxvmItX97i_sO48.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/1383aa-108b-46ef-ac9e-9cee23a60566/1/zcxoOaYQZVz0kyNkbAvoL7_cGOo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/1383aa-108b-46ef-ac9e-9cee23a60566/1/npTVvz231nNNzxvmItX97i_sO48.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:994::/48 Signature Algorithm: sha256WithRSAEncryption 48:0c:28:e7:e9:ff:8a:e7:72:65:d2:71:62:4c:fc:a8:f7:8a: a8:52:ba:b0:8a:ed:97:de:be:f0:21:e0:0e:a0:4c:38:64:0b: 49:36:71:a9:2f:79:be:cf:45:0a:5a:43:8e:8f:c1:9b:47:cd: 07:d9:85:09:5f:05:84:e3:50:2a:50:cd:9c:06:ab:6a:bf:e0: 5c:70:05:3a:93:8a:4a:d6:e4:33:56:7b:af:e8:ad:e1:32:5c: 0b:08:c7:cf:07:dc:f0:54:53:db:80:9c:d0:0c:45:5b:24:94: cd:31:d5:db:6e:fb:9d:5b:bd:06:5d:41:a0:50:76:cb:88:4a: 16:25:50:2d:00:7c:a0:de:c3:99:92:e4:75:7e:e0:ef:6f:12: eb:7d:58:ec:0f:3d:c9:31:9b:3f:a6:3c:5a:50:23:0d:41:22: 45:b2:37:8b:d6:2a:f5:0c:9f:3f:62:35:2c:c5:b9:a8:07:c4: 66:b1:ad:a1:43:bd:17:5e:74:55:24:ef:b4:a6:9b:fc:80:0e: 74:65:4b:69:2b:df:bc:b0:a9:46:de:71:f4:c2:63:f4:08:f6: 22:bc:aa:86:56:5d:19:bc:3e:cb:8a:92:d1:3e:91:e6:65:02: ca:a8:b7:9e:14:b8:f7:74:1b:5c:e7:bc:e9:7e:1a:84:bb:19: 4d:b1:13:3f -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/hS9yT3h0gjn8iGX4+dVjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDllOTRkNWJmM2RiN2Q2NzM0ZGNmMWJlNjIyZDVmZGVlMmZl YzNiOGYwHhcNMjYwMTAyMTYyMzEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZGNjNjgzOWE2MTA2NTVjZjQ5MzIzNjQ2YzBiZTgyZmJmZGMxOGVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbeVQP/T5elakAWEOrw7L9Ck5BFZ fC8c8tug60Lus983/qTRl7Y9ZNkeA1sEPo4yAYde50s4klKqO8zJMmOJVOusY0P7 NgV3uFDpTWc7wDP3eerR3co0YLySQepFRulQf8y5/AOH9I2YZlQMwi3mUHio/VH/ vM3lesDF5qhabmSC4ggKOZC/1LLfHYmFSCa/0W78DJgv+VBRDG0pxVNnt41W7uGQ jgPJ65FUBr3+T3RWsWU4yA8nBkkz9p8Zb5/iXGDhoJIKITu1ehlZC54Ink/TCpuy Sxzlc8nPsCdtKOTSkRFvuioxrqAbLjyPJg2g+p5wXYhTsAWZZhCmEqJf6QIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFM3MaDmmEGVc9JMjZGwL6C+/3BjqMB8GA1UdIwQY MBaAFJ6U1b89t9ZzTc8b5iLV/e4v7DuPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbnBUVnZ6MjMxbk5Oenh2bUl0WDk3aV9zTzQ4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8xMzgzYWEtMTA4Yi00NmVmLWFjOWUt OWNlZTIzYTYwNTY2LzEvemN4b09hWVFaVnowa3lOa2JBdm9MN19jR09vLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZC8xMzgzYWEtMTA4Yi00NmVmLWFjOWUtOWNlZTIzYTYwNTY2 LzEvbnBUVnZ6MjMxbk5Oenh2bUl0WDk3aV9zTzQ4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAmU MA0GCSqGSIb3DQEBCwUAA4IBAQBIDCjn6f+K53Jl0nFiTPyo94qoUrqwiu2X3r7w IeAOoEw4ZAtJNnGpL3m+z0UKWkOOj8GbR80H2YUJXwWE41AqUM2cBqtqv+BccAU6 k4pK1uQzVnuv6K3hMlwLCMfPB9zwVFPbgJzQDEVbJJTNMdXbbvudW70GXUGgUHbL iEoWJVAtAHyg3sOZkuR1fuDvbxLrfVjsDz3JMZs/pjxaUCMNQSJFsjeL1ir1DJ8/ YjUsxbmoB8Rmsa2hQ70XXnRVJO+0ppv8gA50ZUtpK9+8sKlG3nH0wmP0CPYivKqG Vl0ZvD7LipLRPpHmZQLKqLeeFLj3dBtc57zpfhqEuxlNsRM/ -----END CERTIFICATE-----Generated at Sat Jan 10 22:07:06 2026 by rpki-client