This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/2a1b4e-d754-443c-a360-afb566cdfac6/1/zTRd4Rg7f52eGJE9IBoR1ppNzbw.roa File: zTRd4Rg7f52eGJE9IBoR1ppNzbw.roa (raw, json) Hash identifier: 1Wo48c+UEPKDWWzPD4uCsXMeUU5ZpLq6o6j7k+pojVE= Subject key identifier: CD:34:5D:E1:18:3B:7F:9D:9E:18:91:3D:20:1A:11:D6:9A:4D:CD:BC Certificate issuer: /CN=0cbbd0114d97196750d48c5e1256ed055a5e9e2c Certificate serial: 019B7BA4E57A3F88ACC6BC06722A86E67A0C Authority key identifier: 0C:BB:D0:11:4D:97:19:67:50:D4:8C:5E:12:56:ED:05:5A:5E:9E:2C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DLvQEU2XGWdQ1IxeElbtBVpeniw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/2a1b4e-d754-443c-a360-afb566cdfac6/1/zTRd4Rg7f52eGJE9IBoR1ppNzbw.roa Signing time: Thu 01 Jan 2026 22:19:22 +0000 ROA not before: Thu 01 Jan 2026 22:19:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60671 IP address blocks: 185.27.40.0/23 maxlen: 23 185.27.40.0/24 maxlen: 24 185.27.41.0/24 maxlen: 24 2a04:33c0::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/2a1b4e-d754-443c-a360-afb566cdfac6/1/DLvQEU2XGWdQ1IxeElbtBVpeniw.crl rsync://rpki.ripe.net/repository/DEFAULT/94/2a1b4e-d754-443c-a360-afb566cdfac6/1/DLvQEU2XGWdQ1IxeElbtBVpeniw.mft rsync://rpki.ripe.net/repository/DEFAULT/DLvQEU2XGWdQ1IxeElbtBVpeniw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a4:e5:7a:3f:88:ac:c6:bc:06:72:2a:86:e6:7a:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0cbbd0114d97196750d48c5e1256ed055a5e9e2c Validity Not Before: Jan 1 22:19:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cd345de1183b7f9d9e18913d201a11d69a4dcdbc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:a2:59:1e:3b:54:81:cd:67:ee:59:31:f9:0e: 7e:57:8d:f5:59:ed:42:ae:48:ef:bd:11:18:6c:16: 49:f3:8a:55:42:e7:b4:50:9d:70:07:29:e3:ed:bb: 43:3b:32:35:ad:fc:9b:07:52:18:f4:3c:39:1d:56: 97:f5:c9:00:d9:32:d7:6e:fe:fd:49:dd:a7:b9:b3: 45:c0:e2:ab:7b:f1:4a:ec:f9:73:8f:ea:50:1f:b7: 70:69:e2:71:2c:92:b5:79:54:65:2c:62:d7:19:0a: 5a:b2:68:2c:15:97:0c:4b:f9:e0:e7:65:40:52:b5: a5:fb:26:52:8e:67:4c:39:1e:da:f6:b1:7a:d9:7b: 42:7d:14:93:45:18:84:2c:e5:a1:cb:f5:b0:ce:8b: 6a:b4:ac:e5:38:dd:09:fb:d7:46:de:73:93:58:43: c6:78:42:32:5b:1a:bb:16:85:46:4e:c5:3c:81:b8: 99:2d:02:e4:fc:c7:3f:f5:54:05:42:6e:89:26:ce: 42:ed:6a:87:55:5a:ff:fc:1b:7f:79:2a:5b:60:51: 16:30:81:70:53:25:e1:ca:21:d8:23:cf:26:c6:10: 96:75:13:5d:ba:45:50:27:67:23:bc:7e:49:18:72: 40:b3:0c:9f:78:c1:ec:f9:b3:a6:47:91:6a:22:e8: 7c:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:34:5D:E1:18:3B:7F:9D:9E:18:91:3D:20:1A:11:D6:9A:4D:CD:BC X509v3 Authority Key Identifier: keyid:0C:BB:D0:11:4D:97:19:67:50:D4:8C:5E:12:56:ED:05:5A:5E:9E:2C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DLvQEU2XGWdQ1IxeElbtBVpeniw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/2a1b4e-d754-443c-a360-afb566cdfac6/1/zTRd4Rg7f52eGJE9IBoR1ppNzbw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/94/2a1b4e-d754-443c-a360-afb566cdfac6/1/DLvQEU2XGWdQ1IxeElbtBVpeniw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.27.40.0/23 IPv6: 2a04:33c0::/40 Signature Algorithm: sha256WithRSAEncryption 1f:6b:e8:6b:7a:b8:50:69:5c:12:1c:94:70:09:f5:ed:f2:7d: 03:0f:61:8b:af:ac:31:07:1e:79:6d:20:89:d9:bb:ff:1b:4a: 6c:b4:cf:7b:dc:a0:d2:94:d1:43:e6:fe:0f:51:97:e5:56:06: 49:f2:de:d1:76:9a:d0:02:6a:74:c4:0b:7b:36:84:bb:f9:fe: 93:15:25:04:f0:a5:92:77:8a:3f:d9:fd:ff:fc:76:ea:68:d7: f1:7e:7c:68:9f:51:08:55:f8:db:04:ea:ff:9c:6a:cf:78:4e: c6:eb:1b:9f:98:dd:ae:49:ea:4e:84:50:87:e1:46:0c:61:cc: 44:d4:2e:87:17:2e:fe:c7:56:bd:a1:b3:5b:b9:7a:fb:5f:31: 99:20:55:b0:bc:b7:b8:44:44:36:64:83:b9:2e:2c:81:c5:2f: ef:97:9b:b8:48:04:77:36:26:af:8b:b9:cb:b9:2e:c7:8f:05: 0d:61:79:a5:92:85:ee:0d:8d:eb:e1:77:9c:e7:0b:cf:da:8f: c3:3b:2b:b1:8f:5b:d7:39:7a:9e:d9:59:73:af:09:b5:aa:a8: 4d:94:4e:26:88:69:29:08:9c:b9:80:d5:70:bf:7b:26:ce:45: 23:48:3d:2d:f2:29:b8:ff:ef:1d:2c:c3:46:2a:5d:2d:16:52: 9d:70:93:04 -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgISAZt7pOV6P4isxrwGciqG5noMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBjYmJkMDExNGQ5NzE5Njc1MGQ0OGM1ZTEyNTZlZDA1NWE1 ZTllMmMwHhcNMjYwMTAxMjIxOTIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZDM0NWRlMTE4M2I3ZjlkOWUxODkxM2QyMDFhMTFkNjlhNGRjZGJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2KJZHjtUgc1n7lkx+Q5+V431We1C rkjvvREYbBZJ84pVQue0UJ1wBynj7btDOzI1rfybB1IY9Dw5HVaX9ckA2TLXbv79 Sd2nubNFwOKre/FK7Plzj+pQH7dwaeJxLJK1eVRlLGLXGQpasmgsFZcMS/ng52VA UrWl+yZSjmdMOR7a9rF62XtCfRSTRRiELOWhy/WwzotqtKzlON0J+9dG3nOTWEPG eEIyWxq7FoVGTsU8gbiZLQLk/Mc/9VQFQm6JJs5C7WqHVVr//Bt/eSpbYFEWMIFw UyXhyiHYI88mxhCWdRNdukVQJ2cjvH5JGHJAswyfeMHs+bOmR5FqIuh81QIDAQAB o4ICGTCCAhUwHQYDVR0OBBYEFM00XeEYO3+dnhiRPSAaEdaaTc28MB8GA1UdIwQY MBaAFAy70BFNlxlnUNSMXhJW7QVaXp4sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvREx2UUVVMlhHV2RRMUl4ZUVsYnRCVnBlbml3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8yYTFiNGUtZDc1NC00NDNjLWEzNjAt YWZiNTY2Y2RmYWM2LzEvelRSZDRSZzdmNTJlR0pFOUlCb1IxcHBOemJ3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85NC8yYTFiNGUtZDc1NC00NDNjLWEzNjAtYWZiNTY2Y2RmYWM2 LzEvREx2UUVVMlhHV2RRMUl4ZUVsYnRCVnBlbml3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBuRsoMA4E AgACMAgDBgAqBDPAADANBgkqhkiG9w0BAQsFAAOCAQEAH2voa3q4UGlcEhyUcAn1 7fJ9Aw9hi6+sMQceeW0gidm7/xtKbLTPe9yg0pTRQ+b+D1GX5VYGSfLe0Xaa0AJq dMQLezaEu/n+kxUlBPClkneKP9n9//x26mjX8X58aJ9RCFX42wTq/5xqz3hOxusb n5jdrknqToRQh+FGDGHMRNQuhxcu/sdWvaGzW7l6+18xmSBVsLy3uERENmSDuS4s gcUv75ebuEgEdzYmr4u5y7kux48FDWF5pZKF7g2N6+F3nOcLz9qPwzsrsY9b1zl6 ntlZc68JtaqoTZROJohpKQicuYDVcL97Js5FI0g9LfIpuP/vHSzDRipdLRZSnXCT BA== -----END CERTIFICATE-----Generated at Mon Feb 9 22:16:14 2026 by rpki-client