This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/3b45b3-18a4-47f8-8264-f708bc70e6ee/1/zgLXTpk-8H2GpRU6zjvUcBKVFgQ.roa File: zgLXTpk-8H2GpRU6zjvUcBKVFgQ.roa (raw, json) Hash identifier: +8sCtRK7E8WuZa8zAB4CIbZay8o7tR+1lHOEMtgrIqo= Subject key identifier: CE:02:D7:4E:99:3E:F0:7D:86:A5:15:3A:CE:3B:D4:70:12:95:16:04 Certificate issuer: /CN=707f7ee6ab9cf448f9949367fb7c0ede1073f97f Certificate serial: 019B7F82F2A85C126AC4A824C5698E9B753C Authority key identifier: 70:7F:7E:E6:AB:9C:F4:48:F9:94:93:67:FB:7C:0E:DE:10:73:F9:7F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cH9-5quc9Ej5lJNn-3wO3hBz-X8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/3b45b3-18a4-47f8-8264-f708bc70e6ee/1/zgLXTpk-8H2GpRU6zjvUcBKVFgQ.roa Signing time: Fri 02 Jan 2026 16:20:46 +0000 ROA not before: Fri 02 Jan 2026 16:20:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20810 IP address blocks: 45.158.172.0/22 maxlen: 22 80.69.192.0/20 maxlen: 20 149.249.32.0/20 maxlen: 20 185.158.180.0/22 maxlen: 22 188.74.0.0/19 maxlen: 20 188.74.0.0/20 maxlen: 20 188.74.16.0/20 maxlen: 20 212.102.118.0/24 maxlen: 24 2a03:7500::/29 maxlen: 32 2a03:7500::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/96/3b45b3-18a4-47f8-8264-f708bc70e6ee/1/cH9-5quc9Ej5lJNn-3wO3hBz-X8.crl rsync://rpki.ripe.net/repository/DEFAULT/96/3b45b3-18a4-47f8-8264-f708bc70e6ee/1/cH9-5quc9Ej5lJNn-3wO3hBz-X8.mft rsync://rpki.ripe.net/repository/DEFAULT/cH9-5quc9Ej5lJNn-3wO3hBz-X8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:82:f2:a8:5c:12:6a:c4:a8:24:c5:69:8e:9b:75:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=707f7ee6ab9cf448f9949367fb7c0ede1073f97f Validity Not Before: Jan 2 16:20:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ce02d74e993ef07d86a5153ace3bd47012951604 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:a2:98:65:80:61:5c:66:3e:47:a9:e1:da:d0: ba:b5:3f:fb:4f:21:60:18:10:f8:51:95:0e:47:77: e4:b3:9a:31:ae:b0:aa:80:d9:6c:94:8f:e4:c2:62: 16:93:67:85:ec:ad:01:65:81:b4:54:9e:2b:70:d5: fa:32:8c:66:da:03:b7:f9:53:40:9c:89:10:53:8f: 1a:36:a3:be:3b:96:61:6b:40:9d:22:c4:09:e8:82: 02:ef:00:36:d8:5a:44:7a:23:7a:e2:b9:e0:f1:49: f9:00:82:3e:ba:35:d7:c2:74:ce:af:4c:f4:2a:44: 37:d5:89:c1:be:1d:be:2c:fc:b7:81:5d:5e:0a:21: bc:e6:07:b8:10:b1:27:4d:e3:73:33:5d:32:c1:f5: fb:3c:43:18:35:c9:03:55:7b:51:b8:0c:87:cb:7e: 7e:c7:57:72:b8:f2:fd:4a:58:74:ce:8d:9c:27:3d: ce:57:2b:56:ad:da:04:0f:86:24:93:c7:78:35:93: 71:33:24:b6:2b:3f:ce:e3:da:56:9f:46:43:32:8c: 22:02:63:25:21:ca:d4:0a:eb:06:c6:6e:fa:06:13: 92:4d:f5:a2:2c:1b:5f:f8:c2:fe:1a:b5:e1:32:61: 96:df:46:60:ea:2d:87:8f:68:0c:36:2c:e5:8b:74: 35:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:02:D7:4E:99:3E:F0:7D:86:A5:15:3A:CE:3B:D4:70:12:95:16:04 X509v3 Authority Key Identifier: keyid:70:7F:7E:E6:AB:9C:F4:48:F9:94:93:67:FB:7C:0E:DE:10:73:F9:7F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cH9-5quc9Ej5lJNn-3wO3hBz-X8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/3b45b3-18a4-47f8-8264-f708bc70e6ee/1/zgLXTpk-8H2GpRU6zjvUcBKVFgQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/96/3b45b3-18a4-47f8-8264-f708bc70e6ee/1/cH9-5quc9Ej5lJNn-3wO3hBz-X8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.158.172.0/22 80.69.192.0/20 149.249.32.0/20 185.158.180.0/22 188.74.0.0/19 212.102.118.0/24 IPv6: 2a03:7500::/29 Signature Algorithm: sha256WithRSAEncryption af:81:35:f3:85:75:ac:4c:8a:0f:bb:73:be:80:fb:53:c0:93: f9:b6:ed:f1:7c:67:6a:1f:f9:26:21:89:17:da:47:40:b3:8a: 2a:f8:6c:98:8e:de:a7:a7:08:c4:ff:cd:0c:e9:e4:c4:ec:b8: 06:c3:6e:a9:ee:d0:d8:41:6b:99:b8:a8:ef:56:e3:52:fb:a3: 9d:a2:aa:81:43:a5:3b:25:e0:d2:36:ec:96:16:82:a1:07:04: 70:0b:73:e7:3d:97:4d:e3:55:97:02:7e:b1:5b:67:52:77:11: 50:13:f1:67:10:86:a3:0d:58:c3:58:8f:c5:99:15:9b:b0:5e: 53:91:5a:ec:80:64:20:91:53:a3:7a:61:73:7b:c5:fa:7a:4a: 9e:68:f4:0e:32:34:a6:f9:f0:e1:97:9d:a4:49:89:e0:10:43: 2e:23:d2:0c:bc:20:01:b7:b6:f2:de:77:62:14:7d:99:9a:62: 15:b0:49:dc:97:0b:05:65:e1:b6:f5:81:ce:90:19:46:42:35: 18:b4:b4:ea:2d:9d:e6:e3:14:c4:92:b9:20:b2:26:b2:7a:36: f5:8b:39:e1:d5:08:db:29:84:11:79:53:07:de:dd:8c:31:7f: 77:fb:bf:04:c5:bf:ee:b4:f4:b4:99:98:c2:21:30:27:14:82: f8:b0:3f:dc -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgISAZt/gvKoXBJqxKgkxWmOm3U8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwN2Y3ZWU2YWI5Y2Y0NDhmOTk0OTM2N2ZiN2MwZWRlMTA3 M2Y5N2YwHhcNMjYwMTAyMTYyMDQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZTAyZDc0ZTk5M2VmMDdkODZhNTE1M2FjZTNiZDQ3MDEyOTUxNjA0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqKYZYBhXGY+R6nh2tC6tT/7TyFg GBD4UZUOR3fks5oxrrCqgNlslI/kwmIWk2eF7K0BZYG0VJ4rcNX6Moxm2gO3+VNA nIkQU48aNqO+O5Zha0CdIsQJ6IIC7wA22FpEeiN64rng8Un5AII+ujXXwnTOr0z0 KkQ31YnBvh2+LPy3gV1eCiG85ge4ELEnTeNzM10ywfX7PEMYNckDVXtRuAyHy35+ x1dyuPL9Slh0zo2cJz3OVytWrdoED4Ykk8d4NZNxMyS2Kz/O49pWn0ZDMowiAmMl IcrUCusGxm76BhOSTfWiLBtf+ML+GrXhMmGW30Zg6i2Hj2gMNizli3Q1OQIDAQAB o4ICNjCCAjIwHQYDVR0OBBYEFM4C106ZPvB9hqUVOs471HASlRYEMB8GA1UdIwQY MBaAFHB/fuarnPRI+ZSTZ/t8Dt4Qc/l/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY0g5LTVxdWM5RWo1bEpObi0zd08zaEJ6LVg4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni8zYjQ1YjMtMThhNC00N2Y4LTgyNjQt ZjcwOGJjNzBlNmVlLzEvemdMWFRway04SDJHcFJVNnpqdlVjQktWRmdRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Ni8zYjQ1YjMtMThhNC00N2Y4LTgyNjQtZjcwOGJjNzBlNmVl LzEvY0g5LTVxdWM5RWo1bEpObi0zd08zaEJ6LVg4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLZ6sAwQE UEXAAwQElfkgAwQCuZ60AwQFvEoAAwQA1GZ2MA0EAgACMAcDBQMqA3UAMA0GCSqG SIb3DQEBCwUAA4IBAQCvgTXzhXWsTIoPu3O+gPtTwJP5tu3xfGdqH/kmIYkX2kdA s4oq+GyYjt6npwjE/80M6eTE7LgGw26p7tDYQWuZuKjvVuNS+6OdoqqBQ6U7JeDS NuyWFoKhBwRwC3PnPZdN41WXAn6xW2dSdxFQE/FnEIajDVjDWI/FmRWbsF5TkVrs gGQgkVOjemFze8X6ekqeaPQOMjSm+fDhl52kSYngEEMuI9IMvCABt7by3ndiFH2Z mmIVsEnclwsFZeG29YHOkBlGQjUYtLTqLZ3m4xTEkrkgsiayejb1iznh1QjbKYQR eVMH3t2MMX93+78Exb/utPS0mZjCITAnFIL4sD/c -----END CERTIFICATE-----Generated at Mon Feb 9 18:44:21 2026 by rpki-client