This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/269be9-93ff-4c12-91ba-1a9b1555136a/1/zJpHr_erZURy0iDQz1cu6aiMTKU.roa File: zJpHr_erZURy0iDQz1cu6aiMTKU.roa (raw, json) Hash identifier: /PNFfBchr4xUi6f7D1PpkNqNULV5Ex2nOQGeMnKsHEQ= Subject key identifier: CC:9A:47:AF:F7:AB:65:44:72:D2:20:D0:CF:57:2E:E9:A8:8C:4C:A5 Certificate issuer: /CN=a79cf10c31f2edbb557d5540973c88079b33200f Certificate serial: 019AE890B58A483078DC1E266886D21C7910 Authority key identifier: A7:9C:F1:0C:31:F2:ED:BB:55:7D:55:40:97:3C:88:07:9B:33:20:0F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p5zxDDHy7btVfVVAlzyIB5szIA8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/269be9-93ff-4c12-91ba-1a9b1555136a/1/zJpHr_erZURy0iDQz1cu6aiMTKU.roa Signing time: Thu 04 Dec 2025 08:53:08 +0000 ROA not before: Thu 04 Dec 2025 08:53:08 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 20565 IP address blocks: 45.81.208.0/22 maxlen: 22 45.153.204.0/22 maxlen: 22 84.246.104.0/24 maxlen: 24 85.222.200.0/21 maxlen: 24 185.16.220.0/22 maxlen: 24 185.113.48.0/22 maxlen: 22 185.241.0.0/22 maxlen: 22 2a06:6800::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/269be9-93ff-4c12-91ba-1a9b1555136a/1/p5zxDDHy7btVfVVAlzyIB5szIA8.crl rsync://rpki.ripe.net/repository/DEFAULT/9e/269be9-93ff-4c12-91ba-1a9b1555136a/1/p5zxDDHy7btVfVVAlzyIB5szIA8.mft rsync://rpki.ripe.net/repository/DEFAULT/p5zxDDHy7btVfVVAlzyIB5szIA8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 20:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:e8:90:b5:8a:48:30:78:dc:1e:26:68:86:d2:1c:79:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a79cf10c31f2edbb557d5540973c88079b33200f Validity Not Before: Dec 4 08:53:08 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=cc9a47aff7ab654472d220d0cf572ee9a88c4ca5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:15:4c:74:b3:b8:7d:2c:8a:bf:94:28:98:29: 04:f4:53:f0:82:cb:d0:8c:7c:da:77:66:00:9c:21: 67:81:9f:9e:05:31:3f:25:3f:13:37:79:bc:d8:2f: ce:f4:8a:01:42:cc:6e:ca:c1:6a:02:84:c5:39:6c: 56:39:75:75:00:89:b2:d4:88:f7:63:57:c0:d9:ff: 43:34:aa:bd:ba:c0:3f:bb:c2:76:96:f2:44:f3:f5: d2:ec:f2:92:64:eb:79:44:40:0b:0e:ac:fa:ff:3c: 21:41:d4:ba:f4:03:10:41:0f:6f:52:a3:ef:1b:92: 5a:3e:06:61:65:d7:65:f2:4b:77:95:9f:c4:05:15: 05:a9:13:a5:33:44:80:6f:58:00:0d:93:4c:d6:34: c1:06:01:b6:7e:56:88:9d:4c:7f:f1:a8:e3:dd:f7: 63:2b:d9:c0:cf:79:43:ad:5f:51:27:c1:f6:29:6e: 2d:05:4e:f9:9b:58:04:69:e5:f8:86:94:77:65:ea: 07:a7:b5:78:b0:16:66:dc:bb:9a:ea:74:c1:33:e8: 20:7d:55:18:31:44:64:8c:14:c7:d3:36:0f:23:d2: c4:d6:c1:be:e8:a7:48:68:5b:e3:95:64:69:d6:76: f4:c2:68:5e:48:c9:f0:34:ff:e9:0a:01:c0:6e:ad: a7:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:9A:47:AF:F7:AB:65:44:72:D2:20:D0:CF:57:2E:E9:A8:8C:4C:A5 X509v3 Authority Key Identifier: keyid:A7:9C:F1:0C:31:F2:ED:BB:55:7D:55:40:97:3C:88:07:9B:33:20:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p5zxDDHy7btVfVVAlzyIB5szIA8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/269be9-93ff-4c12-91ba-1a9b1555136a/1/zJpHr_erZURy0iDQz1cu6aiMTKU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/269be9-93ff-4c12-91ba-1a9b1555136a/1/p5zxDDHy7btVfVVAlzyIB5szIA8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.81.208.0/22 45.153.204.0/22 84.246.104.0/24 85.222.200.0/21 185.16.220.0/22 185.113.48.0/22 185.241.0.0/22 IPv6: 2a06:6800::/29 Signature Algorithm: sha256WithRSAEncryption 70:f5:af:55:6d:95:07:57:d8:e9:e2:50:41:47:37:75:64:51: 75:fe:27:96:55:3a:29:b4:0d:7a:73:1f:c3:7c:c4:46:cc:41: 71:a7:28:3a:92:f3:69:8b:93:25:9b:61:b2:eb:d3:b5:9c:ee: 82:2c:c8:d5:84:d0:f3:1c:98:44:86:02:e3:c1:c0:b2:60:b7: 65:d3:c4:f0:da:0d:0f:de:5b:8f:42:ec:79:9e:6f:0e:9c:48: 83:e7:df:3e:88:87:d9:07:88:e3:ed:69:47:e6:77:79:06:5f: a4:92:ff:03:f0:c0:7b:e7:af:f5:13:dd:36:d8:cf:ed:b2:5b: 75:79:73:85:3e:c4:9d:8b:56:3e:7a:9f:3d:3f:1a:d0:9c:06: 33:64:a3:56:d1:d3:67:9b:f1:e3:71:3d:99:41:7b:fa:38:2a: 9d:0f:94:ce:f7:96:a6:6b:47:c4:a6:30:6b:73:d2:c1:01:65: f8:be:60:28:5c:90:15:83:54:a1:c2:f7:8a:f9:5f:ba:c9:94: 06:25:63:22:51:2e:35:84:83:95:7c:37:35:c9:62:24:ec:e2: 0f:d7:1e:be:99:9d:80:9f:07:2b:0a:84:cf:f3:4f:f2:e3:0e: d5:8b:d2:94:36:d8:02:6a:bc:d3:05:a3:a3:8a:6f:2f:80:4c: 41:b4:0d:72 -----BEGIN CERTIFICATE----- MIIFMDCCBBigAwIBAgISAZrokLWKSDB43B4maIbSHHkQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE3OWNmMTBjMzFmMmVkYmI1NTdkNTU0MDk3M2M4ODA3OWIz MzIwMGYwHhcNMjUxMjA0MDg1MzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYzlhNDdhZmY3YWI2NTQ0NzJkMjIwZDBjZjU3MmVlOWE4OGM0Y2E1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRVMdLO4fSyKv5QomCkE9FPwgsvQ jHzad2YAnCFngZ+eBTE/JT8TN3m82C/O9IoBQsxuysFqAoTFOWxWOXV1AImy1Ij3 Y1fA2f9DNKq9usA/u8J2lvJE8/XS7PKSZOt5REALDqz6/zwhQdS69AMQQQ9vUqPv G5JaPgZhZddl8kt3lZ/EBRUFqROlM0SAb1gADZNM1jTBBgG2flaInUx/8ajj3fdj K9nAz3lDrV9RJ8H2KW4tBU75m1gEaeX4hpR3ZeoHp7V4sBZm3Lua6nTBM+ggfVUY MURkjBTH0zYPI9LE1sG+6KdIaFvjlWRp1nb0wmheSMnwNP/pCgHAbq2nJwIDAQAB o4ICPDCCAjgwHQYDVR0OBBYEFMyaR6/3q2VEctIg0M9XLumojEylMB8GA1UdIwQY MBaAFKec8Qwx8u27VX1VQJc8iAebMyAPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcDV6eERESHk3YnRWZlZWQWx6eUlCNXN6SUE4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8yNjliZTktOTNmZi00YzEyLTkxYmEt MWE5YjE1NTUxMzZhLzEvekpwSHJfZXJaVVJ5MGlEUXoxY3U2YWlNVEtVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZS8yNjliZTktOTNmZi00YzEyLTkxYmEtMWE5YjE1NTUxMzZh LzEvcDV6eERESHk3YnRWZlZWQWx6eUlCNXN6SUE4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQCLVHQAwQC LZnMAwQAVPZoAwQDVd7IAwQCuRDcAwQCuXEwAwQCufEAMA0EAgACMAcDBQMqBmgA MA0GCSqGSIb3DQEBCwUAA4IBAQBw9a9VbZUHV9jp4lBBRzd1ZFF1/ieWVToptA16 cx/DfMRGzEFxpyg6kvNpi5Mlm2Gy69O1nO6CLMjVhNDzHJhEhgLjwcCyYLdl08Tw 2g0P3luPQux5nm8OnEiD598+iIfZB4jj7WlH5nd5Bl+kkv8D8MB756/1E9022M/t slt1eXOFPsSdi1Y+ep89PxrQnAYzZKNW0dNnm/HjcT2ZQXv6OCqdD5TO95ama0fE pjBrc9LBAWX4vmAoXJAVg1ShwveK+V+6yZQGJWMiUS41hIOVfDc1yWIk7OIP1x6+ mZ2AnwcrCoTP80/y4w7Vi9KUNtgCarzTBaOjim8vgExBtA1y -----END CERTIFICATE-----Generated at Fri Dec 12 05:15:19 2025 by rpki-client