This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/3f0083-59d7-433a-905a-47b1bdf8d530/1/zO8hQmSxtEXmRdrwqFPkVEGSdWg.roa File: zO8hQmSxtEXmRdrwqFPkVEGSdWg.roa (raw, json) Hash identifier: MmT0Cb8d42MmUiiW2gdoJjBjTgQPDMLhJCGUAeZAyRY= Subject key identifier: CC:EF:21:42:64:B1:B4:45:E6:45:DA:F0:A8:53:E4:54:41:92:75:68 Certificate issuer: /CN=b13971bfea78d6aa5b49ed5ac35c77b6a30a0894 Certificate serial: 019B7CED1F524560357D294F2E1308E0019C Authority key identifier: B1:39:71:BF:EA:78:D6:AA:5B:49:ED:5A:C3:5C:77:B6:A3:0A:08:94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sTlxv-p41qpbSe1aw1x3tqMKCJQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/3f0083-59d7-433a-905a-47b1bdf8d530/1/zO8hQmSxtEXmRdrwqFPkVEGSdWg.roa Signing time: Fri 02 Jan 2026 04:17:53 +0000 ROA not before: Fri 02 Jan 2026 04:17:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43702 IP address blocks: 194.165.14.0/24 maxlen: 24 194.165.15.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/3f0083-59d7-433a-905a-47b1bdf8d530/1/sTlxv-p41qpbSe1aw1x3tqMKCJQ.crl rsync://rpki.ripe.net/repository/DEFAULT/a4/3f0083-59d7-433a-905a-47b1bdf8d530/1/sTlxv-p41qpbSe1aw1x3tqMKCJQ.mft rsync://rpki.ripe.net/repository/DEFAULT/sTlxv-p41qpbSe1aw1x3tqMKCJQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 10:00:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:1f:52:45:60:35:7d:29:4f:2e:13:08:e0:01:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b13971bfea78d6aa5b49ed5ac35c77b6a30a0894 Validity Not Before: Jan 2 04:17:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ccef214264b1b445e645daf0a853e45441927568 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:5a:79:4d:c3:db:cc:23:be:51:61:4c:e2:55: b0:42:99:17:48:36:65:91:3c:bb:cf:81:72:41:52: b9:8a:29:f1:cd:f7:68:1b:d8:43:1a:d6:1d:82:09: f8:d0:78:45:46:79:8f:4f:0d:42:4c:a0:d3:4e:57: 84:f9:6b:ad:82:49:7f:d4:29:f3:7a:da:b7:f7:00: 3f:9d:07:66:ea:ce:60:3f:ad:76:ba:e0:9f:6e:0b: 92:d2:2e:e2:f6:67:83:57:53:dc:51:c7:b7:bf:6a: b2:ac:cc:07:48:d0:fc:6a:7d:43:7c:d0:d0:36:0d: 35:39:b1:b3:8d:2b:c2:da:b0:4e:67:f1:ee:46:0d: c8:3d:a6:5c:d0:2b:17:1d:fc:71:98:32:bc:b8:fb: 6e:a6:54:ed:1a:df:38:51:ae:b1:23:44:6e:52:81: cb:3e:5e:22:fe:e6:57:fe:0c:1a:66:6a:7c:36:61: cb:2d:fb:ca:96:fd:be:29:9a:40:fe:42:f2:98:54: 5f:53:b4:54:2b:1a:01:76:25:bb:0e:25:b9:a4:ae: 66:78:b2:a4:91:7a:5d:15:cc:98:26:b0:a0:8e:21: ee:67:aa:85:c8:9f:d9:c9:45:c9:0c:51:4a:7c:f7: 8c:24:e8:27:7e:d6:a0:89:c9:9c:e7:bd:02:67:2a: df:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:EF:21:42:64:B1:B4:45:E6:45:DA:F0:A8:53:E4:54:41:92:75:68 X509v3 Authority Key Identifier: keyid:B1:39:71:BF:EA:78:D6:AA:5B:49:ED:5A:C3:5C:77:B6:A3:0A:08:94 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTlxv-p41qpbSe1aw1x3tqMKCJQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/3f0083-59d7-433a-905a-47b1bdf8d530/1/zO8hQmSxtEXmRdrwqFPkVEGSdWg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/3f0083-59d7-433a-905a-47b1bdf8d530/1/sTlxv-p41qpbSe1aw1x3tqMKCJQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.165.14.0/23 Signature Algorithm: sha256WithRSAEncryption 0e:29:44:99:ad:82:e2:6e:da:3f:d8:5b:28:6c:1f:e5:f1:9f: 5f:6c:e1:1d:d3:c5:ea:04:b9:0f:9d:de:5a:63:53:12:98:35: 4f:db:16:90:db:0d:56:73:ee:66:30:9a:0f:b6:75:9d:31:0d: d3:7f:04:53:95:33:0a:10:1b:fa:b9:15:db:fa:0f:fe:df:00: d2:00:8c:ff:2c:59:c2:f7:5f:7b:22:d4:c5:9a:04:6a:bf:ca: 57:e9:f7:d2:a7:09:9d:be:30:a6:1a:f9:fb:de:17:07:c8:8d: 17:d3:30:03:b8:08:ac:f8:e6:b3:1d:11:38:a3:86:1d:fb:60: 7f:77:28:d8:e7:8e:65:fa:96:b2:a0:88:dc:00:12:8b:d6:0b: ab:33:5c:21:cc:92:55:88:d9:fc:8a:e8:df:bd:da:74:4e:01: 35:f2:88:a4:b0:0a:67:08:e1:6e:0b:8c:74:71:57:fd:ed:29: c4:21:24:ea:a0:60:65:4f:d8:03:b0:df:be:01:9e:48:13:c0: 9e:31:03:b4:84:29:16:27:dc:04:dc:92:f7:c6:0d:4a:4d:74: ce:7e:4c:3e:65:4c:f4:30:e4:f2:44:a3:e4:51:7b:96:23:ef: 3c:8f:6d:b7:65:8b:f8:0a:3e:b9:49:79:1e:30:78:12:5f:22: d7:1d:2c:62 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt87R9SRWA1fSlPLhMI4AGcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxMzk3MWJmZWE3OGQ2YWE1YjQ5ZWQ1YWMzNWM3N2I2YTMw YTA4OTQwHhcNMjYwMTAyMDQxNzUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjY2VmMjE0MjY0YjFiNDQ1ZTY0NWRhZjBhODUzZTQ1NDQxOTI3NTY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1p5TcPbzCO+UWFM4lWwQpkXSDZl kTy7z4FyQVK5iinxzfdoG9hDGtYdggn40HhFRnmPTw1CTKDTTleE+Wutgkl/1Cnz etq39wA/nQdm6s5gP612uuCfbguS0i7i9meDV1PcUce3v2qyrMwHSND8an1DfNDQ Ng01ObGzjSvC2rBOZ/HuRg3IPaZc0CsXHfxxmDK8uPtuplTtGt84Ua6xI0RuUoHL Pl4i/uZX/gwaZmp8NmHLLfvKlv2+KZpA/kLymFRfU7RUKxoBdiW7DiW5pK5meLKk kXpdFcyYJrCgjiHuZ6qFyJ/ZyUXJDFFKfPeMJOgnftagicmc570CZyrf7wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFMzvIUJksbRF5kXa8KhT5FRBknVoMB8GA1UdIwQY MBaAFLE5cb/qeNaqW0ntWsNcd7ajCgiUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc1RseHYtcDQxcXBiU2UxYXcxeDN0cU1LQ0pRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8zZjAwODMtNTlkNy00MzNhLTkwNWEt NDdiMWJkZjhkNTMwLzEvek84aFFtU3h0RVhtUmRyd3FGUGtWRUdTZFdnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNC8zZjAwODMtNTlkNy00MzNhLTkwNWEtNDdiMWJkZjhkNTMw LzEvc1RseHYtcDQxcXBiU2UxYXcxeDN0cU1LQ0pRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwqUOMA0G CSqGSIb3DQEBCwUAA4IBAQAOKUSZrYLibto/2FsobB/l8Z9fbOEd08XqBLkPnd5a Y1MSmDVP2xaQ2w1Wc+5mMJoPtnWdMQ3TfwRTlTMKEBv6uRXb+g/+3wDSAIz/LFnC 9197ItTFmgRqv8pX6ffSpwmdvjCmGvn73hcHyI0X0zADuAis+OazHRE4o4Yd+2B/ dyjY545l+payoIjcABKL1gurM1whzJJViNn8iujfvdp0TgE18oiksApnCOFuC4x0 cVf97SnEISTqoGBlT9gDsN++AZ5IE8CeMQO0hCkWJ9wE3JL3xg1KTXTOfkw+ZUz0 MOTyRKPkUXuWI+88j223ZYv4Cj65SXkeMHgSXyLXHSxi -----END CERTIFICATE-----Generated at Mon Feb 9 20:09:01 2026 by rpki-client