This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7926b8-6ea7-45b4-953e-aab7fc3f8ac5/1/zfQjLRUyouMoxd3eQ6QBiqQWAMo.roa File: zfQjLRUyouMoxd3eQ6QBiqQWAMo.roa (raw, json) Hash identifier: fytzxgaA8VilTty70xA4ueAmIkMerr/peaUGm58YXCE= Subject key identifier: CD:F4:23:2D:15:32:A2:E3:28:C5:DD:DE:43:A4:01:8A:A4:16:00:CA Certificate issuer: /CN=1858caa6832aa2a3e7cc6d144515f8f431b66762 Certificate serial: 019B7EA7524C8CDE188E445537D80C7570B5 Authority key identifier: 18:58:CA:A6:83:2A:A2:A3:E7:CC:6D:14:45:15:F8:F4:31:B6:67:62 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GFjKpoMqoqPnzG0URRX49DG2Z2I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7926b8-6ea7-45b4-953e-aab7fc3f8ac5/1/zfQjLRUyouMoxd3eQ6QBiqQWAMo.roa Signing time: Fri 02 Jan 2026 12:20:53 +0000 ROA not before: Fri 02 Jan 2026 12:20:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 196932 IP address blocks: 178.255.136.0/21 maxlen: 24 185.192.200.0/22 maxlen: 24 2a03:40e0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/7926b8-6ea7-45b4-953e-aab7fc3f8ac5/1/GFjKpoMqoqPnzG0URRX49DG2Z2I.crl rsync://rpki.ripe.net/repository/DEFAULT/b0/7926b8-6ea7-45b4-953e-aab7fc3f8ac5/1/GFjKpoMqoqPnzG0URRX49DG2Z2I.mft rsync://rpki.ripe.net/repository/DEFAULT/GFjKpoMqoqPnzG0URRX49DG2Z2I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Feb 2026 21:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:52:4c:8c:de:18:8e:44:55:37:d8:0c:75:70:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1858caa6832aa2a3e7cc6d144515f8f431b66762 Validity Not Before: Jan 2 12:20:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cdf4232d1532a2e328c5ddde43a4018aa41600ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:f4:f9:d4:ac:f1:b2:8e:9f:f0:01:c0:9b:13: ee:90:70:67:5a:5f:42:15:46:ea:41:ef:72:5b:87: cd:20:db:63:75:4b:cc:dd:97:b7:ac:47:3b:30:91: 0c:82:9d:71:a6:c1:7f:41:3a:e3:b9:e0:b4:eb:44: f1:55:b2:f6:72:e3:0b:46:29:db:e1:e1:00:44:11: 2d:68:69:a2:19:4c:55:be:9e:3e:14:62:7e:12:19: f0:9a:14:2e:63:00:fa:a4:50:20:f5:61:ef:3e:5f: 4a:71:4f:d9:5d:1a:66:7b:49:af:26:af:c3:ab:73: 72:bb:7b:95:fa:33:c1:70:49:ae:99:03:66:29:d4: ea:3d:3a:e0:8c:d9:01:26:76:15:61:55:69:86:e2: e5:76:be:65:44:6b:6c:f1:72:3a:2c:a7:2a:4d:9e: d4:91:c4:a4:44:5b:3e:63:ea:64:ae:7c:1b:6c:ad: 92:8e:1a:5e:4d:b8:84:60:b9:71:bc:2e:74:b9:28: 84:f0:39:5a:6a:62:2c:d5:f8:6f:74:df:0f:0d:f5: f6:78:40:93:90:7c:29:af:7b:c8:66:7f:a6:90:d9: 64:6a:4c:89:d9:cf:c4:23:29:50:9c:5c:5d:3f:25: 0c:e8:7c:ed:b5:e2:3c:7f:3c:8b:83:2c:3b:93:0e: 8f:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:F4:23:2D:15:32:A2:E3:28:C5:DD:DE:43:A4:01:8A:A4:16:00:CA X509v3 Authority Key Identifier: keyid:18:58:CA:A6:83:2A:A2:A3:E7:CC:6D:14:45:15:F8:F4:31:B6:67:62 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GFjKpoMqoqPnzG0URRX49DG2Z2I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7926b8-6ea7-45b4-953e-aab7fc3f8ac5/1/zfQjLRUyouMoxd3eQ6QBiqQWAMo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7926b8-6ea7-45b4-953e-aab7fc3f8ac5/1/GFjKpoMqoqPnzG0URRX49DG2Z2I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 178.255.136.0/21 185.192.200.0/22 IPv6: 2a03:40e0::/32 Signature Algorithm: sha256WithRSAEncryption 32:ab:c2:95:b1:6e:f9:c9:f5:7e:5f:fc:05:80:e8:b2:f5:d3: d0:fe:33:48:3a:76:8a:34:8c:99:f2:07:54:24:26:17:fa:b2: 5b:7e:a1:cb:5a:50:6f:bd:d7:fd:63:96:71:ba:25:6f:97:cc: 08:e1:96:67:11:cc:ab:12:80:05:0e:f5:e8:f6:49:cc:a0:83: 47:b0:2d:6e:d2:f7:dc:30:da:ff:58:fc:9b:85:86:99:6c:20: a1:b5:fe:f0:8f:4f:45:be:96:e2:25:6b:56:f3:70:ae:a5:fb: d5:ff:f4:80:3e:1f:9b:a9:34:72:09:ec:fc:07:1f:87:77:ab: 02:42:ce:eb:47:d1:ea:62:d9:36:ab:f4:92:b4:0e:49:51:13: 6c:02:b6:8c:d2:ec:a6:18:7e:ea:42:99:f5:88:2c:9d:5e:b5: c0:67:9c:e2:84:1b:2a:72:e6:ca:be:5f:7e:74:46:6a:3a:2f: 7f:da:ed:04:92:a5:b0:75:51:d7:77:bf:9e:9b:32:dd:61:0f: 17:d2:79:ac:7d:08:ca:4a:69:97:f0:4a:65:a6:94:66:e8:9c: a9:4c:54:7c:58:9b:49:ce:80:93:eb:17:5c:71:b1:f1:38:cd: 1c:b7:49:5a:40:bf:5a:21:83:02:b8:66:4a:40:44:c3:fd:d6: 73:db:02:ac -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt+p1JMjN4YjkRVN9gMdXC1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE4NThjYWE2ODMyYWEyYTNlN2NjNmQxNDQ1MTVmOGY0MzFi NjY3NjIwHhcNMjYwMTAyMTIyMDUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZGY0MjMyZDE1MzJhMmUzMjhjNWRkZGU0M2E0MDE4YWE0MTYwMGNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/T51Kzxso6f8AHAmxPukHBnWl9C FUbqQe9yW4fNINtjdUvM3Ze3rEc7MJEMgp1xpsF/QTrjueC060TxVbL2cuMLRinb 4eEARBEtaGmiGUxVvp4+FGJ+EhnwmhQuYwD6pFAg9WHvPl9KcU/ZXRpme0mvJq/D q3Nyu3uV+jPBcEmumQNmKdTqPTrgjNkBJnYVYVVphuLldr5lRGts8XI6LKcqTZ7U kcSkRFs+Y+pkrnwbbK2SjhpeTbiEYLlxvC50uSiE8DlaamIs1fhvdN8PDfX2eECT kHwpr3vIZn+mkNlkakyJ2c/EIylQnFxdPyUM6HztteI8fzyLgyw7kw6PTQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFM30Iy0VMqLjKMXd3kOkAYqkFgDKMB8GA1UdIwQY MBaAFBhYyqaDKqKj58xtFEUV+PQxtmdiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR0ZqS3BvTXFvcVBuekcwVVJSWDQ5REcyWjJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83OTI2YjgtNmVhNy00NWI0LTk1M2Ut YWFiN2ZjM2Y4YWM1LzEvemZRakxSVXlvdU1veGQzZVE2UUJpcVFXQU1vLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMC83OTI2YjgtNmVhNy00NWI0LTk1M2UtYWFiN2ZjM2Y4YWM1 LzEvR0ZqS3BvTXFvcVBuekcwVVJSWDQ5REcyWjJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsv+IAwQC ucDIMA0EAgACMAcDBQAqA0DgMA0GCSqGSIb3DQEBCwUAA4IBAQAyq8KVsW75yfV+ X/wFgOiy9dPQ/jNIOnaKNIyZ8gdUJCYX+rJbfqHLWlBvvdf9Y5ZxuiVvl8wI4ZZn EcyrEoAFDvXo9knMoINHsC1u0vfcMNr/WPybhYaZbCChtf7wj09FvpbiJWtW83Cu pfvV//SAPh+bqTRyCez8Bx+Hd6sCQs7rR9HqYtk2q/SStA5JURNsAraM0uymGH7q Qpn1iCydXrXAZ5zihBsqcubKvl9+dEZqOi9/2u0EkqWwdVHXd7+emzLdYQ8X0nms fQjKSmmX8EplppRm6JypTFR8WJtJzoCT6xdccbHxOM0ct0laQL9aIYMCuGZKQETD /dZz2wKs -----END CERTIFICATE-----Generated at Mon Feb 2 08:07:40 2026 by rpki-client