This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/d0f619-b2d3-4422-a618-b9dd51082655/1/ZXZDaDi-XBkpqP9YKXeGj84e004.roa File: ZXZDaDi-XBkpqP9YKXeGj84e004.roa (raw, json) Hash identifier: qZqA5o0uL/9qLnfwxOSfBRMkrlBMmLZN/t7qia4F8sw= Subject key identifier: 65:76:43:68:38:BE:5C:19:29:A8:FF:58:29:77:86:8F:CE:1E:D3:4E Certificate issuer: /CN=b607604501de3609768c5ba7c4cca9c56b61f9d5 Certificate serial: 019AB69BD358033962586846BAF0A8D981A8 Authority key identifier: B6:07:60:45:01:DE:36:09:76:8C:5B:A7:C4:CC:A9:C5:6B:61:F9:D5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tgdgRQHeNgl2jFunxMypxWth-dU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/d0f619-b2d3-4422-a618-b9dd51082655/1/ZXZDaDi-XBkpqP9YKXeGj84e004.roa Signing time: Mon 24 Nov 2025 16:04:16 +0000 ROA not before: Mon 24 Nov 2025 16:04:16 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 210842 IP address blocks: 2a05:b0c2::/36 maxlen: 36 2a05:b0c2:1000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/d0f619-b2d3-4422-a618-b9dd51082655/1/tgdgRQHeNgl2jFunxMypxWth-dU.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/d0f619-b2d3-4422-a618-b9dd51082655/1/tgdgRQHeNgl2jFunxMypxWth-dU.mft rsync://rpki.ripe.net/repository/DEFAULT/tgdgRQHeNgl2jFunxMypxWth-dU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 29 Nov 2025 01:01:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:b6:9b:d3:58:03:39:62:58:68:46:ba:f0:a8:d9:81:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b607604501de3609768c5ba7c4cca9c56b61f9d5 Validity Not Before: Nov 24 16:04:16 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=6576436838be5c1929a8ff582977868fce1ed34e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:bc:75:17:80:cc:a6:e2:ce:90:d3:ce:e0:fc: d2:02:8d:87:1d:d2:92:83:17:e2:29:23:d0:8b:15: bf:1a:1a:9b:59:6b:4b:6d:99:77:87:59:f4:a5:d5: 43:eb:66:96:da:e7:75:da:78:4c:87:4a:09:0c:cf: ef:5a:51:bd:41:8e:73:66:bc:34:95:ef:a7:d9:1d: 5b:b5:25:20:10:2c:75:72:75:ea:23:88:55:4f:50: 39:e8:b3:e4:e2:93:c2:33:2d:a1:4b:ae:fb:58:b9: 1f:67:05:10:93:5f:e1:54:7a:4e:57:72:1b:62:1b: 07:e3:d9:61:04:18:fa:d5:f3:8e:0f:c2:12:99:33: 86:ba:1c:63:ee:74:cf:59:ed:53:6a:84:0e:d7:52: 27:07:75:18:13:d3:63:1b:b7:21:d3:68:1b:d7:30: cf:83:4c:0f:e9:97:5d:8c:6e:89:57:77:6d:72:7d: f8:8e:2a:b2:90:96:c0:f6:9a:2a:ea:4e:46:4f:77: b3:00:0c:91:44:59:3d:82:08:54:5d:c8:42:52:07: 3e:ef:3d:01:6b:4e:d9:33:9d:2a:35:a9:c4:8e:38: 38:8b:e6:19:9e:d5:9e:cc:f8:34:0c:39:a4:b1:f6: 9b:12:9e:d3:b5:d0:2f:8e:37:34:c5:e5:3b:b8:c7: 1f:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:76:43:68:38:BE:5C:19:29:A8:FF:58:29:77:86:8F:CE:1E:D3:4E X509v3 Authority Key Identifier: keyid:B6:07:60:45:01:DE:36:09:76:8C:5B:A7:C4:CC:A9:C5:6B:61:F9:D5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tgdgRQHeNgl2jFunxMypxWth-dU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/d0f619-b2d3-4422-a618-b9dd51082655/1/ZXZDaDi-XBkpqP9YKXeGj84e004.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/d0f619-b2d3-4422-a618-b9dd51082655/1/tgdgRQHeNgl2jFunxMypxWth-dU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:b0c2::/35 Signature Algorithm: sha256WithRSAEncryption 2f:da:c7:39:05:01:62:1f:1d:1f:bd:77:7b:1b:c5:fd:82:e2: c7:52:36:ef:33:e8:f7:7a:63:b8:18:0f:39:ae:b7:ef:cf:1a: 16:20:c3:d7:3f:f3:56:ec:bb:64:2e:19:02:6e:14:e8:50:0f: 1e:a6:aa:bb:6c:bc:aa:29:b8:02:62:13:9c:b2:0f:ce:22:17: 25:5c:55:48:14:55:f4:b4:a5:41:46:b5:35:3d:19:9d:7f:9d: b2:7d:fb:6f:c4:1c:e9:27:b5:4c:25:ff:e3:d2:95:4e:90:ca: 19:88:e9:3d:8c:a8:0c:20:d5:d1:d1:bf:a4:2f:07:d7:1b:52: 06:a3:e8:4e:5d:69:f6:d7:4f:55:1c:98:e7:46:5c:63:8a:0b: 7e:90:93:e3:4a:b3:82:22:cb:df:97:ed:fa:82:9a:b3:3f:92: 5a:59:71:45:b0:9d:f0:11:35:0e:1c:27:64:8c:00:58:2a:c6: da:a0:fa:ae:55:97:6a:bb:e3:fd:b5:d4:15:e5:c6:8b:13:49: 15:3f:d6:f7:15:5d:1b:47:1d:a4:13:f2:b4:1a:35:f8:c3:e6: 10:e1:ef:fe:d5:60:6a:a5:d7:4f:4c:73:d8:4d:1a:cb:5e:94: 6a:d5:ce:d2:13:bc:5e:2e:aa:c1:86:9d:01:75:6e:f1:e9:3e: 37:8a:4e:be -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZq2m9NYAzliWGhGuvCo2YGoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI2MDc2MDQ1MDFkZTM2MDk3NjhjNWJhN2M0Y2NhOWM1NmI2 MWY5ZDUwHhcNMjUxMTI0MTYwNDE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NTc2NDM2ODM4YmU1YzE5MjlhOGZmNTgyOTc3ODY4ZmNlMWVkMzRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLx1F4DMpuLOkNPO4PzSAo2HHdKS gxfiKSPQixW/GhqbWWtLbZl3h1n0pdVD62aW2ud12nhMh0oJDM/vWlG9QY5zZrw0 le+n2R1btSUgECx1cnXqI4hVT1A56LPk4pPCMy2hS677WLkfZwUQk1/hVHpOV3Ib YhsH49lhBBj61fOOD8ISmTOGuhxj7nTPWe1TaoQO11InB3UYE9NjG7ch02gb1zDP g0wP6ZddjG6JV3dtcn34jiqykJbA9poq6k5GT3ezAAyRRFk9gghUXchCUgc+7z0B a07ZM50qNanEjjg4i+YZntWezPg0DDmksfabEp7TtdAvjjc0xeU7uMcf+wIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFGV2Q2g4vlwZKaj/WCl3ho/OHtNOMB8GA1UdIwQY MBaAFLYHYEUB3jYJdoxbp8TMqcVrYfnVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdGdkZ1JRSGVOZ2wyakZ1bnhNeXB4V3RoLWRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9kMGY2MTktYjJkMy00NDIyLWE2MTgt YjlkZDUxMDgyNjU1LzEvWlhaRGFEaS1YQmtwcVA5WUtYZUdqODRlMDA0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS9kMGY2MTktYjJkMy00NDIyLWE2MTgtYjlkZDUxMDgyNjU1 LzEvdGdkZ1JRSGVOZ2wyakZ1bnhNeXB4V3RoLWRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYFKgWwwgAw DQYJKoZIhvcNAQELBQADggEBAC/axzkFAWIfHR+9d3sbxf2C4sdSNu8z6Pd6Y7gY Dzmut+/PGhYgw9c/81bsu2QuGQJuFOhQDx6mqrtsvKopuAJiE5yyD84iFyVcVUgU VfS0pUFGtTU9GZ1/nbJ9+2/EHOkntUwl/+PSlU6QyhmI6T2MqAwg1dHRv6QvB9cb Ugaj6E5dafbXT1UcmOdGXGOKC36Qk+NKs4Iiy9+X7fqCmrM/klpZcUWwnfARNQ4c J2SMAFgqxtqg+q5Vl2q74/211BXlxosTSRU/1vcVXRtHHaQT8rQaNfjD5hDh7/7V YGql109Mc9hNGstelGrVztITvF4uqsGGnQF1bvHpPjeKTr4= -----END CERTIFICATE-----Generated at Fri Nov 28 08:34:31 2025 by rpki-client