This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ZcSF27PFzLJfLQhYKLGOKj58Yf8.roa File: ZcSF27PFzLJfLQhYKLGOKj58Yf8.roa (raw, json) Hash identifier: OsdDIO7Nray1g5Sb4e1tXbPlOgSBNf0EJqNVjqxtpMQ= Subject key identifier: 65:C4:85:DB:B3:C5:CC:B2:5F:2D:08:58:28:B1:8E:2A:3E:7C:61:FF Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Certificate serial: 019B7D5D2514735D5D2606B1EFDD62637771 Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ZcSF27PFzLJfLQhYKLGOKj58Yf8.roa Signing time: Fri 02 Jan 2026 06:20:14 +0000 ROA not before: Fri 02 Jan 2026 06:20:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3758 IP address blocks: 2.56.56.0/22 maxlen: 24 91.217.236.0/24 maxlen: 24 193.84.132.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 11:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:25:14:73:5d:5d:26:06:b1:ef:dd:62:63:77:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Validity Not Before: Jan 2 06:20:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=65c485dbb3c5ccb25f2d085828b18e2a3e7c61ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:3a:5f:7e:4c:d2:ef:d9:7e:b7:e7:6f:9c:a3: a8:78:79:02:99:e4:d8:1a:8a:56:94:6b:29:1d:a8: 7d:e1:e8:6c:92:59:2e:5f:2e:79:8e:b9:7a:79:de: ae:27:8e:50:bd:cb:3f:59:c0:ad:63:bf:1a:b4:9c: 89:bc:80:b7:a7:47:ee:69:79:f4:64:d0:7f:4b:47: 54:d0:32:ba:88:b0:12:e8:6c:3e:e4:34:58:07:e8: dc:8f:70:38:b3:fb:49:a6:3a:21:e1:26:ad:0a:39: 8c:fe:47:c4:dd:f3:0a:c5:f1:50:ed:c4:9d:7c:5d: d8:f8:91:12:6e:57:a6:20:ae:77:3a:2e:d1:81:30: 3b:e5:39:6b:f6:5f:e2:76:56:61:35:4c:96:d4:9c: d4:f5:45:2c:f6:a1:f9:a6:cd:b0:02:f0:46:98:33: e5:6a:09:90:5b:cb:a5:4b:64:82:c5:f2:db:34:91: cc:2b:06:79:73:7a:0c:fd:a4:cd:ce:86:3a:20:36: 81:b1:36:97:cc:49:32:11:a5:e6:89:ea:e2:72:f0: 98:3f:5f:c8:4e:01:60:dd:f5:14:cd:0d:43:59:d4: a5:f3:d7:ae:75:9c:55:65:c7:a5:9a:b5:f5:0a:eb: 2b:2f:01:6a:eb:16:84:9e:3d:93:89:93:44:57:a7: bd:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:C4:85:DB:B3:C5:CC:B2:5F:2D:08:58:28:B1:8E:2A:3E:7C:61:FF X509v3 Authority Key Identifier: keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ZcSF27PFzLJfLQhYKLGOKj58Yf8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.56.56.0/22 91.217.236.0/24 193.84.132.0/24 Signature Algorithm: sha256WithRSAEncryption 4c:3c:8c:e0:a8:ce:b9:01:89:60:e7:e5:62:50:aa:5b:33:90: c2:67:0c:22:79:e6:88:ff:23:a4:66:38:c8:a2:ce:9d:d7:a9: 51:71:9d:4b:33:93:53:6f:39:7e:4f:ea:ea:b0:13:e9:6f:e3: 11:49:71:17:ad:c3:3f:5c:46:d2:dd:32:04:8a:b9:5c:31:f8: 9d:99:45:0d:f5:43:77:bd:87:be:e2:01:53:ed:88:53:31:38: 31:68:8e:14:5e:a1:03:ce:b3:ef:07:4c:8a:26:da:2f:eb:e4: b0:a3:14:05:0d:b1:52:9f:36:ab:69:95:75:b1:28:e2:58:88: c0:5e:27:af:21:5f:5f:78:7d:2b:fd:e2:35:22:60:20:60:73: 58:ac:35:ba:e6:69:0b:67:17:27:f3:9c:a0:31:b2:84:56:42: 02:78:44:29:a5:ee:92:bd:9d:ad:bd:35:52:6e:6f:e0:9c:8d: b3:72:f5:af:c8:3a:cd:b2:00:a8:a9:af:c5:4e:e5:ff:2f:66: fb:9d:1b:3f:29:d9:1f:b5:b8:db:13:32:f3:b5:87:15:2d:f2: a3:6a:f4:95:70:45:cc:9c:31:bf:05:83:40:4c:e2:62:b9:4a: 69:d5:32:7a:62:09:19:02:35:05:6a:60:c6:a5:bd:ee:ee:2e: da:96:55:34 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt9XSUUc11dJgax791iY3dxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw NWIwZTIwHhcNMjYwMTAyMDYyMDE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NWM0ODVkYmIzYzVjY2IyNWYyZDA4NTgyOGIxOGUyYTNlN2M2MWZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjpffkzS79l+t+dvnKOoeHkCmeTY GopWlGspHah94ehsklkuXy55jrl6ed6uJ45Qvcs/WcCtY78atJyJvIC3p0fuaXn0 ZNB/S0dU0DK6iLAS6Gw+5DRYB+jcj3A4s/tJpjoh4SatCjmM/kfE3fMKxfFQ7cSd fF3Y+JESblemIK53Oi7RgTA75Tlr9l/idlZhNUyW1JzU9UUs9qH5ps2wAvBGmDPl agmQW8ulS2SCxfLbNJHMKwZ5c3oM/aTNzoY6IDaBsTaXzEkyEaXmiericvCYP1/I TgFg3fUUzQ1DWdSl89eudZxVZcelmrX1CusrLwFq6xaEnj2TiZNEV6e95QIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFGXEhduzxcyyXy0IWCixjio+fGH/MB8GA1UdIwQY MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt MmNjZWRiOTY2YTU4LzEvWmNTRjI3UEZ6TEpmTFFoWUtMR09LajU4WWY4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4 LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCAjg4AwQA W9nsAwQAwVSEMA0GCSqGSIb3DQEBCwUAA4IBAQBMPIzgqM65AYlg5+ViUKpbM5DC ZwwieeaI/yOkZjjIos6d16lRcZ1LM5NTbzl+T+rqsBPpb+MRSXEXrcM/XEbS3TIE irlcMfidmUUN9UN3vYe+4gFT7YhTMTgxaI4UXqEDzrPvB0yKJtov6+SwoxQFDbFS nzaraZV1sSjiWIjAXievIV9feH0r/eI1ImAgYHNYrDW65mkLZxcn85ygMbKEVkIC eEQppe6SvZ2tvTVSbm/gnI2zcvWvyDrNsgCoqa/FTuX/L2b7nRs/KdkftbjbEzLz tYcVLfKjavSVcEXMnDG/BYNATOJiuUpp1TJ6YgkZAjUFamDGpb3u7i7allU0 -----END CERTIFICATE-----Generated at Mon Jan 19 19:58:13 2026 by rpki-client