This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/4193ea-c83f-4beb-a21e-a1c78a0a6bfd/1/zMm9JKVVKWKfD1DDKP4qsT59tOg.roa File: zMm9JKVVKWKfD1DDKP4qsT59tOg.roa (raw, json) Hash identifier: C1WJK5Q9adCFTqiEMvgoPvMhAn7ou/puIqaX1v5Q3vg= Subject key identifier: CC:C9:BD:24:A5:55:29:62:9F:0F:50:C3:28:FE:2A:B1:3E:7D:B4:E8 Certificate issuer: /CN=3ae505bfc7fd917686b1c8b3a218f5508f5a370a Certificate serial: 019B7E38E3723EA51A16073E05F5B7593DD8 Authority key identifier: 3A:E5:05:BF:C7:FD:91:76:86:B1:C8:B3:A2:18:F5:50:8F:5A:37:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OuUFv8f9kXaGscizohj1UI9aNwo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/4193ea-c83f-4beb-a21e-a1c78a0a6bfd/1/zMm9JKVVKWKfD1DDKP4qsT59tOg.roa Signing time: Fri 02 Jan 2026 10:20:16 +0000 ROA not before: Fri 02 Jan 2026 10:20:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8368 IP address blocks: 185.43.0.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/4193ea-c83f-4beb-a21e-a1c78a0a6bfd/1/OuUFv8f9kXaGscizohj1UI9aNwo.crl rsync://rpki.ripe.net/repository/DEFAULT/be/4193ea-c83f-4beb-a21e-a1c78a0a6bfd/1/OuUFv8f9kXaGscizohj1UI9aNwo.mft rsync://rpki.ripe.net/repository/DEFAULT/OuUFv8f9kXaGscizohj1UI9aNwo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 04:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:e3:72:3e:a5:1a:16:07:3e:05:f5:b7:59:3d:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ae505bfc7fd917686b1c8b3a218f5508f5a370a Validity Not Before: Jan 2 10:20:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ccc9bd24a55529629f0f50c328fe2ab13e7db4e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:38:e8:96:2a:a5:e1:77:bc:46:54:95:d3:ac: 50:1f:13:a6:e1:bc:d1:1b:58:01:46:50:bf:8c:ea: bd:6a:41:7f:ce:e8:06:f4:93:e8:ea:95:cc:9c:ab: dd:1d:1d:87:b0:e7:a7:31:d0:de:fe:a7:ff:21:ce: 91:6d:f5:9d:2c:22:f1:0a:6f:12:fe:e5:64:f7:b8: 9f:c1:da:f9:22:93:a0:eb:87:a2:72:b1:71:30:21: 45:21:32:fc:05:de:7e:4c:73:25:73:28:f1:74:c6: 68:74:d7:91:c3:3d:3d:88:c5:b9:5f:12:00:d4:b6: eb:e5:9a:7d:9b:13:42:2a:1f:66:f4:99:c2:fd:99: ea:1f:0f:3d:a2:87:99:75:af:b0:a3:80:11:5e:62: 00:55:2b:a3:a2:93:b3:bf:cf:59:b9:7e:a5:0a:72: 24:9e:cd:a4:54:1c:54:50:c4:65:a7:a4:75:67:a9: 4a:28:fd:7e:98:5a:8d:e5:27:39:ca:f2:fd:e3:92: d6:44:c3:3c:87:c4:80:7a:88:4d:55:b8:ca:a3:90: a0:12:9b:78:02:f3:a4:ae:05:85:e3:b2:fc:c9:f2: b9:c6:f8:da:4b:fc:df:5a:14:a2:d2:ba:11:b4:e0: 5b:ec:04:f2:3c:53:28:cf:9e:21:9a:8e:4f:dc:62: 33:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:C9:BD:24:A5:55:29:62:9F:0F:50:C3:28:FE:2A:B1:3E:7D:B4:E8 X509v3 Authority Key Identifier: keyid:3A:E5:05:BF:C7:FD:91:76:86:B1:C8:B3:A2:18:F5:50:8F:5A:37:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OuUFv8f9kXaGscizohj1UI9aNwo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/4193ea-c83f-4beb-a21e-a1c78a0a6bfd/1/zMm9JKVVKWKfD1DDKP4qsT59tOg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/be/4193ea-c83f-4beb-a21e-a1c78a0a6bfd/1/OuUFv8f9kXaGscizohj1UI9aNwo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.43.0.0/23 Signature Algorithm: sha256WithRSAEncryption 89:8e:62:fd:6b:46:aa:d8:96:02:c6:ef:2a:d3:dd:eb:93:3f: bf:9e:24:5d:59:73:4e:0e:b3:dd:82:a9:b4:a3:d9:72:9c:a4: f1:9c:62:bb:98:87:6b:6b:cd:95:a8:9e:a5:81:b1:9d:17:8a: 34:3c:ae:64:05:da:95:53:e3:65:80:32:eb:f9:05:49:eb:76: 77:9d:f0:47:52:ee:e7:42:59:ec:2d:cc:33:b8:61:79:02:a7: 61:68:fc:02:d8:d5:f0:fe:f4:59:88:ef:20:0f:06:45:23:5e: d8:c6:c0:0a:5b:8f:df:8f:47:b0:c4:8e:5c:97:a7:20:b7:80: fd:f8:d3:41:f6:79:20:db:20:90:62:e1:e3:e1:54:35:4b:00: 00:18:7e:41:e2:5d:b5:ab:f7:b8:0f:03:46:7c:3f:ca:06:52: b5:b7:57:2c:5d:af:3f:bf:46:b5:a8:67:92:ce:9e:36:f8:b6: ae:c2:e2:8e:4a:a0:4e:d8:82:d5:2b:6d:96:c8:95:2a:b5:69: 4a:b8:c4:14:de:8e:02:46:64:59:83:31:69:ea:5b:9f:36:d6: 7e:4c:40:4b:b3:87:33:ef:32:0c:ee:8c:16:e2:19:c1:59:26: c6:99:bd:ef:4c:01:95:e3:78:26:be:dd:24:89:da:39:4a:70: 7e:c9:d5:16 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+OONyPqUaFgc+BfW3WT3YMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhZTUwNWJmYzdmZDkxNzY4NmIxYzhiM2EyMThmNTUwOGY1 YTM3MGEwHhcNMjYwMTAyMTAyMDE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjY2M5YmQyNGE1NTUyOTYyOWYwZjUwYzMyOGZlMmFiMTNlN2RiNGU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjjoliql4Xe8RlSV06xQHxOm4bzR G1gBRlC/jOq9akF/zugG9JPo6pXMnKvdHR2HsOenMdDe/qf/Ic6RbfWdLCLxCm8S /uVk97ifwdr5IpOg64eicrFxMCFFITL8Bd5+THMlcyjxdMZodNeRwz09iMW5XxIA 1Lbr5Zp9mxNCKh9m9JnC/ZnqHw89ooeZda+wo4ARXmIAVSujopOzv89ZuX6lCnIk ns2kVBxUUMRlp6R1Z6lKKP1+mFqN5Sc5yvL945LWRMM8h8SAeohNVbjKo5CgEpt4 AvOkrgWF47L8yfK5xvjaS/zfWhSi0roRtOBb7ATyPFMoz54hmo5P3GIzXQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFMzJvSSlVSlinw9Qwyj+KrE+fbToMB8GA1UdIwQY MBaAFDrlBb/H/ZF2hrHIs6IY9VCPWjcKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3VVRnY4ZjlrWGFHc2Npem9oajFVSTlhTndvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS80MTkzZWEtYzgzZi00YmViLWEyMWUt YTFjNzhhMGE2YmZkLzEvek1tOUpLVlZLV0tmRDFEREtQNHFzVDU5dE9nLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZS80MTkzZWEtYzgzZi00YmViLWEyMWUtYTFjNzhhMGE2YmZk LzEvT3VVRnY4ZjlrWGFHc2Npem9oajFVSTlhTndvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuSsAMA0G CSqGSIb3DQEBCwUAA4IBAQCJjmL9a0aq2JYCxu8q093rkz+/niRdWXNODrPdgqm0 o9lynKTxnGK7mIdra82VqJ6lgbGdF4o0PK5kBdqVU+NlgDLr+QVJ63Z3nfBHUu7n QlnsLcwzuGF5AqdhaPwC2NXw/vRZiO8gDwZFI17YxsAKW4/fj0ewxI5cl6cgt4D9 +NNB9nkg2yCQYuHj4VQ1SwAAGH5B4l21q/e4DwNGfD/KBlK1t1csXa8/v0a1qGeS zp42+LauwuKOSqBO2ILVK22WyJUqtWlKuMQU3o4CRmRZgzFp6lufNtZ+TEBLs4cz 7zIM7owW4hnBWSbGmb3vTAGV43gmvt0kido5SnB+ydUW -----END CERTIFICATE-----Generated at Sun Jan 18 11:04:04 2026 by rpki-client