This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/ZdigBdLEZZtVeYRvIrO7Hui1lao.roa File: ZdigBdLEZZtVeYRvIrO7Hui1lao.roa (raw, json) Hash identifier: gC9Y+hcS0Ty3IvZjbRxLjVRtr4AcJcafWKHg/mDzMA0= Subject key identifier: 65:D8:A0:05:D2:C4:65:9B:55:79:84:6F:22:B3:BB:1E:E8:B5:95:AA Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5 Certificate serial: 019B7BA4949932245207A486FC53D07AC5D6 Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/ZdigBdLEZZtVeYRvIrO7Hui1lao.roa Signing time: Thu 01 Jan 2026 22:19:02 +0000 ROA not before: Thu 01 Jan 2026 22:19:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48031 IP address blocks: 2.56.136.0/24 maxlen: 24 194.32.228.0/24 maxlen: 24 213.5.131.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a4:94:99:32:24:52:07:a4:86:fc:53:d0:7a:c5:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5 Validity Not Before: Jan 1 22:19:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=65d8a005d2c4659b5579846f22b3bb1ee8b595aa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:7b:e1:a2:90:14:62:ca:f3:53:14:12:68:90: f9:8c:08:95:59:35:f8:95:79:ad:33:23:b1:3f:ad: 51:10:45:68:08:c2:98:ef:46:e1:9d:71:6c:aa:df: f5:06:2a:0c:a9:9b:99:bb:45:94:86:69:fd:9d:c3: 24:57:bc:e5:50:c5:b0:9d:90:94:42:73:df:7e:61: d5:9c:a4:87:00:26:c0:81:6a:b0:a0:c6:3f:17:a1: 35:79:4d:56:7f:af:8a:9e:66:b5:fe:57:49:6a:d7: 83:da:48:87:27:b5:2c:5a:3f:73:bd:40:73:9a:4b: aa:2e:62:c1:ce:c7:2b:6e:4f:30:c4:65:8d:68:9a: a9:1b:24:68:ff:97:0b:5b:7f:1b:2b:7b:04:1f:c2: c0:b8:0e:0e:ca:e4:40:a5:74:4e:a4:34:37:06:66: 38:05:9c:dc:c6:3e:f2:d8:b7:d8:e6:80:12:b1:a2: cf:23:07:db:70:1f:37:58:2d:8d:72:19:ee:5c:3d: c6:19:8c:0a:cd:45:10:fa:51:46:5c:e9:bf:8c:4c: b7:7b:75:b0:70:db:25:04:a8:4b:17:41:22:1d:a6: 19:de:7f:97:ec:dd:86:30:d9:f0:ab:03:69:c7:cc: 78:08:98:e4:ea:b2:5d:33:b6:cc:2f:66:c0:da:36: 9b:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:D8:A0:05:D2:C4:65:9B:55:79:84:6F:22:B3:BB:1E:E8:B5:95:AA X509v3 Authority Key Identifier: keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/ZdigBdLEZZtVeYRvIrO7Hui1lao.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.56.136.0/24 194.32.228.0/24 213.5.131.0/24 Signature Algorithm: sha256WithRSAEncryption 17:1d:98:ed:48:2d:d7:66:e4:a0:10:43:da:dd:d4:56:90:ed: e1:18:79:34:eb:a0:5d:bc:cc:11:8b:74:5b:50:e4:80:a0:64: 3e:09:9d:0f:6c:76:36:9c:82:51:8e:c1:92:7a:31:ac:8b:22: e9:da:45:e6:28:8f:ad:1f:e9:cc:b3:b9:f5:fd:50:fa:8a:d9: 5f:0a:18:c7:36:48:60:73:f9:18:52:98:c0:62:6c:a5:97:8d: 35:3f:49:09:c1:72:ba:eb:59:07:53:26:c1:72:f6:ec:62:36: 85:25:4e:e5:3f:16:1e:45:93:9f:51:e4:9e:a3:14:aa:84:92: dc:d8:c3:a7:f1:6f:f9:be:61:08:dc:98:79:9b:cb:1e:e7:1a: 23:50:82:c4:d7:52:83:b2:bb:6b:e2:00:43:89:3e:c6:80:08: 64:56:f8:61:fb:2d:4a:72:a7:c0:5d:49:86:e3:df:b7:de:80: 76:de:d6:21:ef:2b:6c:11:0c:cb:71:26:53:1d:ac:72:b9:48: 31:2f:c1:47:c3:a3:e9:f3:b1:0c:8f:78:18:dd:df:6f:23:74: b3:75:cc:29:33:7b:a4:a0:dd:e7:9e:e0:e4:3e:db:03:05:2a: 2d:c8:81:f1:11:68:4a:72:60:53:ed:49:05:9d:2d:7b:3d:5b: fa:46:e6:56 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt7pJSZMiRSB6SG/FPQesXWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4 YWJjYzUwHhcNMjYwMTAxMjIxOTAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NWQ4YTAwNWQyYzQ2NTliNTU3OTg0NmYyMmIzYmIxZWU4YjU5NWFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3vhopAUYsrzUxQSaJD5jAiVWTX4 lXmtMyOxP61REEVoCMKY70bhnXFsqt/1BioMqZuZu0WUhmn9ncMkV7zlUMWwnZCU QnPffmHVnKSHACbAgWqwoMY/F6E1eU1Wf6+Knma1/ldJateD2kiHJ7UsWj9zvUBz mkuqLmLBzscrbk8wxGWNaJqpGyRo/5cLW38bK3sEH8LAuA4OyuRApXROpDQ3BmY4 BZzcxj7y2LfY5oASsaLPIwfbcB83WC2NchnuXD3GGYwKzUUQ+lFGXOm/jEy3e3Ww cNslBKhLF0EiHaYZ3n+X7N2GMNnwqwNpx8x4CJjk6rJdM7bML2bA2jabqQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFGXYoAXSxGWbVXmEbyKzux7otZWqMB8GA1UdIwQY MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt NmZlOWJmNjA1NjFjLzEvWmRpZ0JkTEVaWnRWZVlSdklyTzdIdWkxbGFvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjiIAwQA wiDkAwQA1QWDMA0GCSqGSIb3DQEBCwUAA4IBAQAXHZjtSC3XZuSgEEPa3dRWkO3h GHk066BdvMwRi3RbUOSAoGQ+CZ0PbHY2nIJRjsGSejGsiyLp2kXmKI+tH+nMs7n1 /VD6itlfChjHNkhgc/kYUpjAYmyll401P0kJwXK661kHUybBcvbsYjaFJU7lPxYe RZOfUeSeoxSqhJLc2MOn8W/5vmEI3Jh5m8se5xojUILE11KDsrtr4gBDiT7GgAhk Vvhh+y1KcqfAXUmG49+33oB23tYh7ytsEQzLcSZTHaxyuUgxL8FHw6Pp87EMj3gY 3d9vI3SzdcwpM3ukoN3nnuDkPtsDBSotyIHxEWhKcmBT7UkFnS17PVv6RuZW -----END CERTIFICATE-----Generated at Tue Jan 20 00:00:02 2026 by rpki-client