This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/f1af90-355c-484b-b923-d31d4cb1b129/1/ZmJGOpycOIq2lh2DhvW8htu0jB8.roa File: ZmJGOpycOIq2lh2DhvW8htu0jB8.roa (raw, json) Hash identifier: +ARlxopxtUjU1sytN/8Otep5qO7EJAgLyVgrFdmK0Rs= Subject key identifier: 66:62:46:3A:9C:9C:38:8A:B6:96:1D:83:86:F5:BC:86:DB:B4:8C:1F Certificate issuer: /CN=30309941a6d84fa4dbddaf0f4ecd99f9f043cfdc Certificate serial: 019B7EA47ED8E68CCCDDA954F774DE1B8A6A Authority key identifier: 30:30:99:41:A6:D8:4F:A4:DB:DD:AF:0F:4E:CD:99:F9:F0:43:CF:DC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MDCZQabYT6Tb3a8PTs2Z-fBDz9w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/f1af90-355c-484b-b923-d31d4cb1b129/1/ZmJGOpycOIq2lh2DhvW8htu0jB8.roa Signing time: Fri 02 Jan 2026 12:17:48 +0000 ROA not before: Fri 02 Jan 2026 12:17:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206994 IP address blocks: 193.5.147.0/24 maxlen: 24 2a0c:8180::/29 maxlen: 29 2a0c:8187::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/f1af90-355c-484b-b923-d31d4cb1b129/1/MDCZQabYT6Tb3a8PTs2Z-fBDz9w.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/f1af90-355c-484b-b923-d31d4cb1b129/1/MDCZQabYT6Tb3a8PTs2Z-fBDz9w.mft rsync://rpki.ripe.net/repository/DEFAULT/MDCZQabYT6Tb3a8PTs2Z-fBDz9w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a4:7e:d8:e6:8c:cc:dd:a9:54:f7:74:de:1b:8a:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=30309941a6d84fa4dbddaf0f4ecd99f9f043cfdc Validity Not Before: Jan 2 12:17:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6662463a9c9c388ab6961d8386f5bc86dbb48c1f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:52:35:15:db:93:94:fb:86:85:5d:49:7f:16: 4e:55:ac:dc:ce:9b:b1:cc:cf:8a:8c:1b:92:b8:39: 7f:75:77:4a:8c:de:1f:46:06:b7:5c:13:b0:1b:1f: 67:90:4a:a6:f3:52:20:8d:0f:fa:c6:25:5c:bd:e5: cd:d1:b8:ee:1f:26:10:79:3c:43:d2:ea:39:1c:17: 4f:01:45:7e:d2:4a:f6:28:a1:12:ef:10:fa:62:0e: bb:46:1d:64:c3:14:59:30:81:80:77:3e:06:f3:21: dc:e6:32:f6:99:8f:92:8c:ed:f6:d6:d2:3c:74:78: 30:0c:66:e3:93:88:a1:64:c6:d8:25:e3:e5:a4:f8: 96:21:cb:17:a2:d4:17:bd:71:4a:c5:67:2e:6b:7c: da:bf:8c:59:97:4f:42:a8:77:a4:05:51:bb:44:d0: bf:79:51:96:f9:d3:93:9c:8f:54:cd:f0:97:ee:a9: fd:fb:8b:dd:e3:38:28:da:3c:c1:77:87:f5:8d:8d: 4d:b4:cf:5a:88:63:90:9e:31:47:73:e6:a0:6a:d0: 2d:38:cc:d0:2f:02:30:43:87:bc:2e:9a:ea:98:d9: 76:6f:71:95:a6:ba:d8:c1:7b:e6:5c:0d:2f:c8:45: d3:87:1d:87:97:0e:fe:6c:45:e5:fb:28:30:b1:1c: 4c:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:62:46:3A:9C:9C:38:8A:B6:96:1D:83:86:F5:BC:86:DB:B4:8C:1F X509v3 Authority Key Identifier: keyid:30:30:99:41:A6:D8:4F:A4:DB:DD:AF:0F:4E:CD:99:F9:F0:43:CF:DC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MDCZQabYT6Tb3a8PTs2Z-fBDz9w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/f1af90-355c-484b-b923-d31d4cb1b129/1/ZmJGOpycOIq2lh2DhvW8htu0jB8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/f1af90-355c-484b-b923-d31d4cb1b129/1/MDCZQabYT6Tb3a8PTs2Z-fBDz9w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.5.147.0/24 IPv6: 2a0c:8180::/29 Signature Algorithm: sha256WithRSAEncryption 71:cc:ff:fc:95:ce:f2:39:8d:9b:be:8d:95:f2:08:a3:66:9d: 06:d4:3e:bc:61:b0:01:97:d6:bd:bd:d6:e2:4d:c3:2d:b9:60: e9:b7:97:e3:95:bf:64:af:51:16:fd:da:37:dc:b3:0a:19:90: c8:ce:1a:3c:d6:61:91:fc:4d:7a:f3:7e:18:a8:3f:33:f4:32: 2a:9c:48:38:82:7a:a6:67:02:9e:11:51:e0:3d:70:fa:a5:c1: 69:56:37:1d:ab:d1:5b:79:60:ae:ee:e5:a7:a6:6c:78:14:9f: b2:3a:8a:7f:04:d2:34:1a:4f:42:c3:05:c8:79:a4:f2:fb:83: 60:00:6f:fc:21:0a:4c:d9:e7:dd:e6:51:0e:b1:1f:e3:38:d9: 6b:87:01:bb:2c:77:fe:71:ce:8d:16:47:d0:ff:81:a8:2d:26: 87:dc:3d:24:2c:55:d8:1c:7d:97:55:c8:45:05:c3:db:1c:8b: a5:83:eb:ae:4c:b3:03:8c:b2:70:2e:da:14:98:a2:72:8f:d4: 2d:1c:8e:7d:cc:a0:55:bb:3d:8e:4d:3f:9f:bd:15:5d:ee:d9: 4d:dc:78:48:df:1d:7e:5f:40:1a:ce:57:02:9b:39:f1:04:56: 39:15:68:64:fd:11:dd:2f:36:76:19:ce:10:d9:70:c3:0a:1c: 66:b7:02:0b -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt+pH7Y5ozM3alU93TeG4pqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMwMzA5OTQxYTZkODRmYTRkYmRkYWYwZjRlY2Q5OWY5ZjA0 M2NmZGMwHhcNMjYwMTAyMTIxNzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NjYyNDYzYTljOWMzODhhYjY5NjFkODM4NmY1YmM4NmRiYjQ4YzFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1I1FduTlPuGhV1JfxZOVazczpux zM+KjBuSuDl/dXdKjN4fRga3XBOwGx9nkEqm81IgjQ/6xiVcveXN0bjuHyYQeTxD 0uo5HBdPAUV+0kr2KKES7xD6Yg67Rh1kwxRZMIGAdz4G8yHc5jL2mY+SjO321tI8 dHgwDGbjk4ihZMbYJePlpPiWIcsXotQXvXFKxWcua3zav4xZl09CqHekBVG7RNC/ eVGW+dOTnI9UzfCX7qn9+4vd4zgo2jzBd4f1jY1NtM9aiGOQnjFHc+agatAtOMzQ LwIwQ4e8LprqmNl2b3GVprrYwXvmXA0vyEXThx2Hlw7+bEXl+ygwsRxMEQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFGZiRjqcnDiKtpYdg4b1vIbbtIwfMB8GA1UdIwQY MBaAFDAwmUGm2E+k292vD07NmfnwQ8/cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTURDWlFhYllUNlRiM2E4UFRzMlotZkJEejl3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9mMWFmOTAtMzU1Yy00ODRiLWI5MjMt ZDMxZDRjYjFiMTI5LzEvWm1KR09weWNPSXEybGgyRGh2VzhodHUwakI4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi9mMWFmOTAtMzU1Yy00ODRiLWI5MjMtZDMxZDRjYjFiMTI5 LzEvTURDWlFhYllUNlRiM2E4UFRzMlotZkJEejl3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwQWTMA0E AgACMAcDBQMqDIGAMA0GCSqGSIb3DQEBCwUAA4IBAQBxzP/8lc7yOY2bvo2V8gij Zp0G1D68YbABl9a9vdbiTcMtuWDpt5fjlb9kr1EW/do33LMKGZDIzho81mGR/E16 834YqD8z9DIqnEg4gnqmZwKeEVHgPXD6pcFpVjcdq9FbeWCu7uWnpmx4FJ+yOop/ BNI0Gk9CwwXIeaTy+4NgAG/8IQpM2efd5lEOsR/jONlrhwG7LHf+cc6NFkfQ/4Go LSaH3D0kLFXYHH2XVchFBcPbHIulg+uuTLMDjLJwLtoUmKJyj9QtHI59zKBVuz2O TT+fvRVd7tlN3HhI3x1+X0AazlcCmznxBFY5FWhk/RHdLzZ2Gc4Q2XDDChxmtwIL -----END CERTIFICATE-----Generated at Mon Feb 9 21:24:15 2026 by rpki-client