This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/Z3vCIqOr8cFIHfCAG87UHRnj4gs.roa File: Z3vCIqOr8cFIHfCAG87UHRnj4gs.roa (raw, json) Hash identifier: Nj8uppubigdG8cIGJW1LyHCqaPIHngDL7HFSlaeDITs= Subject key identifier: 67:7B:C2:22:A3:AB:F1:C1:48:1D:F0:80:1B:CE:D4:1D:19:E3:E2:0B Certificate issuer: /CN=0b1c6d0de70cc51805b63a5e2327622525d075b1 Certificate serial: 019B7DCA9E0964D052B5CAFFA009751F1BBF Authority key identifier: 0B:1C:6D:0D:E7:0C:C5:18:05:B6:3A:5E:23:27:62:25:25:D0:75:B1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CxxtDecMxRgFtjpeIydiJSXQdbE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/Z3vCIqOr8cFIHfCAG87UHRnj4gs.roa Signing time: Fri 02 Jan 2026 08:19:49 +0000 ROA not before: Fri 02 Jan 2026 08:19:49 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 396982 IP address blocks: 85.158.140.0/24 maxlen: 24 85.158.141.0/24 maxlen: 24 85.158.142.0/24 maxlen: 24 85.158.143.0/24 maxlen: 24 195.245.230.0/24 maxlen: 24 195.245.231.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/CxxtDecMxRgFtjpeIydiJSXQdbE.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/CxxtDecMxRgFtjpeIydiJSXQdbE.mft rsync://rpki.ripe.net/repository/DEFAULT/CxxtDecMxRgFtjpeIydiJSXQdbE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 21:02:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:9e:09:64:d0:52:b5:ca:ff:a0:09:75:1f:1b:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0b1c6d0de70cc51805b63a5e2327622525d075b1 Validity Not Before: Jan 2 08:19:49 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=677bc222a3abf1c1481df0801bced41d19e3e20b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:74:70:47:9b:97:92:11:c6:3b:0f:f5:7d:02: 38:86:15:f4:9c:7c:e4:fc:6e:6b:48:d2:cb:7e:fe: 0e:09:d9:c1:5e:22:2f:67:7e:58:a8:6c:1f:c8:8a: ef:4b:96:4a:67:ff:49:fd:55:97:55:a3:1e:e9:07: 52:60:58:b9:e4:3f:6f:d4:c6:97:77:56:46:45:93: d2:60:37:e7:b2:ae:70:b5:5c:3a:02:5d:4e:a9:b3: bc:e0:a4:96:c6:b8:8e:d0:db:d4:3d:e8:a3:4e:cd: af:1b:b5:02:04:bf:1f:e9:99:8b:99:ea:2b:c3:76: b7:1d:61:f5:5d:e9:a5:54:e1:79:aa:5b:38:6a:50: 7f:25:d5:6c:f8:d7:63:97:8d:ab:7a:3d:83:44:d7: 25:b1:63:3e:9b:7a:3e:11:11:d8:05:66:6e:31:06: 73:b8:9b:4b:ae:b2:9f:a1:58:9b:1f:41:88:5b:1c: 88:2b:ac:2e:fb:6f:9d:f6:e7:96:24:73:f7:97:84: 6b:c0:db:61:0e:52:fd:cb:3d:05:a0:9a:e6:83:30: 64:a0:ff:08:2d:99:49:f3:ff:fc:8e:48:a9:e4:3a: c4:12:04:36:3a:b0:9c:a7:db:ca:b8:49:07:c3:8b: d2:74:23:05:9c:e2:5d:91:d3:59:8d:08:5a:67:5f: 58:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:7B:C2:22:A3:AB:F1:C1:48:1D:F0:80:1B:CE:D4:1D:19:E3:E2:0B X509v3 Authority Key Identifier: keyid:0B:1C:6D:0D:E7:0C:C5:18:05:B6:3A:5E:23:27:62:25:25:D0:75:B1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CxxtDecMxRgFtjpeIydiJSXQdbE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/Z3vCIqOr8cFIHfCAG87UHRnj4gs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/CxxtDecMxRgFtjpeIydiJSXQdbE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.158.140.0/22 195.245.230.0/23 Signature Algorithm: sha256WithRSAEncryption 14:d3:bc:7a:c9:9a:65:8b:6f:a5:48:5f:8a:42:cf:6d:d1:b3: 0e:54:de:c3:9e:0e:d3:99:7c:61:2b:b4:35:a3:d6:20:25:4d: 77:8e:16:fb:54:ae:d3:63:d4:39:4b:4e:5a:bc:3e:b9:52:0f: e9:92:eb:d7:9e:f3:3f:88:65:2b:4b:64:d8:e0:ee:10:03:36: 9f:95:7c:8e:a8:80:d0:50:0f:63:0c:92:9a:73:bf:90:69:6e: f0:a5:30:f6:0c:54:5d:da:c3:16:6b:37:5e:5c:18:71:ec:9f: f4:76:59:de:aa:27:da:14:26:04:f6:f3:0a:08:04:3e:97:f2: 72:76:ad:5c:da:94:93:a7:d9:2b:6e:df:1f:74:cd:31:b5:2c: 81:5f:82:f7:53:59:1d:cb:e4:58:80:ea:18:b2:ce:cc:28:60: 97:14:a3:fb:ae:2f:38:fe:67:77:7f:98:78:79:48:7a:27:99: 9b:ac:f6:b9:df:51:bf:d0:92:fc:aa:62:9d:b5:1d:ae:9b:7a: 86:4b:ee:59:a2:c8:4e:2e:8c:0a:91:63:52:c5:d3:43:c9:66: ee:75:c8:bd:be:53:41:7b:fb:6b:8b:d3:96:4f:8e:21:f7:99: f6:aa:b8:ce:5a:f0:cf:65:e2:11:62:13:a5:07:e9:ff:35:80: 2a:6d:ab:63 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9yp4JZNBStcr/oAl1Hxu/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBiMWM2ZDBkZTcwY2M1MTgwNWI2M2E1ZTIzMjc2MjI1MjVk MDc1YjEwHhcNMjYwMTAyMDgxOTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NzdiYzIyMmEzYWJmMWMxNDgxZGYwODAxYmNlZDQxZDE5ZTNlMjBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXRwR5uXkhHGOw/1fQI4hhX0nHzk /G5rSNLLfv4OCdnBXiIvZ35YqGwfyIrvS5ZKZ/9J/VWXVaMe6QdSYFi55D9v1MaX d1ZGRZPSYDfnsq5wtVw6Al1OqbO84KSWxriO0NvUPeijTs2vG7UCBL8f6ZmLmeor w3a3HWH1XemlVOF5qls4alB/JdVs+Ndjl42rej2DRNclsWM+m3o+ERHYBWZuMQZz uJtLrrKfoVibH0GIWxyIK6wu+2+d9ueWJHP3l4RrwNthDlL9yz0FoJrmgzBkoP8I LZlJ8//8jkip5DrEEgQ2OrCcp9vKuEkHw4vSdCMFnOJdkdNZjQhaZ19YwwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFGd7wiKjq/HBSB3wgBvO1B0Z4+ILMB8GA1UdIwQY MBaAFAscbQ3nDMUYBbY6XiMnYiUl0HWxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ3h4dERlY014UmdGdGpwZUl5ZGlKU1hRZGJFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hMTk3MmEtOWUxOC00NzkxLTg1MzAt Zjc3NGYxZWFmYmZmLzEvWjN2Q0lxT3I4Y0ZJSGZDQUc4N1VIUm5qNGdzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS9hMTk3MmEtOWUxOC00NzkxLTg1MzAtZjc3NGYxZWFmYmZm LzEvQ3h4dERlY014UmdGdGpwZUl5ZGlKU1hRZGJFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVZ6MAwQB w/XmMA0GCSqGSIb3DQEBCwUAA4IBAQAU07x6yZpli2+lSF+KQs9t0bMOVN7Dng7T mXxhK7Q1o9YgJU13jhb7VK7TY9Q5S05avD65Ug/pkuvXnvM/iGUrS2TY4O4QAzaf lXyOqIDQUA9jDJKac7+QaW7wpTD2DFRd2sMWazdeXBhx7J/0dlneqifaFCYE9vMK CAQ+l/Jydq1c2pSTp9krbt8fdM0xtSyBX4L3U1kdy+RYgOoYss7MKGCXFKP7ri84 /md3f5h4eUh6J5mbrPa531G/0JL8qmKdtR2um3qGS+5ZoshOLowKkWNSxdNDyWbu dci9vlNBe/tri9OWT44h95n2qrjOWvDPZeIRYhOlB+n/NYAqbatj -----END CERTIFICATE-----Generated at Fri Jan 9 06:22:15 2026 by rpki-client