This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/de9139-a9d0-493a-9260-ed0f256a5fe3/1/NUW_ZH_EIIHERuITZzYR2weW90Q.roa File: NUW_ZH_EIIHERuITZzYR2weW90Q.roa (raw, json) Hash identifier: Y1z/FtrJMczt8aV1zB8hcs+HmFMUQfSmWahrrb+QcEY= Subject key identifier: 35:45:BF:64:7F:C4:20:81:C4:46:E2:13:67:36:11:DB:07:96:F7:44 Certificate issuer: /CN=292d120970515846360ea223e9a0e6a3c3896934 Certificate serial: 019B7F83D10C782FB50E5BDED352379131DC Authority key identifier: 29:2D:12:09:70:51:58:46:36:0E:A2:23:E9:A0:E6:A3:C3:89:69:34 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KS0SCXBRWEY2DqIj6aDmo8OJaTQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/de9139-a9d0-493a-9260-ed0f256a5fe3/1/NUW_ZH_EIIHERuITZzYR2weW90Q.roa Signing time: Fri 02 Jan 2026 16:21:43 +0000 ROA not before: Fri 02 Jan 2026 16:21:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 56550 IP address blocks: 31.14.28.0/24 maxlen: 24 31.177.40.0/21 maxlen: 21 31.214.153.0/24 maxlen: 24 46.102.188.0/23 maxlen: 23 85.204.119.0/24 maxlen: 24 85.204.147.0/24 maxlen: 24 86.105.177.0/24 maxlen: 24 89.32.168.0/23 maxlen: 23 89.32.186.0/23 maxlen: 23 89.33.133.0/24 maxlen: 24 89.34.161.0/24 maxlen: 24 89.36.228.0/24 maxlen: 24 89.42.25.0/24 maxlen: 24 93.115.62.0/23 maxlen: 23 93.117.152.0/23 maxlen: 23 93.117.172.0/23 maxlen: 23 94.177.127.0/24 maxlen: 24 95.142.208.0/21 maxlen: 21 109.230.212.0/24 maxlen: 24 128.0.122.0/23 maxlen: 23 128.0.123.0/24 maxlen: 24 128.0.124.0/22 maxlen: 22 185.8.24.0/22 maxlen: 22 185.157.52.0/22 maxlen: 22 185.163.172.0/22 maxlen: 22 188.241.154.0/24 maxlen: 24 2a03:1140::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/de9139-a9d0-493a-9260-ed0f256a5fe3/1/KS0SCXBRWEY2DqIj6aDmo8OJaTQ.crl rsync://rpki.ripe.net/repository/DEFAULT/ce/de9139-a9d0-493a-9260-ed0f256a5fe3/1/KS0SCXBRWEY2DqIj6aDmo8OJaTQ.mft rsync://rpki.ripe.net/repository/DEFAULT/KS0SCXBRWEY2DqIj6aDmo8OJaTQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:d1:0c:78:2f:b5:0e:5b:de:d3:52:37:91:31:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=292d120970515846360ea223e9a0e6a3c3896934 Validity Not Before: Jan 2 16:21:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3545bf647fc42081c446e213673611db0796f744 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:d4:2e:f2:e9:b2:de:cf:83:62:51:d5:99:ce: 08:0e:37:c6:8b:cb:fc:48:65:5f:ff:7f:c7:58:fa: a2:58:4d:c3:a9:3d:b9:aa:b8:d4:19:e8:f5:44:dd: f1:1f:3c:ed:fb:03:1e:85:35:11:ec:3a:cc:2a:67: a1:90:01:c6:d8:75:33:44:7c:20:9c:d4:f4:50:40: cf:22:ef:50:91:53:63:fc:1a:e4:9e:7e:30:9a:a0: f5:f4:ef:6f:5d:8b:9c:ec:73:a7:3a:be:7a:e3:ad: 59:18:16:de:ad:66:d4:6d:fd:cd:60:bc:14:75:71: 0d:f8:58:d1:56:32:e5:20:06:79:ce:84:b2:d5:08: 3d:06:ae:a0:63:7e:33:8e:aa:81:28:98:13:eb:09: 50:d4:e9:ef:ce:8b:b1:ac:07:04:3f:f5:1b:09:d9: 6e:61:52:c4:1b:10:43:b2:a9:9a:7a:73:b2:f4:bd: 50:4e:c5:a8:da:2c:13:81:17:be:ae:06:24:6c:d7: 36:f4:85:30:c0:dd:bf:d6:e1:bb:a8:6f:11:14:8a: e3:3a:75:c8:b8:96:ba:92:7f:b2:0c:91:97:52:9a: 8d:6e:7a:e1:14:ab:54:50:69:a1:dd:59:a4:9d:ac: d9:7b:19:60:ae:e4:8f:a3:7d:fa:b4:aa:2d:96:66: 89:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:45:BF:64:7F:C4:20:81:C4:46:E2:13:67:36:11:DB:07:96:F7:44 X509v3 Authority Key Identifier: keyid:29:2D:12:09:70:51:58:46:36:0E:A2:23:E9:A0:E6:A3:C3:89:69:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KS0SCXBRWEY2DqIj6aDmo8OJaTQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/de9139-a9d0-493a-9260-ed0f256a5fe3/1/NUW_ZH_EIIHERuITZzYR2weW90Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/de9139-a9d0-493a-9260-ed0f256a5fe3/1/KS0SCXBRWEY2DqIj6aDmo8OJaTQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.14.28.0/24 31.177.40.0/21 31.214.153.0/24 46.102.188.0/23 85.204.119.0/24 85.204.147.0/24 86.105.177.0/24 89.32.168.0/23 89.32.186.0/23 89.33.133.0/24 89.34.161.0/24 89.36.228.0/24 89.42.25.0/24 93.115.62.0/23 93.117.152.0/23 93.117.172.0/23 94.177.127.0/24 95.142.208.0/21 109.230.212.0/24 128.0.122.0-128.0.127.255 185.8.24.0/22 185.157.52.0/22 185.163.172.0/22 188.241.154.0/24 IPv6: 2a03:1140::/32 Signature Algorithm: sha256WithRSAEncryption 16:e9:03:91:4f:cc:3e:c7:21:b1:15:15:83:0e:dd:4c:2f:c5: 41:33:2f:d3:0e:f4:5b:1f:75:ab:e4:29:f6:20:5f:0e:1e:1a: 2d:4c:50:b8:7b:fe:f7:2e:2c:95:6f:93:9b:99:89:25:07:c3: 02:bb:4b:26:89:c9:79:1d:2a:b5:b2:22:6c:a9:87:c9:9d:bc: 7b:81:e1:f8:c5:06:95:9a:45:12:23:dd:87:bb:ab:38:ae:c7: 40:32:96:81:e2:12:b7:3a:51:61:5d:e4:1d:63:83:20:0c:85: e5:f6:34:88:0b:de:23:cf:af:07:85:fe:bf:f0:23:5e:c4:25: 71:2f:34:47:68:c5:0e:ca:88:c0:66:e2:8a:c7:2e:a6:aa:9f: 00:77:0d:83:6a:0c:ae:75:54:62:9f:5c:45:8b:d9:ca:62:78: e0:c2:d5:e9:4d:e7:04:e2:02:10:fc:02:82:30:19:43:21:2f: 7a:4c:e0:3b:a3:4f:eb:cd:6d:62:4d:b4:e2:7b:17:48:98:2f: 13:57:59:05:c1:70:00:eb:32:1b:de:98:b6:9a:7e:b5:23:20: 72:27:15:63:76:9e:9e:a0:87:a3:41:2e:cb:36:e4:54:2e:c3: 96:a7:69:29:e4:c6:ea:08:e4:74:99:43:7e:69:b1:69:05:6d: 09:65:96:44 -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt/g9EMeC+1Dlve01I3kTHcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5MmQxMjA5NzA1MTU4NDYzNjBlYTIyM2U5YTBlNmEzYzM4 OTY5MzQwHhcNMjYwMTAyMTYyMTQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNTQ1YmY2NDdmYzQyMDgxYzQ0NmUyMTM2NzM2MTFkYjA3OTZmNzQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tQu8umy3s+DYlHVmc4IDjfGi8v8 SGVf/3/HWPqiWE3DqT25qrjUGej1RN3xHzzt+wMehTUR7DrMKmehkAHG2HUzRHwg nNT0UEDPIu9QkVNj/Brknn4wmqD19O9vXYuc7HOnOr56461ZGBberWbUbf3NYLwU dXEN+FjRVjLlIAZ5zoSy1Qg9Bq6gY34zjqqBKJgT6wlQ1OnvzouxrAcEP/UbCdlu YVLEGxBDsqmaenOy9L1QTsWo2iwTgRe+rgYkbNc29IUwwN2/1uG7qG8RFIrjOnXI uJa6kn+yDJGXUpqNbnrhFKtUUGmh3VmknazZexlgruSPo336tKotlmaJlQIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFDVFv2R/xCCBxEbiE2c2EdsHlvdEMB8GA1UdIwQY MBaAFCktEglwUVhGNg6iI+mg5qPDiWk0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1MwU0NYQlJXRVkyRHFJajZhRG1vOE9KYVRRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9kZTkxMzktYTlkMC00OTNhLTkyNjAt ZWQwZjI1NmE1ZmUzLzEvTlVXX1pIX0VJSUhFUnVJVFp6WVIyd2VXOTBRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZS9kZTkxMzktYTlkMC00OTNhLTkyNjAtZWQwZjI1NmE1ZmUz LzEvS1MwU0NYQlJXRVkyRHFJajZhRG1vOE9KYVRRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTCBnwQCAAEwgZgDBAAf DhwDBAMfsSgDBAAf1pkDBAEuZrwDBABVzHcDBABVzJMDBABWabEDBAFZIKgDBAFZ ILoDBABZIYUDBABZIqEDBABZJOQDBABZKhkDBAFdcz4DBAFddZgDBAFddawDBABe sX8DBANfjtADBABt5tQwDAMEAYAAegMEB4AAAAMEArkIGAMEArmdNAMEArmjrAME ALzxmjANBAIAAjAHAwUAKgMRQDANBgkqhkiG9w0BAQsFAAOCAQEAFukDkU/MPsch sRUVgw7dTC/FQTMv0w70Wx91q+Qp9iBfDh4aLUxQuHv+9y4slW+Tm5mJJQfDArtL JonJeR0qtbIibKmHyZ28e4Hh+MUGlZpFEiPdh7urOK7HQDKWgeIStzpRYV3kHWOD IAyF5fY0iAveI8+vB4X+v/AjXsQlcS80R2jFDsqIwGbiiscupqqfAHcNg2oMrnVU Yp9cRYvZymJ44MLV6U3nBOICEPwCgjAZQyEvekzgO6NP681tYk204nsXSJgvE1dZ BcFwAOsyG96Ytpp+tSMgcicVY3aenqCHo0EuyzbkVC7DlqdpKeTG6gjkdJlDfmmx aQVtCWWWRA== -----END CERTIFICATE-----Generated at Tue Feb 10 02:47:00 2026 by rpki-client