This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/zN4xIcyuKdReWz88lELFd10OniM.roa File: zN4xIcyuKdReWz88lELFd10OniM.roa (raw, json) Hash identifier: yTZG3oZJlBmSpnKDhcxunCfxKUZwKaHWTWtPKvOIooY= Subject key identifier: CC:DE:31:21:CC:AE:29:D4:5E:5B:3F:3C:94:42:C5:77:5D:0E:9E:23 Certificate issuer: /CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6 Certificate serial: 019B78A32AA91505A60AE8CAEA5AD4E22391 Authority key identifier: F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/zN4xIcyuKdReWz88lELFd10OniM.roa Signing time: Thu 01 Jan 2026 08:18:37 +0000 ROA not before: Thu 01 Jan 2026 08:18:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 400212 IP address blocks: 109.175.210.0/24 maxlen: 24 109.205.193.0/24 maxlen: 24 158.94.220.0/23 maxlen: 24 158.94.221.0/24 maxlen: 24 2a01:fb01::/32 maxlen: 32 2a01:fb02:8000::/34 maxlen: 34 2a01:fb06::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.mft rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 08:02:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:2a:a9:15:05:a6:0a:e8:ca:ea:5a:d4:e2:23:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6 Validity Not Before: Jan 1 08:18:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ccde3121ccae29d45e5b3f3c9442c5775d0e9e23 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:9e:48:64:c9:e6:c1:53:9a:c1:2a:47:ce:6e: 12:6f:97:7b:58:38:1d:67:bf:36:f0:b1:6a:7f:c6: ef:14:31:f1:47:f0:f3:70:b7:d0:cb:46:08:6e:2f: 55:1f:91:e4:03:c7:c4:b6:d3:69:ac:2b:36:9e:3b: 73:c8:dd:43:28:74:78:c2:03:bd:f6:54:c5:3b:1f: dc:46:9a:84:78:39:1d:f6:40:d3:40:63:d0:32:ef: 35:c3:5c:54:91:0e:eb:85:5b:6c:b2:b2:02:50:7d: 29:48:f5:ac:11:b4:85:b8:7d:0c:d0:71:08:47:2f: b4:e8:ef:2a:11:29:58:60:92:b7:a6:33:3d:90:e5: 59:eb:21:c9:43:30:09:8e:28:4c:db:d6:d6:e3:ba: 1e:df:0b:3a:b9:8f:87:b5:44:a2:90:f4:57:08:a9: 7a:f1:e7:3c:23:2d:66:a0:57:22:a1:bd:51:78:0b: 1f:8e:36:df:92:a1:6c:a5:29:32:15:9b:b6:eb:75: e5:a1:bb:ee:e8:ff:da:d6:68:0a:bd:59:96:5c:3c: 8e:42:10:58:10:f2:49:be:8c:f5:44:6d:01:76:0f: 1b:f8:29:0b:39:25:4a:b4:e4:82:09:31:9a:ff:69: 22:c5:e9:c6:3b:26:29:37:c4:83:a6:a1:dd:af:90: 08:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:DE:31:21:CC:AE:29:D4:5E:5B:3F:3C:94:42:C5:77:5D:0E:9E:23 X509v3 Authority Key Identifier: keyid:F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/zN4xIcyuKdReWz88lELFd10OniM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.175.210.0/24 109.205.193.0/24 158.94.220.0/23 IPv6: 2a01:fb01::/32 2a01:fb02:8000::/34 2a01:fb06::/32 Signature Algorithm: sha256WithRSAEncryption 13:bd:d8:c5:67:24:51:93:6f:3a:81:4a:83:50:18:90:93:3a: 3f:1a:e7:0f:b8:a4:14:f4:c7:d6:0b:14:9d:63:16:ce:73:26: cd:9f:16:b7:2e:76:65:26:26:ab:67:b6:e5:fe:b3:8e:8e:ea: e0:86:5d:98:1b:10:f7:cd:cd:b6:c9:c9:c5:43:c2:62:7a:5b: 6e:88:ab:0c:a9:72:e5:a8:63:f2:95:02:27:6e:57:ec:60:57: 17:88:a0:23:7e:bc:fb:7c:4a:ac:97:ea:a2:3a:eb:76:26:16: 3d:59:61:26:67:65:66:b5:be:1c:d8:79:e6:d1:ea:c8:45:e0: df:de:bc:b8:2e:31:db:95:02:eb:3b:ea:07:48:fd:5f:d6:a2: bf:5d:cf:aa:8f:b9:7b:b8:b0:67:b1:82:77:37:b5:50:1b:a4: f9:69:00:fe:9f:10:16:33:b2:1f:a1:0a:7b:1c:1b:85:48:68: c2:ee:04:d3:2a:5b:9a:1f:bb:a8:fa:15:db:62:d7:81:71:3a: 9d:0a:4f:c9:8d:53:a1:39:35:61:11:64:8d:1b:92:88:cd:89: 43:ff:25:15:c4:98:2b:da:67:ff:95:d4:6d:a8:6f:97:31:cc: 9c:a8:9d:da:71:80:c2:70:71:69:c4:ae:8e:33:b9:9f:09:2e: 45:ac:37:38 -----BEGIN CERTIFICATE----- MIIFJzCCBA+gAwIBAgISAZt4oyqpFQWmCujK6lrU4iORMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYzMjQ1ODFlNDM2ODgyNWQ1ZTEzZjRmMmEwZDZmZjhlNDg0 Yzk1ZTYwHhcNMjYwMTAxMDgxODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjY2RlMzEyMWNjYWUyOWQ0NWU1YjNmM2M5NDQyYzU3NzVkMGU5ZTIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl55IZMnmwVOawSpHzm4Sb5d7WDgd Z7828LFqf8bvFDHxR/DzcLfQy0YIbi9VH5HkA8fEttNprCs2njtzyN1DKHR4wgO9 9lTFOx/cRpqEeDkd9kDTQGPQMu81w1xUkQ7rhVtssrICUH0pSPWsEbSFuH0M0HEI Ry+06O8qESlYYJK3pjM9kOVZ6yHJQzAJjihM29bW47oe3ws6uY+HtUSikPRXCKl6 8ec8Iy1moFciob1ReAsfjjbfkqFspSkyFZu263Xlobvu6P/a1mgKvVmWXDyOQhBY EPJJvoz1RG0Bdg8b+CkLOSVKtOSCCTGa/2kixenGOyYpN8SDpqHdr5AIuwIDAQAB o4ICMzCCAi8wHQYDVR0OBBYEFMzeMSHMrinUXls/PJRCxXddDp4jMB8GA1UdIwQY MBaAFPMkWB5DaIJdXhP08qDW/45ITJXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMt NmUyZDk3Y2ExNWZmLzEvek40eEljeXVLZFJlV3o4OGxFTEZkMTBPbmlNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMtNmUyZDk3Y2ExNWZm LzEvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAYBAIAATASAwQAba/SAwQA bc3BAwQBnl7cMBwEAgACMBYDBQAqAfsBAwYGKgH7AoADBQAqAfsGMA0GCSqGSIb3 DQEBCwUAA4IBAQATvdjFZyRRk286gUqDUBiQkzo/GucPuKQU9MfWCxSdYxbOcybN nxa3LnZlJiarZ7bl/rOOjurghl2YGxD3zc22ycnFQ8JieltuiKsMqXLlqGPylQIn blfsYFcXiKAjfrz7fEqsl+qiOut2JhY9WWEmZ2Vmtb4c2Hnm0erIReDf3ry4LjHb lQLrO+oHSP1f1qK/Xc+qj7l7uLBnsYJ3N7VQG6T5aQD+nxAWM7IfoQp7HBuFSGjC 7gTTKluaH7uo+hXbYteBcTqdCk/JjVOhOTVhEWSNG5KIzYlD/yUVxJgr2mf/ldRt qG+XMcycqJ3acYDCcHFpxK6OM7mfCS5FrDc4 -----END CERTIFICATE-----Generated at Mon Jan 19 14:38:57 2026 by rpki-client