This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ZI085fx17wglNov032bXlk10RTg.roa File: ZI085fx17wglNov032bXlk10RTg.roa (raw, json) Hash identifier: j5Ko4ezz0l/Zfw3a/ZhaxENbSPKBPqajPZNL6E/+Gv0= Subject key identifier: 64:8D:3C:E5:FC:75:EF:08:25:36:8B:F4:DF:66:D7:96:4D:74:45:38 Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10 Certificate serial: 019B7F84DE564FCD3E8401F7FA5464D41924 Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ZI085fx17wglNov032bXlk10RTg.roa Signing time: Fri 02 Jan 2026 16:22:52 +0000 ROA not before: Fri 02 Jan 2026 16:22:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 23470 IP address blocks: 88.209.199.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 00:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:de:56:4f:cd:3e:84:01:f7:fa:54:64:d4:19:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10 Validity Not Before: Jan 2 16:22:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=648d3ce5fc75ef0825368bf4df66d7964d744538 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:05:13:d2:35:fe:ea:94:81:0c:fa:ed:65:cd: 00:7f:01:84:01:1d:bc:22:e6:8c:51:86:84:e8:ce: 0d:79:c5:19:18:5f:2b:7a:95:18:05:9e:7a:98:98: bc:b3:07:b7:03:22:61:24:c8:d2:ce:5c:50:4d:ed: 04:cd:e1:3a:32:ba:41:ae:1a:02:b3:a7:da:bd:ca: dc:f4:1f:58:0e:dc:7d:0d:52:66:98:e9:36:b9:64: 0c:53:7c:7e:e5:f0:48:e4:cd:38:e2:e9:ae:65:c6: 7e:55:c4:e7:fb:60:1c:b9:30:0b:12:53:8e:23:33: bb:1d:f9:78:89:15:12:fe:8b:ab:70:63:e3:ec:f3: 48:ce:17:ca:fa:8b:60:df:cd:47:43:cb:91:a1:0d: f4:66:51:63:e1:35:30:36:07:cc:2d:9f:8e:5a:4e: a5:f5:3a:e5:67:90:75:18:6a:23:58:cc:6d:d1:91: 93:ae:0f:86:d5:d2:dc:37:e3:73:7e:01:37:40:a7: cc:4d:96:15:11:5d:c8:98:dd:ec:2b:34:8e:01:1e: be:e0:f3:2b:36:3b:cb:88:0e:1c:63:5c:06:5e:44: 38:bf:74:de:d0:09:1e:b7:f4:37:4d:8e:78:48:17: 32:70:32:c9:ad:81:7f:8e:05:72:c7:32:cc:40:ec: 51:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:8D:3C:E5:FC:75:EF:08:25:36:8B:F4:DF:66:D7:96:4D:74:45:38 X509v3 Authority Key Identifier: keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ZI085fx17wglNov032bXlk10RTg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 88.209.199.0/24 Signature Algorithm: sha256WithRSAEncryption 8c:6e:00:4e:fb:f1:d6:ce:b7:1b:eb:5d:1f:09:8b:fa:59:96: 5d:1b:58:19:41:5b:0a:db:7e:35:a9:fd:a8:cd:4c:a8:f9:a4: 9d:e5:09:91:87:38:be:e7:83:97:a1:a3:3a:65:b2:20:fd:61: 2f:02:a0:53:b0:5b:e3:2f:ed:aa:2b:e1:10:26:6a:3e:1c:36: 73:0a:dd:80:62:45:60:a5:f6:d9:50:81:92:70:e9:3e:28:d9: af:4b:8d:da:cf:fc:5f:e8:b3:b7:71:a1:9d:7d:3e:bf:29:f8: f7:56:0a:4b:6c:11:81:98:05:aa:70:9a:f2:40:fa:2a:d0:b3: 9a:fe:7c:13:7e:6d:17:40:f6:2a:e9:b4:cf:9c:cf:8c:ce:f6: 37:50:56:d7:7e:d3:b6:d8:5f:e9:13:13:7a:fb:44:0c:12:f7: 77:71:ed:cb:ad:24:56:8b:c1:7d:8d:06:5b:f5:29:df:76:c8: 40:95:8c:99:a4:7e:03:6a:26:73:6a:70:b7:58:b0:4f:b1:46: f3:22:3a:ce:40:b8:a5:ce:f1:33:92:15:b2:3d:77:f4:b5:31: 48:c3:fe:31:bc:d1:bf:27:8c:fe:c4:21:80:62:72:e2:f8:c8: 26:93:8b:b0:08:27:73:a8:ea:99:f4:d8:cc:7b:05:64:b8:72: 87:d8:10:5c -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/hN5WT80+hAH3+lRk1BkkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx MWRhMTAwHhcNMjYwMTAyMTYyMjUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NDhkM2NlNWZjNzVlZjA4MjUzNjhiZjRkZjY2ZDc5NjRkNzQ0NTM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQUT0jX+6pSBDPrtZc0AfwGEAR28 IuaMUYaE6M4NecUZGF8repUYBZ56mJi8swe3AyJhJMjSzlxQTe0EzeE6MrpBrhoC s6favcrc9B9YDtx9DVJmmOk2uWQMU3x+5fBI5M044umuZcZ+VcTn+2AcuTALElOO IzO7Hfl4iRUS/ourcGPj7PNIzhfK+otg381HQ8uRoQ30ZlFj4TUwNgfMLZ+OWk6l 9TrlZ5B1GGojWMxt0ZGTrg+G1dLcN+NzfgE3QKfMTZYVEV3ImN3sKzSOAR6+4PMr NjvLiA4cY1wGXkQ4v3Te0Aket/Q3TY54SBcycDLJrYF/jgVyxzLMQOxR3wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFGSNPOX8de8IJTaL9N9m15ZNdEU4MB8GA1UdIwQY MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt N2U0ZDZmNmY2ZTY2LzEvWkkwODVmeDE3d2dsTm92MDMyYlhsazEwUlRnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2 LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNHHMA0G CSqGSIb3DQEBCwUAA4IBAQCMbgBO+/HWzrcb610fCYv6WZZdG1gZQVsK2341qf2o zUyo+aSd5QmRhzi+54OXoaM6ZbIg/WEvAqBTsFvjL+2qK+EQJmo+HDZzCt2AYkVg pfbZUIGScOk+KNmvS43az/xf6LO3caGdfT6/Kfj3VgpLbBGBmAWqcJryQPoq0LOa /nwTfm0XQPYq6bTPnM+MzvY3UFbXftO22F/pExN6+0QMEvd3ce3LrSRWi8F9jQZb 9SnfdshAlYyZpH4DaiZzanC3WLBPsUbzIjrOQLilzvEzkhWyPXf0tTFIw/4xvNG/ J4z+xCGAYnLi+Mgmk4uwCCdzqOqZ9NjMewVkuHKH2BBc -----END CERTIFICATE-----Generated at Thu Jan 8 09:23:45 2026 by rpki-client