This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/66fff3-bfa9-4732-b4b5-19769f578efd/1/ZoZb90LpJA9Ip-2MHkdgs69BJlw.roa File: ZoZb90LpJA9Ip-2MHkdgs69BJlw.roa (raw, json) Hash identifier: Vsdm6rW7baX27WeKyLbDvpzx2QoVqvnpUMNu9ywBMO4= Subject key identifier: 66:86:5B:F7:42:E9:24:0F:48:A7:ED:8C:1E:47:60:B3:AF:41:26:5C Certificate issuer: /CN=ffdbfbdb6e975ddca8f6dd968c37a7d5560e691d Certificate serial: 019B7FF24D7808BA1B713CF6DCCBA9D72B49 Authority key identifier: FF:DB:FB:DB:6E:97:5D:DC:A8:F6:DD:96:8C:37:A7:D5:56:0E:69:1D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_9v7226XXdyo9t2WjDen1VYOaR0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/66fff3-bfa9-4732-b4b5-19769f578efd/1/ZoZb90LpJA9Ip-2MHkdgs69BJlw.roa Signing time: Fri 02 Jan 2026 18:22:24 +0000 ROA not before: Fri 02 Jan 2026 18:22:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 133944 IP address blocks: 2a02:e9c5::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/66fff3-bfa9-4732-b4b5-19769f578efd/1/_9v7226XXdyo9t2WjDen1VYOaR0.crl rsync://rpki.ripe.net/repository/DEFAULT/df/66fff3-bfa9-4732-b4b5-19769f578efd/1/_9v7226XXdyo9t2WjDen1VYOaR0.mft rsync://rpki.ripe.net/repository/DEFAULT/_9v7226XXdyo9t2WjDen1VYOaR0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 21:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:4d:78:08:ba:1b:71:3c:f6:dc:cb:a9:d7:2b:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ffdbfbdb6e975ddca8f6dd968c37a7d5560e691d Validity Not Before: Jan 2 18:22:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=66865bf742e9240f48a7ed8c1e4760b3af41265c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:36:e2:68:29:44:09:0c:1b:37:a0:f8:5d:56: 7d:0f:d0:d9:f7:39:4e:8e:49:73:92:10:3b:59:eb: 78:79:52:9c:c1:4b:1a:68:e5:66:93:0b:0c:b7:2c: 78:82:7e:43:f0:10:6c:d4:c1:0b:1d:35:64:42:26: 1c:60:e0:dc:59:16:ed:63:67:ec:bb:d1:95:f5:da: e8:81:3e:d8:4e:30:9a:17:9e:3c:8d:e2:50:5a:92: 7c:81:86:0b:95:3c:24:79:02:9e:32:b8:0e:4c:12: bb:26:0d:9c:b6:8e:cf:30:ca:56:aa:ca:88:91:c2: 16:9d:f9:00:cd:14:28:35:86:ee:5b:a6:5c:23:7f: 31:19:e4:25:13:84:c2:98:04:1a:c7:f7:0a:e6:f8: 42:2a:d0:14:4d:4d:f1:e5:10:d3:3f:07:f3:1b:c9: 17:ef:42:7f:db:18:b3:de:73:f6:21:2f:29:87:67: 2c:94:7a:06:2c:b1:8c:6d:aa:c6:f8:ab:bb:c5:95: 8a:a3:70:26:bd:e1:d9:4c:22:b0:96:0e:43:e3:1e: cd:c2:f8:71:67:26:bc:99:7a:a9:91:d1:8d:b8:11: 3a:d7:04:19:7a:20:ed:14:e8:45:c4:7c:fd:78:eb: cc:cf:8e:48:a4:af:ea:b7:42:32:3b:30:59:cd:b6: 96:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:86:5B:F7:42:E9:24:0F:48:A7:ED:8C:1E:47:60:B3:AF:41:26:5C X509v3 Authority Key Identifier: keyid:FF:DB:FB:DB:6E:97:5D:DC:A8:F6:DD:96:8C:37:A7:D5:56:0E:69:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_9v7226XXdyo9t2WjDen1VYOaR0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/66fff3-bfa9-4732-b4b5-19769f578efd/1/ZoZb90LpJA9Ip-2MHkdgs69BJlw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/66fff3-bfa9-4732-b4b5-19769f578efd/1/_9v7226XXdyo9t2WjDen1VYOaR0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a02:e9c5::/32 Signature Algorithm: sha256WithRSAEncryption 10:5b:67:31:6e:39:76:10:b1:3d:90:08:72:fa:e7:5f:26:d6: 41:47:28:6f:cf:96:71:80:38:4f:bf:a1:b7:d3:9e:c2:21:db: 6e:7e:05:04:7b:19:d5:2d:e5:59:97:43:fb:25:53:c1:14:e0: a9:db:34:ca:4d:8c:6a:29:e3:52:79:f4:44:ee:21:bc:98:ef: 77:89:b5:7a:b8:f6:c7:04:83:cc:53:42:cc:19:0e:e3:5b:f9: e2:30:a9:52:2a:8e:35:7d:e8:3b:e8:27:30:f5:61:33:d6:6b: 91:9e:78:24:2c:fb:57:28:fa:21:7f:ae:d3:63:60:d1:16:4a: 3f:cc:a3:36:32:50:de:cb:c7:c6:b8:84:64:ea:e7:0a:1b:9a: 67:c1:1b:96:ad:cf:e3:30:a0:ca:2a:8c:e4:8f:68:10:ab:46: 59:76:4c:da:c0:82:0c:9b:24:b0:c5:30:7f:d4:08:bb:1f:72: 95:02:f9:da:92:1b:03:7c:55:b1:8a:29:6b:1a:2c:f7:64:56: a3:8e:65:d8:78:5a:a0:33:0f:6d:60:ea:fd:74:b8:28:de:ff: 0e:12:0d:22:5f:25:15:f8:3e:5a:bc:0a:ad:30:a7:19:17:83: 97:79:ec:a5:c8:05:70:62:bf:a5:f0:78:8a:f1:43:9e:23:de: cb:72:4a:f3 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt/8k14CLobcTz23Mup1ytJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZmZGJmYmRiNmU5NzVkZGNhOGY2ZGQ5NjhjMzdhN2Q1NTYw ZTY5MWQwHhcNMjYwMTAyMTgyMjI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2Njg2NWJmNzQyZTkyNDBmNDhhN2VkOGMxZTQ3NjBiM2FmNDEyNjVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTbiaClECQwbN6D4XVZ9D9DZ9zlO jklzkhA7Wet4eVKcwUsaaOVmkwsMtyx4gn5D8BBs1MELHTVkQiYcYODcWRbtY2fs u9GV9drogT7YTjCaF548jeJQWpJ8gYYLlTwkeQKeMrgOTBK7Jg2cto7PMMpWqsqI kcIWnfkAzRQoNYbuW6ZcI38xGeQlE4TCmAQax/cK5vhCKtAUTU3x5RDTPwfzG8kX 70J/2xiz3nP2IS8ph2cslHoGLLGMbarG+Ku7xZWKo3AmveHZTCKwlg5D4x7Nwvhx Zya8mXqpkdGNuBE61wQZeiDtFOhFxHz9eOvMz45IpK/qt0IyOzBZzbaWvQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFGaGW/dC6SQPSKftjB5HYLOvQSZcMB8GA1UdIwQY MBaAFP/b+9tul13cqPbdlow3p9VWDmkdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvXzl2NzIyNlhYZHlvOXQyV2pEZW4xVllPYVIwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi82NmZmZjMtYmZhOS00NzMyLWI0YjUt MTk3NjlmNTc4ZWZkLzEvWm9aYjkwTHBKQTlJcC0yTUhrZGdzNjlCSmx3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi82NmZmZjMtYmZhOS00NzMyLWI0YjUtMTk3NjlmNTc4ZWZk LzEvXzl2NzIyNlhYZHlvOXQyV2pEZW4xVllPYVIwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgLpxTAN BgkqhkiG9w0BAQsFAAOCAQEAEFtnMW45dhCxPZAIcvrnXybWQUcob8+WcYA4T7+h t9OewiHbbn4FBHsZ1S3lWZdD+yVTwRTgqds0yk2MainjUnn0RO4hvJjvd4m1erj2 xwSDzFNCzBkO41v54jCpUiqONX3oO+gnMPVhM9ZrkZ54JCz7Vyj6IX+u02Ng0RZK P8yjNjJQ3svHxriEZOrnChuaZ8Eblq3P4zCgyiqM5I9oEKtGWXZM2sCCDJsksMUw f9QIux9ylQL52pIbA3xVsYopaxos92RWo45l2HhaoDMPbWDq/XS4KN7/DhINIl8l Ffg+WrwKrTCnGReDl3nspcgFcGK/pfB4ivFDniPey3JK8w== -----END CERTIFICATE-----Generated at Sun Jan 25 03:15:58 2026 by rpki-client