This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/0ZgQJqVgdfnRZDVgpPvaD-Dzv6E.roa File: 0ZgQJqVgdfnRZDVgpPvaD-Dzv6E.roa (raw, json) Hash identifier: r5fe+/Due4NZC1alMzrb0UAbeRWncZoeXVNrq7sfX6I= Subject key identifier: D1:98:10:26:A5:60:75:F9:D1:64:35:60:A4:FB:DA:0F:E0:F3:BF:A1 Certificate issuer: /CN=571cb51cba68eb7ef9867a75d17ab28018196aa1 Certificate serial: 019B7F15DB080A365F82EC1C0C19DD8CD780 Authority key identifier: 57:1C:B5:1C:BA:68:EB:7E:F9:86:7A:75:D1:7A:B2:80:18:19:6A:A1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vxy1HLpo6375hnp10XqygBgZaqE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/0ZgQJqVgdfnRZDVgpPvaD-Dzv6E.roa Signing time: Fri 02 Jan 2026 14:21:37 +0000 ROA not before: Fri 02 Jan 2026 14:21:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 7922 IP address blocks: 185.188.192.0/22 maxlen: 22 195.211.116.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/Vxy1HLpo6375hnp10XqygBgZaqE.crl rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/Vxy1HLpo6375hnp10XqygBgZaqE.mft rsync://rpki.ripe.net/repository/DEFAULT/Vxy1HLpo6375hnp10XqygBgZaqE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 03:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:db:08:0a:36:5f:82:ec:1c:0c:19:dd:8c:d7:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=571cb51cba68eb7ef9867a75d17ab28018196aa1 Validity Not Before: Jan 2 14:21:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d1981026a56075f9d1643560a4fbda0fe0f3bfa1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:e3:59:d2:59:cd:77:3b:f7:4f:e1:1f:8d:79: 20:2c:e3:3e:77:e6:ee:89:5e:3f:cf:93:4c:57:53: 37:1d:d6:0e:33:46:ef:1b:17:e9:66:2a:32:e9:00: a2:77:a2:ce:f7:f8:1a:56:74:6d:89:24:a3:1c:74: 1b:28:c9:ee:50:10:34:10:0a:43:1e:b4:20:58:78: 98:61:cf:04:68:16:89:99:f8:ab:13:eb:c9:c4:9f: 60:f6:e9:ae:f5:0b:90:ec:a8:5b:8c:a0:25:0a:0c: 08:0e:7f:7f:65:75:ea:78:1a:0c:33:02:56:5c:24: 77:0a:f3:ec:41:f7:15:02:d9:7d:67:b4:29:16:d6: 89:0a:a5:11:14:bd:98:d9:53:bc:a4:2f:5b:6b:a0: 20:12:cb:b1:42:0f:00:37:98:2f:ce:b2:76:1a:80: 34:d0:b4:1a:ff:27:fe:10:7c:a4:18:19:04:35:71: b1:d8:2e:c7:95:0e:0a:ba:b6:a5:79:34:28:44:4d: b3:c5:c3:0a:3c:6e:37:00:0a:d5:1f:44:6f:37:be: 1e:6b:95:fc:60:68:03:fb:92:70:b3:c1:44:4d:89: 06:e3:13:31:c3:5a:19:a0:8d:17:bd:53:e9:bb:ad: 11:28:80:37:d6:69:a1:c9:59:26:10:b9:ae:93:f8: 75:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:98:10:26:A5:60:75:F9:D1:64:35:60:A4:FB:DA:0F:E0:F3:BF:A1 X509v3 Authority Key Identifier: keyid:57:1C:B5:1C:BA:68:EB:7E:F9:86:7A:75:D1:7A:B2:80:18:19:6A:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vxy1HLpo6375hnp10XqygBgZaqE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/0ZgQJqVgdfnRZDVgpPvaD-Dzv6E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/Vxy1HLpo6375hnp10XqygBgZaqE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.188.192.0/22 195.211.116.0/22 Signature Algorithm: sha256WithRSAEncryption 9e:7b:4e:35:bc:47:ca:98:ef:21:53:61:54:41:b1:0b:74:f6: 49:54:5d:48:01:76:93:e6:a0:aa:90:ab:a5:b5:e5:4f:4e:9f: 3b:aa:48:5b:6d:4a:69:59:ad:0f:79:78:8e:54:3e:f3:64:23: 4e:bd:53:04:86:c2:97:a1:43:b4:63:f0:26:6c:ce:f8:37:e4: 85:de:06:be:70:5e:7d:0d:85:76:2b:37:2c:39:72:10:52:70: f8:3d:5b:44:b2:96:f9:42:ba:2b:82:a8:b1:dd:81:6f:0a:3c: 67:67:4e:08:72:a6:2e:e2:ab:03:6c:91:22:bd:39:12:8e:76: c2:1b:0e:71:cd:60:06:ae:44:93:7f:86:56:03:15:40:08:47: 61:29:e7:00:5f:e9:04:62:92:7d:14:f2:83:ba:4c:42:f7:4c: 3a:8a:eb:db:c4:66:bb:43:9f:b7:13:45:8c:49:cf:6c:ee:ab: 7e:94:04:37:2a:9a:f4:86:66:8d:7d:5f:9b:fa:42:ce:c8:67: 43:bf:21:27:f2:55:81:b8:cf:a7:43:de:48:2b:bd:e5:6e:89: 2e:2a:3e:f5:90:40:88:3c:f8:19:4b:d6:cc:7e:8a:40:7c:f6: a1:e6:f7:07:2f:a3:44:74:3b:e8:c9:9a:ac:23:fb:5d:f4:07: 64:46:ce:d8 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/FdsICjZfguwcDBndjNeAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU3MWNiNTFjYmE2OGViN2VmOTg2N2E3NWQxN2FiMjgwMTgx OTZhYTEwHhcNMjYwMTAyMTQyMTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMTk4MTAyNmE1NjA3NWY5ZDE2NDM1NjBhNGZiZGEwZmUwZjNiZmExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuNZ0lnNdzv3T+EfjXkgLOM+d+bu iV4/z5NMV1M3HdYOM0bvGxfpZioy6QCid6LO9/gaVnRtiSSjHHQbKMnuUBA0EApD HrQgWHiYYc8EaBaJmfirE+vJxJ9g9umu9QuQ7KhbjKAlCgwIDn9/ZXXqeBoMMwJW XCR3CvPsQfcVAtl9Z7QpFtaJCqURFL2Y2VO8pC9ba6AgEsuxQg8AN5gvzrJ2GoA0 0LQa/yf+EHykGBkENXGx2C7HlQ4KuraleTQoRE2zxcMKPG43AArVH0RvN74ea5X8 YGgD+5Jws8FETYkG4xMxw1oZoI0XvVPpu60RKIA31mmhyVkmELmuk/h1GwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFNGYECalYHX50WQ1YKT72g/g87+hMB8GA1UdIwQY MBaAFFcctRy6aOt++YZ6ddF6soAYGWqhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVnh5MUhMcG82Mzc1aG5wMTBYcXlnQmdaYXFFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9iOGQyYTgtNTNhOS00MmMwLWI3Yzkt ZGQ4NjI3NzRhMDkyLzEvMFpnUUpxVmdkZm5SWkRWZ3BQdmFELUR6djZFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi9iOGQyYTgtNTNhOS00MmMwLWI3YzktZGQ4NjI3NzRhMDky LzEvVnh5MUhMcG82Mzc1aG5wMTBYcXlnQmdaYXFFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCubzAAwQC w9N0MA0GCSqGSIb3DQEBCwUAA4IBAQCee041vEfKmO8hU2FUQbELdPZJVF1IAXaT 5qCqkKulteVPTp87qkhbbUppWa0PeXiOVD7zZCNOvVMEhsKXoUO0Y/AmbM74N+SF 3ga+cF59DYV2KzcsOXIQUnD4PVtEspb5Qrorgqix3YFvCjxnZ04IcqYu4qsDbJEi vTkSjnbCGw5xzWAGrkSTf4ZWAxVACEdhKecAX+kEYpJ9FPKDukxC90w6iuvbxGa7 Q5+3E0WMSc9s7qt+lAQ3Kpr0hmaNfV+b+kLOyGdDvyEn8lWBuM+nQ95IK73lboku Kj71kECIPPgZS9bMfopAfPah5vcHL6NEdDvoyZqsI/td9AdkRs7Y -----END CERTIFICATE-----Generated at Fri Jan 9 12:06:13 2026 by rpki-client