This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/3fbff6-73ee-4812-8e4b-81dabc81c05c/1/1ZD-5sWPvLvF_F5r7aK4sjXeBa8.roa File: 1ZD-5sWPvLvF_F5r7aK4sjXeBa8.roa (raw, json) Hash identifier: 9g3E8L94O35utFKdVj/OF7X+jv2TAGMuo7bfCk2FBWk= Subject key identifier: D5:90:FE:E6:C5:8F:BC:BB:C5:FC:5E:6B:ED:A2:B8:B2:35:DE:05:AF Certificate issuer: /CN=b1814a28a8c1ebe0adc33a1519b9883e3084bb59 Certificate serial: 019B76EB9A7A693F99127F79227C7C0180C4 Authority key identifier: B1:81:4A:28:A8:C1:EB:E0:AD:C3:3A:15:19:B9:88:3E:30:84:BB:59 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sYFKKKjB6-CtwzoVGbmIPjCEu1k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/3fbff6-73ee-4812-8e4b-81dabc81c05c/1/1ZD-5sWPvLvF_F5r7aK4sjXeBa8.roa Signing time: Thu 01 Jan 2026 00:18:30 +0000 ROA not before: Thu 01 Jan 2026 00:18:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 45.152.134.0/24 maxlen: 24 45.152.135.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/3fbff6-73ee-4812-8e4b-81dabc81c05c/1/sYFKKKjB6-CtwzoVGbmIPjCEu1k.crl rsync://rpki.ripe.net/repository/DEFAULT/e4/3fbff6-73ee-4812-8e4b-81dabc81c05c/1/sYFKKKjB6-CtwzoVGbmIPjCEu1k.mft rsync://rpki.ripe.net/repository/DEFAULT/sYFKKKjB6-CtwzoVGbmIPjCEu1k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:9a:7a:69:3f:99:12:7f:79:22:7c:7c:01:80:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b1814a28a8c1ebe0adc33a1519b9883e3084bb59 Validity Not Before: Jan 1 00:18:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d590fee6c58fbcbbc5fc5e6beda2b8b235de05af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:2c:9f:89:1d:0c:b1:2b:8b:16:75:9e:30:c2: 0d:f7:8c:6c:c1:ce:70:60:6d:54:36:e3:31:f7:2e: 75:ee:99:49:ab:20:2d:07:0c:ab:08:de:cb:4c:04: 67:32:92:0d:72:30:fe:15:8d:a8:b3:34:42:71:0f: 1b:29:00:c2:61:1a:ee:5c:65:84:bb:44:04:6e:5b: 4a:e1:90:7d:b2:c0:34:e4:45:7b:99:4f:96:f4:ca: 2b:7b:a6:56:1d:a3:32:8c:ef:51:30:38:07:19:e9: d2:38:58:c0:80:aa:d9:b8:38:e9:af:54:2e:d8:3c: 13:66:94:5e:ba:cc:e2:6b:1f:b8:53:55:ef:c3:81: 77:69:e7:81:17:e9:d9:70:b6:64:a2:bd:af:91:84: 25:9b:96:d7:7f:7b:d4:a5:75:7d:eb:9c:17:7b:63: 7e:4e:b7:35:4a:26:78:a2:db:75:a5:68:25:c8:e6: ae:a4:58:97:52:97:d0:46:40:85:be:a2:49:35:4d: f1:98:c9:ee:c0:27:18:c6:6a:41:14:56:ef:b5:49: 60:7f:c0:e2:56:14:9f:9e:76:8d:e1:5a:c7:8e:0a: cf:1e:1f:29:24:a6:b0:cd:95:3a:c4:5f:53:64:68: ca:7d:da:d8:21:e9:bc:0b:bc:ac:e7:4f:3d:78:b7: fc:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:90:FE:E6:C5:8F:BC:BB:C5:FC:5E:6B:ED:A2:B8:B2:35:DE:05:AF X509v3 Authority Key Identifier: keyid:B1:81:4A:28:A8:C1:EB:E0:AD:C3:3A:15:19:B9:88:3E:30:84:BB:59 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sYFKKKjB6-CtwzoVGbmIPjCEu1k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/3fbff6-73ee-4812-8e4b-81dabc81c05c/1/1ZD-5sWPvLvF_F5r7aK4sjXeBa8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/3fbff6-73ee-4812-8e4b-81dabc81c05c/1/sYFKKKjB6-CtwzoVGbmIPjCEu1k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.152.134.0/23 Signature Algorithm: sha256WithRSAEncryption 4c:93:61:58:04:bd:47:d8:aa:43:73:fd:52:b0:7c:d6:d9:65: eb:da:e5:c6:ea:08:94:8b:f3:9d:30:65:17:56:c9:5d:63:05: 71:43:2a:00:3f:01:9e:83:ac:d2:fb:53:47:6d:98:f6:9f:25: c9:1a:cc:4a:f6:03:54:5d:e9:3b:4f:8f:e7:5a:5a:e1:b2:94: b7:4b:26:14:79:8c:db:b0:55:6c:8d:79:76:c1:cd:fd:a2:3c: 29:e5:f4:97:c9:51:d7:b7:7d:35:ab:0d:bf:d0:8f:32:19:76: 4d:bd:d4:72:b0:c6:dd:a4:fb:98:fb:b8:91:1b:bf:ca:57:8e: 22:bd:e8:1b:c9:12:72:9d:19:4d:ba:c4:35:77:a0:fe:08:86: 20:42:fd:27:06:36:89:db:03:b8:f5:83:6e:2a:b4:b4:4b:9f: 4e:8c:a0:0f:83:5c:32:30:11:57:11:ab:d3:79:49:f5:64:39: 98:a3:de:ec:74:8c:6e:01:d8:a6:dc:79:a2:85:cc:8e:94:95: c5:10:29:96:23:c6:de:e9:76:14:df:43:00:7c:ae:ff:a5:2c: bf:ab:f0:4e:e0:1f:d3:70:97:e5:39:50:aa:59:59:88:f3:8a: 4c:a1:63:06:88:ed:49:fe:da:77:d2:19:76:e5:91:ca:e1:29: d5:8d:ed:4d -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt265p6aT+ZEn95Inx8AYDEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxODE0YTI4YThjMWViZTBhZGMzM2ExNTE5Yjk4ODNlMzA4 NGJiNTkwHhcNMjYwMTAxMDAxODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNTkwZmVlNmM1OGZiY2JiYzVmYzVlNmJlZGEyYjhiMjM1ZGUwNWFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CyfiR0MsSuLFnWeMMIN94xswc5w YG1UNuMx9y517plJqyAtBwyrCN7LTARnMpINcjD+FY2oszRCcQ8bKQDCYRruXGWE u0QEbltK4ZB9ssA05EV7mU+W9More6ZWHaMyjO9RMDgHGenSOFjAgKrZuDjpr1Qu 2DwTZpReusziax+4U1Xvw4F3aeeBF+nZcLZkor2vkYQlm5bXf3vUpXV965wXe2N+ Trc1SiZ4ott1pWglyOaupFiXUpfQRkCFvqJJNU3xmMnuwCcYxmpBFFbvtUlgf8Di VhSfnnaN4VrHjgrPHh8pJKawzZU6xF9TZGjKfdrYIem8C7ys5089eLf82QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFNWQ/ubFj7y7xfxea+2iuLI13gWvMB8GA1UdIwQY MBaAFLGBSiiowevgrcM6FRm5iD4whLtZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc1lGS0tLakI2LUN0d3pvVkdibUlQakNFdTFrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8zZmJmZjYtNzNlZS00ODEyLThlNGIt ODFkYWJjODFjMDVjLzEvMVpELTVzV1B2THZGX0Y1cjdhSzRzalhlQmE4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNC8zZmJmZjYtNzNlZS00ODEyLThlNGItODFkYWJjODFjMDVj LzEvc1lGS0tLakI2LUN0d3pvVkdibUlQakNFdTFrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZiGMA0G CSqGSIb3DQEBCwUAA4IBAQBMk2FYBL1H2KpDc/1SsHzW2WXr2uXG6giUi/OdMGUX VsldYwVxQyoAPwGeg6zS+1NHbZj2nyXJGsxK9gNUXek7T4/nWlrhspS3SyYUeYzb sFVsjXl2wc39ojwp5fSXyVHXt301qw2/0I8yGXZNvdRysMbdpPuY+7iRG7/KV44i vegbyRJynRlNusQ1d6D+CIYgQv0nBjaJ2wO49YNuKrS0S59OjKAPg1wyMBFXEavT eUn1ZDmYo97sdIxuAdim3HmihcyOlJXFECmWI8be6XYU30MAfK7/pSy/q/BO4B/T cJflOVCqWVmI84pMoWMGiO1J/tp30hl25ZHK4SnVje1N -----END CERTIFICATE-----Generated at Fri Jan 2 09:29:45 2026 by rpki-client