This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/4a395c-5185-42ee-948b-8fc2b71d030f/1/zh3jJi7VlgsCf1B8mSSIRkmxTfM.roa File: zh3jJi7VlgsCf1B8mSSIRkmxTfM.roa (raw, json) Hash identifier: UL+DW0mVWjoP5JojLcH0dVPVuqkEZ0cepJzgkv7Gs7A= Subject key identifier: CE:1D:E3:26:2E:D5:96:0B:02:7F:50:7C:99:24:88:46:49:B1:4D:F3 Certificate issuer: /CN=32ed014577ac73ff87ef20ca6f75795e4c937fce Certificate serial: 019B7B35F3C1B3EED18667E04A1642D7206C Authority key identifier: 32:ED:01:45:77:AC:73:FF:87:EF:20:CA:6F:75:79:5E:4C:93:7F:CE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mu0BRXesc_-H7yDKb3V5XkyTf84.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/4a395c-5185-42ee-948b-8fc2b71d030f/1/zh3jJi7VlgsCf1B8mSSIRkmxTfM.roa Signing time: Thu 01 Jan 2026 20:18:11 +0000 ROA not before: Thu 01 Jan 2026 20:18:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206551 IP address blocks: 45.90.64.0/22 maxlen: 22 2a0c:ab80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/4a395c-5185-42ee-948b-8fc2b71d030f/1/Mu0BRXesc_-H7yDKb3V5XkyTf84.crl rsync://rpki.ripe.net/repository/DEFAULT/e7/4a395c-5185-42ee-948b-8fc2b71d030f/1/Mu0BRXesc_-H7yDKb3V5XkyTf84.mft rsync://rpki.ripe.net/repository/DEFAULT/Mu0BRXesc_-H7yDKb3V5XkyTf84.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:f3:c1:b3:ee:d1:86:67:e0:4a:16:42:d7:20:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=32ed014577ac73ff87ef20ca6f75795e4c937fce Validity Not Before: Jan 1 20:18:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ce1de3262ed5960b027f507c9924884649b14df3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:04:0a:94:fd:a0:4e:11:6e:ab:b9:15:64:0c: 4e:4f:0b:e8:7f:4f:ca:5d:ac:35:44:81:bc:b5:ab: e1:4c:6f:3d:69:af:2f:40:37:69:83:87:11:63:29: c9:46:f6:ca:57:33:24:15:e9:33:84:5c:8c:67:e5: 27:9f:bb:9f:46:6b:d1:aa:12:b7:30:ca:9a:56:48: 1b:ed:13:0f:56:8a:fe:43:cc:05:6c:aa:b9:50:56: a7:55:07:ea:62:c5:5a:bf:11:35:1f:b9:0a:e7:c1: 53:13:d8:ea:45:de:51:f0:d8:15:5e:99:fb:be:85: e7:18:f6:b9:2a:88:29:e9:08:20:30:99:3f:af:37: 1e:15:2f:68:ac:52:f4:d6:13:0e:23:57:94:03:2b: 55:27:3d:57:31:1d:7c:fa:4b:b6:d9:53:b9:84:49: ce:a9:4e:5d:3f:c1:5a:1f:c6:88:c5:da:b1:3b:08: 0d:2b:b9:33:17:0b:61:df:61:6e:d0:d5:c9:69:58: 1d:31:24:56:99:0f:82:c4:14:2a:62:fa:ab:13:47: a7:1f:dc:dc:74:9f:83:01:ff:02:3f:f9:7f:e7:04: 56:46:83:6b:ef:38:5b:c4:36:7f:13:a0:6b:2a:51: 09:77:dc:9f:0a:ef:f0:2f:b1:d7:91:09:2e:7b:4f: 26:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:1D:E3:26:2E:D5:96:0B:02:7F:50:7C:99:24:88:46:49:B1:4D:F3 X509v3 Authority Key Identifier: keyid:32:ED:01:45:77:AC:73:FF:87:EF:20:CA:6F:75:79:5E:4C:93:7F:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mu0BRXesc_-H7yDKb3V5XkyTf84.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4a395c-5185-42ee-948b-8fc2b71d030f/1/zh3jJi7VlgsCf1B8mSSIRkmxTfM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4a395c-5185-42ee-948b-8fc2b71d030f/1/Mu0BRXesc_-H7yDKb3V5XkyTf84.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.90.64.0/22 IPv6: 2a0c:ab80::/32 Signature Algorithm: sha256WithRSAEncryption 60:ba:ba:65:01:b9:43:af:7b:29:82:78:47:d2:1a:1f:48:1a: 30:83:7c:ff:2f:b1:73:80:ac:d1:00:79:0a:a5:2d:84:3e:81: fa:15:65:93:a5:78:3d:00:10:57:ac:9e:a7:f5:4c:86:9b:96: b6:24:3b:85:d6:ea:7a:75:84:eb:7d:fe:6f:4b:fe:a5:73:52: 1f:7b:79:d8:90:11:8f:92:30:95:e8:3a:83:90:c3:5d:3c:99: 56:bb:a6:30:36:20:6a:7a:78:54:3e:6b:1c:1b:96:11:70:8c: 50:b0:0d:85:d3:d4:39:7b:fa:8b:29:d0:2c:66:1a:3d:97:25: 78:5f:68:90:98:7c:20:ab:e2:10:51:e0:74:b4:ec:4a:df:f8: 6e:3c:dd:ce:a4:7e:06:0e:1b:c1:0e:4b:9d:9e:04:6f:3d:c1: 14:79:af:bc:4f:6e:5a:99:7f:b0:18:c1:39:e2:7b:76:c7:38: 9f:bc:63:66:59:50:67:61:a5:5e:fb:f9:85:99:98:8c:c0:47: 5a:ff:c1:4a:a6:91:8f:35:05:29:e1:4d:0e:63:e0:06:17:3d: bf:43:09:64:3e:00:c5:17:06:d9:f1:f0:5d:7a:dd:8b:7b:3e: 83:a5:6a:f1:9f:61:d0:69:fd:fc:33:87:d3:6e:e8:0e:1a:b6: d3:51:0d:b0 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt7NfPBs+7RhmfgShZC1yBsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMyZWQwMTQ1NzdhYzczZmY4N2VmMjBjYTZmNzU3OTVlNGM5 MzdmY2UwHhcNMjYwMTAxMjAxODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZTFkZTMyNjJlZDU5NjBiMDI3ZjUwN2M5OTI0ODg0NjQ5YjE0ZGYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQQKlP2gThFuq7kVZAxOTwvof0/K Xaw1RIG8tavhTG89aa8vQDdpg4cRYynJRvbKVzMkFekzhFyMZ+Unn7ufRmvRqhK3 MMqaVkgb7RMPVor+Q8wFbKq5UFanVQfqYsVavxE1H7kK58FTE9jqRd5R8NgVXpn7 voXnGPa5Kogp6QggMJk/rzceFS9orFL01hMOI1eUAytVJz1XMR18+ku22VO5hEnO qU5dP8FaH8aIxdqxOwgNK7kzFwth32Fu0NXJaVgdMSRWmQ+CxBQqYvqrE0enH9zc dJ+DAf8CP/l/5wRWRoNr7zhbxDZ/E6BrKlEJd9yfCu/wL7HXkQkue08muwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFM4d4yYu1ZYLAn9QfJkkiEZJsU3zMB8GA1UdIwQY MBaAFDLtAUV3rHP/h+8gym91eV5Mk3/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTXUwQlJYZXNjXy1IN3lES2IzVjVYa3lUZjg0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy80YTM5NWMtNTE4NS00MmVlLTk0OGIt OGZjMmI3MWQwMzBmLzEvemgzakppN1ZsZ3NDZjFCOG1TU0lSa214VGZNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNy80YTM5NWMtNTE4NS00MmVlLTk0OGItOGZjMmI3MWQwMzBm LzEvTXUwQlJYZXNjXy1IN3lES2IzVjVYa3lUZjg0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVpAMA0E AgACMAcDBQAqDKuAMA0GCSqGSIb3DQEBCwUAA4IBAQBgurplAblDr3spgnhH0hof SBowg3z/L7FzgKzRAHkKpS2EPoH6FWWTpXg9ABBXrJ6n9UyGm5a2JDuF1up6dYTr ff5vS/6lc1Ife3nYkBGPkjCV6DqDkMNdPJlWu6YwNiBqenhUPmscG5YRcIxQsA2F 09Q5e/qLKdAsZho9lyV4X2iQmHwgq+IQUeB0tOxK3/huPN3OpH4GDhvBDkudngRv PcEUea+8T25amX+wGME54nt2xzifvGNmWVBnYaVe+/mFmZiMwEda/8FKppGPNQUp 4U0OY+AGFz2/QwlkPgDFFwbZ8fBdet2Lez6DpWrxn2HQaf38M4fTbugOGrbTUQ2w -----END CERTIFICATE-----Generated at Mon Feb 9 22:35:45 2026 by rpki-client