This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/ZQHzJnKmGMmYQF_x6i-pgoB3otk.roa File: ZQHzJnKmGMmYQF_x6i-pgoB3otk.roa (raw, json) Hash identifier: y+ugl+hZqb559F4FeCaZ0WayeCgZERvzHW8L8s5FBBo= Subject key identifier: 65:01:F3:26:72:A6:18:C9:98:40:5F:F1:EA:2F:A9:82:80:77:A2:D9 Certificate issuer: /CN=881bd1402924ec2a644e8f54e6994cb4ac8e24a6 Certificate serial: 019B7F8528E5FB236C9009BA02595551DDAF Authority key identifier: 88:1B:D1:40:29:24:EC:2A:64:4E:8F:54:E6:99:4C:B4:AC:8E:24:A6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/ZQHzJnKmGMmYQF_x6i-pgoB3otk.roa Signing time: Fri 02 Jan 2026 16:23:11 +0000 ROA not before: Fri 02 Jan 2026 16:23:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15557 IP address blocks: 143.196.0.0/24 maxlen: 24 143.196.1.0/24 maxlen: 24 143.196.16.0/24 maxlen: 24 143.196.17.0/24 maxlen: 24 143.196.18.0/24 maxlen: 24 143.196.20.0/24 maxlen: 24 143.196.21.0/24 maxlen: 24 143.196.124.0/24 maxlen: 24 143.196.125.0/24 maxlen: 24 143.196.126.0/24 maxlen: 24 143.196.127.0/24 maxlen: 24 143.196.130.0/24 maxlen: 24 143.196.143.0/24 maxlen: 24 143.196.144.0/24 maxlen: 24 143.196.157.0/24 maxlen: 24 143.196.158.0/24 maxlen: 24 143.196.159.0/24 maxlen: 24 143.196.160.0/24 maxlen: 24 143.196.161.0/24 maxlen: 24 143.196.162.0/24 maxlen: 24 143.196.163.0/24 maxlen: 24 143.196.164.0/24 maxlen: 24 143.196.165.0/24 maxlen: 24 143.196.166.0/24 maxlen: 24 143.196.167.0/24 maxlen: 24 143.196.250.0/24 maxlen: 24 143.196.252.0/24 maxlen: 24 143.196.253.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/iBvRQCkk7CpkTo9U5plMtKyOJKY.crl rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/iBvRQCkk7CpkTo9U5plMtKyOJKY.mft rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:28:e5:fb:23:6c:90:09:ba:02:59:55:51:dd:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=881bd1402924ec2a644e8f54e6994cb4ac8e24a6 Validity Not Before: Jan 2 16:23:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6501f32672a618c998405ff1ea2fa9828077a2d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:f8:75:9c:b7:a3:c9:d3:01:8c:a2:88:04:66: 5b:9e:ae:79:36:10:d2:00:7a:d0:0a:c3:01:98:77: b1:5c:93:e5:01:17:25:72:17:c7:44:15:5a:90:fb: 4d:88:3f:3b:f9:e7:57:2e:c8:54:2f:31:eb:ca:cc: 3e:ce:79:e8:31:64:1b:0a:63:90:de:7e:15:53:32: e4:c4:ed:6d:95:89:8d:4c:43:18:5a:9d:46:65:73: 57:43:44:80:8c:47:61:f6:c5:44:b9:e8:9b:dc:e0: b9:ab:92:89:af:05:6c:71:b9:9e:f3:ac:d3:9f:08: 4c:c6:0d:85:43:7a:d3:a2:be:af:54:6e:fc:0a:53: 81:13:da:97:e7:fb:ba:84:ec:8b:f5:78:3a:27:51: 05:8e:f1:4d:06:03:57:6e:20:71:8b:af:ca:95:b5: 2f:d8:52:b5:81:3d:18:57:00:44:b1:6b:a0:96:c5: fd:a9:0f:0d:ff:2a:ad:2b:76:dc:4a:99:a8:82:9b: 86:07:c0:09:6d:c1:bc:0f:27:31:33:d6:2f:35:ad: 87:fb:c7:a1:8e:5a:d4:60:b5:34:54:9d:69:71:5e: ca:8b:e2:32:eb:9c:8b:82:d9:b5:20:cf:b5:f8:d1: 94:0d:20:25:44:40:55:3d:7f:f6:34:d8:ff:ee:a7: 2f:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:01:F3:26:72:A6:18:C9:98:40:5F:F1:EA:2F:A9:82:80:77:A2:D9 X509v3 Authority Key Identifier: keyid:88:1B:D1:40:29:24:EC:2A:64:4E:8F:54:E6:99:4C:B4:AC:8E:24:A6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/ZQHzJnKmGMmYQF_x6i-pgoB3otk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/iBvRQCkk7CpkTo9U5plMtKyOJKY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.196.0.0/23 143.196.16.0-143.196.18.255 143.196.20.0/23 143.196.124.0/22 143.196.130.0/24 143.196.143.0-143.196.144.255 143.196.157.0-143.196.167.255 143.196.250.0/24 143.196.252.0/23 Signature Algorithm: sha256WithRSAEncryption 55:e7:3c:43:90:04:ce:e1:02:45:e0:c8:67:9f:ce:eb:74:50: 28:97:b6:47:ac:50:6f:64:e2:55:e8:aa:7a:13:8d:27:43:1e: 62:4a:be:b1:25:e8:7a:8c:5f:e3:52:0f:5c:9c:87:0b:bd:ff: 18:72:57:8b:cf:75:c8:61:50:54:2c:ae:85:67:99:5b:fb:a9: 5c:2f:75:56:25:fa:ca:81:8c:62:66:c5:19:ed:4c:14:6f:42: 6c:6e:e1:fd:e8:c3:c9:0e:24:54:7d:5a:5f:23:bc:2f:9f:d4: 20:81:91:45:ee:b6:e7:49:56:b2:31:e9:ce:00:a2:6e:2c:d1: da:90:93:3e:55:96:d0:03:53:4c:09:f3:de:8c:10:a8:97:91: 78:83:d4:9e:36:79:37:bd:a1:d3:c5:b9:48:b3:47:79:52:e9: 96:be:55:bf:db:2d:61:c8:c0:92:85:73:b3:ea:ac:04:1b:ff: 75:be:7a:9a:da:bd:82:ff:f8:19:62:96:a1:d6:0f:ce:6e:89: 64:6d:4c:77:16:4f:41:fe:70:f5:50:14:f2:c7:43:e0:99:c1: 74:98:25:2d:f1:0c:7a:5c:10:cc:0c:a3:c7:63:41:9a:21:ad: 78:71:78:59:ee:41:f4:23:86:0d:9e:54:e1:a2:5c:7e:a9:cc: ea:e4:59:87 -----BEGIN CERTIFICATE----- MIIFRTCCBC2gAwIBAgISAZt/hSjl+yNskAm6AllVUd2vMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4MWJkMTQwMjkyNGVjMmE2NDRlOGY1NGU2OTk0Y2I0YWM4 ZTI0YTYwHhcNMjYwMTAyMTYyMzExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NTAxZjMyNjcyYTYxOGM5OTg0MDVmZjFlYTJmYTk4MjgwNzdhMmQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/h1nLejydMBjKKIBGZbnq55NhDS AHrQCsMBmHexXJPlARclchfHRBVakPtNiD87+edXLshULzHrysw+znnoMWQbCmOQ 3n4VUzLkxO1tlYmNTEMYWp1GZXNXQ0SAjEdh9sVEueib3OC5q5KJrwVscbme86zT nwhMxg2FQ3rTor6vVG78ClOBE9qX5/u6hOyL9Xg6J1EFjvFNBgNXbiBxi6/KlbUv 2FK1gT0YVwBEsWuglsX9qQ8N/yqtK3bcSpmogpuGB8AJbcG8DycxM9YvNa2H+8eh jlrUYLU0VJ1pcV7Ki+Iy65yLgtm1IM+1+NGUDSAlREBVPX/2NNj/7qcvKwIDAQAB o4ICUTCCAk0wHQYDVR0OBBYEFGUB8yZyphjJmEBf8eovqYKAd6LZMB8GA1UdIwQY MBaAFIgb0UApJOwqZE6PVOaZTLSsjiSmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUJ2UlFDa2s3Q3BrVG85VTVwbE10S3lPSktZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9kY2QzYjctN2NjMC00YzQ5LWJhYjMt N2EwYjE0NWNmNjJiLzEvWlFIekpuS21HTW1ZUUZfeDZpLXBnb0Izb3RrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYy9kY2QzYjctN2NjMC00YzQ5LWJhYjMtN2EwYjE0NWNmNjJi LzEvaUJ2UlFDa2s3Q3BrVG85VTVwbE10S3lPSktZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQBj8QAMAwD BASPxBADBACPxBIDBAGPxBQDBAKPxHwDBACPxIIwDAMEAI/EjwMEAI/EkDAMAwQA j8SdAwQDj8SgAwQAj8T6AwQBj8T8MA0GCSqGSIb3DQEBCwUAA4IBAQBV5zxDkATO 4QJF4Mhnn87rdFAol7ZHrFBvZOJV6Kp6E40nQx5iSr6xJeh6jF/jUg9cnIcLvf8Y cleLz3XIYVBULK6FZ5lb+6lcL3VWJfrKgYxiZsUZ7UwUb0JsbuH96MPJDiRUfVpf I7wvn9QggZFF7rbnSVayMenOAKJuLNHakJM+VZbQA1NMCfPejBCol5F4g9SeNnk3 vaHTxblIs0d5UumWvlW/2y1hyMCShXOz6qwEG/91vnqa2r2C//gZYpah1g/Obolk bUx3Fk9B/nD1UBTyx0PgmcF0mCUt8Qx6XBDMDKPHY0GaIa14cXhZ7kH0I4YNnlTh olx+qczq5FmH -----END CERTIFICATE-----Generated at Wed Jan 21 06:07:46 2026 by rpki-client