This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/zgnhZA2Ms9zFROsM4W_krWdJUrU.roa File: zgnhZA2Ms9zFROsM4W_krWdJUrU.roa (raw, json) Hash identifier: ThJPP+0mzyZhXlrvZaDTuUtA3VUBiiIjG2csyaedK3Y= Subject key identifier: CE:09:E1:64:0D:8C:B3:DC:C5:44:EB:0C:E1:6F:E4:AD:67:49:52:B5 Certificate issuer: /CN=6f98d1f99e3833ef401d46348eec8b752088c55d Certificate serial: 019B7CED49EB1F8CA8DD23C851A6E3338C93 Authority key identifier: 6F:98:D1:F9:9E:38:33:EF:40:1D:46:34:8E:EC:8B:75:20:88:C5:5D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b5jR-Z44M-9AHUY0juyLdSCIxV0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/zgnhZA2Ms9zFROsM4W_krWdJUrU.roa Signing time: Fri 02 Jan 2026 04:18:04 +0000 ROA not before: Fri 02 Jan 2026 04:18:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 56600 IP address blocks: 176.126.128.0/21 maxlen: 21 176.126.128.0/24 maxlen: 24 176.126.129.0/24 maxlen: 24 176.126.130.0/24 maxlen: 24 176.126.131.0/24 maxlen: 24 176.126.132.0/24 maxlen: 24 176.126.133.0/24 maxlen: 24 176.126.134.0/24 maxlen: 24 176.126.135.0/24 maxlen: 24 176.126.136.0/21 maxlen: 24 176.126.136.0/24 maxlen: 24 176.126.137.0/24 maxlen: 24 176.126.138.0/24 maxlen: 24 176.126.139.0/24 maxlen: 24 176.126.141.0/24 maxlen: 24 176.126.142.0/24 maxlen: 24 176.126.143.0/24 maxlen: 24 176.126.144.0/21 maxlen: 24 176.126.145.0/24 maxlen: 24 176.126.146.0/24 maxlen: 24 176.126.147.0/24 maxlen: 24 176.126.148.0/24 maxlen: 24 176.126.149.0/24 maxlen: 24 176.126.152.0/22 maxlen: 22 176.126.156.0/23 maxlen: 23 176.126.156.0/24 maxlen: 24 176.126.157.0/24 maxlen: 24 192.162.152.0/22 maxlen: 22 192.162.152.0/24 maxlen: 24 192.162.153.0/24 maxlen: 24 192.162.154.0/24 maxlen: 24 192.162.155.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/b5jR-Z44M-9AHUY0juyLdSCIxV0.crl rsync://rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/b5jR-Z44M-9AHUY0juyLdSCIxV0.mft rsync://rpki.ripe.net/repository/DEFAULT/b5jR-Z44M-9AHUY0juyLdSCIxV0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:49:eb:1f:8c:a8:dd:23:c8:51:a6:e3:33:8c:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6f98d1f99e3833ef401d46348eec8b752088c55d Validity Not Before: Jan 2 04:18:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ce09e1640d8cb3dcc544eb0ce16fe4ad674952b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:f4:8f:1a:2c:f7:ae:12:ca:58:b9:2c:1b:ee: 6c:c2:51:21:4a:5f:52:4a:0f:a4:fc:5a:82:ff:aa: 11:8a:54:04:81:fa:08:0e:96:04:57:2e:b2:8a:00: 0f:35:d1:c0:d5:ee:3e:bd:c6:c8:9c:7b:16:ff:b2: a2:7a:f4:0b:1c:2d:c3:25:28:eb:5b:49:18:e9:19: 2f:6b:fb:20:e1:94:b5:7f:04:af:6d:bb:0d:95:93: cf:d4:b8:73:c0:06:c5:41:35:6b:9f:c0:cf:dc:1d: 63:9e:02:c0:32:e7:ed:12:73:be:36:05:2d:33:10: 9d:f6:2a:8b:b9:f4:67:83:c7:68:01:e9:ff:c3:98: 91:ac:06:2e:a7:d5:f8:8e:43:37:fe:ea:01:0e:30: 24:73:c7:98:90:7b:f4:cc:9f:43:73:31:28:d3:d7: 87:2f:7c:d2:ca:00:a8:39:ad:61:27:65:92:79:05: 9b:83:b9:e1:02:7a:bc:06:5b:ee:e0:48:fa:2f:f3: 90:10:7f:c0:69:b2:80:2a:52:a3:12:5d:3a:8e:b0: 21:fd:cb:56:44:0e:7c:26:de:db:0f:64:32:18:4e: 1a:8f:01:d4:3b:c8:49:ff:a4:4a:9a:b4:18:d7:55: 5c:c2:d0:9e:e3:45:f4:c8:f6:35:46:5c:ce:a6:95: 51:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:09:E1:64:0D:8C:B3:DC:C5:44:EB:0C:E1:6F:E4:AD:67:49:52:B5 X509v3 Authority Key Identifier: keyid:6F:98:D1:F9:9E:38:33:EF:40:1D:46:34:8E:EC:8B:75:20:88:C5:5D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5jR-Z44M-9AHUY0juyLdSCIxV0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/zgnhZA2Ms9zFROsM4W_krWdJUrU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/b5jR-Z44M-9AHUY0juyLdSCIxV0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.126.128.0-176.126.157.255 192.162.152.0/22 Signature Algorithm: sha256WithRSAEncryption 78:6d:ee:82:13:90:77:6f:a7:77:bf:5a:15:f7:dc:5c:57:1a: 39:c7:d3:72:0e:25:ac:83:20:83:85:fa:d9:6d:27:0a:7c:93: 5b:8b:c3:c4:43:4c:bf:33:48:49:00:29:63:25:ed:84:cd:c8: be:19:25:ec:a3:01:ce:a5:ad:fd:7a:ba:7b:8c:a4:c7:d8:1a: ae:00:26:b5:2a:72:56:6d:c4:75:36:0e:b8:69:27:b1:93:01: ea:9a:7a:c8:7e:ff:0d:6d:19:10:59:4a:27:7d:5f:53:e2:11: fb:de:64:a2:82:7e:65:27:b8:f8:9c:8a:fc:94:80:67:c6:9e: de:ab:d9:32:ed:11:25:25:31:3e:f8:c0:58:18:09:a4:0e:a7: dc:1c:a3:b0:d6:6c:3a:dc:90:c2:f4:e9:86:8f:3d:52:b5:12: 85:b5:56:8a:9b:24:1f:a9:b9:f8:77:ec:e0:40:01:df:fc:0e: ac:2c:32:e1:d8:de:4a:e3:12:0b:0e:31:64:17:da:44:da:fd: 90:d0:04:ac:dc:ed:f6:26:4c:89:60:87:df:c6:79:4c:67:9e: b4:47:bd:05:ce:d5:c7:0a:e7:5c:79:4a:c1:e5:9b:cf:27:6e: d2:d8:d4:26:45:52:8c:bf:72:2e:65:b8:d2:a1:ff:36:3b:2d: fb:aa:63:de -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt87UnrH4yo3SPIUabjM4yTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZmOThkMWY5OWUzODMzZWY0MDFkNDYzNDhlZWM4Yjc1MjA4 OGM1NWQwHhcNMjYwMTAyMDQxODA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZTA5ZTE2NDBkOGNiM2RjYzU0NGViMGNlMTZmZTRhZDY3NDk1MmI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufSPGiz3rhLKWLksG+5swlEhSl9S Sg+k/FqC/6oRilQEgfoIDpYEVy6yigAPNdHA1e4+vcbInHsW/7KievQLHC3DJSjr W0kY6Rkva/sg4ZS1fwSvbbsNlZPP1LhzwAbFQTVrn8DP3B1jngLAMuftEnO+NgUt MxCd9iqLufRng8doAen/w5iRrAYup9X4jkM3/uoBDjAkc8eYkHv0zJ9DczEo09eH L3zSygCoOa1hJ2WSeQWbg7nhAnq8Blvu4Ej6L/OQEH/AabKAKlKjEl06jrAh/ctW RA58Jt7bD2QyGE4ajwHUO8hJ/6RKmrQY11VcwtCe40X0yPY1RlzOppVRvwIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFM4J4WQNjLPcxUTrDOFv5K1nSVK1MB8GA1UdIwQY MBaAFG+Y0fmeODPvQB1GNI7si3UgiMVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYjVqUi1aNDRNLTlBSFVZMGp1eUxkU0NJeFYwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8zYzA4ZjEtOTZlMC00YzU0LWE0NjYt MDdkNGIxMTVjYzgyLzEvemduaFpBMk1zOXpGUk9zTTRXX2tyV2RKVXJVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZS8zYzA4ZjEtOTZlMC00YzU0LWE0NjYtMDdkNGIxMTVjYzgy LzEvYjVqUi1aNDRNLTlBSFVZMGp1eUxkU0NJeFYwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAewfoAD BAGwfpwDBALAopgwDQYJKoZIhvcNAQELBQADggEBAHht7oITkHdvp3e/WhX33FxX GjnH03IOJayDIIOF+tltJwp8k1uLw8RDTL8zSEkAKWMl7YTNyL4ZJeyjAc6lrf16 unuMpMfYGq4AJrUqclZtxHU2DrhpJ7GTAeqaesh+/w1tGRBZSid9X1PiEfveZKKC fmUnuPicivyUgGfGnt6r2TLtESUlMT74wFgYCaQOp9wco7DWbDrckML06YaPPVK1 EoW1VoqbJB+pufh37OBAAd/8DqwsMuHY3krjEgsOMWQX2kTa/ZDQBKzc7fYmTIlg h9/GeUxnnrRHvQXO1ccK51x5SsHlm88nbtLY1CZFUoy/ci5luNKh/zY7LfuqY94= -----END CERTIFICATE-----Generated at Tue Feb 10 00:01:44 2026 by rpki-client