This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/ZpWVrlMb2NpY8HHQlSRsYYYBuS4.roa File: ZpWVrlMb2NpY8HHQlSRsYYYBuS4.roa (raw, json) Hash identifier: pkrt/UmdtM08Ahi5VFPpOcMkqFc/0tZBQtexbUjXoVw= Subject key identifier: 66:95:95:AE:53:1B:D8:DA:58:F0:71:D0:95:24:6C:61:86:01:B9:2E Certificate issuer: /CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7 Certificate serial: 019B7EA7358212066FCA6FCB5EAC83102AB9 Authority key identifier: 2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/ZpWVrlMb2NpY8HHQlSRsYYYBuS4.roa Signing time: Fri 02 Jan 2026 12:20:45 +0000 ROA not before: Fri 02 Jan 2026 12:20:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210976 IP address blocks: 31.130.128.0/22 maxlen: 24 77.233.212.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/LHHJYAXhOoSj8x7x2ZF3f0tuMac.crl rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/LHHJYAXhOoSj8x7x2ZF3f0tuMac.mft rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 06:01:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:35:82:12:06:6f:ca:6f:cb:5e:ac:83:10:2a:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7 Validity Not Before: Jan 2 12:20:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=669595ae531bd8da58f071d095246c618601b92e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:3f:d3:c2:5a:3a:b9:ea:e9:8d:27:b0:f2:bb: 4f:32:47:3a:a6:40:93:8e:08:91:d9:11:1b:6a:05: 6c:ad:0f:ec:6c:98:47:b8:c0:f0:53:85:37:a2:e9: 11:1b:9f:ee:f7:a8:55:70:9e:06:49:53:c5:62:d7: e6:0a:53:dd:40:7b:81:38:ab:93:79:be:48:17:07: 15:d2:3b:75:25:a9:f4:ca:92:39:28:9f:87:c3:86: f4:6d:c5:1e:16:e4:4d:40:cd:b7:83:39:d4:07:f4: cf:b8:2f:4c:07:27:ad:eb:7e:19:51:ac:72:a0:51: 81:f1:6f:42:38:a6:66:ef:bd:2d:83:84:bd:d2:3e: 9d:d8:fd:a8:f4:54:a6:95:38:ef:62:8d:ca:ed:e2: b5:07:7b:19:cd:94:f2:f3:f2:40:22:90:a0:00:be: 57:ed:68:f8:13:26:ba:7d:53:eb:da:77:1c:41:bf: 98:80:e7:7c:85:95:f1:27:58:10:50:43:b0:3c:d0: 31:b6:b8:b6:f8:1f:06:dc:32:72:45:55:2a:fc:d9: 31:68:c5:a6:7e:23:e2:14:17:48:f9:51:97:34:b1: bc:28:ef:b5:ab:f6:1a:d2:6c:57:ff:6f:96:bb:82: 2d:b9:42:56:3e:56:9e:a0:c3:06:b3:a7:dc:46:c8: 5a:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:95:95:AE:53:1B:D8:DA:58:F0:71:D0:95:24:6C:61:86:01:B9:2E X509v3 Authority Key Identifier: keyid:2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/ZpWVrlMb2NpY8HHQlSRsYYYBuS4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/LHHJYAXhOoSj8x7x2ZF3f0tuMac.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.130.128.0/22 77.233.212.0/22 Signature Algorithm: sha256WithRSAEncryption 6d:f7:41:fe:2f:2a:56:5e:c5:c1:00:1e:56:61:4a:88:4f:66: dd:64:f2:98:bf:ae:4b:63:75:4a:1b:a0:cf:b4:31:7d:f1:a3: ae:df:34:12:ac:d5:bd:36:23:13:88:d6:fe:b7:da:be:7d:19: c2:b4:dc:46:f5:cb:1b:86:f1:35:d9:66:80:b5:3a:96:16:94: 22:5c:f7:d2:53:3d:d1:00:a7:b2:1f:36:50:35:c6:05:a8:85: e8:fd:02:e5:c7:c5:99:c8:ad:1c:ae:5e:6b:95:1b:7f:32:52: 1b:33:36:7e:92:5f:2d:39:ca:b1:09:78:c9:c6:8a:2e:d1:2c: d4:22:8f:a7:ea:eb:a4:ec:06:7c:b1:ad:17:4c:37:96:64:e4: eb:03:62:9e:5b:c2:67:31:9f:ea:bc:d6:94:e7:97:6c:28:a9: dd:bb:78:f1:4e:a9:58:c5:53:ca:2e:25:29:c3:f3:9f:53:61: 4c:33:36:85:d2:e9:da:d2:4f:3d:e9:0c:e3:5f:02:e4:7d:20: 79:a1:fe:34:50:5d:cc:64:78:ca:0e:00:1a:be:21:f2:cb:82: d8:31:af:4b:dd:07:39:7c:5e:c3:1f:2d:3b:02:f4:33:0a:87: 72:3d:bc:01:be:3d:54:08:60:e4:a1:2e:b5:39:6f:59:50:7b: a0:18:28:d0 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+pzWCEgZvym/LXqyDECq5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJjNzFjOTYwMDVlMTNhODRhM2YzMWVmMWQ5OTE3NzdmNGI2 ZTMxYTcwHhcNMjYwMTAyMTIyMDQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2Njk1OTVhZTUzMWJkOGRhNThmMDcxZDA5NTI0NmM2MTg2MDFiOTJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsz/Twlo6uerpjSew8rtPMkc6pkCT jgiR2REbagVsrQ/sbJhHuMDwU4U3oukRG5/u96hVcJ4GSVPFYtfmClPdQHuBOKuT eb5IFwcV0jt1Jan0ypI5KJ+Hw4b0bcUeFuRNQM23gznUB/TPuC9MByet634ZUaxy oFGB8W9COKZm770tg4S90j6d2P2o9FSmlTjvYo3K7eK1B3sZzZTy8/JAIpCgAL5X 7Wj4Eya6fVPr2nccQb+YgOd8hZXxJ1gQUEOwPNAxtri2+B8G3DJyRVUq/NkxaMWm fiPiFBdI+VGXNLG8KO+1q/Ya0mxX/2+Wu4ItuUJWPlaeoMMGs6fcRsha4QIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFGaVla5TG9jaWPBx0JUkbGGGAbkuMB8GA1UdIwQY MBaAFCxxyWAF4TqEo/Me8dmRd39LbjGnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTEhISllBWGhPb1NqOHg3eDJaRjNmMHR1TWFjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mYTM1NDQtMTAyNS00ZThmLWE4ZmUt N2EyOGFmMjljZGMyLzEvWnBXVnJsTWIyTnBZOEhIUWxTUnNZWVlCdVM0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZi9mYTM1NDQtMTAyNS00ZThmLWE4ZmUtN2EyOGFmMjljZGMy LzEvTEhISllBWGhPb1NqOHg3eDJaRjNmMHR1TWFjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCH4KAAwQC TenUMA0GCSqGSIb3DQEBCwUAA4IBAQBt90H+LypWXsXBAB5WYUqIT2bdZPKYv65L Y3VKG6DPtDF98aOu3zQSrNW9NiMTiNb+t9q+fRnCtNxG9csbhvE12WaAtTqWFpQi XPfSUz3RAKeyHzZQNcYFqIXo/QLlx8WZyK0crl5rlRt/MlIbMzZ+kl8tOcqxCXjJ xoou0SzUIo+n6uuk7AZ8sa0XTDeWZOTrA2KeW8JnMZ/qvNaU55dsKKndu3jxTqlY xVPKLiUpw/OfU2FMMzaF0una0k896QzjXwLkfSB5of40UF3MZHjKDgAaviHyy4LY Ma9L3Qc5fF7DHy07AvQzCodyPbwBvj1UCGDkoS61OW9ZUHugGCjQ -----END CERTIFICATE-----Generated at Wed Jan 21 11:13:32 2026 by rpki-client