This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/6f36c2-d05c-4425-a9e4-5e37e7f3f15d/1/0ZH3kxew36RRFzQg_mo4-7q2H4U.roa File: 0ZH3kxew36RRFzQg_mo4-7q2H4U.roa (raw, json) Hash identifier: k3MKGbvdmLnbLs9zehodMhvSl8HPr3KY+BJ978CUfo8= Subject key identifier: D1:91:F7:93:17:B0:DF:A4:51:17:34:20:FE:6A:38:FB:BA:B6:1F:85 Certificate issuer: /CN=3c568c59d7a83199c3a79ea0e8375b946ed884e2 Certificate serial: 019B7834D6403BA841881932878977157CDA Authority key identifier: 3C:56:8C:59:D7:A8:31:99:C3:A7:9E:A0:E8:37:5B:94:6E:D8:84:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PFaMWdeoMZnDp56g6DdblG7YhOI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/6f36c2-d05c-4425-a9e4-5e37e7f3f15d/1/0ZH3kxew36RRFzQg_mo4-7q2H4U.roa Signing time: Thu 01 Jan 2026 06:18:07 +0000 ROA not before: Thu 01 Jan 2026 06:18:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 58324 IP address blocks: 5.100.144.0/21 maxlen: 21 185.150.172.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/6f36c2-d05c-4425-a9e4-5e37e7f3f15d/1/PFaMWdeoMZnDp56g6DdblG7YhOI.crl rsync://rpki.ripe.net/repository/DEFAULT/f2/6f36c2-d05c-4425-a9e4-5e37e7f3f15d/1/PFaMWdeoMZnDp56g6DdblG7YhOI.mft rsync://rpki.ripe.net/repository/DEFAULT/PFaMWdeoMZnDp56g6DdblG7YhOI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:d6:40:3b:a8:41:88:19:32:87:89:77:15:7c:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3c568c59d7a83199c3a79ea0e8375b946ed884e2 Validity Not Before: Jan 1 06:18:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d191f79317b0dfa451173420fe6a38fbbab61f85 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:1f:e7:bf:9a:da:69:5d:96:b7:1a:1f:f2:7e: df:37:e6:aa:3d:f4:ee:a3:c3:d5:ec:e4:8a:3f:60: 8f:ad:ed:ab:65:72:f7:a3:78:aa:bc:c4:6e:94:bd: 12:61:26:6a:69:3b:fa:76:fd:a3:ca:71:db:f1:71: df:2b:82:96:9f:a3:2c:e7:8c:0f:9a:be:26:15:36: 97:25:85:76:df:20:59:79:c5:da:51:f1:a8:b1:81: 8b:8d:d2:11:a8:88:e9:cc:e1:4f:cb:cf:e0:b1:f2: e3:aa:10:a2:e4:76:e0:80:e9:f1:84:de:90:f3:fd: 52:23:7f:bc:59:d6:db:99:68:12:ab:db:4b:bd:1e: 52:28:45:74:8f:e4:71:07:65:76:ae:4c:52:8f:42: d3:85:5f:09:fc:65:46:2e:85:65:b4:56:07:63:92: 6f:1d:22:ca:5c:b6:b0:58:21:65:b0:2a:82:7e:91: 02:5c:3c:60:ba:77:7f:9d:6e:8a:4d:55:2e:54:bd: 86:28:75:df:07:29:cf:55:29:2f:c9:ab:7e:38:54: e0:bc:28:4d:c0:1b:3a:00:9b:1a:2b:00:76:de:dd: 50:41:20:42:ab:b1:9f:93:2b:78:ac:f3:03:e6:72: 80:4b:1a:94:b7:e7:e7:e1:b3:ee:f6:33:2a:d0:6b: 7a:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:91:F7:93:17:B0:DF:A4:51:17:34:20:FE:6A:38:FB:BA:B6:1F:85 X509v3 Authority Key Identifier: keyid:3C:56:8C:59:D7:A8:31:99:C3:A7:9E:A0:E8:37:5B:94:6E:D8:84:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PFaMWdeoMZnDp56g6DdblG7YhOI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/6f36c2-d05c-4425-a9e4-5e37e7f3f15d/1/0ZH3kxew36RRFzQg_mo4-7q2H4U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/6f36c2-d05c-4425-a9e4-5e37e7f3f15d/1/PFaMWdeoMZnDp56g6DdblG7YhOI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.100.144.0/21 185.150.172.0/22 Signature Algorithm: sha256WithRSAEncryption 34:42:96:8a:03:9b:2b:35:df:dd:90:07:31:61:8a:a4:61:81: f1:e9:bd:d1:c2:e6:ad:15:43:df:21:b2:65:f2:df:21:00:2f: 30:4f:b7:1a:6d:1c:85:bb:82:98:5d:8d:3a:8d:b3:99:90:41: e2:5f:35:e0:a7:9a:ce:39:9b:a4:c2:48:b5:45:e5:81:6d:ee: f6:89:92:20:35:a0:66:70:86:7f:a2:d3:b7:dc:70:3d:8c:d2: 48:c9:0f:78:1d:f3:00:b1:59:84:19:05:4c:21:7b:24:3e:41: f8:af:45:03:63:82:2c:f3:92:c4:cc:65:99:06:c8:af:f2:ce: 48:bc:d5:38:b8:62:cd:30:af:93:40:a3:87:ea:b1:dc:09:5d: b3:c8:45:9f:3e:0a:f2:c2:48:fe:33:c4:97:c5:72:7d:db:6a: 41:cd:34:7d:2e:83:68:ec:39:74:4b:15:75:7a:c5:21:7d:e0: 34:65:7d:c4:db:dc:ba:0d:19:36:6a:2e:ec:0f:a9:68:d8:e7: 67:62:d4:ce:fb:a6:92:23:5d:fc:68:76:f7:51:85:a8:c1:4e: 53:45:b8:02:79:6b:1f:7b:71:0a:0e:30:ff:dd:0f:49:eb:db: 41:1b:23:5f:23:5e:3e:4b:0c:2e:73:26:84:f7:a5:34:75:0b: d9:e7:8c:32 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt4NNZAO6hBiBkyh4l3FXzaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjNTY4YzU5ZDdhODMxOTljM2E3OWVhMGU4Mzc1Yjk0NmVk ODg0ZTIwHhcNMjYwMTAxMDYxODA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMTkxZjc5MzE3YjBkZmE0NTExNzM0MjBmZTZhMzhmYmJhYjYxZjg1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyR/nv5raaV2Wtxof8n7fN+aqPfTu o8PV7OSKP2CPre2rZXL3o3iqvMRulL0SYSZqaTv6dv2jynHb8XHfK4KWn6Ms54wP mr4mFTaXJYV23yBZecXaUfGosYGLjdIRqIjpzOFPy8/gsfLjqhCi5HbggOnxhN6Q 8/1SI3+8WdbbmWgSq9tLvR5SKEV0j+RxB2V2rkxSj0LThV8J/GVGLoVltFYHY5Jv HSLKXLawWCFlsCqCfpECXDxgund/nW6KTVUuVL2GKHXfBynPVSkvyat+OFTgvChN wBs6AJsaKwB23t1QQSBCq7Gfkyt4rPMD5nKASxqUt+fn4bPu9jMq0Gt6ewIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFNGR95MXsN+kURc0IP5qOPu6th+FMB8GA1UdIwQY MBaAFDxWjFnXqDGZw6eeoOg3W5Ru2ITiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUEZhTVdkZW9NWm5EcDU2ZzZEZGJsRzdZaE9JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82ZjM2YzItZDA1Yy00NDI1LWE5ZTQt NWUzN2U3ZjNmMTVkLzEvMFpIM2t4ZXczNlJSRnpRZ19tbzQtN3EySDRVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMi82ZjM2YzItZDA1Yy00NDI1LWE5ZTQtNWUzN2U3ZjNmMTVk LzEvUEZhTVdkZW9NWm5EcDU2ZzZEZGJsRzdZaE9JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDBWSQAwQC uZasMA0GCSqGSIb3DQEBCwUAA4IBAQA0QpaKA5srNd/dkAcxYYqkYYHx6b3Rwuat FUPfIbJl8t8hAC8wT7cabRyFu4KYXY06jbOZkEHiXzXgp5rOOZukwki1ReWBbe72 iZIgNaBmcIZ/otO33HA9jNJIyQ94HfMAsVmEGQVMIXskPkH4r0UDY4Is85LEzGWZ Bsiv8s5IvNU4uGLNMK+TQKOH6rHcCV2zyEWfPgrywkj+M8SXxXJ922pBzTR9LoNo 7Dl0SxV1esUhfeA0ZX3E29y6DRk2ai7sD6lo2OdnYtTO+6aSI138aHb3UYWowU5T RbgCeWsfe3EKDjD/3Q9J69tBGyNfI14+SwwucyaE96U0dQvZ54wy -----END CERTIFICATE-----Generated at Mon Feb 9 23:46:47 2026 by rpki-client