This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/a2c9ac-f3ca-4adc-9586-d9e1137f02b5/1/zw3c904rq4xChP-j73nfIGIlebY.roa File: zw3c904rq4xChP-j73nfIGIlebY.roa (raw, json) Hash identifier: KMDvgbQdyiONiqKh0BKewAjFO3rlCRJWvQUeCqo5FZc= Subject key identifier: CF:0D:DC:F7:4E:2B:AB:8C:42:84:FF:A3:EF:79:DF:20:62:25:79:B6 Certificate issuer: /CN=df3b76d3c0c60d663506a252671c528e3439ff75 Certificate serial: 019B7AC7C7FE4C8FC837D65A8C2B4669367E Authority key identifier: DF:3B:76:D3:C0:C6:0D:66:35:06:A2:52:67:1C:52:8E:34:39:FF:75 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3zt208DGDWY1BqJSZxxSjjQ5_3U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/a2c9ac-f3ca-4adc-9586-d9e1137f02b5/1/zw3c904rq4xChP-j73nfIGIlebY.roa Signing time: Thu 01 Jan 2026 18:17:51 +0000 ROA not before: Thu 01 Jan 2026 18:17:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198288 IP address blocks: 185.208.252.0/22 maxlen: 22 2a0b:5dc0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/a2c9ac-f3ca-4adc-9586-d9e1137f02b5/1/3zt208DGDWY1BqJSZxxSjjQ5_3U.crl rsync://rpki.ripe.net/repository/DEFAULT/f4/a2c9ac-f3ca-4adc-9586-d9e1137f02b5/1/3zt208DGDWY1BqJSZxxSjjQ5_3U.mft rsync://rpki.ripe.net/repository/DEFAULT/3zt208DGDWY1BqJSZxxSjjQ5_3U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:c7:fe:4c:8f:c8:37:d6:5a:8c:2b:46:69:36:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df3b76d3c0c60d663506a252671c528e3439ff75 Validity Not Before: Jan 1 18:17:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cf0ddcf74e2bab8c4284ffa3ef79df20622579b6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:4b:7a:60:3d:f7:cb:0d:ee:1c:6d:08:c4:d3: f2:9d:93:dc:9d:7c:e5:d9:01:42:89:d1:dd:01:14: 96:d4:a2:29:71:8a:8f:3c:e6:c5:51:e1:9b:fb:e6: 0e:e1:c4:46:c2:fb:b1:98:3e:69:2e:f7:46:45:b5: cb:44:f6:3c:ba:30:f0:20:e8:03:76:a6:26:53:04: 51:fe:87:f4:52:4c:84:80:a3:c9:f7:e7:b0:01:61: c4:ab:1f:a0:37:16:d1:1c:75:52:99:68:fe:0c:9e: f8:76:b6:b1:ae:f9:66:94:0e:a7:49:38:79:48:ac: af:bf:dd:b8:25:4b:b2:17:52:a5:f0:26:7d:6c:42: 70:71:9a:87:89:0e:5b:0e:eb:ce:98:e4:d0:02:6e: 9b:03:db:29:6b:3c:c6:29:9d:75:ce:61:80:c9:ca: 32:10:3b:77:e3:9d:2a:fc:d6:3f:ca:9e:41:47:e4: 64:3b:46:bc:2e:32:89:8a:cb:c2:f6:fb:37:df:4c: 04:f2:c1:7c:8b:03:b7:5c:90:ef:10:0f:5b:2a:ae: 23:33:74:b9:cb:2a:97:58:1d:29:66:b6:1c:88:e7: 32:77:7a:1d:d5:49:88:59:02:f5:70:2b:e4:e3:8a: 3b:ef:a6:34:3b:90:5e:87:54:14:1f:a6:5d:84:a3: 54:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:0D:DC:F7:4E:2B:AB:8C:42:84:FF:A3:EF:79:DF:20:62:25:79:B6 X509v3 Authority Key Identifier: keyid:DF:3B:76:D3:C0:C6:0D:66:35:06:A2:52:67:1C:52:8E:34:39:FF:75 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3zt208DGDWY1BqJSZxxSjjQ5_3U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/a2c9ac-f3ca-4adc-9586-d9e1137f02b5/1/zw3c904rq4xChP-j73nfIGIlebY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/a2c9ac-f3ca-4adc-9586-d9e1137f02b5/1/3zt208DGDWY1BqJSZxxSjjQ5_3U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.208.252.0/22 IPv6: 2a0b:5dc0::/29 Signature Algorithm: sha256WithRSAEncryption 11:35:03:5d:c5:6c:fa:a5:42:59:bd:fe:20:06:02:fe:62:d1: 76:c1:30:30:b5:f0:b9:42:f9:e0:01:64:de:99:2b:ab:59:c5: cc:4c:60:1b:58:69:02:28:fe:06:85:f9:eb:ae:00:59:66:13: b6:0d:69:b0:71:10:e8:bd:07:f3:81:80:5f:c0:b8:73:4d:41: 5c:cc:6e:b2:e2:4d:57:d1:8c:0c:ba:89:01:81:3a:d2:32:4e: 53:ca:2f:5e:de:ff:31:62:47:c9:5f:d6:85:12:09:a0:2e:fd: 05:93:56:d8:82:0d:27:ee:72:f5:fa:46:4c:aa:11:83:67:2e: 0a:41:4c:0d:48:0f:ea:6f:87:80:f8:fd:2c:7f:f7:e2:ed:6b: d0:bf:35:a6:fb:7c:23:8a:40:f4:62:b6:31:00:9a:51:1b:53: d1:0b:ef:fb:62:81:48:db:99:fb:22:39:97:c6:0f:88:cb:5b: fb:76:08:46:29:e1:0d:a2:03:5a:4b:7d:57:b0:a7:cc:56:fe: 55:70:43:52:5f:83:ef:a2:6c:46:08:14:28:0e:99:28:fd:6f: 50:ca:d5:40:f3:e6:52:09:ec:a6:81:00:d9:0c:ce:08:e2:a0: 45:1d:f3:3c:f5:5a:4a:3a:d6:6e:4a:12:82:2b:cb:f1:73:60: dc:83:d5:5d -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt6x8f+TI/IN9ZajCtGaTZ+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRmM2I3NmQzYzBjNjBkNjYzNTA2YTI1MjY3MWM1MjhlMzQz OWZmNzUwHhcNMjYwMTAxMTgxNzUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZjBkZGNmNzRlMmJhYjhjNDI4NGZmYTNlZjc5ZGYyMDYyMjU3OWI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0t6YD33yw3uHG0IxNPynZPcnXzl 2QFCidHdARSW1KIpcYqPPObFUeGb++YO4cRGwvuxmD5pLvdGRbXLRPY8ujDwIOgD dqYmUwRR/of0UkyEgKPJ9+ewAWHEqx+gNxbRHHVSmWj+DJ74draxrvlmlA6nSTh5 SKyvv924JUuyF1Kl8CZ9bEJwcZqHiQ5bDuvOmOTQAm6bA9spazzGKZ11zmGAycoy EDt3450q/NY/yp5BR+RkO0a8LjKJisvC9vs330wE8sF8iwO3XJDvEA9bKq4jM3S5 yyqXWB0pZrYciOcyd3od1UmIWQL1cCvk44o776Y0O5Beh1QUH6ZdhKNUUQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFM8N3PdOK6uMQoT/o+953yBiJXm2MB8GA1UdIwQY MBaAFN87dtPAxg1mNQaiUmccUo40Of91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM3p0MjA4REdEV1kxQnFKU1p4eFNqalE1XzNVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9hMmM5YWMtZjNjYS00YWRjLTk1ODYt ZDllMTEzN2YwMmI1LzEvenczYzkwNHJxNHhDaFAtajczbmZJR0lsZWJZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNC9hMmM5YWMtZjNjYS00YWRjLTk1ODYtZDllMTEzN2YwMmI1 LzEvM3p0MjA4REdEV1kxQnFKU1p4eFNqalE1XzNVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudD8MA0E AgACMAcDBQMqC13AMA0GCSqGSIb3DQEBCwUAA4IBAQARNQNdxWz6pUJZvf4gBgL+ YtF2wTAwtfC5QvngAWTemSurWcXMTGAbWGkCKP4GhfnrrgBZZhO2DWmwcRDovQfz gYBfwLhzTUFczG6y4k1X0YwMuokBgTrSMk5Tyi9e3v8xYkfJX9aFEgmgLv0Fk1bY gg0n7nL1+kZMqhGDZy4KQUwNSA/qb4eA+P0sf/fi7WvQvzWm+3wjikD0YrYxAJpR G1PRC+/7YoFI25n7IjmXxg+Iy1v7dghGKeENogNaS31XsKfMVv5VcENSX4PvomxG CBQoDpko/W9QytVA8+ZSCeymgQDZDM4I4qBFHfM89VpKOtZuShKCK8vxc2Dcg9Vd -----END CERTIFICATE-----Generated at Mon Feb 9 20:10:16 2026 by rpki-client