This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/10303c-43d5-4033-808a-52c699d386cd/1/zr9U94ldVmEqABzp28N8U7oLDs8.roa File: zr9U94ldVmEqABzp28N8U7oLDs8.roa (raw, json) Hash identifier: uuO8FGDaDTUpNR5s2Koo87GcscBCUOkl1Mw1TeypQQM= Subject key identifier: CE:BF:54:F7:89:5D:56:61:2A:00:1C:E9:DB:C3:7C:53:BA:0B:0E:CF Certificate issuer: /CN=b3d14ce18a8f1d05a6a35390af4aec8ce6cc56ec Certificate serial: 019B7F851BD243C42B5ECC0EAC6DE3C50FFB Authority key identifier: B3:D1:4C:E1:8A:8F:1D:05:A6:A3:53:90:AF:4A:EC:8C:E6:CC:56:EC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9FM4YqPHQWmo1OQr0rsjObMVuw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/10303c-43d5-4033-808a-52c699d386cd/1/zr9U94ldVmEqABzp28N8U7oLDs8.roa Signing time: Fri 02 Jan 2026 16:23:08 +0000 ROA not before: Fri 02 Jan 2026 16:23:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41858 IP address blocks: 89.40.148.0/22 maxlen: 22 185.21.92.0/22 maxlen: 22 193.34.182.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/10303c-43d5-4033-808a-52c699d386cd/1/s9FM4YqPHQWmo1OQr0rsjObMVuw.crl rsync://rpki.ripe.net/repository/DEFAULT/fa/10303c-43d5-4033-808a-52c699d386cd/1/s9FM4YqPHQWmo1OQr0rsjObMVuw.mft rsync://rpki.ripe.net/repository/DEFAULT/s9FM4YqPHQWmo1OQr0rsjObMVuw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 07:01:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:1b:d2:43:c4:2b:5e:cc:0e:ac:6d:e3:c5:0f:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b3d14ce18a8f1d05a6a35390af4aec8ce6cc56ec Validity Not Before: Jan 2 16:23:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cebf54f7895d56612a001ce9dbc37c53ba0b0ecf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:e7:5a:7c:a3:97:f5:1d:b1:eb:a2:2f:39:05: 9f:80:2c:43:e4:f4:1f:3b:71:4a:15:79:29:15:54: 6a:f6:7d:c8:62:4c:20:d8:e5:23:f2:aa:0c:0b:1a: ad:d4:15:ef:e7:00:ad:5e:84:46:55:34:e6:98:de: 10:8e:3c:18:9a:60:ad:db:27:7d:f5:f6:2c:41:73: e9:d0:8e:97:75:50:2d:c9:85:06:52:f7:60:16:66: c9:5e:4a:49:56:fa:bc:36:65:5b:45:47:f7:12:66: da:e2:4a:87:9b:21:87:73:31:a2:38:7a:d1:c1:bb: c7:fd:dd:c2:50:2b:90:37:5a:67:4d:aa:41:98:c1: 26:63:41:2f:46:6d:49:73:57:a5:ac:1d:bc:0e:f8: 10:35:08:1c:94:11:73:bc:5b:e6:78:7e:05:6c:b5: d0:92:ed:7e:fe:46:f5:aa:9f:63:a1:3d:c6:ca:b9: 2d:bc:1d:85:19:a3:00:10:42:49:6c:bf:b7:51:c5: 6b:97:08:29:c7:2f:7b:9f:2d:8e:23:db:f0:d4:29: 1b:b3:3b:90:cd:ca:16:36:b9:17:5f:7e:b3:b5:27: 62:91:f9:45:79:13:09:88:a6:b2:80:ba:8e:c9:c0: 02:cb:af:c7:eb:c9:60:c0:9e:09:7b:85:93:0c:25: 76:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:BF:54:F7:89:5D:56:61:2A:00:1C:E9:DB:C3:7C:53:BA:0B:0E:CF X509v3 Authority Key Identifier: keyid:B3:D1:4C:E1:8A:8F:1D:05:A6:A3:53:90:AF:4A:EC:8C:E6:CC:56:EC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9FM4YqPHQWmo1OQr0rsjObMVuw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/10303c-43d5-4033-808a-52c699d386cd/1/zr9U94ldVmEqABzp28N8U7oLDs8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/10303c-43d5-4033-808a-52c699d386cd/1/s9FM4YqPHQWmo1OQr0rsjObMVuw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.40.148.0/22 185.21.92.0/22 193.34.182.0/23 Signature Algorithm: sha256WithRSAEncryption 19:fc:10:33:fa:2c:c0:e4:b1:3c:d8:0d:da:78:6e:34:53:71: cd:7c:df:69:43:0f:a0:e8:1f:57:f9:68:5b:74:8c:5f:51:50: c9:f3:ac:23:64:23:95:d0:21:b1:14:a2:c6:0c:60:91:e6:c1: 2f:47:98:df:75:d8:cd:fa:e4:dc:90:44:a6:96:52:30:87:33: b9:0f:de:96:db:b7:f4:c0:5f:42:d3:31:cd:91:64:08:ea:0a: 67:64:25:d8:ca:e3:3f:bd:14:a6:49:57:32:c6:15:9d:81:98: 1b:f0:00:1c:a7:1a:8f:7f:d2:e1:20:17:92:5f:78:e3:f3:e2: 7e:24:35:42:b8:c3:fa:8f:8e:9b:8d:51:90:32:cc:16:8f:8b: 35:b5:c9:7e:b5:f8:fd:2d:08:12:91:90:99:9b:ed:a3:b3:73: d4:f5:fe:7a:56:64:fa:5a:84:63:11:1f:ab:59:22:0b:1f:fd: af:41:92:78:4c:5c:a1:21:73:bc:e7:6f:59:a4:97:2c:1a:5a: 28:c3:d3:0b:72:be:7d:46:d9:5b:46:57:1a:b0:74:1a:58:84: 21:bf:55:06:33:c2:95:7b:9a:c5:6d:a1:4d:0d:19:e0:db:b9: e2:f7:d8:67:c7:80:12:bf:78:8d:ec:56:c5:85:2c:88:35:a9: 24:60:b9:70 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt/hRvSQ8QrXswOrG3jxQ/7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzZDE0Y2UxOGE4ZjFkMDVhNmEzNTM5MGFmNGFlYzhjZTZj YzU2ZWMwHhcNMjYwMTAyMTYyMzA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZWJmNTRmNzg5NWQ1NjYxMmEwMDFjZTlkYmMzN2M1M2JhMGIwZWNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOdafKOX9R2x66IvOQWfgCxD5PQf O3FKFXkpFVRq9n3IYkwg2OUj8qoMCxqt1BXv5wCtXoRGVTTmmN4QjjwYmmCt2yd9 9fYsQXPp0I6XdVAtyYUGUvdgFmbJXkpJVvq8NmVbRUf3Emba4kqHmyGHczGiOHrR wbvH/d3CUCuQN1pnTapBmMEmY0EvRm1Jc1elrB28DvgQNQgclBFzvFvmeH4FbLXQ ku1+/kb1qp9joT3GyrktvB2FGaMAEEJJbL+3UcVrlwgpxy97ny2OI9vw1CkbszuQ zcoWNrkXX36ztSdikflFeRMJiKaygLqOycACy6/H68lgwJ4Je4WTDCV2NQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFM6/VPeJXVZhKgAc6dvDfFO6Cw7PMB8GA1UdIwQY MBaAFLPRTOGKjx0FpqNTkK9K7IzmzFbsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczlGTTRZcVBIUVdtbzFPUXIwcnNqT2JNVnV3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS8xMDMwM2MtNDNkNS00MDMzLTgwOGEt NTJjNjk5ZDM4NmNkLzEvenI5VTk0bGRWbUVxQUJ6cDI4TjhVN29MRHM4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYS8xMDMwM2MtNDNkNS00MDMzLTgwOGEtNTJjNjk5ZDM4NmNk LzEvczlGTTRZcVBIUVdtbzFPUXIwcnNqT2JNVnV3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWSiUAwQC uRVcAwQBwSK2MA0GCSqGSIb3DQEBCwUAA4IBAQAZ/BAz+izA5LE82A3aeG40U3HN fN9pQw+g6B9X+WhbdIxfUVDJ86wjZCOV0CGxFKLGDGCR5sEvR5jfddjN+uTckESm llIwhzO5D96W27f0wF9C0zHNkWQI6gpnZCXYyuM/vRSmSVcyxhWdgZgb8AAcpxqP f9LhIBeSX3jj8+J+JDVCuMP6j46bjVGQMswWj4s1tcl+tfj9LQgSkZCZm+2js3PU 9f56VmT6WoRjER+rWSILH/2vQZJ4TFyhIXO8529ZpJcsGloow9MLcr59RtlbRlca sHQaWIQhv1UGM8KVe5rFbaFNDRng27ni99hnx4ASv3iN7FbFhSyINakkYLlw -----END CERTIFICATE-----Generated at Mon Jan 26 17:26:33 2026 by rpki-client