This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/ZmcfgQVw9WznPpWT9yLghomma18.roa File: ZmcfgQVw9WznPpWT9yLghomma18.roa (raw, json) Hash identifier: dwEz5IwUCOta4WNqfA1M1PPK2wh9BaQxA/M28+Mkwpk= Subject key identifier: 66:67:1F:81:05:70:F5:6C:E7:3E:95:93:F7:22:E0:86:89:A6:6B:5F Certificate issuer: /CN=6d069e19e12c104004e8b4b75f8a7789b7e11396 Certificate serial: 019B797DE841D7616413C36240FB40BCA69F Authority key identifier: 6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/ZmcfgQVw9WznPpWT9yLghomma18.roa Signing time: Thu 01 Jan 2026 12:17:33 +0000 ROA not before: Thu 01 Jan 2026 12:17:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62003 IP address blocks: 144.43.240.0/21 maxlen: 24 144.43.252.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.mft rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 03:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7d:e8:41:d7:61:64:13:c3:62:40:fb:40:bc:a6:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6d069e19e12c104004e8b4b75f8a7789b7e11396 Validity Not Before: Jan 1 12:17:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=66671f810570f56ce73e9593f722e08689a66b5f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:aa:2c:a9:d2:58:68:e4:43:c1:dd:a6:99:17: f2:58:af:aa:0f:0a:56:3a:ea:78:fc:c5:c3:96:46: 6c:fb:5f:89:5a:52:d3:b5:96:66:d6:81:a9:97:c7: 2b:0b:bc:d0:48:8f:c3:f2:6e:66:84:ac:81:5d:86: b3:a2:4d:db:3a:62:6b:25:0e:b7:cb:48:57:64:6c: 47:70:34:6d:6d:74:ff:db:73:ea:a4:51:c7:0d:f3: ac:16:ca:e7:2e:e2:8f:fc:49:97:de:f0:b2:5f:11: 7a:53:a6:da:57:09:ab:52:e4:c3:9a:d3:62:a3:b1: 67:78:b7:9a:8a:1f:7d:79:90:08:12:c7:80:67:de: ad:27:5b:0a:79:34:79:37:7f:31:47:10:dc:40:a3: 1b:25:b5:99:8d:57:65:2d:aa:48:d0:96:a9:36:bb: 28:30:1c:2b:e9:10:d3:e1:aa:a7:68:f6:ef:fb:2c: c0:34:28:d9:82:bd:42:02:3f:4e:86:57:e9:74:32: 1e:02:2b:fd:84:d6:4a:9a:b5:b3:70:ad:43:2b:5d: 01:16:09:24:20:49:84:21:ee:bc:dd:fc:1d:43:34: c9:b7:a3:37:87:87:ec:b4:cc:c1:54:c3:f7:5d:b9: d7:96:d3:9d:8b:87:02:42:29:ad:c9:6e:37:d7:16: 24:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:67:1F:81:05:70:F5:6C:E7:3E:95:93:F7:22:E0:86:89:A6:6B:5F X509v3 Authority Key Identifier: keyid:6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/ZmcfgQVw9WznPpWT9yLghomma18.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 144.43.240.0/21 144.43.252.0/22 Signature Algorithm: sha256WithRSAEncryption a2:78:4a:85:b6:f7:da:8b:30:73:e0:70:30:80:77:89:20:ef: a9:f0:18:08:f9:0d:40:63:21:5e:23:29:e1:0c:e6:00:79:7f: 32:c2:67:76:7e:82:c8:0e:d6:0a:74:36:1c:50:d6:cd:53:db: 57:59:49:b9:d7:3f:82:12:4a:cf:61:1f:1a:24:8a:92:b7:cc: 3b:46:d0:ca:c3:60:b8:08:15:0f:fa:4f:68:a9:84:6b:d5:f5: 5b:7d:23:10:80:f6:86:2d:77:6f:cf:4e:97:b5:2a:57:3e:96: 6d:57:b0:27:4a:a6:c8:f1:dd:fb:a1:6f:c1:a1:63:66:74:7d: e8:b2:b8:af:d4:8e:b2:9a:5a:9d:af:e0:70:50:c7:fa:a4:ab: a0:02:a6:d7:8b:57:c1:f1:fe:6d:d6:9a:9b:19:62:1a:b1:b4: 22:4b:02:ff:06:3d:c7:0b:c8:e2:bb:84:82:b6:11:f1:06:81: a0:af:93:6b:e6:b8:d2:1b:9b:08:88:ef:c0:2a:11:65:27:7f: 03:06:fd:99:c4:a1:d0:9d:99:75:c3:89:ba:3d:1f:6f:7e:7f: 16:b7:af:5d:ff:6b:43:d4:5d:7f:80:5f:a7:e3:aa:27:39:e8: f3:60:f0:b8:8a:98:c6:b2:e4:90:43:35:55:c3:f0:ea:30:ac: 92:58:fa:fa -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5fehB12FkE8NiQPtAvKafMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkMDY5ZTE5ZTEyYzEwNDAwNGU4YjRiNzVmOGE3Nzg5Yjdl MTEzOTYwHhcNMjYwMTAxMTIxNzMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NjY3MWY4MTA1NzBmNTZjZTczZTk1OTNmNzIyZTA4Njg5YTY2YjVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6osqdJYaORDwd2mmRfyWK+qDwpW Oup4/MXDlkZs+1+JWlLTtZZm1oGpl8crC7zQSI/D8m5mhKyBXYazok3bOmJrJQ63 y0hXZGxHcDRtbXT/23PqpFHHDfOsFsrnLuKP/EmX3vCyXxF6U6baVwmrUuTDmtNi o7FneLeaih99eZAIEseAZ96tJ1sKeTR5N38xRxDcQKMbJbWZjVdlLapI0JapNrso MBwr6RDT4aqnaPbv+yzANCjZgr1CAj9OhlfpdDIeAiv9hNZKmrWzcK1DK10BFgkk IEmEIe683fwdQzTJt6M3h4fstMzBVMP3XbnXltOdi4cCQimtyW431xYkpQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFGZnH4EFcPVs5z6Vk/ci4IaJpmtfMB8GA1UdIwQY MBaAFG0GnhnhLBBABOi0t1+Kd4m34ROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmIt N2JmZjI5NmM2YjAyLzEvWm1jZmdRVnc5V3puUHBXVDl5TGdob21tYTE4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmItN2JmZjI5NmM2YjAy LzEvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDkCvwAwQC kCv8MA0GCSqGSIb3DQEBCwUAA4IBAQCieEqFtvfaizBz4HAwgHeJIO+p8BgI+Q1A YyFeIynhDOYAeX8ywmd2foLIDtYKdDYcUNbNU9tXWUm51z+CEkrPYR8aJIqSt8w7 RtDKw2C4CBUP+k9oqYRr1fVbfSMQgPaGLXdvz06XtSpXPpZtV7AnSqbI8d37oW/B oWNmdH3osriv1I6ymlqdr+BwUMf6pKugAqbXi1fB8f5t1pqbGWIasbQiSwL/Bj3H C8jiu4SCthHxBoGgr5Nr5rjSG5sIiO/AKhFlJ38DBv2ZxKHQnZl1w4m6PR9vfn8W t69d/2tD1F1/gF+n46onOejzYPC4ipjGsuSQQzVVw/DqMKySWPr6 -----END CERTIFICATE-----Generated at Tue Jan 20 07:47:13 2026 by rpki-client