This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/CZESfzons0CUR1mPAFj6doyu8yo.roa File: CZESfzons0CUR1mPAFj6doyu8yo.roa (raw, json) Hash identifier: r39VBsDAhHmTC1+NBzFYokoCnJicdLBfISIVIU5og/U= Subject key identifier: 09:91:12:7F:3A:27:B3:40:94:47:59:8F:00:58:FA:76:8C:AE:F3:2A Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09 Certificate serial: 019B7EA77E5B0488287AE6FF09AB1E8455C7 Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/CZESfzons0CUR1mPAFj6doyu8yo.roa Signing time: Fri 02 Jan 2026 12:21:04 +0000 ROA not before: Fri 02 Jan 2026 12:21:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57753 IP address blocks: 2a01:620:1e::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 00:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:7e:5b:04:88:28:7a:e6:ff:09:ab:1e:84:55:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09 Validity Not Before: Jan 2 12:21:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0991127f3a27b3409447598f0058fa768caef32a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:28:74:bc:8f:43:69:80:16:73:91:45:b6:a6: 22:4b:ff:ff:f2:74:e8:1e:67:86:6e:05:89:72:0d: f7:f7:43:23:84:0e:01:78:86:4c:36:1f:26:3c:e0: 7a:07:d9:d8:10:a7:3b:49:ef:a2:73:21:36:32:1f: a2:89:86:6e:02:36:0d:b9:e0:31:71:2c:1f:f3:c3: 56:be:fa:90:2f:44:76:8f:be:ef:0f:82:e3:08:ad: cc:94:44:3a:9b:32:c0:78:d8:30:66:3e:5f:93:34: fc:c4:f4:21:fa:e2:e4:60:b6:b0:35:14:28:8c:0f: ba:aa:d4:32:de:dd:de:90:e3:be:19:9d:c5:96:44: 3a:77:e6:c2:ea:f4:41:ac:1f:e7:e5:14:fa:0d:26: 2d:1f:d3:e1:1e:76:ce:6e:d9:b9:80:c2:91:ee:f9: c9:42:ee:8d:dd:24:ca:cc:7f:69:e1:b8:e5:ae:7d: 43:3a:bd:8a:6a:e8:bb:0f:7b:67:30:60:8c:da:99: 78:1a:bc:2a:49:0f:32:fb:f4:49:f0:14:ff:41:d7: ee:89:bf:54:bb:8c:98:84:cd:22:97:fc:2a:55:4b: 46:34:9f:51:7a:af:bd:2f:ea:bf:73:79:de:23:56: 55:83:4f:86:67:da:e7:0e:1a:a5:75:5a:c6:15:2d: c1:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:91:12:7F:3A:27:B3:40:94:47:59:8F:00:58:FA:76:8C:AE:F3:2A X509v3 Authority Key Identifier: keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/CZESfzons0CUR1mPAFj6doyu8yo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:620:1e::/48 Signature Algorithm: sha256WithRSAEncryption 70:69:c1:f6:5e:8e:09:59:6e:21:cb:15:bf:e9:bc:3f:01:aa: 16:6b:58:2f:d7:ed:5c:28:d3:df:5f:6e:1c:55:f1:81:b4:63: 91:c8:ac:00:5e:70:9a:f8:11:7b:a1:f3:31:53:10:e8:96:8c: 8c:0f:64:ce:3a:73:ba:dc:87:31:5a:fd:69:77:13:fe:2b:59: f6:78:30:d4:fd:0e:9e:b5:2e:ca:fc:2d:01:10:f4:75:51:c0: 88:ee:6b:e0:f3:6f:1d:8f:c3:3d:5d:66:d4:7e:d6:cb:f4:ba: 5f:0a:0a:9e:f3:4e:e7:dc:f1:da:4e:a4:7c:8d:e9:12:74:da: 32:bd:f7:51:6e:2b:4c:6b:8e:f9:45:36:31:e5:ae:08:69:5a: a0:30:0f:fb:c9:f2:5b:14:d4:a8:b0:70:ff:20:d4:65:ef:de: b6:3d:ab:75:d7:8e:c8:42:31:b9:b2:a4:7f:bd:3b:1f:10:9a: 49:e8:34:47:8d:96:fc:c5:e2:d4:7e:c3:82:a1:9b:1b:41:57: a6:bd:5a:19:2f:bd:8f:de:80:64:2f:1f:7c:8d:ac:47:5a:5e: 13:a3:ca:f8:c8:ed:38:aa:bc:97:12:cd:5a:5c:b2:b8:2c:df: 20:f4:80:ac:23:03:11:7d:4f:61:a4:3f:b6:1b:2c:ad:4f:ad: e0:ed:89:fe -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt+p35bBIgoeub/CasehFXHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx ZTZjMDkwHhcNMjYwMTAyMTIyMTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOTkxMTI3ZjNhMjdiMzQwOTQ0NzU5OGYwMDU4ZmE3NjhjYWVmMzJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSh0vI9DaYAWc5FFtqYiS///8nTo HmeGbgWJcg3390MjhA4BeIZMNh8mPOB6B9nYEKc7Se+icyE2Mh+iiYZuAjYNueAx cSwf88NWvvqQL0R2j77vD4LjCK3MlEQ6mzLAeNgwZj5fkzT8xPQh+uLkYLawNRQo jA+6qtQy3t3ekOO+GZ3FlkQ6d+bC6vRBrB/n5RT6DSYtH9PhHnbObtm5gMKR7vnJ Qu6N3STKzH9p4bjlrn1DOr2Kaui7D3tnMGCM2pl4GrwqSQ8y+/RJ8BT/Qdfuib9U u4yYhM0il/wqVUtGNJ9Req+9L+q/c3neI1ZVg0+GZ9rnDhqldVrGFS3BVwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFAmREn86J7NAlEdZjwBY+naMrvMqMB8GA1UdIwQY MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt NWE4NmMyNzU3YzFlLzEvQ1pFU2Z6b25zMENVUjFtUEFGajZkb3l1OHlvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEGIAAe MA0GCSqGSIb3DQEBCwUAA4IBAQBwacH2Xo4JWW4hyxW/6bw/AaoWa1gv1+1cKNPf X24cVfGBtGORyKwAXnCa+BF7ofMxUxDoloyMD2TOOnO63IcxWv1pdxP+K1n2eDDU /Q6etS7K/C0BEPR1UcCI7mvg828dj8M9XWbUftbL9LpfCgqe807n3PHaTqR8jekS dNoyvfdRbitMa475RTYx5a4IaVqgMA/7yfJbFNSosHD/INRl7962Pat1147IQjG5 sqR/vTsfEJpJ6DRHjZb8xeLUfsOCoZsbQVemvVoZL72P3oBkLx98jaxHWl4To8r4 yO04qryXEs1aXLK4LN8g9ICsIwMRfU9hpD+2GyytT63g7Yn+ -----END CERTIFICATE-----Generated at Mon Jan 26 10:13:34 2026 by rpki-client