This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e66afe-6e0b-4dbd-8d0d-ce6915b4736f/1/Z-rlKdaCz1-RtEjMQCm0X_P3rj4.roa File: Z-rlKdaCz1-RtEjMQCm0X_P3rj4.roa (raw, json) Hash identifier: izN3amwMaCwqfjDAXIHwIiin5JKltWskPtpUKmuEZLk= Subject key identifier: 67:EA:E5:29:D6:82:CF:5F:91:B4:48:CC:40:29:B4:5F:F3:F7:AE:3E Certificate issuer: /CN=6696fa3fe40cf770851c83adcafafb7a4107678f Certificate serial: 019B12FC180A4AD3C6A13A5D0E6285042A71 Authority key identifier: 66:96:FA:3F:E4:0C:F7:70:85:1C:83:AD:CA:FA:FB:7A:41:07:67:8F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zpb6P-QM93CFHIOtyvr7ekEHZ48.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e66afe-6e0b-4dbd-8d0d-ce6915b4736f/1/Z-rlKdaCz1-RtEjMQCm0X_P3rj4.roa Signing time: Fri 12 Dec 2025 14:34:29 +0000 ROA not before: Fri 12 Dec 2025 14:34:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 31182 IP address blocks: 146.66.134.0/23 maxlen: 23 146.66.134.0/24 maxlen: 24 146.66.135.0/24 maxlen: 24 193.8.139.0/24 maxlen: 24 193.56.181.0/24 maxlen: 24 2a14:5ec0::/29 maxlen: 29 2a14:5ec0::/32 maxlen: 32 2a14:5ec1::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/e66afe-6e0b-4dbd-8d0d-ce6915b4736f/1/Zpb6P-QM93CFHIOtyvr7ekEHZ48.crl rsync://rpki.ripe.net/repository/DEFAULT/18/e66afe-6e0b-4dbd-8d0d-ce6915b4736f/1/Zpb6P-QM93CFHIOtyvr7ekEHZ48.mft rsync://rpki.ripe.net/repository/DEFAULT/Zpb6P-QM93CFHIOtyvr7ekEHZ48.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 14:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:12:fc:18:0a:4a:d3:c6:a1:3a:5d:0e:62:85:04:2a:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6696fa3fe40cf770851c83adcafafb7a4107678f Validity Not Before: Dec 12 14:34:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=67eae529d682cf5f91b448cc4029b45ff3f7ae3e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:b4:32:96:a4:ca:41:b9:c6:3c:b5:f7:18:a4: 87:a7:0b:10:5f:1a:72:70:61:0e:b5:84:24:ba:56: 44:5c:79:8a:3a:2f:d7:09:5c:72:c3:7d:83:3f:a1: 7d:ca:88:c1:e9:7e:a9:71:2b:c6:2a:76:58:be:54: ea:37:86:88:d2:d7:4b:5e:1f:a1:d8:99:59:e8:1c: 59:62:60:a2:fa:59:01:96:4d:75:6f:32:53:59:8a: e9:bb:18:6a:37:44:84:ba:86:59:0a:fa:17:d1:16: 46:04:8d:e1:c1:6a:25:22:3d:c2:23:6f:35:ef:2d: 35:4e:d2:53:fa:d8:af:23:bc:06:fd:5e:24:f2:22: 6f:c1:6f:47:c9:71:8f:89:10:95:62:47:82:15:ae: 43:99:5e:04:29:66:3e:b0:78:e1:86:d6:cb:db:67: bc:f5:2e:91:a1:b2:4d:5d:74:10:70:46:20:cb:9e: 5e:8b:3f:5c:e8:ba:17:72:9f:7e:cf:f4:2b:2d:01: 4b:7a:92:67:8c:85:07:c5:e0:80:e8:18:61:08:c7: 10:e0:6a:1f:01:b2:07:d9:fb:89:d1:5b:26:d2:14: ae:45:71:9a:e0:93:96:7f:1a:a8:6a:47:cb:b6:5b: ae:15:46:68:e8:5b:95:73:37:52:c8:89:a9:0d:18: 79:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:EA:E5:29:D6:82:CF:5F:91:B4:48:CC:40:29:B4:5F:F3:F7:AE:3E X509v3 Authority Key Identifier: keyid:66:96:FA:3F:E4:0C:F7:70:85:1C:83:AD:CA:FA:FB:7A:41:07:67:8F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zpb6P-QM93CFHIOtyvr7ekEHZ48.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e66afe-6e0b-4dbd-8d0d-ce6915b4736f/1/Z-rlKdaCz1-RtEjMQCm0X_P3rj4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e66afe-6e0b-4dbd-8d0d-ce6915b4736f/1/Zpb6P-QM93CFHIOtyvr7ekEHZ48.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 146.66.134.0/23 193.8.139.0/24 193.56.181.0/24 IPv6: 2a14:5ec0::/29 Signature Algorithm: sha256WithRSAEncryption 6e:3b:bb:66:fc:f8:4e:09:a5:d7:a8:da:17:58:54:6f:6d:d7: 6b:ca:20:c0:4f:e9:fc:bb:96:2d:61:04:6f:76:a5:4f:8d:60: c9:8b:c3:28:c3:ec:b0:f1:11:4c:47:f5:d0:9b:32:ef:0b:bf: 0a:e5:19:e3:05:95:47:13:30:d2:3f:8b:35:b6:fc:9c:ef:6b: 2f:28:f9:8e:1d:1f:39:f9:dc:ee:49:9c:54:94:35:84:99:67: a1:85:fb:03:1a:25:bf:54:cd:29:73:53:9d:5c:0a:a0:1f:16: 28:6d:84:13:23:39:ac:2d:ee:49:e3:eb:65:af:06:5d:b6:e0: 14:55:0e:5c:40:d6:73:9e:23:70:15:10:4d:2c:3e:e1:bd:3c: 9b:90:a6:3b:08:da:aa:cb:71:38:99:96:e0:22:20:56:b3:ce: 2d:9d:18:42:b9:af:ef:c9:8f:23:c4:71:6d:dc:72:c4:9e:6c: 56:19:1d:07:e8:72:fa:6f:9f:3c:1a:ec:d8:11:d2:80:b0:05: a0:15:39:44:5b:f5:cf:8f:34:e4:cc:42:5f:e9:0a:aa:df:80: ce:cc:4b:ec:68:7f:29:d3:fc:e0:65:2d:27:74:a0:25:cc:c8: 2a:6c:cd:fa:cb:f5:04:b0:a2:9d:a1:cb:e6:88:f9:cf:6e:86: a0:33:75:71 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZsS/BgKStPGoTpdDmKFBCpxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY2OTZmYTNmZTQwY2Y3NzA4NTFjODNhZGNhZmFmYjdhNDEw NzY3OGYwHhcNMjUxMjEyMTQzNDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2N2VhZTUyOWQ2ODJjZjVmOTFiNDQ4Y2M0MDI5YjQ1ZmYzZjdhZTNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2rQylqTKQbnGPLX3GKSHpwsQXxpy cGEOtYQkulZEXHmKOi/XCVxyw32DP6F9yojB6X6pcSvGKnZYvlTqN4aI0tdLXh+h 2JlZ6BxZYmCi+lkBlk11bzJTWYrpuxhqN0SEuoZZCvoX0RZGBI3hwWolIj3CI281 7y01TtJT+tivI7wG/V4k8iJvwW9HyXGPiRCVYkeCFa5DmV4EKWY+sHjhhtbL22e8 9S6RobJNXXQQcEYgy55eiz9c6LoXcp9+z/QrLQFLepJnjIUHxeCA6BhhCMcQ4Gof AbIH2fuJ0Vsm0hSuRXGa4JOWfxqoakfLtluuFUZo6FuVczdSyImpDRh5ywIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFGfq5SnWgs9fkbRIzEAptF/z964+MB8GA1UdIwQY MBaAFGaW+j/kDPdwhRyDrcr6+3pBB2ePMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWnBiNlAtUU05M0NGSElPdHl2cjdla0VIWjQ4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lNjZhZmUtNmUwYi00ZGJkLThkMGQt Y2U2OTE1YjQ3MzZmLzEvWi1ybEtkYUN6MS1SdEVqTVFDbTBYX1Azcmo0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOC9lNjZhZmUtNmUwYi00ZGJkLThkMGQtY2U2OTE1YjQ3MzZm LzEvWnBiNlAtUU05M0NGSElPdHl2cjdla0VIWjQ4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBkkKGAwQA wQiLAwQAwTi1MA0EAgACMAcDBQMqFF7AMA0GCSqGSIb3DQEBCwUAA4IBAQBuO7tm /PhOCaXXqNoXWFRvbddryiDAT+n8u5YtYQRvdqVPjWDJi8Mow+yw8RFMR/XQmzLv C78K5RnjBZVHEzDSP4s1tvyc72svKPmOHR85+dzuSZxUlDWEmWehhfsDGiW/VM0p c1OdXAqgHxYobYQTIzmsLe5J4+tlrwZdtuAUVQ5cQNZzniNwFRBNLD7hvTybkKY7 CNqqy3E4mZbgIiBWs84tnRhCua/vyY8jxHFt3HLEnmxWGR0H6HL6b588GuzYEdKA sAWgFTlEW/XPjzTkzEJf6Qqq34DOzEvsaH8p0/zgZS0ndKAlzMgqbM36y/UEsKKd ocvmiPnPboagM3Vx -----END CERTIFICATE-----Generated at Wed Dec 24 20:16:04 2025 by rpki-client