This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/ZjTRqjLbUrNz2NUC-0NUb8hGxVI.roa File: ZjTRqjLbUrNz2NUC-0NUb8hGxVI.roa (raw, json) Hash identifier: lNRVW6GevA3klBK1hehDwbl+8Dt78Jzm0k/Uol69mug= Subject key identifier: 66:34:D1:AA:32:DB:52:B3:73:D8:D5:02:FB:43:54:6F:C8:46:C5:52 Certificate issuer: /CN=5e1d4060fd501ebae93ed44da6b7a79e66705b2f Certificate serial: 019B975F2A9E0AFADE34C468BED23DC4162F Authority key identifier: 5E:1D:40:60:FD:50:1E:BA:E9:3E:D4:4D:A6:B7:A7:9E:66:70:5B:2F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xh1AYP1QHrrpPtRNprennmZwWy8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/ZjTRqjLbUrNz2NUC-0NUb8hGxVI.roa Signing time: Wed 07 Jan 2026 07:32:35 +0000 ROA not before: Wed 07 Jan 2026 07:32:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204570 IP address blocks: 185.246.148.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/Xh1AYP1QHrrpPtRNprennmZwWy8.crl rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/Xh1AYP1QHrrpPtRNprennmZwWy8.mft rsync://rpki.ripe.net/repository/DEFAULT/Xh1AYP1QHrrpPtRNprennmZwWy8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 03:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:97:5f:2a:9e:0a:fa:de:34:c4:68:be:d2:3d:c4:16:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5e1d4060fd501ebae93ed44da6b7a79e66705b2f Validity Not Before: Jan 7 07:32:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6634d1aa32db52b373d8d502fb43546fc846c552 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:5e:1e:eb:9d:9a:a6:ca:02:18:c7:03:a7:ad: 0b:bb:bd:51:30:42:09:11:0e:60:3e:26:14:ef:af: 28:ab:3c:29:26:55:b0:85:b4:f6:30:d2:dd:ba:f6: 76:ef:6d:16:7e:5d:06:c2:bd:62:80:bd:25:b5:2a: f7:6e:2d:c6:b5:c6:66:30:52:2c:5a:85:1c:97:85: b6:e7:ba:c1:09:7d:c1:1a:5c:4d:c8:65:ab:33:3e: d1:d7:73:69:61:5a:74:a9:75:ce:ce:ad:13:e1:02: 80:9e:d5:2d:60:31:b8:f2:be:46:0f:b6:32:c0:7d: f5:3f:98:52:0c:25:ed:42:83:9b:b2:d8:78:74:41: 71:cd:48:76:ad:a4:b8:a8:1c:81:11:ac:f1:09:7e: 8f:8c:cc:65:f3:50:48:78:cf:aa:ab:3a:be:3a:40: 09:3b:b1:8b:fc:56:1f:ec:48:df:0f:35:bc:0c:85: 75:8d:d0:2f:1f:cc:90:8d:cd:62:61:53:2e:1e:f3: 29:7f:bf:c3:22:6d:f8:45:3c:63:4d:f5:d4:a4:62: cb:1b:38:92:0f:b9:92:96:3f:7e:de:7c:f0:af:72: af:11:6c:4c:d4:b2:78:54:6f:39:f9:23:db:37:5c: 31:a8:76:1f:65:5c:b1:8b:59:dc:60:04:17:fc:61: ac:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:34:D1:AA:32:DB:52:B3:73:D8:D5:02:FB:43:54:6F:C8:46:C5:52 X509v3 Authority Key Identifier: keyid:5E:1D:40:60:FD:50:1E:BA:E9:3E:D4:4D:A6:B7:A7:9E:66:70:5B:2F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xh1AYP1QHrrpPtRNprennmZwWy8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/ZjTRqjLbUrNz2NUC-0NUb8hGxVI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/Xh1AYP1QHrrpPtRNprennmZwWy8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.246.148.0/22 Signature Algorithm: sha256WithRSAEncryption 45:e7:b7:48:77:72:a5:b8:cb:d4:c8:f5:05:91:8a:e2:88:77: 74:fb:4e:4d:10:c4:25:ed:3f:ee:28:b8:66:3c:e1:7e:63:19: b1:33:64:d1:d8:1e:e5:60:00:be:0d:a6:d8:c6:09:ac:31:60: 86:9a:43:a6:fa:d1:2e:65:96:10:1a:3a:d6:ed:05:ac:e1:e9: dd:a3:42:93:e1:06:d1:02:77:22:52:32:ea:e6:73:aa:fa:4e: 98:b5:e8:ec:0e:a3:5e:01:98:2a:3e:45:59:0d:dc:96:e3:09: 48:0b:1b:40:4e:59:17:1f:65:d6:e8:35:de:4f:f6:ba:1e:18: f6:fb:ca:cb:62:77:10:15:30:4e:96:e1:4f:9d:67:a7:3f:c6: 56:7d:90:76:2a:5b:b1:ce:5b:86:43:de:8c:96:08:db:27:1a: d9:be:75:f7:c6:96:bf:69:c2:ff:eb:d1:26:32:66:b2:9b:0c: 0c:1d:03:a5:91:51:f8:fd:00:ec:0c:14:e0:88:7b:54:3a:c5: 72:f3:3a:88:13:b6:6c:54:d0:4a:ba:64:44:f6:90:34:c5:43: 1a:af:92:12:86:4f:b7:6b:d5:6f:d1:26:d3:34:7a:16:e0:40: 2e:4e:12:0a:49:90:01:0b:6a:f5:7c:81:47:6f:b8:b3:b3:41: ab:ab:f0:4b -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZuXXyqeCvreNMRovtI9xBYvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlMWQ0MDYwZmQ1MDFlYmFlOTNlZDQ0ZGE2YjdhNzllNjY3 MDViMmYwHhcNMjYwMTA3MDczMjM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NjM0ZDFhYTMyZGI1MmIzNzNkOGQ1MDJmYjQzNTQ2ZmM4NDZjNTUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAol4e652apsoCGMcDp60Lu71RMEIJ EQ5gPiYU768oqzwpJlWwhbT2MNLduvZ2720Wfl0Gwr1igL0ltSr3bi3GtcZmMFIs WoUcl4W257rBCX3BGlxNyGWrMz7R13NpYVp0qXXOzq0T4QKAntUtYDG48r5GD7Yy wH31P5hSDCXtQoObsth4dEFxzUh2raS4qByBEazxCX6PjMxl81BIeM+qqzq+OkAJ O7GL/FYf7EjfDzW8DIV1jdAvH8yQjc1iYVMuHvMpf7/DIm34RTxjTfXUpGLLGziS D7mSlj9+3nzwr3KvEWxM1LJ4VG85+SPbN1wxqHYfZVyxi1ncYAQX/GGslwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFGY00aoy21Kzc9jVAvtDVG/IRsVSMB8GA1UdIwQY MBaAFF4dQGD9UB666T7UTaa3p55mcFsvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGgxQVlQMVFIcnJwUHRSTnByZW5ubVp3V3k4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9hNzBhODQtZjU1Mi00MzU0LWExMDQt MGUxZGI5OGFkMjMxLzEvWmpUUnFqTGJVck56Mk5VQy0wTlViOGhHeFZJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC9hNzBhODQtZjU1Mi00MzU0LWExMDQtMGUxZGI5OGFkMjMx LzEvWGgxQVlQMVFIcnJwUHRSTnByZW5ubVp3V3k4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufaUMA0G CSqGSIb3DQEBCwUAA4IBAQBF57dId3KluMvUyPUFkYriiHd0+05NEMQl7T/uKLhm POF+YxmxM2TR2B7lYAC+DabYxgmsMWCGmkOm+tEuZZYQGjrW7QWs4endo0KT4QbR AnciUjLq5nOq+k6YtejsDqNeAZgqPkVZDdyW4wlICxtATlkXH2XW6DXeT/a6Hhj2 +8rLYncQFTBOluFPnWenP8ZWfZB2KluxzluGQ96MlgjbJxrZvnX3xpa/acL/69Em MmaymwwMHQOlkVH4/QDsDBTgiHtUOsVy8zqIE7ZsVNBKumRE9pA0xUMar5IShk+3 a9Vv0SbTNHoW4EAuThIKSZABC2r1fIFHb7izs0Grq/BL -----END CERTIFICATE-----Generated at Mon Jan 12 09:21:18 2026 by rpki-client