This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/cd472c-4256-40ff-98e2-d98384397929/1/zQQNz1XdF3zAZxj1XnIP4uPqT3E.roa File: zQQNz1XdF3zAZxj1XnIP4uPqT3E.roa (raw, json) Hash identifier: RvUin8cxUdArlkfl04+0a6IY+YkgiDeNAV0KF42kT1Q= Subject key identifier: CD:04:0D:CF:55:DD:17:7C:C0:67:18:F5:5E:72:0F:E2:E3:EA:4F:71 Certificate issuer: /CN=f815e02bda7a9071487837d31558b5e0221d3cf9 Certificate serial: 019B7D5C0FC2EE7793D6E2684CCE5D7CAF0B Authority key identifier: F8:15:E0:2B:DA:7A:90:71:48:78:37:D3:15:58:B5:E0:22:1D:3C:F9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-BXgK9p6kHFIeDfTFVi14CIdPPk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/cd472c-4256-40ff-98e2-d98384397929/1/zQQNz1XdF3zAZxj1XnIP4uPqT3E.roa Signing time: Fri 02 Jan 2026 06:19:03 +0000 ROA not before: Fri 02 Jan 2026 06:19:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212315 IP address blocks: 193.176.32.0/24 maxlen: 24 194.164.239.0/24 maxlen: 24 195.200.23.0/24 maxlen: 24 2a14:2040::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/cd472c-4256-40ff-98e2-d98384397929/1/1-BXgK9p6kHFIeDfTFVi14CIdPPk.crl rsync://rpki.ripe.net/repository/DEFAULT/28/cd472c-4256-40ff-98e2-d98384397929/1/1-BXgK9p6kHFIeDfTFVi14CIdPPk.mft rsync://rpki.ripe.net/repository/DEFAULT/1-BXgK9p6kHFIeDfTFVi14CIdPPk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 15:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:0f:c2:ee:77:93:d6:e2:68:4c:ce:5d:7c:af:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f815e02bda7a9071487837d31558b5e0221d3cf9 Validity Not Before: Jan 2 06:19:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cd040dcf55dd177cc06718f55e720fe2e3ea4f71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:32:53:8f:42:bd:f5:89:a7:c7:92:08:29:af: fe:dc:d1:4e:8e:3a:48:c1:ef:6f:36:b9:b5:bd:f4: 19:a9:27:d4:3d:4f:f1:8d:d4:27:7f:c6:66:17:1c: 18:de:cf:3a:ff:9e:13:31:41:70:e7:51:d7:0d:82: 47:73:56:45:73:98:07:96:54:af:f4:01:9a:42:e0: e4:2d:cb:4a:8c:5d:39:66:6d:50:28:36:b3:fb:4b: af:c8:d0:e3:4a:a7:24:86:66:95:bd:ba:38:9c:ea: fa:7a:5f:fd:86:66:af:8d:19:6a:60:1f:97:c4:74: bf:02:2f:d4:47:d9:d4:49:14:9e:c9:f7:15:ea:41: 10:90:cb:b5:f5:0f:7c:bf:50:85:52:0c:c1:e0:ac: 4c:11:d0:f3:db:c2:45:99:3d:5b:ca:d5:f3:76:ff: f5:f9:15:5a:fe:c9:92:4f:f1:5f:44:46:f8:ca:56: c6:b2:91:b2:eb:5d:ad:64:1e:28:11:41:59:08:7d: dd:05:cf:2c:c6:dd:53:05:f8:be:de:95:c4:db:25: e0:f2:49:4b:86:68:8f:b0:53:76:66:b3:d5:95:22: 3b:48:bf:22:05:d1:e6:5e:2a:87:66:1e:78:3e:53: a6:3e:e0:e7:b6:c6:39:e2:82:bf:16:ec:5b:18:07: 90:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:04:0D:CF:55:DD:17:7C:C0:67:18:F5:5E:72:0F:E2:E3:EA:4F:71 X509v3 Authority Key Identifier: keyid:F8:15:E0:2B:DA:7A:90:71:48:78:37:D3:15:58:B5:E0:22:1D:3C:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-BXgK9p6kHFIeDfTFVi14CIdPPk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/cd472c-4256-40ff-98e2-d98384397929/1/zQQNz1XdF3zAZxj1XnIP4uPqT3E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/cd472c-4256-40ff-98e2-d98384397929/1/1-BXgK9p6kHFIeDfTFVi14CIdPPk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.176.32.0/24 194.164.239.0/24 195.200.23.0/24 IPv6: 2a14:2040::/29 Signature Algorithm: sha256WithRSAEncryption 08:98:2f:3a:86:9a:1a:ea:9d:40:46:13:f2:4a:f2:4b:61:d2: 78:51:2b:ff:1b:0a:6d:ec:a3:13:40:a5:d8:7d:00:42:06:00: 38:37:9a:5f:dc:01:bf:e8:ab:95:95:ad:cd:52:47:76:cc:80: e2:92:39:88:bc:e8:14:e6:98:a7:fb:54:f1:15:68:b5:68:f8: 4a:43:81:35:dc:08:63:05:dd:c2:c5:be:d8:74:c1:63:e8:45: 98:28:d6:e6:d5:38:7a:1e:78:a1:0c:85:b6:84:96:8a:cd:ae: 28:62:a4:d3:6a:e5:ac:db:d8:65:f7:e5:c5:da:b6:18:7d:0d: fe:25:1a:60:15:d5:05:c9:bf:a9:47:50:d3:8d:40:88:78:b3: 84:cc:bd:c3:a7:29:ad:dd:ea:d3:8e:9d:2d:a7:a6:d3:fd:bb: f1:07:6c:94:38:a6:ae:73:80:b2:36:d7:d2:48:fd:57:65:64: fe:ed:68:34:25:6b:b9:06:1d:ed:cf:24:e0:ac:88:43:74:89: 2e:9a:db:21:31:e5:3e:10:bd:0f:07:88:37:f5:b1:01:77:04: 10:f7:d0:de:5c:8d:5c:c9:10:e9:dc:3c:59:cd:6a:d8:b8:a2: 83:da:c0:98:e5:4e:81:88:0f:32:97:81:c3:94:3d:4e:15:d9: 28:ef:66:65 -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt9XA/C7neT1uJoTM5dfK8LMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY4MTVlMDJiZGE3YTkwNzE0ODc4MzdkMzE1NThiNWUwMjIx ZDNjZjkwHhcNMjYwMTAyMDYxOTAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZDA0MGRjZjU1ZGQxNzdjYzA2NzE4ZjU1ZTcyMGZlMmUzZWE0ZjcxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDJTj0K99Ymnx5IIKa/+3NFOjjpI we9vNrm1vfQZqSfUPU/xjdQnf8ZmFxwY3s86/54TMUFw51HXDYJHc1ZFc5gHllSv 9AGaQuDkLctKjF05Zm1QKDaz+0uvyNDjSqckhmaVvbo4nOr6el/9hmavjRlqYB+X xHS/Ai/UR9nUSRSeyfcV6kEQkMu19Q98v1CFUgzB4KxMEdDz28JFmT1bytXzdv/1 +RVa/smST/FfREb4ylbGspGy612tZB4oEUFZCH3dBc8sxt1TBfi+3pXE2yXg8klL hmiPsFN2ZrPVlSI7SL8iBdHmXiqHZh54PlOmPuDntsY54oK/FuxbGAeQKwIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFM0EDc9V3Rd8wGcY9V5yD+Lj6k9xMB8GA1UdIwQY MBaAFPgV4CvaepBxSHg30xVYteAiHTz5MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS1CWGdLOXA2a0hGSWVEZlRGVmkxNENJZFBQay5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgvY2Q0NzJjLTQyNTYtNDBmZi05OGUy LWQ5ODM4NDM5NzkyOS8xL3pRUU56MVhkRjN6QVp4ajFYbklQNHVQcVQzRS5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvMjgvY2Q0NzJjLTQyNTYtNDBmZi05OGUyLWQ5ODM4NDM5Nzky OS8xLzEtQlhnSzlwNmtIRkllRGZURlZpMTRDSWRQUGsuY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBADBsCAD BADCpO8DBADDyBcwDQQCAAIwBwMFAyoUIEAwDQYJKoZIhvcNAQELBQADggEBAAiY LzqGmhrqnUBGE/JK8kth0nhRK/8bCm3soxNApdh9AEIGADg3ml/cAb/oq5WVrc1S R3bMgOKSOYi86BTmmKf7VPEVaLVo+EpDgTXcCGMF3cLFvth0wWPoRZgo1ubVOHoe eKEMhbaElorNrihipNNq5azb2GX35cXathh9Df4lGmAV1QXJv6lHUNONQIh4s4TM vcOnKa3d6tOOnS2nptP9u/EHbJQ4pq5zgLI219JI/VdlZP7taDQla7kGHe3PJOCs iEN0iS6a2yEx5T4QvQ8HiDf1sQF3BBD30N5cjVzJEOncPFnNati4ooPawJjlToGI DzKXgcOUPU4V2SjvZmU= -----END CERTIFICATE-----Generated at Sat Jan 3 00:54:56 2026 by rpki-client