This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/Z2JoyRveJcrOS84W6TpEPChd0u8.roa File: Z2JoyRveJcrOS84W6TpEPChd0u8.roa (raw, json) Hash identifier: aEKu2ZE0v6kUC0OnwN6L0HbgZBJi/Gu9YSjx1j8FGfg= Subject key identifier: 67:62:68:C9:1B:DE:25:CA:CE:4B:CE:16:E9:3A:44:3C:28:5D:D2:EF Certificate issuer: /CN=896a82a725ed22bb46847ae568912078de25c108 Certificate serial: 019B797EA441B3063BF59DAA7B6B49A0BEAB Authority key identifier: 89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/Z2JoyRveJcrOS84W6TpEPChd0u8.roa Signing time: Thu 01 Jan 2026 12:18:21 +0000 ROA not before: Thu 01 Jan 2026 12:18:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210314 IP address blocks: 88.151.224.0/24 maxlen: 24 88.151.229.0/24 maxlen: 24 88.151.231.0/24 maxlen: 24 192.124.199.0/24 maxlen: 24 192.124.205.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.mft rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 03:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:a4:41:b3:06:3b:f5:9d:aa:7b:6b:49:a0:be:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=896a82a725ed22bb46847ae568912078de25c108 Validity Not Before: Jan 1 12:18:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=676268c91bde25cace4bce16e93a443c285dd2ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:63:99:6b:20:f2:77:42:0b:26:02:f4:89:f1: 50:56:91:26:fe:2e:fd:6b:10:fd:fe:cf:1c:c8:ed: 13:e8:3b:f6:ab:f4:ff:43:81:1c:81:ce:8c:f9:b1: 19:0b:7a:85:43:a0:d2:9a:28:bc:a1:ed:28:c5:d7: 9f:cd:04:14:61:26:75:ca:a1:cd:60:1d:bf:21:a3: de:d2:5a:c9:44:47:b8:5e:8c:cf:2a:9a:77:db:2c: 10:07:a3:31:25:fa:36:a3:bd:80:14:7f:5c:65:88: 0d:2a:27:8a:72:88:fa:ce:74:3f:f1:c2:78:a9:98: da:82:b2:39:2e:14:75:31:c4:8a:58:1a:4b:10:45: fa:7f:69:cb:52:2e:a0:9a:0d:59:70:4d:3f:5d:df: 5f:1f:43:b4:ff:51:68:55:60:0c:04:90:2e:48:c1: da:91:d6:b7:7a:64:8e:2e:54:a4:94:5f:49:9d:73: 4c:c2:9c:b0:2c:30:d5:b8:35:e3:8d:97:9c:35:52: fb:15:05:3b:b2:07:e5:7d:ec:49:ba:64:fb:5a:cc: 81:31:e6:d9:14:9a:56:1e:b6:76:40:fe:68:21:4c: a0:3d:43:a8:3e:b5:6b:98:91:20:06:fa:15:26:3e: 7f:67:98:eb:1a:5a:f1:fe:37:96:d3:2d:dc:f4:bb: fa:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:62:68:C9:1B:DE:25:CA:CE:4B:CE:16:E9:3A:44:3C:28:5D:D2:EF X509v3 Authority Key Identifier: keyid:89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/Z2JoyRveJcrOS84W6TpEPChd0u8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 88.151.224.0/24 88.151.229.0/24 88.151.231.0/24 192.124.199.0/24 192.124.205.0/24 Signature Algorithm: sha256WithRSAEncryption 17:cf:15:7c:99:de:38:75:8f:c3:26:7b:4f:9e:9e:77:4c:5d: 42:26:a3:3c:ef:3f:b6:1b:4b:81:38:84:c0:b3:f4:e2:5b:26: 8d:a3:4f:a9:66:9d:b2:3d:4b:7b:f2:f0:b6:4a:03:fc:61:75: 4e:6b:32:d0:9e:37:c7:b1:c1:3b:4e:8c:c5:95:63:a8:34:ef: d3:e5:64:34:3f:a8:23:56:62:b0:c6:ad:f4:cd:e6:09:5f:4c: 9a:19:27:ab:06:c6:d0:99:dc:30:26:7f:17:94:b2:56:02:d4: 76:10:95:b1:41:d0:2f:7b:22:a6:f2:e3:2a:1d:a5:5c:e3:b6: c5:c6:65:98:aa:ac:bb:43:33:9c:d5:12:53:8e:85:51:b3:55: cf:dc:16:4e:82:f0:b9:91:d8:c7:ac:a9:13:a7:44:15:30:f0: ad:0b:92:cd:31:0e:2c:5e:8c:47:52:42:f3:51:69:dd:7c:5a: 7d:2c:19:ce:1d:02:df:96:02:67:d7:d3:c3:bc:ef:78:bd:04: 1b:93:e8:3e:9e:4a:52:ba:22:6d:df:5e:a4:cd:4e:78:f7:5c: 50:2e:12:82:4f:03:ff:29:5b:0c:ff:24:21:fd:16:5e:a7:b4: 5e:ca:3a:d5:f0:a8:4e:c0:b0:86:9f:08:02:2d:fa:be:03:dc: 64:99:f9:81 -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt5fqRBswY79Z2qe2tJoL6rMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5NmE4MmE3MjVlZDIyYmI0Njg0N2FlNTY4OTEyMDc4ZGUy NWMxMDgwHhcNMjYwMTAxMTIxODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NzYyNjhjOTFiZGUyNWNhY2U0YmNlMTZlOTNhNDQzYzI4NWRkMmVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGOZayDyd0ILJgL0ifFQVpEm/i79 axD9/s8cyO0T6Dv2q/T/Q4Ecgc6M+bEZC3qFQ6DSmii8oe0oxdefzQQUYSZ1yqHN YB2/IaPe0lrJREe4XozPKpp32ywQB6MxJfo2o72AFH9cZYgNKieKcoj6znQ/8cJ4 qZjagrI5LhR1McSKWBpLEEX6f2nLUi6gmg1ZcE0/Xd9fH0O0/1FoVWAMBJAuSMHa kda3emSOLlSklF9JnXNMwpywLDDVuDXjjZecNVL7FQU7sgflfexJumT7WsyBMebZ FJpWHrZ2QP5oIUygPUOoPrVrmJEgBvoVJj5/Z5jrGlrx/jeW0y3c9Lv6XQIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFGdiaMkb3iXKzkvOFuk6RDwoXdLvMB8GA1UdIwQY MBaAFIlqgqcl7SK7RoR65WiRIHjeJcEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUt MDQwMTI3MTAyMjA5LzEvWjJKb3lSdmVKY3JPUzg0VzZUcEVQQ2hkMHU4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUtMDQwMTI3MTAyMjA5 LzEvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWJfgAwQA WJflAwQAWJfnAwQAwHzHAwQAwHzNMA0GCSqGSIb3DQEBCwUAA4IBAQAXzxV8md44 dY/DJntPnp53TF1CJqM87z+2G0uBOITAs/TiWyaNo0+pZp2yPUt78vC2SgP8YXVO azLQnjfHscE7TozFlWOoNO/T5WQ0P6gjVmKwxq30zeYJX0yaGSerBsbQmdwwJn8X lLJWAtR2EJWxQdAveyKm8uMqHaVc47bFxmWYqqy7QzOc1RJTjoVRs1XP3BZOgvC5 kdjHrKkTp0QVMPCtC5LNMQ4sXoxHUkLzUWndfFp9LBnOHQLflgJn19PDvO94vQQb k+g+nkpSuiJt316kzU5491xQLhKCTwP/KVsM/yQh/RZep7ReyjrV8KhOwLCGnwgC Lfq+A9xkmfmB -----END CERTIFICATE-----Generated at Mon Jan 12 12:55:44 2026 by rpki-client