This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/Zkjg3hn61JFL00ei8OTWJjwR5z4.roa File: Zkjg3hn61JFL00ei8OTWJjwR5z4.roa (raw, json) Hash identifier: 588yrYLogN7emBldqJ08eH+eoXXQ8TYe9+BBfSEy2Vs= Subject key identifier: 66:48:E0:DE:19:FA:D4:91:4B:D3:47:A2:F0:E4:D6:26:3C:11:E7:3E Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba Certificate serial: 019B7AC79AB3401713505D8A56015A1512FC Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/Zkjg3hn61JFL00ei8OTWJjwR5z4.roa Signing time: Thu 01 Jan 2026 18:17:40 +0000 ROA not before: Thu 01 Jan 2026 18:17:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208828 IP address blocks: 2a07:8f00::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.mft rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:9a:b3:40:17:13:50:5d:8a:56:01:5a:15:12:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba Validity Not Before: Jan 1 18:17:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6648e0de19fad4914bd347a2f0e4d6263c11e73e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:1f:e5:f5:08:7b:ed:80:e6:0d:59:9e:ac:91: 1e:b4:29:5d:5d:a1:b4:a8:5f:75:31:f3:12:35:ef: 8a:92:db:50:bc:b5:4a:7d:1d:6a:f1:db:f3:9e:29: 03:63:d7:0c:ec:2e:2f:7a:ee:eb:78:d0:1f:cd:cb: 62:cf:de:d5:aa:88:04:75:c7:ab:16:d9:f6:3b:54: 8e:64:e8:81:4b:ca:91:b9:34:6c:83:d2:ef:d5:86: 02:99:3f:a3:cc:a5:0c:fd:9a:34:a4:34:11:44:30: 0e:56:ed:e4:4b:5a:e5:7e:56:55:4a:b8:a2:af:d8: 76:a9:7b:85:a8:bd:ba:ab:cb:57:6d:72:cb:8c:7c: 1a:14:5b:2a:4b:ec:68:bf:70:45:d6:5d:7a:0b:2c: f2:8c:05:dc:5a:a9:99:19:23:a3:a6:44:ba:f6:e7: 82:bb:42:a0:72:78:7f:71:4d:78:0a:e9:ad:34:1b: b6:88:05:f8:be:49:d9:53:bc:b6:73:4f:90:2d:60: d3:cb:cf:b9:cf:7b:43:e1:cc:f1:f7:f1:c2:a8:2d: d4:5b:55:e0:bd:15:e7:b5:61:89:67:1b:1b:37:dd: 3e:7c:b8:90:a9:f7:93:52:8d:f4:d6:d0:ed:e8:a7: 27:47:82:68:d5:dc:b6:39:e9:a0:41:33:c5:03:86: 5f:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:48:E0:DE:19:FA:D4:91:4B:D3:47:A2:F0:E4:D6:26:3C:11:E7:3E X509v3 Authority Key Identifier: keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/Zkjg3hn61JFL00ei8OTWJjwR5z4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:8f00::/29 Signature Algorithm: sha256WithRSAEncryption 1c:1a:75:14:c0:e3:e4:ec:c4:40:f3:e5:79:76:51:1d:91:76: 17:cb:a0:ee:37:20:94:d7:92:e7:0a:27:e5:89:6e:23:3e:38: d0:d2:60:1d:09:46:bd:55:41:77:89:41:f0:62:67:cf:b2:cd: a2:e6:1d:fa:0b:50:d8:24:3b:db:1f:de:9b:f1:e7:2a:da:76: 53:fb:24:6f:60:2c:1a:4c:a5:46:f6:cd:8a:d9:2f:5f:19:fb: 04:a8:89:a7:95:f0:d0:cf:f1:8f:52:5c:4e:48:53:72:72:e0: 4a:42:82:5f:f7:9d:e0:2d:ec:97:46:89:01:fb:e6:f3:cd:fa: 07:f3:03:2d:10:51:ce:88:0f:62:c6:24:a6:95:b2:3f:ee:bc: 29:b1:f2:a0:2f:6b:98:1c:8b:b0:d8:ae:ab:ef:70:4a:c2:30: b1:e5:0f:25:cf:01:2d:bf:90:87:47:d4:cb:ac:6a:a5:4b:b6: 29:99:6e:b5:2f:63:77:31:25:26:33:9f:5b:53:65:91:70:27: 6f:eb:15:39:e9:a6:ed:82:60:3f:db:19:e7:b1:59:0b:e6:4b: 19:3a:18:83:fd:f8:26:5a:43:92:33:7f:e7:5c:82:33:37:85: ae:a2:10:54:26:72:61:73:88:70:4e:5c:24:fe:26:2f:8a:a4: 60:f9:98:88 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt6x5qzQBcTUF2KVgFaFRL8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1 OTVlYmEwHhcNMjYwMTAxMTgxNzQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NjQ4ZTBkZTE5ZmFkNDkxNGJkMzQ3YTJmMGU0ZDYyNjNjMTFlNzNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0h/l9Qh77YDmDVmerJEetCldXaG0 qF91MfMSNe+KkttQvLVKfR1q8dvznikDY9cM7C4veu7reNAfzctiz97VqogEdcer Ftn2O1SOZOiBS8qRuTRsg9Lv1YYCmT+jzKUM/Zo0pDQRRDAOVu3kS1rlflZVSrii r9h2qXuFqL26q8tXbXLLjHwaFFsqS+xov3BF1l16CyzyjAXcWqmZGSOjpkS69ueC u0Kgcnh/cU14CumtNBu2iAX4vknZU7y2c0+QLWDTy8+5z3tD4czx9/HCqC3UW1Xg vRXntWGJZxsbN90+fLiQqfeTUo301tDt6KcnR4Jo1dy2OemgQTPFA4ZfzQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFGZI4N4Z+tSRS9NHovDk1iY8Eec+MB8GA1UdIwQY MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt MTA5ODJlMDQwZDUzLzEvWmtqZzNobjYxSkZMMDBlaThPVFdKandSNXo0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgePADAN BgkqhkiG9w0BAQsFAAOCAQEAHBp1FMDj5OzEQPPleXZRHZF2F8ug7jcglNeS5won 5YluIz440NJgHQlGvVVBd4lB8GJnz7LNouYd+gtQ2CQ72x/em/HnKtp2U/skb2As GkylRvbNitkvXxn7BKiJp5Xw0M/xj1JcTkhTcnLgSkKCX/ed4C3sl0aJAfvm8836 B/MDLRBRzogPYsYkppWyP+68KbHyoC9rmByLsNiuq+9wSsIwseUPJc8BLb+Qh0fU y6xqpUu2KZlutS9jdzElJjOfW1NlkXAnb+sVOemm7YJgP9sZ57FZC+ZLGToYg/34 JlpDkjN/51yCMzeFrqIQVCZyYXOIcE5cJP4mL4qkYPmYiA== -----END CERTIFICATE-----Generated at Mon Jan 12 01:58:19 2026 by rpki-client