This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/b4NTrJ0wqsZYNbOnlFRlwrvxn98.roa File: b4NTrJ0wqsZYNbOnlFRlwrvxn98.roa (raw, json) Hash identifier: YaKbtzLGdTYFhV4rOept/l/flr4vLbWdo0P9Kn0hn94= Subject key identifier: 6F:83:53:AC:9D:30:AA:C6:58:35:B3:A7:94:54:65:C2:BB:F1:9F:DF Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7 Certificate serial: 019B7F857A41524AC9A555BB6E48DC84EBED Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/b4NTrJ0wqsZYNbOnlFRlwrvxn98.roa Signing time: Fri 02 Jan 2026 16:23:32 +0000 ROA not before: Fri 02 Jan 2026 16:23:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 216475 IP address blocks: 195.133.38.0/24 maxlen: 24 195.133.79.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 13:02:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:7a:41:52:4a:c9:a5:55:bb:6e:48:dc:84:eb:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7 Validity Not Before: Jan 2 16:23:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6f8353ac9d30aac65835b3a7945465c2bbf19fdf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:2d:a1:d9:c6:c2:95:49:d3:72:00:a6:4b:50: db:7b:d9:1f:ef:e1:aa:06:de:03:1b:e0:20:72:e1: bf:24:79:b0:37:83:46:59:7f:8d:3d:d3:68:79:7b: 2c:32:e8:ae:1d:63:ff:a6:ae:d9:8c:14:cb:f1:2a: 24:ae:9b:fa:93:dc:b0:23:bc:4b:4f:0e:fe:70:2a: 32:cf:30:e8:37:90:bc:65:36:04:1f:7f:85:99:68: d7:9e:11:25:7b:b4:e8:7f:85:47:ce:5a:b3:cf:e9: 2b:71:b9:4b:8a:2a:6b:5f:b1:37:db:a6:09:7c:26: 81:80:b7:67:cf:0d:3e:f2:71:60:6a:31:57:57:38: 92:ed:81:3e:f7:5c:91:2f:46:92:7e:dd:e4:43:af: 1b:85:e1:39:b8:f0:7a:d3:22:48:f6:c1:98:61:6d: e5:ec:ad:62:fd:e7:ca:b3:70:78:aa:2f:dd:f7:d6: 82:0d:77:8f:9b:ad:4c:02:8b:ce:2c:52:ac:74:85: 84:93:a0:77:dc:11:4b:b3:c3:93:44:ea:da:59:47: a0:e2:35:eb:41:7e:0e:1c:b7:69:3e:db:de:b8:4b: b9:6a:f6:ea:3c:78:bc:fb:a3:ed:04:0e:28:08:f9: 09:7b:ae:33:3e:de:0e:8c:dd:e0:cc:b2:09:40:d5: 10:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:83:53:AC:9D:30:AA:C6:58:35:B3:A7:94:54:65:C2:BB:F1:9F:DF X509v3 Authority Key Identifier: keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/b4NTrJ0wqsZYNbOnlFRlwrvxn98.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.133.38.0/24 195.133.79.0/24 Signature Algorithm: sha256WithRSAEncryption 67:39:52:29:29:eb:cc:4d:e2:a6:0d:ab:38:17:fc:ff:90:6f: 6a:f3:74:74:c2:99:2a:6c:dc:d4:1b:50:fe:e6:94:db:23:1d: 4f:10:93:51:0a:e6:03:26:30:c7:38:e0:73:79:1e:2e:b7:b2: 45:8b:8d:91:c1:08:8c:69:b3:57:16:27:ec:c6:19:a3:98:d4: 9b:eb:57:66:5b:4f:02:08:08:16:9d:04:96:23:ff:c3:f5:e9: 5c:71:55:18:43:8d:fa:79:84:28:9d:3c:79:e3:7d:00:bb:3c: 80:ad:1e:38:5f:57:96:e1:49:8a:f7:a0:ec:ef:e6:78:04:41: 20:fc:6b:09:c7:0b:f7:57:57:30:6e:e3:f7:91:7f:96:1e:1a: 80:30:27:89:13:92:41:a6:b3:94:f5:8c:ee:60:f0:b0:28:f6: a5:cb:75:c5:0b:6b:96:c1:9c:08:25:da:5f:2f:4f:ee:5f:36: 7b:b3:62:49:b5:1f:a1:78:cf:dc:6a:f5:c4:a4:ca:72:a0:5c: 0c:d2:0a:32:66:d7:d9:e7:a0:20:93:57:0b:3f:b5:6c:3d:19: 20:18:40:0a:1b:5c:d6:bb:f4:44:76:32:b9:81:07:b7:6e:38: 47:80:76:7e:28:58:d0:66:b1:e4:b9:2b:71:b8:e4:47:27:20: 99:a4:8d:86 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/hXpBUkrJpVW7bkjchOvtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw ZTFhYzcwHhcNMjYwMTAyMTYyMzMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZjgzNTNhYzlkMzBhYWM2NTgzNWIzYTc5NDU0NjVjMmJiZjE5ZmRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAii2h2cbClUnTcgCmS1Dbe9kf7+Gq Bt4DG+AgcuG/JHmwN4NGWX+NPdNoeXssMuiuHWP/pq7ZjBTL8Sokrpv6k9ywI7xL Tw7+cCoyzzDoN5C8ZTYEH3+FmWjXnhEle7Tof4VHzlqzz+krcblLiiprX7E326YJ fCaBgLdnzw0+8nFgajFXVziS7YE+91yRL0aSft3kQ68bheE5uPB60yJI9sGYYW3l 7K1i/efKs3B4qi/d99aCDXePm61MAovOLFKsdIWEk6B33BFLs8OTROraWUeg4jXr QX4OHLdpPtveuEu5avbqPHi8+6PtBA4oCPkJe64zPt4OjN3gzLIJQNUQcQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFG+DU6ydMKrGWDWzp5RUZcK78Z/fMB8GA1UdIwQY MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt NWE0MjQyOGYxMTQzLzEvYjROVHJKMHdxc1pZTmJPbmxGUmx3cnZ4bjk4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw4UmAwQA w4VPMA0GCSqGSIb3DQEBCwUAA4IBAQBnOVIpKevMTeKmDas4F/z/kG9q83R0wpkq bNzUG1D+5pTbIx1PEJNRCuYDJjDHOOBzeR4ut7JFi42RwQiMabNXFifsxhmjmNSb 61dmW08CCAgWnQSWI//D9elccVUYQ436eYQonTx5430AuzyArR44X1eW4UmK96Ds 7+Z4BEEg/GsJxwv3V1cwbuP3kX+WHhqAMCeJE5JBprOU9YzuYPCwKPaly3XFC2uW wZwIJdpfL0/uXzZ7s2JJtR+heM/cavXEpMpyoFwM0goyZtfZ56Agk1cLP7VsPRkg GEAKG1zWu/REdjK5gQe3bjhHgHZ+KFjQZrHkuStxuORHJyCZpI2G -----END CERTIFICATE-----Generated at Mon Jan 19 20:00:40 2026 by rpki-client