This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/NY2MX1mgk76QbEK78KfRCv9HXlc.roa File: NY2MX1mgk76QbEK78KfRCv9HXlc.roa (raw, json) Hash identifier: n052UQO+ldLs19+3y0B7Wj4/DIUQ0nHDh3aGl0cSB9U= Subject key identifier: 35:8D:8C:5F:59:A0:93:BE:90:6C:42:BB:F0:A7:D1:0A:FF:47:5E:57 Certificate issuer: /CN=8533ef46116fd9d21bfb533e44bde517890c24dc Certificate serial: 019B7BA3C26E6858C387C9D99B5497E620D1 Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/NY2MX1mgk76QbEK78KfRCv9HXlc.roa Signing time: Thu 01 Jan 2026 22:18:08 +0000 ROA not before: Thu 01 Jan 2026 22:18:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3356 IP address blocks: 45.14.82.0/24 maxlen: 24 45.85.128.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:c2:6e:68:58:c3:87:c9:d9:9b:54:97:e6:20:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc Validity Not Before: Jan 1 22:18:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=358d8c5f59a093be906c42bbf0a7d10aff475e57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:f2:9e:ca:4c:b5:d3:5d:73:56:d5:99:95:54: 37:84:6f:64:b0:77:12:fc:33:39:1e:dd:87:56:9b: de:3c:65:c9:76:c4:7f:47:06:50:c1:07:4c:3b:fd: 2a:fe:8e:a3:0d:ee:90:31:08:a2:c1:60:7c:3b:fe: 7f:14:da:40:db:b2:18:23:fa:fa:89:b5:da:f3:77: ee:bf:9d:0d:68:ad:18:97:b0:a7:54:10:78:85:26: e6:2e:c2:d5:29:ab:8a:40:b2:c4:ce:2c:e0:20:3c: 09:d0:aa:ba:38:a3:f4:3d:08:4b:e1:81:a2:ce:bf: f7:f7:39:e0:35:21:7f:82:3d:83:c9:9a:d9:8a:22: af:fc:27:8c:12:a6:1c:e3:54:d8:34:4b:09:a3:b7: 20:7b:ee:07:08:66:30:30:9c:21:b3:ce:41:10:3e: 1d:12:c7:64:77:ef:ce:d9:3d:9e:65:1f:90:09:ff: 01:fa:9f:62:d8:b0:94:8b:e1:18:41:ed:d4:19:b5: fe:76:ce:46:a0:6d:15:66:98:4a:07:02:0e:68:ea: 40:b4:5f:32:bb:6f:ad:f3:38:32:dc:f2:e2:b5:00: 6a:ca:a3:fb:3d:ac:db:3f:ee:af:87:0d:54:dc:6b: e2:e7:6b:8a:08:6e:b7:4b:b5:40:3e:48:37:c2:5f: da:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:8D:8C:5F:59:A0:93:BE:90:6C:42:BB:F0:A7:D1:0A:FF:47:5E:57 X509v3 Authority Key Identifier: keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/NY2MX1mgk76QbEK78KfRCv9HXlc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.14.82.0/24 45.85.128.0/24 Signature Algorithm: sha256WithRSAEncryption 17:36:93:e6:80:57:40:fd:94:c1:72:ba:b7:f6:5c:d5:2e:e1: ec:ba:7b:4a:b3:b9:8e:57:73:4c:4b:42:3b:0c:ac:27:3b:20: e5:ab:1b:9e:ce:cd:f3:4f:c0:d9:1a:d7:66:13:80:46:27:05: 8a:fc:87:95:46:09:92:5e:b6:1f:92:b6:d0:4c:4a:8c:a3:5e: f1:f0:8b:c6:93:65:f8:ed:2a:b2:10:d4:f0:86:5c:7f:a5:c7: 93:b8:0a:27:c8:0c:92:c2:fc:b4:2d:73:98:6f:f9:a8:2c:10: d2:c6:67:53:81:54:84:13:5a:2d:24:ad:a3:18:66:32:d6:e2: a3:2d:54:d0:b4:48:79:bc:76:f7:52:98:b9:92:45:ed:da:9b: 56:b2:5d:60:52:d6:56:53:df:7a:72:f3:f2:7a:90:3e:26:b6: 36:23:91:d8:11:4f:08:56:4d:df:f9:c9:2a:5d:8b:c4:be:9f: 5c:55:34:c7:33:0d:95:79:9a:81:17:77:18:ec:2b:be:5f:49: 2c:b3:35:55:93:ad:4b:63:6b:ef:72:71:ef:49:d6:52:c0:8f: 4a:d5:19:29:9b:b4:14:01:c6:b7:4d:33:a7:88:9e:e8:eb:1f: 2d:df:9f:3e:f6:34:f7:aa:4e:a9:c6:70:20:cd:b4:48:0b:33: de:ad:8a:92 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt7o8JuaFjDh8nZm1SX5iDRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw YzI0ZGMwHhcNMjYwMTAxMjIxODA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNThkOGM1ZjU5YTA5M2JlOTA2YzQyYmJmMGE3ZDEwYWZmNDc1ZTU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/Keyky1011zVtWZlVQ3hG9ksHcS /DM5Ht2HVpvePGXJdsR/RwZQwQdMO/0q/o6jDe6QMQiiwWB8O/5/FNpA27IYI/r6 ibXa83fuv50NaK0Yl7CnVBB4hSbmLsLVKauKQLLEzizgIDwJ0Kq6OKP0PQhL4YGi zr/39zngNSF/gj2DyZrZiiKv/CeMEqYc41TYNEsJo7cge+4HCGYwMJwhs85BED4d Esdkd+/O2T2eZR+QCf8B+p9i2LCUi+EYQe3UGbX+ds5GoG0VZphKBwIOaOpAtF8y u2+t8zgy3PLitQBqyqP7PazbP+6vhw1U3Gvi52uKCG63S7VAPkg3wl/amQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFDWNjF9ZoJO+kGxCu/Cn0Qr/R15XMB8GA1UdIwQY MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt NzM5MjNkYWVmMTE0LzEvTlkyTVgxbWdrNzZRYkVLNzhLZlJDdjlIWGxjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0 LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQ5SAwQA LVWAMA0GCSqGSIb3DQEBCwUAA4IBAQAXNpPmgFdA/ZTBcrq39lzVLuHsuntKs7mO V3NMS0I7DKwnOyDlqxuezs3zT8DZGtdmE4BGJwWK/IeVRgmSXrYfkrbQTEqMo17x 8IvGk2X47SqyENTwhlx/pceTuAonyAySwvy0LXOYb/moLBDSxmdTgVSEE1otJK2j GGYy1uKjLVTQtEh5vHb3Upi5kkXt2ptWsl1gUtZWU996cvPyepA+JrY2I5HYEU8I Vk3f+ckqXYvEvp9cVTTHMw2VeZqBF3cY7Cu+X0ksszVVk61LY2vvcnHvSdZSwI9K 1Rkpm7QUAca3TTOniJ7o6x8t358+9jT3qk6pxnAgzbRICzPerYqS -----END CERTIFICATE-----Generated at Wed Jan 21 04:05:01 2026 by rpki-client