This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/e74f5f-75c5-4a75-98b9-9fecbd25d434/1/Nd50iVrPYors-OE3V9sF40Sl2Ws.roa File: Nd50iVrPYors-OE3V9sF40Sl2Ws.roa (raw, json) Hash identifier: 8W9R9422ra+klJo6tlOJASq6q8gfKHZchw1aKhxM8nI= Subject key identifier: 35:DE:74:89:5A:CF:62:8A:EC:F8:E1:37:57:DB:05:E3:44:A5:D9:6B Certificate issuer: /CN=36bd4a382dae2be5cb98b35e5a048d03b4ccbe2b Certificate serial: 019B7B35DB67B206E43C0F59193B64E62175 Authority key identifier: 36:BD:4A:38:2D:AE:2B:E5:CB:98:B3:5E:5A:04:8D:03:B4:CC:BE:2B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nr1KOC2uK-XLmLNeWgSNA7TMvis.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/e74f5f-75c5-4a75-98b9-9fecbd25d434/1/Nd50iVrPYors-OE3V9sF40Sl2Ws.roa Signing time: Thu 01 Jan 2026 20:18:05 +0000 ROA not before: Thu 01 Jan 2026 20:18:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12902 IP address blocks: 185.211.210.0/23 maxlen: 23 185.211.210.0/24 maxlen: 24 185.211.211.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/e74f5f-75c5-4a75-98b9-9fecbd25d434/1/Nr1KOC2uK-XLmLNeWgSNA7TMvis.crl rsync://rpki.ripe.net/repository/DEFAULT/17/e74f5f-75c5-4a75-98b9-9fecbd25d434/1/Nr1KOC2uK-XLmLNeWgSNA7TMvis.mft rsync://rpki.ripe.net/repository/DEFAULT/Nr1KOC2uK-XLmLNeWgSNA7TMvis.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:39:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:db:67:b2:06:e4:3c:0f:59:19:3b:64:e6:21:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36bd4a382dae2be5cb98b35e5a048d03b4ccbe2b Validity Not Before: Jan 1 20:18:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=35de74895acf628aecf8e13757db05e344a5d96b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:14:17:e6:6c:c4:f4:97:78:3e:aa:f4:b5:e7: 12:ad:77:ac:7b:fb:c3:14:2a:d9:87:22:ab:ea:38: dd:eb:6a:eb:45:27:45:c5:9e:52:f1:77:90:be:37: 54:0b:58:eb:63:fd:27:76:9d:6e:9d:e7:6d:6a:6b: 34:96:fb:7b:c0:60:e4:4a:36:7e:6d:c6:50:72:3f: c9:ba:36:56:be:a7:54:2c:40:d2:3d:c1:10:7d:ac: 5d:e3:39:11:95:f1:bb:b4:af:d7:d8:2a:9e:26:73: 2c:41:71:07:d4:62:99:ed:3c:d4:aa:15:af:f1:88: 46:e1:08:3b:98:51:48:8c:16:15:53:3e:02:cd:47: 8b:de:24:77:64:1e:4b:1f:8f:ac:94:84:0b:70:f7: 74:da:86:fd:57:51:ec:94:47:e3:4d:e5:aa:25:7d: 97:b2:be:d0:2f:d0:c5:62:bd:d1:be:65:99:5d:f4: 34:0e:6a:12:29:a6:19:9c:25:f0:6e:c0:3c:bf:ee: 65:40:61:6f:a2:9f:7f:7d:81:30:24:12:ee:ed:2b: e8:84:fe:37:bd:a7:77:a8:45:79:c7:46:76:64:30: 9f:eb:8b:62:ed:e8:a5:a7:15:56:1d:8b:5b:c9:30: b7:f0:8f:42:0d:83:18:f5:b4:88:c0:99:f9:3c:0d: 01:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:DE:74:89:5A:CF:62:8A:EC:F8:E1:37:57:DB:05:E3:44:A5:D9:6B X509v3 Authority Key Identifier: keyid:36:BD:4A:38:2D:AE:2B:E5:CB:98:B3:5E:5A:04:8D:03:B4:CC:BE:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nr1KOC2uK-XLmLNeWgSNA7TMvis.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/e74f5f-75c5-4a75-98b9-9fecbd25d434/1/Nd50iVrPYors-OE3V9sF40Sl2Ws.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/e74f5f-75c5-4a75-98b9-9fecbd25d434/1/Nr1KOC2uK-XLmLNeWgSNA7TMvis.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.211.210.0/23 Signature Algorithm: sha256WithRSAEncryption 1f:94:44:44:48:c9:fa:6b:44:f4:fc:b7:44:e5:c5:84:dd:7b: 4e:e9:ac:fe:98:b0:08:b7:77:98:73:71:11:e9:a1:4c:c6:5c: 60:15:72:d6:40:28:6e:60:16:22:60:55:5f:f2:57:f7:44:82: ff:90:46:6c:89:54:e7:30:85:e3:7b:47:44:f4:1e:98:4e:0f: 97:c2:78:1f:f3:29:b5:6b:91:6e:a5:ef:5c:52:bd:0a:99:28: 51:aa:cd:a9:9e:f8:af:57:83:d3:02:6c:df:78:39:78:9b:f3: ee:63:98:7f:a5:02:b8:af:17:a5:1d:d1:1d:23:cb:19:35:94: c5:22:83:7d:5e:40:56:9c:e0:cc:56:60:cc:96:0a:57:d4:4e: 6d:2a:c2:11:9a:e0:4f:ae:a5:ea:08:ae:9e:76:52:bc:18:63: 32:4b:5b:3f:12:cf:0c:43:c6:40:61:44:2c:40:06:19:62:21: 03:f7:98:06:fe:15:fe:be:cf:71:19:39:9f:60:a1:e1:12:c6: 43:19:3b:83:ce:6d:3e:b8:1b:ea:96:0f:47:28:dc:39:45:33: 18:a2:6b:9c:28:a8:2e:a6:bb:b6:3a:f1:6c:0d:78:4a:18:3b: 26:a5:a4:99:d7:c9:13:bf:1c:a6:c0:65:bd:b2:c9:4b:d7:f9: 0e:96:32:50 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7NdtnsgbkPA9ZGTtk5iF1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2YmQ0YTM4MmRhZTJiZTVjYjk4YjM1ZTVhMDQ4ZDAzYjRj Y2JlMmIwHhcNMjYwMTAxMjAxODA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNWRlNzQ4OTVhY2Y2MjhhZWNmOGUxMzc1N2RiMDVlMzQ0YTVkOTZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRQX5mzE9Jd4Pqr0tecSrXese/vD FCrZhyKr6jjd62rrRSdFxZ5S8XeQvjdUC1jrY/0ndp1unedtams0lvt7wGDkSjZ+ bcZQcj/JujZWvqdULEDSPcEQfaxd4zkRlfG7tK/X2CqeJnMsQXEH1GKZ7TzUqhWv 8YhG4Qg7mFFIjBYVUz4CzUeL3iR3ZB5LH4+slIQLcPd02ob9V1HslEfjTeWqJX2X sr7QL9DFYr3RvmWZXfQ0DmoSKaYZnCXwbsA8v+5lQGFvop9/fYEwJBLu7SvohP43 vad3qEV5x0Z2ZDCf64ti7eilpxVWHYtbyTC38I9CDYMY9bSIwJn5PA0BFQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFDXedIlaz2KK7PjhN1fbBeNEpdlrMB8GA1UdIwQY MBaAFDa9Sjgtrivly5izXloEjQO0zL4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnIxS09DMnVLLVhMbUxOZVdnU05BN1RNdmlzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9lNzRmNWYtNzVjNS00YTc1LTk4Yjkt OWZlY2JkMjVkNDM0LzEvTmQ1MGlWclBZb3JzLU9FM1Y5c0Y0MFNsMldzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy9lNzRmNWYtNzVjNS00YTc1LTk4YjktOWZlY2JkMjVkNDM0 LzEvTnIxS09DMnVLLVhMbUxOZVdnU05BN1RNdmlzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudPSMA0G CSqGSIb3DQEBCwUAA4IBAQAflERESMn6a0T0/LdE5cWE3XtO6az+mLAIt3eYc3ER 6aFMxlxgFXLWQChuYBYiYFVf8lf3RIL/kEZsiVTnMIXje0dE9B6YTg+Xwngf8ym1 a5Fupe9cUr0KmShRqs2pnvivV4PTAmzfeDl4m/PuY5h/pQK4rxelHdEdI8sZNZTF IoN9XkBWnODMVmDMlgpX1E5tKsIRmuBPrqXqCK6edlK8GGMyS1s/Es8MQ8ZAYUQs QAYZYiED95gG/hX+vs9xGTmfYKHhEsZDGTuDzm0+uBvqlg9HKNw5RTMYomucKKgu pru2OvFsDXhKGDsmpaSZ18kTvxymwGW9sslL1/kOljJQ -----END CERTIFICATE-----Generated at Tue Jan 27 02:50:13 2026 by rpki-client