This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/NSYoMgdv_GgQV27_GIPye5U9jPQ.roa File: NSYoMgdv_GgQV27_GIPye5U9jPQ.roa (raw, json) Hash identifier: 4AlK45WxtVu086BCXSG5HnwL06CQHoIesX5EAX9HMxU= Subject key identifier: 35:26:28:32:07:6F:FC:68:10:57:6E:FF:18:83:F2:7B:95:3D:8C:F4 Certificate issuer: /CN=01a56c42ed7cb963f285503cec0606d60d0ab387 Certificate serial: 019BF99BC498E7F4BF1BB427D31195C2A073 Authority key identifier: 01:A5:6C:42:ED:7C:B9:63:F2:85:50:3C:EC:06:06:D6:0D:0A:B3:87 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AaVsQu18uWPyhVA87AYG1g0Ks4c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/NSYoMgdv_GgQV27_GIPye5U9jPQ.roa Signing time: Mon 26 Jan 2026 09:21:33 +0000 ROA not before: Mon 26 Jan 2026 09:21:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 28676 IP address blocks: 91.245.216.0/23 maxlen: 23 93.95.128.0/21 maxlen: 21 178.250.160.0/21 maxlen: 21 185.158.156.0/22 maxlen: 22 185.169.128.0/22 maxlen: 22 188.172.112.0/20 maxlen: 20 195.64.132.0/23 maxlen: 23 217.19.176.0/20 maxlen: 20 2a00:1f08::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.crl rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.mft rsync://rpki.ripe.net/repository/DEFAULT/AaVsQu18uWPyhVA87AYG1g0Ks4c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f9:9b:c4:98:e7:f4:bf:1b:b4:27:d3:11:95:c2:a0:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=01a56c42ed7cb963f285503cec0606d60d0ab387 Validity Not Before: Jan 26 09:21:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=35262832076ffc6810576eff1883f27b953d8cf4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:e4:85:1b:fe:a0:92:f5:61:c2:9e:48:08:2c: bb:27:cf:90:76:1e:e8:f4:52:37:4f:18:c0:1c:d4: 09:47:05:eb:b1:ed:c6:53:94:f0:a1:1c:c3:a2:db: 51:46:0d:4d:07:4a:4e:c4:f6:a7:fe:3f:69:f1:ca: c6:b7:23:81:8b:0d:d4:76:32:2f:40:87:11:2f:c0: 07:18:71:77:10:85:c9:58:2c:b9:fa:d7:0e:2b:c7: 02:bb:bb:a9:fb:7e:49:7d:ea:91:17:13:50:4c:79: ec:ee:fc:d1:87:14:a2:a7:2e:aa:16:42:2d:cc:00: 41:d4:55:2c:df:6b:3c:06:3c:f9:89:4e:55:42:df: df:eb:b5:22:8d:5e:37:37:e0:22:15:1e:b6:18:f6: 81:16:aa:30:26:02:56:f0:2d:50:3b:49:6d:27:ba: d8:85:11:4c:9e:d6:54:4a:e0:08:30:6b:38:05:db: 8e:50:79:92:07:d7:bc:74:52:b0:fe:cb:9d:17:c7: e7:9f:62:66:a4:0b:ce:92:9d:84:74:7a:92:f4:b3: 9a:93:cb:e0:64:f8:53:20:30:16:ca:ef:7a:7a:4b: e3:98:02:de:5c:a4:f5:66:33:75:ad:47:5b:f3:e8: fe:a9:85:04:b2:76:46:74:a7:79:ab:a2:78:bc:4d: 2a:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:26:28:32:07:6F:FC:68:10:57:6E:FF:18:83:F2:7B:95:3D:8C:F4 X509v3 Authority Key Identifier: keyid:01:A5:6C:42:ED:7C:B9:63:F2:85:50:3C:EC:06:06:D6:0D:0A:B3:87 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AaVsQu18uWPyhVA87AYG1g0Ks4c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/NSYoMgdv_GgQV27_GIPye5U9jPQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.245.216.0/23 93.95.128.0/21 178.250.160.0/21 185.158.156.0/22 185.169.128.0/22 188.172.112.0/20 195.64.132.0/23 217.19.176.0/20 IPv6: 2a00:1f08::/32 Signature Algorithm: sha256WithRSAEncryption 8e:1f:f2:9c:71:86:29:cd:47:73:23:1f:4a:0a:df:e3:5f:f6: c6:eb:0c:99:e8:c1:a0:95:55:89:08:9e:67:e0:79:05:07:04: b5:18:a7:2b:a3:8a:02:85:ca:91:07:aa:14:a1:21:f5:fe:24: b6:73:cc:3d:0b:13:cc:83:19:86:8b:94:ee:21:f8:7c:1e:4a: a6:34:31:c8:ce:3f:68:c0:8e:9e:2f:0c:dc:f0:6d:ea:fa:e7: 93:db:62:3b:fc:a3:8a:b4:7c:5d:50:a6:dd:84:35:a8:a5:46: bc:41:89:ef:92:cf:3b:1f:fe:b9:c9:f3:b5:b2:d3:bf:9a:82: 34:b1:4e:52:dd:eb:8c:b0:7c:f2:c9:56:52:c4:ef:67:18:6f: ff:38:c5:0f:f4:87:a3:15:05:73:0d:f5:21:32:90:02:e3:1e: ff:42:36:3e:21:e7:61:52:05:2c:46:8f:6b:1c:c1:56:29:49: 45:47:ac:3b:b4:38:ae:6b:d7:96:46:81:f2:26:5f:0b:f1:a1: 32:86:99:f5:02:08:2c:29:87:62:a1:ce:4b:f9:b9:d2:20:53: 51:73:91:5d:dd:78:42:9b:12:21:ae:3a:68:e7:02:7c:16:a1: 1a:8f:f1:77:15:7f:b5:3d:33:73:53:3d:d6:c5:2b:14:ad:e5: 0a:34:c9:7b -----BEGIN CERTIFICATE----- MIIFNjCCBB6gAwIBAgISAZv5m8SY5/S/G7Qn0xGVwqBzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAxYTU2YzQyZWQ3Y2I5NjNmMjg1NTAzY2VjMDYwNmQ2MGQw YWIzODcwHhcNMjYwMTI2MDkyMTMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNTI2MjgzMjA3NmZmYzY4MTA1NzZlZmYxODgzZjI3Yjk1M2Q4Y2Y0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OSFG/6gkvVhwp5ICCy7J8+Qdh7o 9FI3TxjAHNQJRwXrse3GU5TwoRzDottRRg1NB0pOxPan/j9p8crGtyOBiw3UdjIv QIcRL8AHGHF3EIXJWCy5+tcOK8cCu7up+35JfeqRFxNQTHns7vzRhxSipy6qFkIt zABB1FUs32s8Bjz5iU5VQt/f67UijV43N+AiFR62GPaBFqowJgJW8C1QO0ltJ7rY hRFMntZUSuAIMGs4BduOUHmSB9e8dFKw/sudF8fnn2JmpAvOkp2EdHqS9LOak8vg ZPhTIDAWyu96ekvjmALeXKT1ZjN1rUdb8+j+qYUEsnZGdKd5q6J4vE0qOwIDAQAB o4ICQjCCAj4wHQYDVR0OBBYEFDUmKDIHb/xoEFdu/xiD8nuVPYz0MB8GA1UdIwQY MBaAFAGlbELtfLlj8oVQPOwGBtYNCrOHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQWFWc1F1MTh1V1B5aFZBODdBWUcxZzBLczRjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC85OWNmZTUtNGIzNS00OWM3LTlhNzMt ZWQwN2Y1Y2FkNmQ3LzEvTlNZb01nZHZfR2dRVjI3X0dJUHllNVU5alBRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOC85OWNmZTUtNGIzNS00OWM3LTlhNzMtZWQwN2Y1Y2FkNmQ3 LzEvQWFWc1F1MTh1V1B5aFZBODdBWUcxZzBLczRjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQBW/XYAwQD XV+AAwQDsvqgAwQCuZ6cAwQCuamAAwQEvKxwAwQBw0CEAwQE2ROwMA0EAgACMAcD BQAqAB8IMA0GCSqGSIb3DQEBCwUAA4IBAQCOH/KccYYpzUdzIx9KCt/jX/bG6wyZ 6MGglVWJCJ5n4HkFBwS1GKcro4oChcqRB6oUoSH1/iS2c8w9CxPMgxmGi5TuIfh8 HkqmNDHIzj9owI6eLwzc8G3q+ueT22I7/KOKtHxdUKbdhDWopUa8QYnvks87H/65 yfO1stO/moI0sU5S3euMsHzyyVZSxO9nGG//OMUP9IejFQVzDfUhMpAC4x7/QjY+ IedhUgUsRo9rHMFWKUlFR6w7tDiua9eWRoHyJl8L8aEyhpn1AggsKYdioc5L+bnS IFNRc5Fd3XhCmxIhrjpo5wJ8FqEaj/F3FX+1PTNzUz3WxSsUreUKNMl7 -----END CERTIFICATE-----Generated at Tue Jan 27 08:48:11 2026 by rpki-client