This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/1-Nznx-18fNZ6F7fV7FWsvpQVpSk.roa File: 1-Nznx-18fNZ6F7fV7FWsvpQVpSk.roa (raw, json) Hash identifier: ESa0OQif8LkNT9zKRORM4Qe3nNaXNgqNLhdo7JNem/0= Subject key identifier: F8:DC:E7:C7:ED:7C:7C:D6:7A:17:B7:D5:EC:55:AC:BE:94:15:A5:29 Certificate issuer: /CN=b6f3db35659133315d2fcf93058dce350a4cb17a Certificate serial: 019B7E389611271888936F140E59C21CB699 Authority key identifier: B6:F3:DB:35:65:91:33:31:5D:2F:CF:93:05:8D:CE:35:0A:4C:B1:7A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tvPbNWWRMzFdL8-TBY3ONQpMsXo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/1-Nznx-18fNZ6F7fV7FWsvpQVpSk.roa Signing time: Fri 02 Jan 2026 10:19:56 +0000 ROA not before: Fri 02 Jan 2026 10:19:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212955 IP address blocks: 194.44.21.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/tvPbNWWRMzFdL8-TBY3ONQpMsXo.crl rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/tvPbNWWRMzFdL8-TBY3ONQpMsXo.mft rsync://rpki.ripe.net/repository/DEFAULT/tvPbNWWRMzFdL8-TBY3ONQpMsXo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 18 Jan 2026 12:00:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:96:11:27:18:88:93:6f:14:0e:59:c2:1c:b6:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b6f3db35659133315d2fcf93058dce350a4cb17a Validity Not Before: Jan 2 10:19:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f8dce7c7ed7c7cd67a17b7d5ec55acbe9415a529 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:c0:22:63:66:42:49:e7:9e:48:5e:f1:28:a6: 53:38:25:8c:f4:99:f6:87:e3:94:ce:63:59:64:b1: 50:66:4b:bf:5b:bf:2f:b2:ba:70:97:1c:6e:8b:64: 4c:f5:d9:16:42:b2:c8:44:8e:c6:88:d1:6c:eb:e3: c4:d5:e5:7f:07:02:6d:33:b4:cb:54:67:be:88:3e: 44:a4:bf:27:34:cf:17:be:78:20:ec:43:c4:65:fb: a5:88:0a:61:71:31:78:7a:b4:4a:66:61:05:88:b9: 4c:f5:37:d8:0c:72:23:f5:0f:2f:12:d3:9f:27:b5: 22:3b:5d:2a:bc:f0:77:54:51:30:14:bf:c9:4b:c2: 19:bb:4e:74:39:39:c0:8f:13:bb:f9:b5:bd:76:36: 8e:9e:07:21:fa:26:f9:bc:8f:66:8a:a5:4b:bb:dc: 38:39:6a:f8:47:0d:92:93:97:08:9a:a8:d2:7c:c7: b7:77:32:ac:8a:2e:b6:61:f1:e3:fb:0d:30:ed:da: 42:44:28:3b:c2:b2:04:53:b5:b9:68:a1:8f:11:84: e2:31:69:b5:a7:65:f4:9b:fa:4e:ff:92:9c:a6:d0: 4a:b9:c9:f0:cc:5a:8b:96:89:f4:1c:85:50:4c:97: 5f:b6:df:a5:4c:57:7b:c2:51:6a:17:cf:df:a8:ef: 35:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:DC:E7:C7:ED:7C:7C:D6:7A:17:B7:D5:EC:55:AC:BE:94:15:A5:29 X509v3 Authority Key Identifier: keyid:B6:F3:DB:35:65:91:33:31:5D:2F:CF:93:05:8D:CE:35:0A:4C:B1:7A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tvPbNWWRMzFdL8-TBY3ONQpMsXo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/1-Nznx-18fNZ6F7fV7FWsvpQVpSk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/tvPbNWWRMzFdL8-TBY3ONQpMsXo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.44.21.0/24 Signature Algorithm: sha256WithRSAEncryption 03:6a:31:ba:be:2e:4d:a3:c0:cb:57:f0:5a:c6:37:9d:52:69: 48:cc:b8:74:3d:46:a7:53:59:7e:5e:cd:50:39:a8:da:fa:80: 89:05:9f:8d:2e:2e:c9:a0:8f:0a:ee:69:fc:2a:86:d5:3c:8b: aa:b7:46:c4:ab:91:ba:e3:ab:f1:01:32:1b:08:84:c3:1e:21: 02:88:a7:6c:e6:db:81:cb:9f:7a:d7:5c:19:48:26:c6:a5:93: 6f:4f:0e:70:f7:67:83:fe:c1:be:d1:ff:ee:15:38:f3:8a:4c: 53:71:5b:c6:53:fa:51:ee:4a:2c:04:2f:46:92:b6:22:42:13: b0:91:71:50:0a:0b:36:83:f0:0b:eb:a1:8a:b5:7f:0d:11:c3: 63:b7:20:8a:b5:db:e4:ac:eb:a6:f8:e4:cb:33:f7:1f:b7:36: 1d:fd:ee:06:ea:9b:27:e0:41:31:b0:68:45:f4:61:8a:10:53: a2:46:e5:df:44:9b:db:e4:d3:50:3b:0d:eb:5c:74:93:4e:73: f2:26:6e:6b:bf:3f:fa:c8:aa:0b:07:e4:20:fe:6c:7b:ec:bf: ee:15:ad:ca:e3:e0:ae:1e:6d:62:67:9b:71:31:63:36:96:b6: 3d:9f:8b:eb:04:5e:d6:5e:07:f6:da:a8:df:15:4d:17:8d:1c: 1e:5e:cd:7a -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt+OJYRJxiIk28UDlnCHLaZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI2ZjNkYjM1NjU5MTMzMzE1ZDJmY2Y5MzA1OGRjZTM1MGE0 Y2IxN2EwHhcNMjYwMTAyMTAxOTU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmOGRjZTdjN2VkN2M3Y2Q2N2ExN2I3ZDVlYzU1YWNiZTk0MTVhNTI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsAiY2ZCSeeeSF7xKKZTOCWM9Jn2 h+OUzmNZZLFQZku/W78vsrpwlxxui2RM9dkWQrLIRI7GiNFs6+PE1eV/BwJtM7TL VGe+iD5EpL8nNM8Xvngg7EPEZfuliAphcTF4erRKZmEFiLlM9TfYDHIj9Q8vEtOf J7UiO10qvPB3VFEwFL/JS8IZu050OTnAjxO7+bW9djaOngch+ib5vI9miqVLu9w4 OWr4Rw2Sk5cImqjSfMe3dzKsii62YfHj+w0w7dpCRCg7wrIEU7W5aKGPEYTiMWm1 p2X0m/pO/5KcptBKucnwzFqLlon0HIVQTJdftt+lTFd7wlFqF8/fqO81ZwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFPjc58ftfHzWehe31exVrL6UFaUpMB8GA1UdIwQY MBaAFLbz2zVlkTMxXS/PkwWNzjUKTLF6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdHZQYk5XV1JNekZkTDgtVEJZM09OUXBNc1hvLmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC83MGJmZmUtYjRmMy00NDllLTgxZWQt NTQ5ZWU2ZDMwZmI2LzEvMS1Oem54LTE4Zk5aNkY3ZlY3RldzdnBRVnBTay5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvMWQvNzBiZmZlLWI0ZjMtNDQ5ZS04MWVkLTU0OWVlNmQzMGZi Ni8xL3R2UGJOV1dSTXpGZEw4LVRCWTNPTlFwTXNYby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIsFTAN BgkqhkiG9w0BAQsFAAOCAQEAA2oxur4uTaPAy1fwWsY3nVJpSMy4dD1Gp1NZfl7N UDmo2vqAiQWfjS4uyaCPCu5p/CqG1TyLqrdGxKuRuuOr8QEyGwiEwx4hAoinbObb gcufetdcGUgmxqWTb08OcPdng/7BvtH/7hU484pMU3FbxlP6Ue5KLAQvRpK2IkIT sJFxUAoLNoPwC+uhirV/DRHDY7cgirXb5KzrpvjkyzP3H7c2Hf3uBuqbJ+BBMbBo RfRhihBTokbl30Sb2+TTUDsN61x0k05z8iZua78/+siqCwfkIP5se+y/7hWtyuPg rh5tYmebcTFjNpa2PZ+L6wRe1l4H9tqo3xVNF40cHl7Neg== -----END CERTIFICATE-----Generated at Sat Jan 17 20:47:37 2026 by rpki-client