This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/NSXY549oyeJh_ywPWUFsoFAfnFE.roa File: NSXY549oyeJh_ywPWUFsoFAfnFE.roa (raw, json) Hash identifier: PqAKJQyPO77ShWqR8N9V3ypCb33ovrN70zA1E2ZocLc= Subject key identifier: 35:25:D8:E7:8F:68:C9:E2:61:FF:2C:0F:59:41:6C:A0:50:1F:9C:51 Certificate issuer: /CN=a8c6f393350c77598c121acd3c92f7048576ef89 Certificate serial: 019B77C6A8EE3B141A94BE9B1D325B98864E Authority key identifier: A8:C6:F3:93:35:0C:77:59:8C:12:1A:CD:3C:92:F7:04:85:76:EF:89 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qMbzkzUMd1mMEhrNPJL3BIV274k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/NSXY549oyeJh_ywPWUFsoFAfnFE.roa Signing time: Thu 01 Jan 2026 04:17:46 +0000 ROA not before: Thu 01 Jan 2026 04:17:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60386 IP address blocks: 91.237.107.0/24 maxlen: 24 176.121.3.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.crl rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.mft rsync://rpki.ripe.net/repository/DEFAULT/qMbzkzUMd1mMEhrNPJL3BIV274k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:a8:ee:3b:14:1a:94:be:9b:1d:32:5b:98:86:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a8c6f393350c77598c121acd3c92f7048576ef89 Validity Not Before: Jan 1 04:17:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3525d8e78f68c9e261ff2c0f59416ca0501f9c51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:c0:45:72:f0:bc:8e:e3:ff:69:4e:b2:98:35: 9a:1d:86:2f:aa:30:49:6d:ce:77:95:3e:4f:8c:fa: 9a:ed:71:15:6f:e6:83:fa:73:f1:f2:03:17:3e:85: 82:04:5c:cc:93:da:82:50:6b:eb:e4:e4:3a:bd:30: 1b:1e:88:17:ec:b1:64:72:f8:ca:d8:ac:ca:00:e5: 33:1d:9a:4a:cb:89:2f:d6:c7:24:f0:a5:3d:fc:9f: 5a:f0:58:44:7c:df:db:4d:ec:65:84:90:89:56:25: 99:48:50:c8:d0:c7:4b:96:61:f3:cb:9b:39:01:05: 24:90:1f:47:ac:e1:f6:bb:db:6d:dd:e1:0a:b5:18: 1b:f2:f4:27:8b:e5:8d:38:53:0c:56:54:41:23:ad: fd:b1:4b:d2:65:c3:16:0f:41:30:4a:46:2a:7d:4a: 71:75:cb:c6:b4:db:8b:14:f0:09:24:e8:9a:32:55: 7d:ba:81:03:ed:cd:ed:35:df:f1:60:ec:30:98:72: d7:cc:bd:3a:ee:36:03:c3:03:b4:ed:52:81:a7:c7: 17:7f:9f:b7:a2:b2:b2:c4:4a:15:80:25:4a:f3:8d: 93:6f:8e:fa:e5:c0:fa:7a:6f:a4:d9:92:7b:6e:a3: 49:02:d1:76:56:e2:eb:a7:1d:0f:b0:1c:a9:6d:38: 8c:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:25:D8:E7:8F:68:C9:E2:61:FF:2C:0F:59:41:6C:A0:50:1F:9C:51 X509v3 Authority Key Identifier: keyid:A8:C6:F3:93:35:0C:77:59:8C:12:1A:CD:3C:92:F7:04:85:76:EF:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qMbzkzUMd1mMEhrNPJL3BIV274k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/NSXY549oyeJh_ywPWUFsoFAfnFE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.237.107.0/24 176.121.3.0/24 Signature Algorithm: sha256WithRSAEncryption b8:17:78:e9:06:4b:15:a3:b4:45:51:95:71:b0:75:0b:1a:a7: fd:b3:69:b6:03:e7:ed:6f:cf:a3:08:a6:72:2f:54:ba:53:83: 15:4b:52:56:a9:7d:d2:9b:28:95:3f:7f:15:3a:66:26:c6:2f: b1:84:15:e2:0f:f4:f4:65:e4:bf:1c:11:a4:33:50:47:56:4c: 03:68:2c:dc:ac:c5:01:bb:e9:d5:90:be:1c:a4:d4:b8:cd:c1: 3e:d2:fe:b0:bd:61:c6:23:24:84:7b:b8:0d:d1:c3:e5:9d:7b: 7d:8b:cb:40:85:27:ff:2f:19:ec:e9:59:d1:05:3a:26:ae:87: 6f:32:c7:31:71:6f:af:fd:e6:29:fa:2b:83:f5:bc:fb:e6:ae: 73:39:24:97:d5:12:5e:40:ad:79:66:66:a1:54:ac:bb:66:4d: 0e:60:81:58:71:04:17:b9:d1:15:90:bb:e8:6b:78:58:96:c1: a1:73:94:fc:00:0b:89:a1:ae:61:d3:91:62:76:f1:13:be:e7: b1:55:0d:c9:28:67:67:09:38:d5:e1:60:dc:59:ac:7c:ba:33: 9c:b9:fb:16:c7:70:3e:83:8c:a4:3e:ef:26:b7:d1:be:5e:20: 03:13:07:9f:0f:e7:12:73:c9:53:c0:cc:4a:bf:22:55:55:5d: dc:30:33:19 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt3xqjuOxQalL6bHTJbmIZOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE4YzZmMzkzMzUwYzc3NTk4YzEyMWFjZDNjOTJmNzA0ODU3 NmVmODkwHhcNMjYwMTAxMDQxNzQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNTI1ZDhlNzhmNjhjOWUyNjFmZjJjMGY1OTQxNmNhMDUwMWY5YzUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8BFcvC8juP/aU6ymDWaHYYvqjBJ bc53lT5PjPqa7XEVb+aD+nPx8gMXPoWCBFzMk9qCUGvr5OQ6vTAbHogX7LFkcvjK 2KzKAOUzHZpKy4kv1sck8KU9/J9a8FhEfN/bTexlhJCJViWZSFDI0MdLlmHzy5s5 AQUkkB9HrOH2u9tt3eEKtRgb8vQni+WNOFMMVlRBI639sUvSZcMWD0EwSkYqfUpx dcvGtNuLFPAJJOiaMlV9uoED7c3tNd/xYOwwmHLXzL067jYDwwO07VKBp8cXf5+3 orKyxEoVgCVK842Tb4765cD6em+k2ZJ7bqNJAtF2VuLrpx0PsBypbTiMUQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFDUl2OePaMniYf8sD1lBbKBQH5xRMB8GA1UdIwQY MBaAFKjG85M1DHdZjBIazTyS9wSFdu+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcU1iemt6VU1kMW1NRWhyTlBKTDNCSVYyNzRrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS83MDllMDctNDdkNS00NzIwLWI3Nzct YzZiY2EwMWIyZmY4LzEvTlNYWTU0OW95ZUpoX3l3UFdVRnNvRkFmbkZFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZS83MDllMDctNDdkNS00NzIwLWI3NzctYzZiY2EwMWIyZmY4 LzEvcU1iemt6VU1kMW1NRWhyTlBKTDNCSVYyNzRrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+1rAwQA sHkDMA0GCSqGSIb3DQEBCwUAA4IBAQC4F3jpBksVo7RFUZVxsHULGqf9s2m2A+ft b8+jCKZyL1S6U4MVS1JWqX3SmyiVP38VOmYmxi+xhBXiD/T0ZeS/HBGkM1BHVkwD aCzcrMUBu+nVkL4cpNS4zcE+0v6wvWHGIySEe7gN0cPlnXt9i8tAhSf/Lxns6VnR BTomrodvMscxcW+v/eYp+iuD9bz75q5zOSSX1RJeQK15ZmahVKy7Zk0OYIFYcQQX udEVkLvoa3hYlsGhc5T8AAuJoa5h05FidvETvuexVQ3JKGdnCTjV4WDcWax8ujOc ufsWx3A+g4ykPu8mt9G+XiADEwefD+cSc8lTwMxKvyJVVV3cMDMZ -----END CERTIFICATE-----Generated at Tue Feb 10 02:47:32 2026 by rpki-client