This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/67a4ce-b8ba-4562-9a37-24d818ba7f29/1/nm43m5JBni2gazwkwkpR5vwEWZE.roa File: nm43m5JBni2gazwkwkpR5vwEWZE.roa (raw, json) Hash identifier: vSYWgwULGrCYTXxb/vfIvAtMG0pvAZFSpwnb7bS2Sfc= Subject key identifier: 9E:6E:37:9B:92:41:9E:2D:A0:6B:3C:24:C2:4A:51:E6:FC:04:59:91 Certificate issuer: /CN=798d7013a7fdbb5663fd384a4fed12303145e3ce Certificate serial: 019B79112929BB16C14F67E4EC5250780764 Authority key identifier: 79:8D:70:13:A7:FD:BB:56:63:FD:38:4A:4F:ED:12:30:31:45:E3:CE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY1wE6f9u1Zj_ThKT-0SMDFF484.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/67a4ce-b8ba-4562-9a37-24d818ba7f29/1/nm43m5JBni2gazwkwkpR5vwEWZE.roa Signing time: Thu 01 Jan 2026 10:18:46 +0000 ROA not before: Thu 01 Jan 2026 10:18:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59717 IP address blocks: 45.80.124.0/22 maxlen: 22 91.239.72.0/24 maxlen: 24 2a0e:4280::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/67a4ce-b8ba-4562-9a37-24d818ba7f29/1/eY1wE6f9u1Zj_ThKT-0SMDFF484.crl rsync://rpki.ripe.net/repository/DEFAULT/21/67a4ce-b8ba-4562-9a37-24d818ba7f29/1/eY1wE6f9u1Zj_ThKT-0SMDFF484.mft rsync://rpki.ripe.net/repository/DEFAULT/eY1wE6f9u1Zj_ThKT-0SMDFF484.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:29:29:bb:16:c1:4f:67:e4:ec:52:50:78:07:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=798d7013a7fdbb5663fd384a4fed12303145e3ce Validity Not Before: Jan 1 10:18:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9e6e379b92419e2da06b3c24c24a51e6fc045991 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:0e:c3:9c:1a:81:f9:bb:12:2e:79:c5:15:d2: b3:a1:9b:a3:4b:29:6a:47:e6:2b:27:6f:33:09:39: 8d:c8:33:5c:a9:e4:27:26:d1:c0:30:f9:93:69:ff: bb:9c:e4:48:13:81:a5:54:7f:ce:0c:f8:81:3b:8f: 6f:dc:54:79:e3:77:e4:6c:e0:be:70:43:7b:6a:62: 99:38:7d:f0:12:8e:53:42:b5:9f:70:97:57:93:8d: 53:39:77:1f:d2:15:53:a2:54:c1:54:33:40:58:15: 11:f5:00:45:0e:12:4c:66:9f:1b:ad:87:10:1f:39: 66:81:c0:7a:c2:6c:eb:f1:fc:99:1e:fd:6d:55:07: 53:0c:a1:12:d4:84:31:98:94:f6:82:12:fe:c1:3c: 53:d0:e9:16:a0:f5:34:12:bb:60:66:f2:ec:8f:b6: e9:6c:7f:8e:58:1a:ac:00:1e:3b:eb:e1:0b:d8:f5: c3:46:96:d2:57:71:91:10:53:a0:7f:7c:d0:d5:96: 43:27:65:38:78:4b:6d:8b:90:9d:f4:e2:eb:0a:8b: bf:1b:1e:6c:e8:4b:67:6c:ea:26:86:fd:15:a6:e2: a0:0c:8f:62:96:13:df:33:df:fb:d0:e9:bd:e9:79: cf:73:a6:27:e3:17:81:a4:87:7f:14:ae:2c:5e:16: 11:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:6E:37:9B:92:41:9E:2D:A0:6B:3C:24:C2:4A:51:E6:FC:04:59:91 X509v3 Authority Key Identifier: keyid:79:8D:70:13:A7:FD:BB:56:63:FD:38:4A:4F:ED:12:30:31:45:E3:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY1wE6f9u1Zj_ThKT-0SMDFF484.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/67a4ce-b8ba-4562-9a37-24d818ba7f29/1/nm43m5JBni2gazwkwkpR5vwEWZE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/67a4ce-b8ba-4562-9a37-24d818ba7f29/1/eY1wE6f9u1Zj_ThKT-0SMDFF484.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.80.124.0/22 91.239.72.0/24 IPv6: 2a0e:4280::/29 Signature Algorithm: sha256WithRSAEncryption bc:93:1e:31:ea:03:42:b2:0e:de:05:71:67:83:2e:07:63:ef: a8:cd:1f:21:10:37:92:1b:f1:f6:8d:23:95:bd:e8:a7:d8:1e: 25:bb:64:fd:29:87:28:9b:6a:35:e2:79:ac:62:33:1d:12:2f: 3a:f9:d2:75:1c:60:ac:17:20:94:79:f6:b6:5a:41:30:78:9d: 3a:b7:39:2c:fb:5b:5d:12:ff:32:96:ad:a4:1f:64:1d:89:e0: 1d:ef:0e:30:9f:7e:d4:02:fb:b0:90:07:61:7b:02:8f:ee:e4: 25:ae:b1:cc:33:1b:af:55:47:26:87:0f:03:00:f2:3e:cb:12: ab:f6:68:0e:0e:21:99:b1:0f:b4:b1:bb:e8:13:ee:92:f4:22: c2:4f:63:26:1f:fa:56:90:2c:c8:ec:9d:23:a0:8b:e0:30:2f: 0a:3e:7b:75:0b:65:4c:9d:34:c4:4f:b3:33:fd:af:33:db:70: 45:2f:fd:43:4b:4c:c2:7b:f5:18:70:bf:84:8d:e6:0b:52:bd: fe:80:44:a5:98:8d:b6:9b:54:05:c2:fd:d9:c7:92:3d:a2:9c: 74:86:12:41:67:cd:d2:34:f2:4d:2c:ff:a1:b0:db:12:e3:93: ef:f9:cc:7b:1d:cc:7a:04:21:53:1f:93:ef:8c:e5:fe:dc:30: e5:f5:d2:1f -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt5ESkpuxbBT2fk7FJQeAdkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc5OGQ3MDEzYTdmZGJiNTY2M2ZkMzg0YTRmZWQxMjMwMzE0 NWUzY2UwHhcNMjYwMTAxMTAxODQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZTZlMzc5YjkyNDE5ZTJkYTA2YjNjMjRjMjRhNTFlNmZjMDQ1OTkxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2A7DnBqB+bsSLnnFFdKzoZujSylq R+YrJ28zCTmNyDNcqeQnJtHAMPmTaf+7nORIE4GlVH/ODPiBO49v3FR543fkbOC+ cEN7amKZOH3wEo5TQrWfcJdXk41TOXcf0hVTolTBVDNAWBUR9QBFDhJMZp8brYcQ HzlmgcB6wmzr8fyZHv1tVQdTDKES1IQxmJT2ghL+wTxT0OkWoPU0ErtgZvLsj7bp bH+OWBqsAB476+EL2PXDRpbSV3GREFOgf3zQ1ZZDJ2U4eEtti5Cd9OLrCou/Gx5s 6EtnbOomhv0VpuKgDI9ilhPfM9/70Om96XnPc6Yn4xeBpId/FK4sXhYR/wIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFJ5uN5uSQZ4toGs8JMJKUeb8BFmRMB8GA1UdIwQY MBaAFHmNcBOn/btWY/04Sk/tEjAxRePOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZVkxd0U2Zjl1MVpqX1RoS1QtMFNNREZGNDg0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82N2E0Y2UtYjhiYS00NTYyLTlhMzct MjRkODE4YmE3ZjI5LzEvbm00M201SkJuaTJnYXp3a3drcFI1dndFV1pFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS82N2E0Y2UtYjhiYS00NTYyLTlhMzctMjRkODE4YmE3ZjI5 LzEvZVkxd0U2Zjl1MVpqX1RoS1QtMFNNREZGNDg0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLVB8AwQA W+9IMA0EAgACMAcDBQMqDkKAMA0GCSqGSIb3DQEBCwUAA4IBAQC8kx4x6gNCsg7e BXFngy4HY++ozR8hEDeSG/H2jSOVvein2B4lu2T9KYcom2o14nmsYjMdEi86+dJ1 HGCsFyCUefa2WkEweJ06tzks+1tdEv8ylq2kH2QdieAd7w4wn37UAvuwkAdhewKP 7uQlrrHMMxuvVUcmhw8DAPI+yxKr9mgODiGZsQ+0sbvoE+6S9CLCT2MmH/pWkCzI 7J0joIvgMC8KPnt1C2VMnTTET7Mz/a8z23BFL/1DS0zCe/UYcL+EjeYLUr3+gESl mI22m1QFwv3Zx5I9opx0hhJBZ83SNPJNLP+hsNsS45Pv+cx7Hcx6BCFTH5PvjOX+ 3DDl9dIf -----END CERTIFICATE-----Generated at Mon Feb 9 22:16:00 2026 by rpki-client