This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/nxSiffZukE6mQ7e460Rx5V-1a1Q.roa File: nxSiffZukE6mQ7e460Rx5V-1a1Q.roa (raw, json) Hash identifier: pzrYDt10/X+WJpToSelFVj9O1wyuTbaQZr2egEcvKq4= Subject key identifier: 9F:14:A2:7D:F6:6E:90:4E:A6:43:B7:B8:EB:44:71:E5:5F:B5:6B:54 Certificate issuer: /CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3 Certificate serial: 019B7CED94F8FC6E13D33A3F407619002395 Authority key identifier: 96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/nxSiffZukE6mQ7e460Rx5V-1a1Q.roa Signing time: Fri 02 Jan 2026 04:18:23 +0000 ROA not before: Fri 02 Jan 2026 04:18:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 28748 IP address blocks: 37.26.200.0/21 maxlen: 21 134.97.0.0/16 maxlen: 17 185.23.156.0/22 maxlen: 22 192.105.75.0/24 maxlen: 24 193.22.2.0/24 maxlen: 24 195.190.142.0/24 maxlen: 24 2001:650::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/lplI0P5Nf5nVS6i__NmaGmCK4NM.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/lplI0P5Nf5nVS6i__NmaGmCK4NM.mft rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:94:f8:fc:6e:13:d3:3a:3f:40:76:19:00:23:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3 Validity Not Before: Jan 2 04:18:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9f14a27df66e904ea643b7b8eb4471e55fb56b54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:df:71:2e:a0:73:bb:66:d7:d7:a1:92:c1:f9: 79:c9:4b:a2:70:f4:5c:22:ed:a1:a6:91:de:92:56: 11:60:71:2e:c2:18:a8:71:4d:c1:62:45:50:1e:e0: 27:4e:4a:0c:59:66:fe:dd:21:da:72:10:df:eb:67: 55:1a:76:e9:8a:bd:c3:8d:c4:8e:1a:b0:e7:d6:2d: ad:9c:f0:eb:30:2e:be:1d:34:fa:ec:1a:91:ea:f7: 20:5d:61:68:d7:2c:75:98:ff:40:7b:64:2b:3f:1c: 98:07:2b:2d:37:9b:01:96:4f:e7:d4:0b:b6:ff:4b: 1a:29:b4:3c:1f:ae:b1:54:da:50:68:0f:71:51:b0: 6c:ce:c1:18:c4:a8:58:e6:fc:7e:ad:f2:07:02:2c: 80:55:25:8b:05:c1:f7:c3:bf:39:e5:6d:cb:a6:44: 87:aa:db:59:e2:97:d4:31:bc:20:9f:03:87:86:3d: ea:a7:26:20:92:08:84:ae:59:aa:38:07:17:82:97: f3:2e:cc:a3:2e:1c:08:22:65:1e:66:4c:09:db:d5: 3a:8b:7a:55:28:24:f7:1d:46:0c:a2:6c:90:5b:e5: 8f:52:bf:cb:44:e6:1b:55:c3:5f:f0:0d:da:4c:8c: c7:3f:fe:d8:c4:f2:08:03:67:be:d7:cf:07:ee:dd: 72:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:14:A2:7D:F6:6E:90:4E:A6:43:B7:B8:EB:44:71:E5:5F:B5:6B:54 X509v3 Authority Key Identifier: keyid:96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/nxSiffZukE6mQ7e460Rx5V-1a1Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/lplI0P5Nf5nVS6i__NmaGmCK4NM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.26.200.0/21 134.97.0.0/16 185.23.156.0/22 192.105.75.0/24 193.22.2.0/24 195.190.142.0/24 IPv6: 2001:650::/29 Signature Algorithm: sha256WithRSAEncryption 0c:65:67:d5:be:01:19:1d:82:2a:e7:00:34:47:ea:52:16:ea: 30:17:65:11:7a:8f:a2:96:17:44:45:ff:c8:b8:e3:d7:55:18: dd:53:a1:b5:0d:78:40:27:4d:e4:6e:ea:67:2a:97:1c:69:55: 9d:d7:8b:4c:6c:8b:90:2e:06:54:6a:cd:47:0e:09:92:8c:12: 0f:31:86:6c:e9:c1:cc:e9:bd:2a:37:a5:f1:7e:8a:b4:4f:3e: 22:b5:1b:59:45:72:41:d4:44:71:db:69:87:4f:0a:2a:b3:0e: 7c:68:8d:8c:01:84:e6:50:4e:81:60:4e:62:87:dc:bd:cc:a6: 2f:7a:ef:34:09:a1:c8:e8:1a:4c:8c:3a:09:39:45:b3:01:d7: 81:16:74:e1:41:49:91:43:f7:53:95:97:ad:8a:4e:c7:17:5f: a9:6f:2a:5b:8d:65:96:80:84:10:3d:06:fc:d7:b9:29:08:59: eb:ee:e4:2a:ec:4c:78:07:78:8a:fe:0c:fd:b7:70:44:7f:c7: e9:4b:ef:b5:51:05:fb:01:cc:47:49:58:f7:ad:a8:1c:81:a4: df:16:93:35:5a:2f:73:d9:ef:91:64:58:21:dc:3d:d3:99:0c: a1:80:70:21:6c:27:6a:aa:2f:e1:e0:3a:d9:d9:85:d9:4c:8f: 08:90:fb:f6 -----BEGIN CERTIFICATE----- MIIFKTCCBBGgAwIBAgISAZt87ZT4/G4T0zo/QHYZACOVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk2OTk0OGQwZmU0ZDdmOTlkNTRiYThiZmZjZDk5YTFhNjA4 YWUwZDMwHhcNMjYwMTAyMDQxODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZjE0YTI3ZGY2NmU5MDRlYTY0M2I3YjhlYjQ0NzFlNTVmYjU2YjU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo99xLqBzu2bX16GSwfl5yUuicPRc Iu2hppHeklYRYHEuwhiocU3BYkVQHuAnTkoMWWb+3SHachDf62dVGnbpir3DjcSO GrDn1i2tnPDrMC6+HTT67BqR6vcgXWFo1yx1mP9Ae2QrPxyYBystN5sBlk/n1Au2 /0saKbQ8H66xVNpQaA9xUbBszsEYxKhY5vx+rfIHAiyAVSWLBcH3w7855W3LpkSH qttZ4pfUMbwgnwOHhj3qpyYgkgiErlmqOAcXgpfzLsyjLhwIImUeZkwJ29U6i3pV KCT3HUYMomyQW+WPUr/LROYbVcNf8A3aTIzHP/7YxPIIA2e+188H7t1yBwIDAQAB o4ICNTCCAjEwHQYDVR0OBBYEFJ8Uon32bpBOpkO3uOtEceVftWtUMB8GA1UdIwQY MBaAFJaZSND+TX+Z1Uuov/zZmhpgiuDTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbHBsSTBQNU5mNW5WUzZpX19ObWFHbUNLNE5NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xYTJmYTItZWViMy00MzEyLTkxMzAt NTNjYzVkYWY1MmNmLzEvbnhTaWZmWnVrRTZtUTdlNDYwUng1Vi0xYTFRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi8xYTJmYTItZWViMy00MzEyLTkxMzAtNTNjYzVkYWY1MmNm LzEvbHBsSTBQNU5mNW5WUzZpX19ObWFHbUNLNE5NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjApBAIAATAjAwQDJRrIAwMA hmEDBAK5F5wDBADAaUsDBADBFgIDBADDvo4wDQQCAAIwBwMFAyABBlAwDQYJKoZI hvcNAQELBQADggEBAAxlZ9W+ARkdgirnADRH6lIW6jAXZRF6j6KWF0RF/8i449dV GN1TobUNeEAnTeRu6mcqlxxpVZ3Xi0xsi5AuBlRqzUcOCZKMEg8xhmzpwczpvSo3 pfF+irRPPiK1G1lFckHURHHbaYdPCiqzDnxojYwBhOZQToFgTmKH3L3Mpi967zQJ ocjoGkyMOgk5RbMB14EWdOFBSZFD91OVl62KTscXX6lvKluNZZaAhBA9BvzXuSkI Wevu5CrsTHgHeIr+DP23cER/x+lL77VRBfsBzEdJWPetqByBpN8WkzVaL3PZ75Fk WCHcPdOZDKGAcCFsJ2qqL+HgOtnZhdlMjwiQ+/Y= -----END CERTIFICATE-----Generated at Mon Feb 9 22:16:06 2026 by rpki-client