This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/4578a6-1a1c-4944-a773-c25d7fca0037/1/nu_nfWvngwD8Y74CXi065T5OVuQ.roa File: nu_nfWvngwD8Y74CXi065T5OVuQ.roa (raw, json) Hash identifier: d92WDDshr8YLz0+Twkg4dzAWaxn6uiHcpqEqs+83HsM= Subject key identifier: 9E:EF:E7:7D:6B:E7:83:00:FC:63:BE:02:5E:2D:3A:E5:3E:4E:56:E4 Certificate issuer: /CN=0324d16977eee2f58beb1bb7aa2f4b2fa1abfc48 Certificate serial: 019B791101E3FA0C271FAD7346FB00116502 Authority key identifier: 03:24:D1:69:77:EE:E2:F5:8B:EB:1B:B7:AA:2F:4B:2F:A1:AB:FC:48 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AyTRaXfu4vWL6xu3qi9LL6Gr_Eg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/4578a6-1a1c-4944-a773-c25d7fca0037/1/nu_nfWvngwD8Y74CXi065T5OVuQ.roa Signing time: Thu 01 Jan 2026 10:18:36 +0000 ROA not before: Thu 01 Jan 2026 10:18:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208906 IP address blocks: 78.24.232.0/21 maxlen: 21 2a0d:8f40::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/4578a6-1a1c-4944-a773-c25d7fca0037/1/AyTRaXfu4vWL6xu3qi9LL6Gr_Eg.crl rsync://rpki.ripe.net/repository/DEFAULT/41/4578a6-1a1c-4944-a773-c25d7fca0037/1/AyTRaXfu4vWL6xu3qi9LL6Gr_Eg.mft rsync://rpki.ripe.net/repository/DEFAULT/AyTRaXfu4vWL6xu3qi9LL6Gr_Eg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 06 Feb 2026 12:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:01:e3:fa:0c:27:1f:ad:73:46:fb:00:11:65:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0324d16977eee2f58beb1bb7aa2f4b2fa1abfc48 Validity Not Before: Jan 1 10:18:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9eefe77d6be78300fc63be025e2d3ae53e4e56e4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:11:67:1c:32:73:8e:ed:a3:74:59:42:2d:72: 29:61:c4:41:e2:06:1d:38:b4:82:40:b2:aa:43:23: 38:09:f8:d4:e8:7b:e9:9c:79:e5:b4:df:ee:83:9e: 2d:d5:d2:d6:fd:c2:36:12:7e:89:72:9e:47:cc:57: 58:1a:d3:e2:18:31:ca:62:74:b8:2f:65:07:56:2d: bd:44:27:d0:fb:67:eb:3f:5d:8e:1b:35:19:0e:c4: 5d:03:f8:96:12:48:dc:1b:52:ea:b0:5d:07:d7:00: e2:17:0b:56:10:40:12:3b:e9:c6:b1:2b:16:41:a0: 9c:ad:1d:8f:af:9d:b8:6b:8a:3e:ed:de:0a:af:38: 1b:4e:55:c8:c4:64:22:c2:ee:fe:c6:70:30:81:66: d9:a6:d8:2b:8c:ad:2e:0a:7e:5f:62:5d:b6:c7:a9: ab:fa:91:1d:8d:8e:09:73:66:8d:3b:63:f3:fd:af: f8:86:4f:e6:e0:37:83:b1:46:9f:67:8b:c8:e5:63: da:9c:41:e9:0d:0a:bd:33:74:0a:fe:ef:d6:17:22: 84:d2:1d:f4:49:1d:45:8b:cc:64:b4:b1:ed:f5:1b: ad:8e:41:85:25:49:4f:43:a8:bd:fc:9e:5b:e9:84: ee:3c:ce:06:a5:69:ce:27:6b:66:70:a8:73:0b:fb: f4:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:EF:E7:7D:6B:E7:83:00:FC:63:BE:02:5E:2D:3A:E5:3E:4E:56:E4 X509v3 Authority Key Identifier: keyid:03:24:D1:69:77:EE:E2:F5:8B:EB:1B:B7:AA:2F:4B:2F:A1:AB:FC:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AyTRaXfu4vWL6xu3qi9LL6Gr_Eg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/4578a6-1a1c-4944-a773-c25d7fca0037/1/nu_nfWvngwD8Y74CXi065T5OVuQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/41/4578a6-1a1c-4944-a773-c25d7fca0037/1/AyTRaXfu4vWL6xu3qi9LL6Gr_Eg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 78.24.232.0/21 IPv6: 2a0d:8f40::/29 Signature Algorithm: sha256WithRSAEncryption 20:c4:b0:83:67:5c:59:48:51:56:b6:08:de:7f:8e:16:4c:4e: b0:14:74:e3:ed:b2:08:ec:91:1f:60:b8:2a:cc:06:ee:bb:95: 08:a2:e9:df:2b:26:2e:c5:31:5b:ae:ee:02:6c:09:71:bf:62: 6b:d5:4a:80:9c:89:55:0a:37:68:06:be:be:fa:e8:a0:85:b3: da:8f:fa:58:25:c1:00:3e:29:50:8d:14:28:bf:d3:6e:1a:38: 09:78:8a:f6:42:31:3d:b8:f0:e1:b8:b2:3f:a8:9b:c9:a4:e8: 5a:ff:3b:63:9d:95:e4:f6:b7:df:a2:b8:28:cf:17:b5:6e:99: 78:ba:f7:09:a3:5c:94:cd:b9:8c:1b:78:c8:b2:02:8b:be:37: 37:39:ac:c1:81:16:1d:26:ea:55:a5:a0:6c:4b:6d:fa:b0:35: 9f:2b:30:72:76:2b:ec:fc:55:45:74:41:65:4b:50:ea:c0:9d: 65:69:a5:c3:2e:46:72:6c:04:fd:bb:0b:60:6a:b0:4b:6e:bc: a7:a6:cb:d8:c6:2a:00:99:f4:f3:42:f4:9b:df:12:ac:db:72: a5:13:32:9c:ff:97:de:77:25:4e:f0:26:d4:50:9f:4a:8e:fd: 38:21:5c:24:f9:5c:fd:68:15:96:ac:a2:8b:f2:75:50:d7:e4: b6:75:38:f7 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt5EQHj+gwnH61zRvsAEWUCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAzMjRkMTY5NzdlZWUyZjU4YmViMWJiN2FhMmY0YjJmYTFh YmZjNDgwHhcNMjYwMTAxMTAxODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZWVmZTc3ZDZiZTc4MzAwZmM2M2JlMDI1ZTJkM2FlNTNlNGU1NmU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRFnHDJzju2jdFlCLXIpYcRB4gYd OLSCQLKqQyM4CfjU6HvpnHnltN/ug54t1dLW/cI2En6Jcp5HzFdYGtPiGDHKYnS4 L2UHVi29RCfQ+2frP12OGzUZDsRdA/iWEkjcG1LqsF0H1wDiFwtWEEASO+nGsSsW QaCcrR2Pr524a4o+7d4KrzgbTlXIxGQiwu7+xnAwgWbZptgrjK0uCn5fYl22x6mr +pEdjY4Jc2aNO2Pz/a/4hk/m4DeDsUafZ4vI5WPanEHpDQq9M3QK/u/WFyKE0h30 SR1Fi8xktLHt9RutjkGFJUlPQ6i9/J5b6YTuPM4GpWnOJ2tmcKhzC/v0aQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFJ7v531r54MA/GO+Al4tOuU+TlbkMB8GA1UdIwQY MBaAFAMk0Wl37uL1i+sbt6ovSy+hq/xIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQXlUUmFYZnU0dldMNnh1M3FpOUxMNkdyX0VnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS80NTc4YTYtMWExYy00OTQ0LWE3NzMt YzI1ZDdmY2EwMDM3LzEvbnVfbmZXdm5nd0Q4WTc0Q1hpMDY1VDVPVnVRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MS80NTc4YTYtMWExYy00OTQ0LWE3NzMtYzI1ZDdmY2EwMDM3 LzEvQXlUUmFYZnU0dldMNnh1M3FpOUxMNkdyX0VnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDThjoMA0E AgACMAcDBQMqDY9AMA0GCSqGSIb3DQEBCwUAA4IBAQAgxLCDZ1xZSFFWtgjef44W TE6wFHTj7bII7JEfYLgqzAbuu5UIounfKyYuxTFbru4CbAlxv2Jr1UqAnIlVCjdo Br6++uighbPaj/pYJcEAPilQjRQov9NuGjgJeIr2QjE9uPDhuLI/qJvJpOha/ztj nZXk9rfforgozxe1bpl4uvcJo1yUzbmMG3jIsgKLvjc3OazBgRYdJupVpaBsS236 sDWfKzBydivs/FVFdEFlS1DqwJ1laaXDLkZybAT9uwtgarBLbrynpsvYxioAmfTz QvSb3xKs23KlEzKc/5fedyVO8CbUUJ9Kjv04IVwk+Vz9aBWWrKKL8nVQ1+S2dTj3 -----END CERTIFICATE-----Generated at Thu Feb 5 19:45:18 2026 by rpki-client