This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/nq1iKk8w1XflIXtC17UgSNfU_oM.roa File: nq1iKk8w1XflIXtC17UgSNfU_oM.roa (raw, json) Hash identifier: F+lcomVmFtP5h7X/ECDiniz6Fh7EseUhUsvEf8G4EC0= Subject key identifier: 9E:AD:62:2A:4F:30:D5:77:E5:21:7B:42:D7:B5:20:48:D7:D4:FE:83 Certificate issuer: /CN=626a28b7c63ef6ab214a52cfa7c3e78db9a40823 Certificate serial: 019B7D5B460B15A9B94E7340C2E763A7E2E6 Authority key identifier: 62:6A:28:B7:C6:3E:F6:AB:21:4A:52:CF:A7:C3:E7:8D:B9:A4:08:23 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/nq1iKk8w1XflIXtC17UgSNfU_oM.roa Signing time: Fri 02 Jan 2026 06:18:12 +0000 ROA not before: Fri 02 Jan 2026 06:18:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5511 IP address blocks: 158.173.8.0/21 maxlen: 24 185.251.21.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.mft rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 02:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5b:46:0b:15:a9:b9:4e:73:40:c2:e7:63:a7:e2:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=626a28b7c63ef6ab214a52cfa7c3e78db9a40823 Validity Not Before: Jan 2 06:18:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9ead622a4f30d577e5217b42d7b52048d7d4fe83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:d8:55:8e:7c:98:d2:8b:6b:68:54:9d:f9:f7: 1a:ff:79:6d:d0:27:37:82:f9:4a:32:26:7e:3b:18: 1f:d3:b6:84:4a:09:01:30:e3:c6:03:78:d8:3b:94: 53:17:3d:c7:52:80:fe:02:f6:e1:17:19:a5:f4:9c: 42:7f:f9:48:2b:49:dc:b3:71:b7:80:1b:89:bf:9c: 26:21:19:fa:e1:9d:b7:cf:78:96:25:73:2b:62:73: 68:4c:e3:67:f0:8b:20:ac:bd:b0:df:c9:ab:d1:ec: b8:68:8a:b2:95:f9:07:45:88:1c:3d:f0:99:19:8c: 7d:20:74:03:e8:c9:29:db:10:5f:89:4f:8b:d8:71: 3a:59:c3:e5:c9:65:bf:2e:51:92:bc:b9:ad:fa:4c: 0b:53:9a:ea:19:b0:f8:fc:5a:ca:2c:42:9a:12:8c: 1c:9a:96:de:69:50:d9:fd:96:00:09:c3:56:9e:6d: 81:dd:80:a8:47:10:49:1b:4e:5e:d4:99:e6:46:ab: 0f:fd:91:5d:bc:50:8a:8a:05:85:9b:cc:aa:2b:14: 66:82:96:44:9d:a3:c0:d0:6a:5a:a6:c7:67:56:fc: 37:79:aa:69:8f:85:62:18:db:84:8e:03:b5:74:ee: a3:e7:c6:c3:9c:5b:02:9a:2a:a3:41:2a:67:dd:54: a1:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:AD:62:2A:4F:30:D5:77:E5:21:7B:42:D7:B5:20:48:D7:D4:FE:83 X509v3 Authority Key Identifier: keyid:62:6A:28:B7:C6:3E:F6:AB:21:4A:52:CF:A7:C3:E7:8D:B9:A4:08:23 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/nq1iKk8w1XflIXtC17UgSNfU_oM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.173.8.0/21 185.251.21.0/24 Signature Algorithm: sha256WithRSAEncryption 00:2f:d0:e5:e0:73:25:ba:bc:c3:5b:cc:66:66:84:7b:d3:b3: 3a:67:15:12:0c:bd:bc:38:6f:eb:10:0a:e4:b7:c6:55:0a:20: 0d:46:ab:78:a4:1f:1f:c1:55:d0:1b:53:93:ba:c5:50:0b:63: bb:72:1e:ef:0b:8b:ce:34:4e:66:9c:ea:1c:58:2d:e9:44:a5: d6:4b:34:5a:f3:17:47:69:5e:ef:1d:15:2c:e8:4a:d8:52:65: aa:e2:7c:e4:cd:68:86:31:61:62:17:07:08:4c:20:fc:3c:f0: 60:f2:76:6d:47:21:cb:ff:c8:5f:cb:a6:36:a9:c1:a6:5d:3d: e3:a3:3f:33:02:d6:8d:89:f3:d3:51:80:ab:7d:d8:35:69:54: f6:ae:20:9f:2f:82:27:ae:e9:a8:c1:b2:04:48:a5:2c:f7:07: 1a:37:75:5a:3a:5a:39:e1:65:70:ae:ae:7e:bb:90:14:65:65: 3b:65:37:12:d6:f1:dd:09:e2:17:35:2e:af:56:07:b8:3c:4c: ab:56:33:04:9c:c1:3b:05:0d:c6:4d:ff:d9:8f:3f:5b:a5:bd: d1:8c:8a:ba:54:2d:e6:11:7a:ca:13:81:40:9f:9a:ed:9a:7d: f2:46:d1:2d:59:8e:2a:aa:fe:81:87:56:12:24:a9:99:cb:ea: 3f:d5:b4:05 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9W0YLFam5TnNAwudjp+LmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYyNmEyOGI3YzYzZWY2YWIyMTRhNTJjZmE3YzNlNzhkYjlh NDA4MjMwHhcNMjYwMTAyMDYxODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZWFkNjIyYTRmMzBkNTc3ZTUyMTdiNDJkN2I1MjA0OGQ3ZDRmZTgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzthVjnyY0otraFSd+fca/3lt0Cc3 gvlKMiZ+Oxgf07aESgkBMOPGA3jYO5RTFz3HUoD+AvbhFxml9JxCf/lIK0ncs3G3 gBuJv5wmIRn64Z23z3iWJXMrYnNoTONn8IsgrL2w38mr0ey4aIqylfkHRYgcPfCZ GYx9IHQD6Mkp2xBfiU+L2HE6WcPlyWW/LlGSvLmt+kwLU5rqGbD4/FrKLEKaEowc mpbeaVDZ/ZYACcNWnm2B3YCoRxBJG05e1JnmRqsP/ZFdvFCKigWFm8yqKxRmgpZE naPA0GpapsdnVvw3eappj4ViGNuEjgO1dO6j58bDnFsCmiqjQSpn3VShFwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFJ6tYipPMNV35SF7Qte1IEjX1P6DMB8GA1UdIwQY MBaAFGJqKLfGPvarIUpSz6fD5425pAgjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWW1vb3Q4WS05cXNoU2xMUHA4UG5qYm1rQ0NNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8zYzA3ODUtYjI3My00MDcyLWE2MzUt ZDJjZDI2YjY5ZGYxLzEvbnExaUtrOHcxWGZsSVh0QzE3VWdTTmZVX29NLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS8zYzA3ODUtYjI3My00MDcyLWE2MzUtZDJjZDI2YjY5ZGYx LzEvWW1vb3Q4WS05cXNoU2xMUHA4UG5qYm1rQ0NNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDnq0IAwQA ufsVMA0GCSqGSIb3DQEBCwUAA4IBAQAAL9Dl4HMlurzDW8xmZoR707M6ZxUSDL28 OG/rEArkt8ZVCiANRqt4pB8fwVXQG1OTusVQC2O7ch7vC4vONE5mnOocWC3pRKXW SzRa8xdHaV7vHRUs6ErYUmWq4nzkzWiGMWFiFwcITCD8PPBg8nZtRyHL/8hfy6Y2 qcGmXT3joz8zAtaNifPTUYCrfdg1aVT2riCfL4InrumowbIESKUs9wcaN3VaOlo5 4WVwrq5+u5AUZWU7ZTcS1vHdCeIXNS6vVge4PEyrVjMEnME7BQ3GTf/Zjz9bpb3R jIq6VC3mEXrKE4FAn5rtmn3yRtEtWY4qqv6Bh1YSJKmZy+o/1bQF -----END CERTIFICATE-----Generated at Sun Jan 18 11:04:08 2026 by rpki-client