This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/NEc8aQqyyaN5WZ6pcMTuIn3QMww.roa File: NEc8aQqyyaN5WZ6pcMTuIn3QMww.roa (raw, json) Hash identifier: Nlhcphc0V2UOaAJaYdUoZGpKtvarMlBWXD4y4ZO7raA= Subject key identifier: 34:47:3C:69:0A:B2:C9:A3:79:59:9E:A9:70:C4:EE:22:7D:D0:33:0C Certificate issuer: /CN=4f7d885393b32b5eee3a0bf4338e0faaef3c753c Certificate serial: 019B7B35E8AABF30602B5E1FE9E4568B0E15 Authority key identifier: 4F:7D:88:53:93:B3:2B:5E:EE:3A:0B:F4:33:8E:0F:AA:EF:3C:75:3C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T32IU5OzK17uOgv0M44Pqu88dTw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/NEc8aQqyyaN5WZ6pcMTuIn3QMww.roa Signing time: Thu 01 Jan 2026 20:18:09 +0000 ROA not before: Thu 01 Jan 2026 20:18:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14618 IP address blocks: 37.221.72.0/22 maxlen: 24 2a09:ea00::/40 maxlen: 56 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/T32IU5OzK17uOgv0M44Pqu88dTw.crl rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/T32IU5OzK17uOgv0M44Pqu88dTw.mft rsync://rpki.ripe.net/repository/DEFAULT/T32IU5OzK17uOgv0M44Pqu88dTw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:e8:aa:bf:30:60:2b:5e:1f:e9:e4:56:8b:0e:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4f7d885393b32b5eee3a0bf4338e0faaef3c753c Validity Not Before: Jan 1 20:18:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=34473c690ab2c9a379599ea970c4ee227dd0330c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:f3:07:92:82:72:3f:f5:7d:a6:dc:ac:19:cf: e6:29:85:83:e8:20:5b:45:35:ed:f9:f8:6f:55:20: 37:67:b8:9a:0b:a2:1a:9d:18:2a:b8:01:bd:97:a5: 6e:6b:e3:4e:46:45:17:b2:ef:7e:0a:a1:89:32:42: e5:7b:5b:43:17:a8:47:fb:a0:22:c0:69:05:de:d1: 3b:c3:72:c8:82:89:21:6a:0c:6e:94:7f:a9:f0:c6: 21:3f:d7:0b:a5:b0:8e:63:e7:08:11:6e:60:7d:e4: 82:6c:c8:1b:ff:96:26:fd:0b:8d:7a:68:ee:8d:9c: 07:5a:dc:b5:29:b3:d5:23:8a:10:d0:7e:ba:42:fb: 0b:f9:b7:58:80:c4:12:8a:4e:91:39:ac:1e:d9:89: f9:c6:c8:c9:00:5e:cf:df:11:48:75:cf:bc:42:59: 57:1b:98:13:d1:bb:63:15:c7:8d:59:e9:3b:31:f2: 46:11:3d:db:78:e6:f5:70:3d:66:8f:ba:05:05:3b: 17:35:77:8f:e5:42:cc:2f:7d:7f:dd:96:95:88:84: d5:ea:dc:61:3c:34:ee:59:bb:15:28:5c:2c:10:5a: 95:a9:f9:57:4d:88:dd:68:ed:53:5e:46:ff:b8:de: a1:c6:44:e3:5a:b4:2f:be:b1:9d:16:7a:43:e5:11: e7:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:47:3C:69:0A:B2:C9:A3:79:59:9E:A9:70:C4:EE:22:7D:D0:33:0C X509v3 Authority Key Identifier: keyid:4F:7D:88:53:93:B3:2B:5E:EE:3A:0B:F4:33:8E:0F:AA:EF:3C:75:3C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T32IU5OzK17uOgv0M44Pqu88dTw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/NEc8aQqyyaN5WZ6pcMTuIn3QMww.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/T32IU5OzK17uOgv0M44Pqu88dTw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.221.72.0/22 IPv6: 2a09:ea00::/40 Signature Algorithm: sha256WithRSAEncryption 4c:63:47:0c:f6:d3:ab:92:4b:a9:32:bd:ac:1d:53:a6:af:79: c3:6d:f1:0d:88:50:ea:e1:24:f0:81:a7:ef:62:6a:09:80:58: 2d:3a:72:94:3f:9b:d5:6c:69:ad:5b:7d:03:a7:64:0c:84:52: f2:67:61:92:f7:fb:b1:be:c3:30:e0:dd:85:a9:2b:19:06:99: ff:4e:cc:14:66:f6:09:3c:49:49:e0:8b:53:58:ee:64:a4:2d: 5e:ed:97:50:02:35:c1:43:2a:6d:cb:0b:18:7b:9f:8f:35:2b: df:15:a1:65:ec:04:7b:1f:7d:d0:53:c1:79:41:7f:36:ee:c7: 0d:3f:cd:28:24:45:dd:c5:ed:b4:bb:6d:f2:98:2d:83:e2:c7: 00:3e:e6:7b:2b:4f:33:07:7a:13:93:9d:2f:2f:c2:3b:11:69: ee:08:d8:87:36:4e:6e:b7:a5:26:34:fe:03:d9:b2:ed:c8:46: 5c:42:0b:bd:62:6a:bf:cf:bd:60:20:3c:61:01:4d:fc:7a:f2: 4d:f4:69:79:53:0d:b2:dd:3f:4c:9d:4e:4f:49:5a:9a:f0:88: 71:c1:44:29:af:4a:cd:21:d9:02:df:2b:97:62:8c:4f:bc:3e: 3d:2e:2c:47:8e:ef:08:9e:1a:69:71:97:d1:d6:d9:34:d0:44: b8:7b:7b:1f -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgISAZt7NeiqvzBgK14f6eRWiw4VMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRmN2Q4ODUzOTNiMzJiNWVlZTNhMGJmNDMzOGUwZmFhZWYz Yzc1M2MwHhcNMjYwMTAxMjAxODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNDQ3M2M2OTBhYjJjOWEzNzk1OTllYTk3MGM0ZWUyMjdkZDAzMzBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3PMHkoJyP/V9ptysGc/mKYWD6CBb RTXt+fhvVSA3Z7iaC6IanRgquAG9l6Vua+NORkUXsu9+CqGJMkLle1tDF6hH+6Ai wGkF3tE7w3LIgokhagxulH+p8MYhP9cLpbCOY+cIEW5gfeSCbMgb/5Ym/QuNemju jZwHWty1KbPVI4oQ0H66QvsL+bdYgMQSik6ROawe2Yn5xsjJAF7P3xFIdc+8QllX G5gT0btjFceNWek7MfJGET3beOb1cD1mj7oFBTsXNXeP5ULML31/3ZaViITV6txh PDTuWbsVKFwsEFqVqflXTYjdaO1TXkb/uN6hxkTjWrQvvrGdFnpD5RHn2wIDAQAB o4ICGTCCAhUwHQYDVR0OBBYEFDRHPGkKssmjeVmeqXDE7iJ90DMMMB8GA1UdIwQY MBaAFE99iFOTsyte7joL9DOOD6rvPHU8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVDMySVU1T3pLMTd1T2d2ME00NFBxdTg4ZFR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mMmEzN2MtYTEyOS00YzBiLTllZDEt YjE4ZGFjMmQyNTliLzEvTkVjOGFRcXl5YU41V1o2cGNNVHVJbjNRTXd3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MC9mMmEzN2MtYTEyOS00YzBiLTllZDEtYjE4ZGFjMmQyNTli LzEvVDMySVU1T3pLMTd1T2d2ME00NFBxdTg4ZFR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCJd1IMA4E AgACMAgDBgAqCeoAADANBgkqhkiG9w0BAQsFAAOCAQEATGNHDPbTq5JLqTK9rB1T pq95w23xDYhQ6uEk8IGn72JqCYBYLTpylD+b1WxprVt9A6dkDIRS8mdhkvf7sb7D MODdhakrGQaZ/07MFGb2CTxJSeCLU1juZKQtXu2XUAI1wUMqbcsLGHufjzUr3xWh ZewEex990FPBeUF/Nu7HDT/NKCRF3cXttLtt8pgtg+LHAD7meytPMwd6E5OdLy/C OxFp7gjYhzZObrelJjT+A9my7chGXEILvWJqv8+9YCA8YQFN/HryTfRpeVMNst0/ TJ1OT0lamvCIccFEKa9KzSHZAt8rl2KMT7w+PS4sR47vCJ4aaXGX0dbZNNBEuHt7 Hw== -----END CERTIFICATE-----Generated at Fri Jan 9 00:56:55 2026 by rpki-client