This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dda98e-8646-4d07-80ac-a35eaf005af5/1/nl0QqxYkhrgEnGSiBIyps1pAWH0.roa File: nl0QqxYkhrgEnGSiBIyps1pAWH0.roa (raw, json) Hash identifier: UJJM3FmfgAAIVk6G6ixYjeSBmXhQkoUQYqScG+rKsI4= Subject key identifier: 9E:5D:10:AB:16:24:86:B8:04:9C:64:A2:04:8C:A9:B3:5A:40:58:7D Certificate issuer: /CN=bd175e878d33b47d806f2cf3e04628220935123d Certificate serial: 019B7AC89DCF7AF65120AE3FA2E851D17771 Authority key identifier: BD:17:5E:87:8D:33:B4:7D:80:6F:2C:F3:E0:46:28:22:09:35:12:3D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vRdeh40ztH2Abyzz4EYoIgk1Ej0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/dda98e-8646-4d07-80ac-a35eaf005af5/1/nl0QqxYkhrgEnGSiBIyps1pAWH0.roa Signing time: Thu 01 Jan 2026 18:18:46 +0000 ROA not before: Thu 01 Jan 2026 18:18:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44496 IP address blocks: 91.199.8.0/24 maxlen: 32 2001:67c:2f84::/48 maxlen: 128 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/dda98e-8646-4d07-80ac-a35eaf005af5/1/vRdeh40ztH2Abyzz4EYoIgk1Ej0.crl rsync://rpki.ripe.net/repository/DEFAULT/57/dda98e-8646-4d07-80ac-a35eaf005af5/1/vRdeh40ztH2Abyzz4EYoIgk1Ej0.mft rsync://rpki.ripe.net/repository/DEFAULT/vRdeh40ztH2Abyzz4EYoIgk1Ej0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:9d:cf:7a:f6:51:20:ae:3f:a2:e8:51:d1:77:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bd175e878d33b47d806f2cf3e04628220935123d Validity Not Before: Jan 1 18:18:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9e5d10ab162486b8049c64a2048ca9b35a40587d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:48:0b:63:22:de:9e:a9:23:ac:fa:81:f7:cc: e6:99:53:ab:22:7a:8d:28:45:ce:ee:a5:36:60:73: 00:ed:1b:72:f0:a8:8f:48:ab:97:40:1d:bc:1a:8c: 39:10:5d:c6:47:20:b4:c9:56:03:07:a4:ad:b8:76: a1:6b:98:bc:a2:29:c8:1a:af:e3:aa:3a:6e:e3:18: c4:eb:2f:f4:fa:8f:76:bf:f0:a1:06:01:30:1a:6b: 91:6c:79:c1:9f:3b:10:7d:61:4b:bf:b5:72:cb:f3: c8:37:0f:da:e0:a9:ad:c1:ce:06:13:04:92:a1:01: 0f:ff:6d:29:b2:6d:a7:d8:b0:9e:7b:06:5d:ba:b7: 23:a5:38:f8:31:6f:2c:7f:08:e8:4d:78:b4:47:d2: aa:9c:7c:3e:6d:f5:f3:5f:be:5d:f2:6c:20:32:a0: 11:23:61:53:b4:80:c7:2b:9d:cf:3b:83:4b:ba:0d: d5:80:52:bb:16:f5:bf:e4:ef:3d:9d:f5:62:c3:4e: cd:4d:d0:c7:5c:0d:79:9f:a8:c9:ae:aa:46:ba:82: 4b:77:34:2f:6d:c1:10:cb:19:ba:ae:4a:83:97:7e: 8c:da:3e:c9:14:ba:bb:8c:e5:3b:45:1c:44:0e:85: ed:07:ec:dc:96:ee:1f:ee:b6:07:a2:bd:00:3b:5a: 3e:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:5D:10:AB:16:24:86:B8:04:9C:64:A2:04:8C:A9:B3:5A:40:58:7D X509v3 Authority Key Identifier: keyid:BD:17:5E:87:8D:33:B4:7D:80:6F:2C:F3:E0:46:28:22:09:35:12:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vRdeh40ztH2Abyzz4EYoIgk1Ej0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dda98e-8646-4d07-80ac-a35eaf005af5/1/nl0QqxYkhrgEnGSiBIyps1pAWH0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dda98e-8646-4d07-80ac-a35eaf005af5/1/vRdeh40ztH2Abyzz4EYoIgk1Ej0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.199.8.0/24 IPv6: 2001:67c:2f84::/48 Signature Algorithm: sha256WithRSAEncryption b5:2b:b1:5d:8f:b6:a3:71:0b:be:9f:d6:e0:ba:1b:7a:72:92: 68:b5:94:75:03:61:51:f0:f2:e6:58:f0:68:95:f2:8a:7b:e7: de:40:2b:e3:9e:80:ab:a4:72:49:9c:7a:66:b1:ae:6b:48:2c: 27:ff:bb:55:6b:c3:71:f4:c0:78:e2:a6:d7:e0:2c:2a:d5:2b: d0:3d:c6:bc:f7:79:3d:40:03:94:55:68:66:c7:0b:e1:66:43: 2f:a8:5c:c3:66:fe:c3:1c:85:97:4f:c3:9b:c5:03:56:b9:fb: b1:ef:d3:e4:b0:17:87:0f:24:f8:ef:00:93:1d:9c:b8:90:a9: bd:60:24:fb:0c:f4:b3:00:8d:37:f6:c6:c9:21:39:fc:60:65: 90:6b:2b:fb:73:07:aa:f5:33:04:88:2f:75:a0:38:03:d4:3b: c6:48:1b:d3:8d:3a:eb:78:12:bd:0c:d1:cc:af:b2:50:6b:10: 13:d6:0c:8b:39:77:db:63:ab:f6:b4:56:71:67:01:01:ec:06: cf:54:29:74:df:11:c5:6c:31:77:c9:6e:b6:ca:d8:49:a9:e9: 4d:67:0e:b5:69:86:46:e2:13:55:08:ef:8a:6d:95:81:78:4d: df:d3:15:f3:59:8f:7a:20:5c:b5:af:90:2e:38:2d:54:aa:da: 63:80:e7:32 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt6yJ3PevZRIK4/ouhR0XdxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJkMTc1ZTg3OGQzM2I0N2Q4MDZmMmNmM2UwNDYyODIyMDkz NTEyM2QwHhcNMjYwMTAxMTgxODQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZTVkMTBhYjE2MjQ4NmI4MDQ5YzY0YTIwNDhjYTliMzVhNDA1ODdkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkgLYyLenqkjrPqB98zmmVOrInqN KEXO7qU2YHMA7Rty8KiPSKuXQB28Gow5EF3GRyC0yVYDB6StuHaha5i8oinIGq/j qjpu4xjE6y/0+o92v/ChBgEwGmuRbHnBnzsQfWFLv7Vyy/PINw/a4Kmtwc4GEwSS oQEP/20psm2n2LCeewZdurcjpTj4MW8sfwjoTXi0R9KqnHw+bfXzX75d8mwgMqAR I2FTtIDHK53PO4NLug3VgFK7FvW/5O89nfViw07NTdDHXA15n6jJrqpGuoJLdzQv bcEQyxm6rkqDl36M2j7JFLq7jOU7RRxEDoXtB+zclu4f7rYHor0AO1o+oQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFJ5dEKsWJIa4BJxkogSMqbNaQFh9MB8GA1UdIwQY MBaAFL0XXoeNM7R9gG8s8+BGKCIJNRI9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdlJkZWg0MHp0SDJBYnl6ejRFWW9JZ2sxRWowLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kZGE5OGUtODY0Ni00ZDA3LTgwYWMt YTM1ZWFmMDA1YWY1LzEvbmwwUXF4WWtocmdFbkdTaUJJeXBzMXBBV0gwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny9kZGE5OGUtODY0Ni00ZDA3LTgwYWMtYTM1ZWFmMDA1YWY1 LzEvdlJkZWg0MHp0SDJBYnl6ejRFWW9JZ2sxRWowLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW8cIMA8E AgACMAkDBwAgAQZ8L4QwDQYJKoZIhvcNAQELBQADggEBALUrsV2PtqNxC76f1uC6 G3pykmi1lHUDYVHw8uZY8GiV8op7595AK+OegKukckmcemaxrmtILCf/u1Vrw3H0 wHjiptfgLCrVK9A9xrz3eT1AA5RVaGbHC+FmQy+oXMNm/sMchZdPw5vFA1a5+7Hv 0+SwF4cPJPjvAJMdnLiQqb1gJPsM9LMAjTf2xskhOfxgZZBrK/tzB6r1MwSIL3Wg OAPUO8ZIG9ONOut4Er0M0cyvslBrEBPWDIs5d9tjq/a0VnFnAQHsBs9UKXTfEcVs MXfJbrbK2Emp6U1nDrVphkbiE1UI74ptlYF4Td/TFfNZj3ogXLWvkC44LVSq2mOA 5zI= -----END CERTIFICATE-----Generated at Tue Jan 20 02:47:41 2026 by rpki-client