This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/nD76qOaHhN5VJ7aXM3PiCRoUMfM.roa File: nD76qOaHhN5VJ7aXM3PiCRoUMfM.roa (raw, json) Hash identifier: hE0uCKeABKXQrvQ3fZ4O08qwvKYHJvR/t+fOUw/45bk= Subject key identifier: 9C:3E:FA:A8:E6:87:84:DE:55:27:B6:97:33:73:E2:09:1A:14:31:F3 Certificate issuer: /CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69 Certificate serial: 019B7AC80E1BDC8DA0C3DCFB9676CDB3D509 Authority key identifier: 1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/nD76qOaHhN5VJ7aXM3PiCRoUMfM.roa Signing time: Thu 01 Jan 2026 18:18:09 +0000 ROA not before: Thu 01 Jan 2026 18:18:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213541 IP address blocks: 45.88.100.0/24 maxlen: 24 45.95.128.0/24 maxlen: 24 45.95.129.0/24 maxlen: 24 45.95.130.0/23 maxlen: 24 78.41.84.0/22 maxlen: 24 185.238.88.0/24 maxlen: 24 185.238.91.0/24 maxlen: 24 185.246.218.0/23 maxlen: 24 185.253.24.0/24 maxlen: 24 185.253.25.0/24 maxlen: 24 185.253.26.0/23 maxlen: 24 194.113.238.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.mft rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 12:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:0e:1b:dc:8d:a0:c3:dc:fb:96:76:cd:b3:d5:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69 Validity Not Before: Jan 1 18:18:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9c3efaa8e68784de5527b6973373e2091a1431f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:1a:74:52:1c:f2:5e:96:d6:3b:f3:8c:c8:31: 44:34:b8:94:db:40:a3:97:c9:0a:c9:20:f9:4e:32: 37:a1:b5:5b:93:b1:16:2e:ea:f7:16:0e:92:f7:c3: c0:64:88:78:20:90:4f:de:c5:9d:3e:05:8d:92:47: 7c:f5:da:76:c8:98:71:c1:31:ae:55:9c:6f:e1:eb: 3e:9c:7d:3d:cd:17:b6:3c:fe:41:a7:39:12:f7:c2: 56:3a:83:f8:28:02:59:da:eb:6e:33:f7:4c:a5:b2: 91:68:31:79:a2:3a:fb:ca:73:53:34:89:e3:fc:46: ce:fb:af:f7:8f:42:1e:c3:8e:34:3f:99:fb:35:98: 33:f4:e8:34:a6:8f:41:f3:16:c8:8d:c8:2e:7c:bc: fe:7a:1f:16:d5:3d:0f:cd:c2:08:06:5e:09:e8:52: 61:47:15:74:0b:56:ec:c1:a1:c8:7e:58:b0:25:41: 79:90:06:25:b5:fb:d5:5f:84:f1:79:24:c0:ef:ec: 01:52:0a:2c:21:31:63:37:db:7a:f6:2f:18:4f:de: 08:51:1c:73:ae:51:cc:47:0d:48:81:f7:6a:1e:c5: 12:9f:4c:38:04:70:16:74:3b:39:43:ff:36:eb:4c: 33:a1:68:d5:28:b7:fd:b0:e5:23:03:35:a1:2b:32: 15:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:3E:FA:A8:E6:87:84:DE:55:27:B6:97:33:73:E2:09:1A:14:31:F3 X509v3 Authority Key Identifier: keyid:1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/nD76qOaHhN5VJ7aXM3PiCRoUMfM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.88.100.0/24 45.95.128.0/22 78.41.84.0/22 185.238.88.0/24 185.238.91.0/24 185.246.218.0/23 185.253.24.0/22 194.113.238.0/24 Signature Algorithm: sha256WithRSAEncryption c5:3c:13:e4:8d:5e:b6:7c:cc:f3:56:d4:ac:79:1f:7b:0c:1d: 22:68:12:fc:95:03:b0:1c:56:4b:61:cc:ee:6e:14:ba:56:19: 63:f1:a8:6f:81:60:6f:09:16:71:2c:77:00:1b:7c:16:9f:7e: 25:5a:4f:b5:a6:b0:89:e8:7a:32:82:3a:45:bb:26:c3:d1:13: a7:45:de:57:33:bd:4d:bf:26:4c:e4:4e:16:8a:72:61:86:4c: 32:a3:34:18:a5:a6:01:27:d6:56:3c:ae:33:82:5a:7f:2d:b8: 93:e6:1b:fa:bd:5e:a2:77:7b:53:45:e0:c0:7a:e3:e9:ac:c2: b2:52:bb:0e:d7:ba:99:c2:a9:6b:69:30:83:65:96:03:59:90: a2:c5:02:8f:73:0c:82:c6:86:a0:f9:06:2b:79:39:50:45:0f: f0:03:50:7c:69:87:ae:6d:27:29:ba:a1:82:29:6c:75:01:39: 09:cc:26:b9:2c:a3:e1:6a:2f:ff:b7:72:ff:11:82:60:e2:08: 31:5d:40:c6:80:c6:9f:01:d5:20:f0:e7:2b:81:04:64:4f:75: 31:3c:eb:a8:42:b1:94:87:db:52:f5:da:27:9b:14:ec:bd:6c: fb:11:5b:03:ea:35:90:f2:c7:52:17:45:d6:22:e4:28:b2:46: 25:15:3e:1e -----BEGIN CERTIFICATE----- MIIFJzCCBA+gAwIBAgISAZt6yA4b3I2gw9z7lnbNs9UJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlOWZkYzdmYjM5ZWJiYmVkNGVlNTRmNzAzZDNhYzYxNTNk ZGVlNjkwHhcNMjYwMTAxMTgxODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5YzNlZmFhOGU2ODc4NGRlNTUyN2I2OTczMzczZTIwOTFhMTQzMWYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBp0UhzyXpbWO/OMyDFENLiU20Cj l8kKySD5TjI3obVbk7EWLur3Fg6S98PAZIh4IJBP3sWdPgWNkkd89dp2yJhxwTGu VZxv4es+nH09zRe2PP5BpzkS98JWOoP4KAJZ2utuM/dMpbKRaDF5ojr7ynNTNInj /EbO+6/3j0Iew440P5n7NZgz9Og0po9B8xbIjcgufLz+eh8W1T0PzcIIBl4J6FJh RxV0C1bswaHIfliwJUF5kAYltfvVX4TxeSTA7+wBUgosITFjN9t69i8YT94IURxz rlHMRw1IgfdqHsUSn0w4BHAWdDs5Q/8260wzoWjVKLf9sOUjAzWhKzIVywIDAQAB o4ICMzCCAi8wHQYDVR0OBBYEFJw++qjmh4TeVSe2lzNz4gkaFDHzMB8GA1UdIwQY MBaAFB6f3H+znru+1O5U9wPTrGFT3e5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgt NjkxZmY1YjQ0YjAxLzEvbkQ3NnFPYUhoTjVWSjdhWE0zUGlDUm9VTWZNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgtNjkxZmY1YjQ0YjAx LzEvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALVhkAwQC LV+AAwQCTilUAwQAue5YAwQAue5bAwQBufbaAwQCuf0YAwQAwnHuMA0GCSqGSIb3 DQEBCwUAA4IBAQDFPBPkjV62fMzzVtSseR97DB0iaBL8lQOwHFZLYczubhS6Vhlj 8ahvgWBvCRZxLHcAG3wWn34lWk+1prCJ6HoygjpFuybD0ROnRd5XM71NvyZM5E4W inJhhkwyozQYpaYBJ9ZWPK4zglp/LbiT5hv6vV6id3tTReDAeuPprMKyUrsO17qZ wqlraTCDZZYDWZCixQKPcwyCxoag+QYreTlQRQ/wA1B8aYeubScpuqGCKWx1ATkJ zCa5LKPhai//t3L/EYJg4ggxXUDGgMafAdUg8OcrgQRkT3UxPOuoQrGUh9tS9don mxTsvWz7EVsD6jWQ8sdSF0XWIuQoskYlFT4e -----END CERTIFICATE-----Generated at Tue Jan 20 22:01:21 2026 by rpki-client