This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/NMKwSUUrM8k8eQKWjQoXhVr67Q0.roa File: NMKwSUUrM8k8eQKWjQoXhVr67Q0.roa (raw, json) Hash identifier: CYXCafl1+25dso4rJFuju+aK/xutXRo5p4nK7eGdbTw= Subject key identifier: 34:C2:B0:49:45:2B:33:C9:3C:79:02:96:8D:0A:17:85:5A:FA:ED:0D Certificate issuer: /CN=424fd1a3a0258dcca67fc9dddbf4e36157e6a716 Certificate serial: 019B797DFF8E7315C5AAFA79DA325DCA399E Authority key identifier: 42:4F:D1:A3:A0:25:8D:CC:A6:7F:C9:DD:DB:F4:E3:61:57:E6:A7:16 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qk_Ro6Aljcymf8nd2_TjYVfmpxY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/NMKwSUUrM8k8eQKWjQoXhVr67Q0.roa Signing time: Thu 01 Jan 2026 12:17:38 +0000 ROA not before: Thu 01 Jan 2026 12:17:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41289 IP address blocks: 141.38.0.0/16 maxlen: 16 141.38.12.0/24 maxlen: 24 2001:67c:1364::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/Qk_Ro6Aljcymf8nd2_TjYVfmpxY.crl rsync://rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/Qk_Ro6Aljcymf8nd2_TjYVfmpxY.mft rsync://rpki.ripe.net/repository/DEFAULT/Qk_Ro6Aljcymf8nd2_TjYVfmpxY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 30 Jan 2026 06:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7d:ff:8e:73:15:c5:aa:fa:79:da:32:5d:ca:39:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=424fd1a3a0258dcca67fc9dddbf4e36157e6a716 Validity Not Before: Jan 1 12:17:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=34c2b049452b33c93c7902968d0a17855afaed0d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:45:ce:fd:7c:43:21:54:cf:1c:26:eb:43:b6: 94:c1:4d:22:94:cf:c4:79:28:9d:c0:7b:e1:86:d7: 2f:ca:c2:d2:bb:51:98:b9:07:36:67:d2:e9:10:22: 34:f9:e5:72:29:ac:b0:03:f0:b6:e4:71:be:d9:1c: 32:bb:7f:09:32:75:e1:cb:d5:41:31:80:32:9e:51: d6:0d:6f:54:c5:50:fa:e9:47:43:df:f6:fa:eb:e0: f6:e3:54:5e:f7:b3:57:44:93:89:f5:70:78:bd:d9: 5c:ca:a4:b9:ab:88:da:82:6f:7b:46:15:78:af:70: 0a:1c:35:c2:f9:54:d2:31:c5:b2:b8:db:c1:b0:00: be:f1:31:44:0f:92:ec:37:3a:4b:c1:6b:41:81:4e: e3:36:93:de:4b:d2:16:92:c4:2c:4c:4f:0f:90:bb: 88:91:45:4f:1d:e9:ff:b5:de:55:88:5e:e7:2e:1f: d4:04:f0:5c:12:bc:91:7c:4a:f3:af:37:cd:28:51: 98:ea:fb:3b:bc:7d:0d:d3:75:85:c8:41:79:33:87: f2:49:65:5e:34:5c:38:69:33:34:91:f7:10:95:d3: 47:43:3d:b6:28:45:88:04:5e:f9:c1:2d:80:97:fd: f1:fb:76:d7:62:af:4c:8a:d3:54:22:24:77:83:9d: 34:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:C2:B0:49:45:2B:33:C9:3C:79:02:96:8D:0A:17:85:5A:FA:ED:0D X509v3 Authority Key Identifier: keyid:42:4F:D1:A3:A0:25:8D:CC:A6:7F:C9:DD:DB:F4:E3:61:57:E6:A7:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qk_Ro6Aljcymf8nd2_TjYVfmpxY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/NMKwSUUrM8k8eQKWjQoXhVr67Q0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/Qk_Ro6Aljcymf8nd2_TjYVfmpxY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 141.38.0.0/16 IPv6: 2001:67c:1364::/48 Signature Algorithm: sha256WithRSAEncryption 92:1d:06:da:fc:96:09:b9:8e:46:83:e4:0d:a1:f3:eb:58:a1: f8:5d:b2:2d:ef:f3:b3:d9:ee:a4:91:1e:72:08:1f:4b:3d:39: 34:ae:58:74:c2:fe:d8:08:97:b9:2b:9c:9f:74:94:27:f1:f3: 73:b3:ad:bd:73:a7:4c:98:a9:ce:cf:dd:6a:07:97:7a:3d:56: 7b:a2:bf:8d:ba:14:34:2f:6f:fc:30:15:97:cc:3e:82:a6:38: 12:55:fa:b5:1f:ce:7e:34:1b:fb:3e:2e:d2:32:6c:50:19:c4: ea:2b:c2:24:34:77:8a:a9:96:23:af:ed:70:e0:77:9d:8a:fc: ca:82:a7:80:a1:31:74:19:49:1a:3a:96:c0:84:de:56:31:b3: 99:63:c1:eb:47:e3:a3:99:54:b0:90:c1:73:69:38:08:3a:58: 96:b1:c4:f8:98:45:1e:51:70:04:ef:e6:db:a8:23:e6:6e:49: 2d:5c:cf:44:88:75:c1:57:b4:39:68:61:d1:5b:11:fc:f8:73: 4b:69:d8:7f:c3:ab:ee:88:d0:ab:04:c4:35:5f:98:40:cf:eb: 70:4a:0b:8b:ff:68:3c:db:76:8e:18:6d:c9:d8:92:64:4b:4d: eb:00:b3:4a:b3:14:90:82:7f:ae:57:01:7e:6d:65:58:68:f5: 78:cf:85:45 -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgISAZt5ff+OcxXFqvp52jJdyjmeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQyNGZkMWEzYTAyNThkY2NhNjdmYzlkZGRiZjRlMzYxNTdl NmE3MTYwHhcNMjYwMTAxMTIxNzM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNGMyYjA0OTQ1MmIzM2M5M2M3OTAyOTY4ZDBhMTc4NTVhZmFlZDBkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UXO/XxDIVTPHCbrQ7aUwU0ilM/E eSidwHvhhtcvysLSu1GYuQc2Z9LpECI0+eVyKaywA/C25HG+2Rwyu38JMnXhy9VB MYAynlHWDW9UxVD66UdD3/b66+D241Re97NXRJOJ9XB4vdlcyqS5q4jagm97RhV4 r3AKHDXC+VTSMcWyuNvBsAC+8TFED5LsNzpLwWtBgU7jNpPeS9IWksQsTE8PkLuI kUVPHen/td5ViF7nLh/UBPBcEryRfErzrzfNKFGY6vs7vH0N03WFyEF5M4fySWVe NFw4aTM0kfcQldNHQz22KEWIBF75wS2Al/3x+3bXYq9MitNUIiR3g500UwIDAQAB o4ICGTCCAhUwHQYDVR0OBBYEFDTCsElFKzPJPHkClo0KF4Va+u0NMB8GA1UdIwQY MBaAFEJP0aOgJY3Mpn/J3dv042FX5qcWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUWtfUm82QWxqY3ltZjhuZDJfVGpZVmZtcHhZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85MTM3NTItYjhkYy00ZGZmLTg2Njct NzQ3YjBlNTdhYjVlLzEvTk1Ld1NVVXJNOGs4ZVFLV2pRb1hoVnI2N1EwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OS85MTM3NTItYjhkYy00ZGZmLTg2NjctNzQ3YjBlNTdhYjVl LzEvUWtfUm82QWxqY3ltZjhuZDJfVGpZVmZtcHhZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjALBAIAATAFAwMAjSYwDwQC AAIwCQMHACABBnwTZDANBgkqhkiG9w0BAQsFAAOCAQEAkh0G2vyWCbmORoPkDaHz 61ih+F2yLe/zs9nupJEecggfSz05NK5YdML+2AiXuSucn3SUJ/Hzc7OtvXOnTJip zs/dageXej1We6K/jboUNC9v/DAVl8w+gqY4ElX6tR/OfjQb+z4u0jJsUBnE6ivC JDR3iqmWI6/tcOB3nYr8yoKngKExdBlJGjqWwITeVjGzmWPB60fjo5lUsJDBc2k4 CDpYlrHE+JhFHlFwBO/m26gj5m5JLVzPRIh1wVe0OWhh0VsR/PhzS2nYf8Or7ojQ qwTENV+YQM/rcEoLi/9oPNt2jhhtydiSZEtN6wCzSrMUkIJ/rlcBfm1lWGj1eM+F RQ== -----END CERTIFICATE-----Generated at Thu Jan 29 14:39:25 2026 by rpki-client