This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/NRnc0MiLNgbuvfsNBN_chXpyQsY.roa File: NRnc0MiLNgbuvfsNBN_chXpyQsY.roa (raw, json) Hash identifier: C5qgrl3mdnbFvtHeaqRaus49s6OOOYlaRV1VkekoU7w= Subject key identifier: 35:19:DC:D0:C8:8B:36:06:EE:BD:FB:0D:04:DF:DC:85:7A:72:42:C6 Certificate issuer: /CN=e14ac611614dd165d94557296ed7ed46c8fc025f Certificate serial: 019B7EA710A998D700C7C3832B37E93D3371 Authority key identifier: E1:4A:C6:11:61:4D:D1:65:D9:45:57:29:6E:D7:ED:46:C8:FC:02:5F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/NRnc0MiLNgbuvfsNBN_chXpyQsY.roa Signing time: Fri 02 Jan 2026 12:20:36 +0000 ROA not before: Fri 02 Jan 2026 12:20:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3170 IP address blocks: 5.252.235.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/4UrGEWFN0WXZRVcpbtftRsj8Al8.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/4UrGEWFN0WXZRVcpbtftRsj8Al8.mft rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 09:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:10:a9:98:d7:00:c7:c3:83:2b:37:e9:3d:33:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e14ac611614dd165d94557296ed7ed46c8fc025f Validity Not Before: Jan 2 12:20:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3519dcd0c88b3606eebdfb0d04dfdc857a7242c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:52:1f:cb:1b:22:7b:67:36:12:a2:65:00:49: 4c:d0:11:67:1d:14:89:72:92:cd:e0:48:7a:fe:b9: cb:42:17:15:23:77:9c:be:5b:f0:58:dd:5f:dd:2d: fc:61:48:94:d5:a9:39:d3:71:13:bf:60:b4:05:f7: ab:ff:4d:40:53:42:4b:26:c3:d0:74:af:a5:e0:c1: 05:85:35:00:74:d5:43:c2:44:f4:bd:4f:5e:8d:cf: 44:bb:5a:1a:46:ad:b2:7b:80:51:38:98:b0:b2:46: 32:58:e3:cc:27:7f:62:7d:b3:4d:4d:c2:9a:61:cb: fe:6c:db:05:e8:3e:7d:37:84:88:56:82:c5:e3:7c: 18:b3:50:a8:3f:50:47:31:a6:9d:81:79:0e:1f:09: db:f7:f5:76:26:bc:f8:22:ca:75:39:b2:10:09:a6: f3:56:6f:81:2c:f6:19:bc:d9:0c:e8:07:92:0d:8b: 89:aa:66:b1:f2:d4:72:a0:b3:d8:b4:ac:ce:17:50: 9f:b1:2f:a9:14:14:e7:76:e1:ba:40:b6:32:e7:8d: a0:84:c1:1c:94:e4:a6:2a:1c:0b:48:62:c1:6f:58: 33:be:19:e9:4b:e0:08:0d:2d:1f:92:bc:59:ca:06: 7f:20:3c:2b:58:25:b4:60:c2:0f:a7:1b:bf:92:7c: b6:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:19:DC:D0:C8:8B:36:06:EE:BD:FB:0D:04:DF:DC:85:7A:72:42:C6 X509v3 Authority Key Identifier: keyid:E1:4A:C6:11:61:4D:D1:65:D9:45:57:29:6E:D7:ED:46:C8:FC:02:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/NRnc0MiLNgbuvfsNBN_chXpyQsY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/4UrGEWFN0WXZRVcpbtftRsj8Al8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.252.235.0/24 Signature Algorithm: sha256WithRSAEncryption a0:61:52:d1:91:cf:fa:84:68:d5:f0:b2:3e:44:d0:f9:31:9c: f4:94:29:d9:32:7b:b4:d0:51:40:d5:32:b0:d4:b9:f6:2f:9e: fc:63:7d:04:0e:3d:0d:71:6d:56:03:43:91:ee:6d:8b:9b:80: 93:d1:2a:c9:e7:85:61:f8:6a:0c:4e:e8:a2:7b:6f:59:77:1c: 41:4b:91:ca:a1:9e:27:d2:7b:23:c2:5e:a7:51:1b:84:d2:c4: 21:c6:96:2c:45:64:73:68:8f:7c:6f:e2:10:88:4c:cf:6d:91: 82:62:0b:62:1e:c1:71:07:5c:e8:11:39:d2:5c:d1:4f:54:05: 59:9b:ae:31:f7:5b:d8:e6:76:e1:ca:99:02:fe:d5:1f:9b:32: b6:4d:e3:f3:b9:7c:1d:60:bb:7e:0c:a2:d3:37:9f:3a:9c:8d: 3c:91:fb:82:37:65:ba:6e:9f:28:d1:0c:d2:de:27:88:a6:e1: 7f:22:63:9c:b4:80:01:cd:a3:f7:ee:a8:b3:37:c4:d3:7d:68: eb:2c:2c:ca:af:24:2b:b3:01:2d:11:8c:bd:9a:72:e3:46:12: 77:01:d5:f0:7e:c7:69:3d:63:ee:4b:95:5f:7f:6c:1d:5c:df: 24:38:50:31:31:85:1c:8a:12:6d:17:0d:00:0c:37:ac:85:82: ba:95:32:10 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+pxCpmNcAx8ODKzfpPTNxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUxNGFjNjExNjE0ZGQxNjVkOTQ1NTcyOTZlZDdlZDQ2Yzhm YzAyNWYwHhcNMjYwMTAyMTIyMDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNTE5ZGNkMGM4OGIzNjA2ZWViZGZiMGQwNGRmZGM4NTdhNzI0MmM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1Ifyxsie2c2EqJlAElM0BFnHRSJ cpLN4Eh6/rnLQhcVI3ecvlvwWN1f3S38YUiU1ak503ETv2C0Bfer/01AU0JLJsPQ dK+l4MEFhTUAdNVDwkT0vU9ejc9Eu1oaRq2ye4BROJiwskYyWOPMJ39ifbNNTcKa Ycv+bNsF6D59N4SIVoLF43wYs1CoP1BHMaadgXkOHwnb9/V2Jrz4Isp1ObIQCabz Vm+BLPYZvNkM6AeSDYuJqmax8tRyoLPYtKzOF1CfsS+pFBTnduG6QLYy542ghMEc lOSmKhwLSGLBb1gzvhnpS+AIDS0fkrxZygZ/IDwrWCW0YMIPpxu/kny2HwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFDUZ3NDIizYG7r37DQTf3IV6ckLGMB8GA1UdIwQY MBaAFOFKxhFhTdFl2UVXKW7X7UbI/AJfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNFVyR0VXRk4wV1haUlZjcGJ0ZnRSc2o4QWw4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS82ZTc5YjgtMmI4Zi00ZWNjLTlhNmUt NzBlODk4YmIzOGRkLzEvTlJuYzBNaUxOZ2J1dmZzTkJOX2NoWHB5UXNZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS82ZTc5YjgtMmI4Zi00ZWNjLTlhNmUtNzBlODk4YmIzOGRk LzEvNFVyR0VXRk4wV1haUlZjcGJ0ZnRSc2o4QWw4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABfzrMA0G CSqGSIb3DQEBCwUAA4IBAQCgYVLRkc/6hGjV8LI+RND5MZz0lCnZMnu00FFA1TKw 1Ln2L578Y30EDj0NcW1WA0OR7m2Lm4CT0SrJ54Vh+GoMTuiie29ZdxxBS5HKoZ4n 0nsjwl6nURuE0sQhxpYsRWRzaI98b+IQiEzPbZGCYgtiHsFxB1zoETnSXNFPVAVZ m64x91vY5nbhypkC/tUfmzK2TePzuXwdYLt+DKLTN586nI08kfuCN2W6bp8o0QzS 3ieIpuF/ImOctIABzaP37qizN8TTfWjrLCzKryQrswEtEYy9mnLjRhJ3AdXwfsdp PWPuS5Vff2wdXN8kOFAxMYUcihJtFw0ADDeshYK6lTIQ -----END CERTIFICATE-----Generated at Wed Jan 21 12:18:01 2026 by rpki-client