This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/22df61-b609-4986-99e3-926c4a326e08/1/Nytw89CcyDRmKPPk4sKcPeBej7k.roa File: Nytw89CcyDRmKPPk4sKcPeBej7k.roa (raw, json) Hash identifier: /jX42tEK2pmI+UdQCYDIPEu34ud01Vw41VxxvhWNQ5Q= Subject key identifier: 37:2B:70:F3:D0:9C:C8:34:66:28:F3:E4:E2:C2:9C:3D:E0:5E:8F:B9 Certificate issuer: /CN=aeb0b777f5377bb1c50653884b03e27dcdee828e Certificate serial: 019B797E1FE2FB9ED8E5CB2AEE58DAC5772B Authority key identifier: AE:B0:B7:77:F5:37:7B:B1:C5:06:53:88:4B:03:E2:7D:CD:EE:82:8E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rrC3d_U3e7HFBlOISwPifc3ugo4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/22df61-b609-4986-99e3-926c4a326e08/1/Nytw89CcyDRmKPPk4sKcPeBej7k.roa Signing time: Thu 01 Jan 2026 12:17:47 +0000 ROA not before: Thu 01 Jan 2026 12:17:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 2a13:a380:300::/48 maxlen: 48 2a13:a380:301::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/22df61-b609-4986-99e3-926c4a326e08/1/rrC3d_U3e7HFBlOISwPifc3ugo4.crl rsync://rpki.ripe.net/repository/DEFAULT/5f/22df61-b609-4986-99e3-926c4a326e08/1/rrC3d_U3e7HFBlOISwPifc3ugo4.mft rsync://rpki.ripe.net/repository/DEFAULT/rrC3d_U3e7HFBlOISwPifc3ugo4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:1f:e2:fb:9e:d8:e5:cb:2a:ee:58:da:c5:77:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aeb0b777f5377bb1c50653884b03e27dcdee828e Validity Not Before: Jan 1 12:17:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=372b70f3d09cc8346628f3e4e2c29c3de05e8fb9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:72:12:32:69:1d:02:ce:55:0f:fe:87:83:f2: 62:48:88:86:2f:65:b2:70:7c:be:5b:72:3e:ec:6f: b9:03:06:70:a7:7c:00:7f:2c:56:53:a5:ea:5c:1a: 16:2d:04:e4:6f:97:ff:f6:c0:5d:af:f8:4e:fc:52: bc:21:54:25:16:61:dd:7e:f7:6e:14:b3:a1:f3:2a: 29:32:97:ce:6b:58:a3:7f:cf:c6:bf:a8:4f:f1:47: 55:65:9c:51:e7:c0:74:b9:fa:16:8e:51:6b:47:59: 50:84:8b:3e:15:ac:01:21:f3:58:4d:1f:7d:e7:8e: dc:d2:97:51:a1:0b:3b:fe:c9:1f:13:e4:0b:1e:4c: 56:9b:80:62:16:21:ab:b0:77:33:82:7e:cf:d0:e9: 35:13:e2:fa:58:4c:db:e3:28:c4:90:32:41:02:e3: 4f:65:2c:d8:42:55:e9:74:35:04:28:93:16:39:45: 7d:16:6d:14:ea:80:f6:75:99:f9:f5:a4:d7:e4:e3: e6:bd:1f:17:37:80:76:6f:84:d2:0b:74:01:23:6f: 75:f0:1c:ef:d1:2f:e8:85:23:e8:e4:be:0b:56:2c: 7a:60:90:ed:7a:cc:b2:79:c4:7a:a9:84:db:50:23: bb:d8:f3:a3:67:b8:24:c8:7c:99:8c:6d:a6:1f:55: c2:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:2B:70:F3:D0:9C:C8:34:66:28:F3:E4:E2:C2:9C:3D:E0:5E:8F:B9 X509v3 Authority Key Identifier: keyid:AE:B0:B7:77:F5:37:7B:B1:C5:06:53:88:4B:03:E2:7D:CD:EE:82:8E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrC3d_U3e7HFBlOISwPifc3ugo4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/22df61-b609-4986-99e3-926c4a326e08/1/Nytw89CcyDRmKPPk4sKcPeBej7k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/22df61-b609-4986-99e3-926c4a326e08/1/rrC3d_U3e7HFBlOISwPifc3ugo4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a13:a380:300::/47 Signature Algorithm: sha256WithRSAEncryption 2b:58:b8:73:b8:c8:3f:f0:5e:e0:e0:65:a9:b4:ef:a7:a4:8a: e6:ce:c2:55:d4:fb:e0:55:0d:b3:63:5d:ce:cd:62:60:93:b0: 4f:1f:6f:df:72:f6:9f:de:e6:b9:40:01:f7:73:ce:50:76:5f: 34:38:de:7a:91:75:84:29:81:61:c4:7b:eb:24:6d:57:96:e8: 4b:c2:eb:35:cd:4c:5e:72:08:1f:fc:52:10:21:86:58:b1:32: a2:6b:7d:e7:10:ba:98:a3:b2:00:3f:59:ec:e8:55:84:b4:25: 35:b6:03:42:87:ff:cf:bb:7a:f9:73:80:78:4d:fa:60:46:89: b0:bb:30:69:44:e1:7d:d6:fe:3e:1b:67:18:f9:b2:03:41:1c: 79:c6:fe:e6:9f:c0:ad:13:be:28:15:e0:60:b5:0a:9f:e3:55: 62:c7:d5:e9:e1:b2:f3:2a:23:4a:54:09:3a:7c:3a:15:ed:75: 91:1a:d4:a3:1d:40:82:55:ba:b1:ab:c5:26:24:16:cf:9a:ec: 42:98:e3:65:7e:01:f7:5d:1d:36:ba:f2:f2:6a:7d:92:53:ed: a4:2a:0d:df:c2:0e:1a:fe:c7:d0:8e:04:9f:fe:8c:d9:18:c2: c4:49:84:18:5f:70:4a:4e:45:0c:4b:66:7b:85:7b:9f:e4:d1: 49:40:25:45 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt5fh/i+57Y5csq7ljaxXcrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFlYjBiNzc3ZjUzNzdiYjFjNTA2NTM4ODRiMDNlMjdkY2Rl ZTgyOGUwHhcNMjYwMTAxMTIxNzQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNzJiNzBmM2QwOWNjODM0NjYyOGYzZTRlMmMyOWMzZGUwNWU4ZmI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXISMmkdAs5VD/6Hg/JiSIiGL2Wy cHy+W3I+7G+5AwZwp3wAfyxWU6XqXBoWLQTkb5f/9sBdr/hO/FK8IVQlFmHdfvdu FLOh8yopMpfOa1ijf8/Gv6hP8UdVZZxR58B0ufoWjlFrR1lQhIs+FawBIfNYTR99 547c0pdRoQs7/skfE+QLHkxWm4BiFiGrsHczgn7P0Ok1E+L6WEzb4yjEkDJBAuNP ZSzYQlXpdDUEKJMWOUV9Fm0U6oD2dZn59aTX5OPmvR8XN4B2b4TSC3QBI2918Bzv 0S/ohSPo5L4LVix6YJDtesyyecR6qYTbUCO72POjZ7gkyHyZjG2mH1XCHwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFDcrcPPQnMg0Zijz5OLCnD3gXo+5MB8GA1UdIwQY MBaAFK6wt3f1N3uxxQZTiEsD4n3N7oKOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcnJDM2RfVTNlN0hGQmxPSVN3UGlmYzN1Z280LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8yMmRmNjEtYjYwOS00OTg2LTk5ZTMt OTI2YzRhMzI2ZTA4LzEvTnl0dzg5Q2N5RFJtS1BQazRzS2NQZUJlajdrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Zi8yMmRmNjEtYjYwOS00OTg2LTk5ZTMtOTI2YzRhMzI2ZTA4 LzEvcnJDM2RfVTNlN0hGQmxPSVN3UGlmYzN1Z280LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKhOjgAMA MA0GCSqGSIb3DQEBCwUAA4IBAQArWLhzuMg/8F7g4GWptO+npIrmzsJV1PvgVQ2z Y13OzWJgk7BPH2/fcvaf3ua5QAH3c85Qdl80ON56kXWEKYFhxHvrJG1XluhLwus1 zUxecggf/FIQIYZYsTKia33nELqYo7IAP1ns6FWEtCU1tgNCh//Pu3r5c4B4Tfpg RomwuzBpROF91v4+G2cY+bIDQRx5xv7mn8CtE74oFeBgtQqf41Vix9Xp4bLzKiNK VAk6fDoV7XWRGtSjHUCCVbqxq8UmJBbPmuxCmONlfgH3XR02uvLyan2SU+2kKg3f wg4a/sfQjgSf/ozZGMLESYQYX3BKTkUMS2Z7hXuf5NFJQCVF -----END CERTIFICATE-----Generated at Fri Jan 2 09:27:11 2026 by rpki-client