This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/Nl-NwJXgg_mKvSjTnftPWLYBToY.roa File: Nl-NwJXgg_mKvSjTnftPWLYBToY.roa (raw, json) Hash identifier: UM5uAdr1m30XVEMiULWnarxQCPhDPuMKS+lBMXBG4Ls= Subject key identifier: 36:5F:8D:C0:95:E0:83:F9:8A:BD:28:D3:9D:FB:4F:58:B6:01:4E:86 Certificate issuer: /CN=ab1c800aa1b78a17a43e19fd9938355d0411e94a Certificate serial: 019B7D5CF74DB2143F36407DEE86F9AD098B Authority key identifier: AB:1C:80:0A:A1:B7:8A:17:A4:3E:19:FD:99:38:35:5D:04:11:E9:4A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qxyACqG3ihekPhn9mTg1XQQR6Uo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/Nl-NwJXgg_mKvSjTnftPWLYBToY.roa Signing time: Fri 02 Jan 2026 06:20:03 +0000 ROA not before: Fri 02 Jan 2026 06:20:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25584 IP address blocks: 217.173.205.0/24 maxlen: 24 2a04:9444::/30 maxlen: 30 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/qxyACqG3ihekPhn9mTg1XQQR6Uo.crl rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/qxyACqG3ihekPhn9mTg1XQQR6Uo.mft rsync://rpki.ripe.net/repository/DEFAULT/qxyACqG3ihekPhn9mTg1XQQR6Uo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:f7:4d:b2:14:3f:36:40:7d:ee:86:f9:ad:09:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab1c800aa1b78a17a43e19fd9938355d0411e94a Validity Not Before: Jan 2 06:20:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=365f8dc095e083f98abd28d39dfb4f58b6014e86 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:58:f1:b5:dd:4d:bc:82:75:82:92:e9:e5:c8: 17:24:3c:85:65:11:65:5f:84:c3:68:52:17:90:bd: 43:f7:c6:6a:a9:dd:b8:fc:7d:5c:a2:e8:af:6b:47: ce:d7:f9:59:ba:a6:de:6d:33:48:f7:ff:3c:a3:2b: fe:1e:08:80:23:e4:9d:ed:57:82:43:1f:cb:be:47: f8:96:b6:c6:12:e8:74:17:72:5e:0c:8b:64:88:af: 74:b7:6a:fb:c7:dd:7a:48:9b:be:43:e8:6a:e1:47: 0b:78:6a:a5:89:20:e4:0e:ab:76:a5:fb:85:37:9d: 08:71:55:b0:c6:5d:9b:a2:83:ed:4b:ad:e2:01:02: 56:26:2d:b9:f4:d2:02:f1:52:97:cc:d1:9b:79:d1: c4:56:09:ab:a4:fd:fb:d4:04:a1:0a:1b:f2:c9:e1: 51:c1:ff:2c:2f:22:dd:cf:ff:18:8f:8c:f9:be:8b: 31:5c:8f:3c:6c:f8:78:52:40:eb:c1:0e:65:ae:ab: 30:98:fa:17:8b:df:4b:5f:37:07:a5:64:f8:e0:db: 05:85:80:d9:aa:32:3d:3e:ba:cc:81:ef:1a:a9:0c: eb:34:63:c7:fe:a9:d4:f4:8f:8e:bb:be:a7:a8:6c: ba:35:c2:c1:e9:1a:52:ac:fc:ab:31:37:79:cb:4f: 1c:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:5F:8D:C0:95:E0:83:F9:8A:BD:28:D3:9D:FB:4F:58:B6:01:4E:86 X509v3 Authority Key Identifier: keyid:AB:1C:80:0A:A1:B7:8A:17:A4:3E:19:FD:99:38:35:5D:04:11:E9:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qxyACqG3ihekPhn9mTg1XQQR6Uo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/Nl-NwJXgg_mKvSjTnftPWLYBToY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/qxyACqG3ihekPhn9mTg1XQQR6Uo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.173.205.0/24 IPv6: 2a04:9444::/30 Signature Algorithm: sha256WithRSAEncryption b6:05:0b:4a:cf:df:c7:ab:f9:dc:2f:0b:22:0c:17:fc:97:b1: 4a:a9:07:07:12:fb:dd:b6:9a:09:d0:48:98:58:2b:cd:46:b1: 17:6a:4f:bc:b7:fb:69:0c:f8:74:b6:7c:fd:d5:4d:1c:bc:e1: c8:ec:06:c6:02:82:dd:bb:86:f8:06:06:82:d7:4d:ac:1b:29: d5:9a:1f:04:89:1f:24:fc:bd:54:c8:0d:c2:9e:62:e0:d1:74: a1:03:e5:03:bd:68:e7:e8:ed:73:d3:36:56:0c:32:ce:9f:34: a8:c0:8e:bc:f4:c5:91:c4:c5:6a:ab:e8:9a:93:95:7d:4d:12: c8:e0:f0:f5:1f:d2:ec:7a:06:55:b5:31:8c:b6:98:d2:78:45: d4:75:9e:99:53:1b:28:a0:73:c1:78:46:52:95:ba:9c:a3:d4: 32:8f:37:59:3f:50:86:ef:fe:e5:4e:2f:01:05:15:35:69:0a: 66:60:74:19:09:f0:69:62:72:e5:3d:44:59:c9:fc:cb:12:7d: 8a:f6:4a:1b:62:92:9c:ef:aa:0f:78:2f:58:bb:b3:a4:15:74: c4:ce:90:26:45:0a:15:a6:b8:01:24:96:b6:2b:44:10:12:6e: c3:ec:5f:16:62:76:fc:0c:84:76:35:5f:8d:e9:39:d5:b0:47: 85:9c:a4:ed -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt9XPdNshQ/NkB97ob5rQmLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFiMWM4MDBhYTFiNzhhMTdhNDNlMTlmZDk5MzgzNTVkMDQx MWU5NGEwHhcNMjYwMTAyMDYyMDAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNjVmOGRjMDk1ZTA4M2Y5OGFiZDI4ZDM5ZGZiNGY1OGI2MDE0ZTg2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFjxtd1NvIJ1gpLp5cgXJDyFZRFl X4TDaFIXkL1D98Zqqd24/H1couiva0fO1/lZuqbebTNI9/88oyv+HgiAI+Sd7VeC Qx/Lvkf4lrbGEuh0F3JeDItkiK90t2r7x916SJu+Q+hq4UcLeGqliSDkDqt2pfuF N50IcVWwxl2booPtS63iAQJWJi259NIC8VKXzNGbedHEVgmrpP371AShChvyyeFR wf8sLyLdz/8Yj4z5vosxXI88bPh4UkDrwQ5lrqswmPoXi99LXzcHpWT44NsFhYDZ qjI9PrrMge8aqQzrNGPH/qnU9I+Ou76nqGy6NcLB6RpSrPyrMTd5y08cRwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFDZfjcCV4IP5ir0o0537T1i2AU6GMB8GA1UdIwQY MBaAFKscgAqht4oXpD4Z/Zk4NV0EEelKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcXh5QUNxRzNpaGVrUGhuOW1UZzFYUVFSNlVvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8xYjFjYTAtYmJmMi00NDE5LThhMGMt NTBjYmNiNWIxOWMyLzEvTmwtTndKWGdnX21LdlNqVG5mdFBXTFlCVG9ZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82YS8xYjFjYTAtYmJmMi00NDE5LThhMGMtNTBjYmNiNWIxOWMy LzEvcXh5QUNxRzNpaGVrUGhuOW1UZzFYUVFSNlVvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA2a3NMA0E AgACMAcDBQIqBJREMA0GCSqGSIb3DQEBCwUAA4IBAQC2BQtKz9/Hq/ncLwsiDBf8 l7FKqQcHEvvdtpoJ0EiYWCvNRrEXak+8t/tpDPh0tnz91U0cvOHI7AbGAoLdu4b4 BgaC102sGynVmh8EiR8k/L1UyA3CnmLg0XShA+UDvWjn6O1z0zZWDDLOnzSowI68 9MWRxMVqq+iak5V9TRLI4PD1H9LsegZVtTGMtpjSeEXUdZ6ZUxsooHPBeEZSlbqc o9QyjzdZP1CG7/7lTi8BBRU1aQpmYHQZCfBpYnLlPURZyfzLEn2K9kobYpKc76oP eC9Yu7OkFXTEzpAmRQoVprgBJJa2K0QQEm7D7F8WYnb8DIR2NV+N6TnVsEeFnKTt -----END CERTIFICATE-----Generated at Mon Jan 26 23:21:03 2026 by rpki-client