This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/ebd05e-f607-4bfb-a42b-127008924eed/1/NUMsW2fdf3SjrYGEQTRkZNhTS7A.roa File: NUMsW2fdf3SjrYGEQTRkZNhTS7A.roa (raw, json) Hash identifier: NIqv3PrQsgpG1/zoYtC/m+nGNGEajaJy1aijMy9aHTo= Subject key identifier: 35:43:2C:5B:67:DD:7F:74:A3:AD:81:84:41:34:64:64:D8:53:4B:B0 Certificate issuer: /CN=032873518697c23e9c3e37a646bad121235ad744 Certificate serial: 019B7DCADA44F57EF9424315E7E610E6CBE2 Authority key identifier: 03:28:73:51:86:97:C2:3E:9C:3E:37:A6:46:BA:D1:21:23:5A:D7:44 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AyhzUYaXwj6cPjemRrrRISNa10Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/ebd05e-f607-4bfb-a42b-127008924eed/1/NUMsW2fdf3SjrYGEQTRkZNhTS7A.roa Signing time: Fri 02 Jan 2026 08:20:04 +0000 ROA not before: Fri 02 Jan 2026 08:20:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200049 IP address blocks: 185.38.72.0/24 maxlen: 24 185.38.73.0/24 maxlen: 24 185.38.74.0/24 maxlen: 24 185.38.75.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/ebd05e-f607-4bfb-a42b-127008924eed/1/AyhzUYaXwj6cPjemRrrRISNa10Q.crl rsync://rpki.ripe.net/repository/DEFAULT/6e/ebd05e-f607-4bfb-a42b-127008924eed/1/AyhzUYaXwj6cPjemRrrRISNa10Q.mft rsync://rpki.ripe.net/repository/DEFAULT/AyhzUYaXwj6cPjemRrrRISNa10Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:da:44:f5:7e:f9:42:43:15:e7:e6:10:e6:cb:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=032873518697c23e9c3e37a646bad121235ad744 Validity Not Before: Jan 2 08:20:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=35432c5b67dd7f74a3ad818441346464d8534bb0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:da:50:74:ea:4f:c5:bb:8c:56:e1:71:e2:2d: b5:7b:1f:12:12:6e:41:0b:71:db:d1:05:54:44:f2: ed:c0:f1:1e:a2:80:7b:99:de:4c:d2:51:1a:94:0b: 90:2c:bf:e0:97:40:14:bc:e0:3e:2c:15:19:3b:0c: b2:71:5c:9a:98:6d:52:1b:92:f7:a5:97:8e:5c:c8: ff:8c:df:99:a2:51:79:55:11:67:27:c4:ca:84:06: 06:9c:2c:76:e0:e9:dd:3e:93:db:51:15:d0:c7:c8: d3:e2:1c:ac:50:93:99:99:3d:39:07:f7:d8:31:5f: b1:b7:ec:74:38:83:e0:a9:02:7c:f0:e9:be:6e:98: b3:06:43:85:25:6b:2f:08:7f:b6:54:8e:bd:87:b1: e5:04:9a:04:7c:2d:dc:15:89:9d:d1:4a:3e:15:2c: fd:7d:de:f4:86:1c:b8:05:51:02:1e:48:df:b8:84: ac:ba:36:85:54:8c:ef:3b:7d:a7:5d:44:91:b2:54: a9:6c:ff:19:d1:79:f9:fe:0d:09:3f:73:21:bf:b6: 2a:0c:e6:91:38:72:b9:a7:d0:c0:c6:24:d2:3c:b4: 6b:64:24:e3:50:f0:8d:e3:e9:47:45:a0:77:3b:1b: 07:92:f7:6a:21:64:30:31:b0:07:11:0e:76:2b:93: 21:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:43:2C:5B:67:DD:7F:74:A3:AD:81:84:41:34:64:64:D8:53:4B:B0 X509v3 Authority Key Identifier: keyid:03:28:73:51:86:97:C2:3E:9C:3E:37:A6:46:BA:D1:21:23:5A:D7:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AyhzUYaXwj6cPjemRrrRISNa10Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/ebd05e-f607-4bfb-a42b-127008924eed/1/NUMsW2fdf3SjrYGEQTRkZNhTS7A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/ebd05e-f607-4bfb-a42b-127008924eed/1/AyhzUYaXwj6cPjemRrrRISNa10Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.38.72.0/22 Signature Algorithm: sha256WithRSAEncryption b4:08:af:4f:7e:e9:9f:e8:6f:33:91:69:a9:68:e5:b2:f0:96: 99:f5:56:eb:a2:07:d2:ea:88:74:ca:d3:4c:50:2e:f8:9d:18: ee:43:f6:b7:9c:de:75:f4:4c:1d:62:62:4f:75:12:b5:b6:5a: 35:0a:29:87:ee:ff:11:13:74:06:f2:da:60:f5:7b:85:5e:97: 15:6d:d5:ba:73:68:bd:0f:4a:40:0c:09:e5:49:e6:c2:9e:df: 57:1b:ab:7f:5a:05:dc:89:84:df:85:b0:20:e1:ac:f9:d4:42: 80:fd:c2:60:68:92:3a:f5:7b:b6:68:cf:e1:0d:04:2c:c1:64: 8e:8c:77:2a:e1:8f:91:66:26:e1:45:df:23:e5:51:1f:48:77: f5:3a:19:51:ab:db:93:16:27:80:b2:b6:f4:ae:9f:17:9a:47: d1:f5:97:64:d3:d3:e4:a3:e2:be:fa:7d:ba:b5:19:b8:bc:67: f9:14:a1:b3:aa:a8:e3:70:8f:a5:57:24:fb:a7:41:e5:c1:04: 97:6a:1c:18:d2:d5:86:52:cd:86:e7:28:e9:33:d9:81:ca:8b: 74:48:c8:29:7b:4f:13:ef:0d:e2:db:67:e7:f5:99:b1:3d:56: 75:63:91:a0:3a:8a:68:e9:0c:84:52:7f:42:f7:f6:63:90:2a: 65:77:34:e5 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9ytpE9X75QkMV5+YQ5sviMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAzMjg3MzUxODY5N2MyM2U5YzNlMzdhNjQ2YmFkMTIxMjM1 YWQ3NDQwHhcNMjYwMTAyMDgyMDA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNTQzMmM1YjY3ZGQ3Zjc0YTNhZDgxODQ0MTM0NjQ2NGQ4NTM0YmIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tpQdOpPxbuMVuFx4i21ex8SEm5B C3Hb0QVURPLtwPEeooB7md5M0lEalAuQLL/gl0AUvOA+LBUZOwyycVyamG1SG5L3 pZeOXMj/jN+ZolF5VRFnJ8TKhAYGnCx24OndPpPbURXQx8jT4hysUJOZmT05B/fY MV+xt+x0OIPgqQJ88Om+bpizBkOFJWsvCH+2VI69h7HlBJoEfC3cFYmd0Uo+FSz9 fd70hhy4BVECHkjfuISsujaFVIzvO32nXUSRslSpbP8Z0Xn5/g0JP3Mhv7YqDOaR OHK5p9DAxiTSPLRrZCTjUPCN4+lHRaB3OxsHkvdqIWQwMbAHEQ52K5Mh3wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFDVDLFtn3X90o62BhEE0ZGTYU0uwMB8GA1UdIwQY MBaAFAMoc1GGl8I+nD43pka60SEjWtdEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQXloelVZYVh3ajZjUGplbVJyclJJU05hMTBRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9lYmQwNWUtZjYwNy00YmZiLWE0MmIt MTI3MDA4OTI0ZWVkLzEvTlVNc1cyZmRmM1NqcllHRVFUUmtaTmhUUzdBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82ZS9lYmQwNWUtZjYwNy00YmZiLWE0MmItMTI3MDA4OTI0ZWVk LzEvQXloelVZYVh3ajZjUGplbVJyclJJU05hMTBRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSZIMA0G CSqGSIb3DQEBCwUAA4IBAQC0CK9Pfumf6G8zkWmpaOWy8JaZ9VbrogfS6oh0ytNM UC74nRjuQ/a3nN519EwdYmJPdRK1tlo1CimH7v8RE3QG8tpg9XuFXpcVbdW6c2i9 D0pADAnlSebCnt9XG6t/WgXciYTfhbAg4az51EKA/cJgaJI69Xu2aM/hDQQswWSO jHcq4Y+RZibhRd8j5VEfSHf1OhlRq9uTFieAsrb0rp8XmkfR9Zdk09Pko+K++n26 tRm4vGf5FKGzqqjjcI+lVyT7p0HlwQSXahwY0tWGUs2G5yjpM9mByot0SMgpe08T 7w3i22fn9ZmxPVZ1Y5GgOopo6QyEUn9C9/ZjkCpldzTl -----END CERTIFICATE-----Generated at Tue Feb 10 06:06:52 2026 by rpki-client