This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/NSXspG9pQJvmWYLKS70532E0Tr8.roa File: NSXspG9pQJvmWYLKS70532E0Tr8.roa (raw, json) Hash identifier: MrTONSRvxrXJDrrYRMbIis/UbxqsqX2KcYYn/ZlA2eI= Subject key identifier: 35:25:EC:A4:6F:69:40:9B:E6:59:82:CA:4B:BD:39:DF:61:34:4E:BF Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5 Certificate serial: 019B77C697935F186BDBF0036F145AB9308A Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/NSXspG9pQJvmWYLKS70532E0Tr8.roa Signing time: Thu 01 Jan 2026 04:17:42 +0000 ROA not before: Thu 01 Jan 2026 04:17:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 7922 IP address blocks: 138.226.0.0/20 maxlen: 20 138.226.88.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.mft rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 03:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:97:93:5f:18:6b:db:f0:03:6f:14:5a:b9:30:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5 Validity Not Before: Jan 1 04:17:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3525eca46f69409be65982ca4bbd39df61344ebf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:ec:86:70:24:d5:45:3c:25:9e:f7:86:91:69: 8a:5a:5a:9a:cd:0d:17:74:3a:df:8c:db:bf:4f:89: ec:e2:3d:50:7a:4f:77:fa:93:b3:2f:d4:1a:d9:8c: 2f:7c:48:20:c6:5b:e7:39:65:e2:da:ea:0f:b4:95: d0:7e:65:b5:7c:c9:c4:14:26:a8:59:98:3b:8e:60: 50:ab:2c:75:bd:bc:d2:7e:77:46:0b:5c:61:f7:1b: 1d:30:bf:c7:ea:fb:c7:4c:52:9a:6c:4f:4b:a5:93: a1:b6:4d:40:89:74:11:44:fd:b4:83:1d:d4:2c:54: 36:e0:88:d5:51:42:be:90:b2:d2:12:58:b1:6f:03: 90:f8:3d:da:9c:b9:83:20:1f:ab:7f:8c:6a:fd:06: d6:cb:90:1c:21:f5:a8:e4:9e:c2:0b:46:47:f6:c2: 62:55:80:92:4f:b7:53:03:c3:8c:c8:61:1c:7a:b8: ac:6a:c8:ed:4a:eb:54:99:09:74:8a:e1:c4:e5:23: cd:55:a8:d7:00:94:c5:a4:84:f3:1e:75:c8:08:7e: d5:cd:c8:b2:b5:11:df:43:f4:b8:b6:43:eb:c3:81: 7e:81:2d:22:95:76:fc:5f:61:24:b0:25:a0:68:be: a5:32:42:92:1f:61:2b:3b:07:a9:74:1c:6e:b9:a8: 78:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:25:EC:A4:6F:69:40:9B:E6:59:82:CA:4B:BD:39:DF:61:34:4E:BF X509v3 Authority Key Identifier: keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/NSXspG9pQJvmWYLKS70532E0Tr8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.226.0.0/20 138.226.88.0/21 Signature Algorithm: sha256WithRSAEncryption 88:8c:84:bf:fa:d1:a7:71:bf:b5:53:03:13:86:07:83:f4:36: 6e:68:7a:5a:9e:f2:52:36:f1:cb:27:c3:58:9b:7a:ec:ce:e3: 21:5a:84:39:e4:fb:67:65:50:4e:0c:e6:dc:b5:53:2a:08:a2: e7:cc:8a:73:fb:bf:11:27:8f:89:d8:d9:4f:3b:62:08:56:49: 75:8f:7e:89:b2:9e:c0:a5:ac:9e:32:d7:b2:8d:b9:9e:db:74: 51:97:6a:72:b4:4c:b9:23:0a:c7:48:c8:43:1d:e3:15:eb:dc: 82:b9:a5:8b:53:75:c5:86:91:46:33:0c:c7:61:5e:59:9c:88: 44:f9:18:b9:a8:a0:cd:3f:e3:33:e8:ec:19:92:cf:ab:44:f1: 62:f4:ef:43:ee:e9:99:3a:24:85:8e:ee:87:33:9e:d0:61:c6: 65:50:f0:10:b6:4c:00:4d:2a:30:b4:63:9d:60:ec:1d:3c:0e: 32:9f:9b:ae:ba:3d:44:2c:fa:55:28:d5:e8:ae:e3:2b:1c:72: a9:6d:42:c9:cd:d6:29:ee:b9:ec:e9:ca:c9:1e:7c:35:2c:4c: f0:f0:6d:a2:67:ec:16:08:20:5c:ad:d2:6b:7e:fa:6e:3c:98: 4d:74:ec:df:35:cc:2b:0c:3d:26:4e:b7:1d:38:21:d4:36:1c: 17:0e:e4:2f -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt3xpeTXxhr2/ADbxRauTCKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1 ZmIwYjUwHhcNMjYwMTAxMDQxNzQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNTI1ZWNhNDZmNjk0MDliZTY1OTgyY2E0YmJkMzlkZjYxMzQ0ZWJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuyGcCTVRTwlnveGkWmKWlqazQ0X dDrfjNu/T4ns4j1Qek93+pOzL9Qa2YwvfEggxlvnOWXi2uoPtJXQfmW1fMnEFCao WZg7jmBQqyx1vbzSfndGC1xh9xsdML/H6vvHTFKabE9LpZOhtk1AiXQRRP20gx3U LFQ24IjVUUK+kLLSElixbwOQ+D3anLmDIB+rf4xq/QbWy5AcIfWo5J7CC0ZH9sJi VYCST7dTA8OMyGEcerisasjtSutUmQl0iuHE5SPNVajXAJTFpITzHnXICH7Vzciy tRHfQ/S4tkPrw4F+gS0ilXb8X2EksCWgaL6lMkKSH2ErOwepdBxuuah4WQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFDUl7KRvaUCb5lmCyku9Od9hNE6/MB8GA1UdIwQY MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct NWUwZjRhYjgwOWJiLzEvTlNYc3BHOXBRSnZtV1lMS1M3MDUzMkUwVHI4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEiuIAAwQD iuJYMA0GCSqGSIb3DQEBCwUAA4IBAQCIjIS/+tGncb+1UwMThgeD9DZuaHpanvJS NvHLJ8NYm3rszuMhWoQ55PtnZVBODObctVMqCKLnzIpz+78RJ4+J2NlPO2IIVkl1 j36Jsp7ApayeMteyjbme23RRl2pytEy5IwrHSMhDHeMV69yCuaWLU3XFhpFGMwzH YV5ZnIhE+Ri5qKDNP+Mz6OwZks+rRPFi9O9D7umZOiSFju6HM57QYcZlUPAQtkwA TSowtGOdYOwdPA4yn5uuuj1ELPpVKNXoruMrHHKpbULJzdYp7rns6crJHnw1LEzw 8G2iZ+wWCCBcrdJrfvpuPJhNdOzfNcwrDD0mTrcdOCHUNhwXDuQv -----END CERTIFICATE-----Generated at Fri Jan 9 12:02:22 2026 by rpki-client