This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/d800be-4acf-49f2-969d-db227c496804/1/NlBBiPNjXDRFtCk_AZIxS1Dx7J0.roa File: NlBBiPNjXDRFtCk_AZIxS1Dx7J0.roa (raw, json) Hash identifier: bjhWsZ/wa6AH82ETFpbDw+CIP4gJfBrDvOOjz717MoY= Subject key identifier: 36:50:41:88:F3:63:5C:34:45:B4:29:3F:01:92:31:4B:50:F1:EC:9D Certificate issuer: /CN=89bd54e7d69c147d6b56f8c6a209d3deaea277dd Certificate serial: 019B77C6675741AC97DEAC5FE3F70A16510E Authority key identifier: 89:BD:54:E7:D6:9C:14:7D:6B:56:F8:C6:A2:09:D3:DE:AE:A2:77:DD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ib1U59acFH1rVvjGognT3q6id90.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/d800be-4acf-49f2-969d-db227c496804/1/NlBBiPNjXDRFtCk_AZIxS1Dx7J0.roa Signing time: Thu 01 Jan 2026 04:17:29 +0000 ROA not before: Thu 01 Jan 2026 04:17:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 2001:678:f64::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/d800be-4acf-49f2-969d-db227c496804/1/ib1U59acFH1rVvjGognT3q6id90.crl rsync://rpki.ripe.net/repository/DEFAULT/7e/d800be-4acf-49f2-969d-db227c496804/1/ib1U59acFH1rVvjGognT3q6id90.mft rsync://rpki.ripe.net/repository/DEFAULT/ib1U59acFH1rVvjGognT3q6id90.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:67:57:41:ac:97:de:ac:5f:e3:f7:0a:16:51:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=89bd54e7d69c147d6b56f8c6a209d3deaea277dd Validity Not Before: Jan 1 04:17:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=36504188f3635c3445b4293f0192314b50f1ec9d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:51:6d:17:b7:74:ed:f4:d6:ad:5a:1b:f9:ee: c9:3b:d3:0d:56:64:8d:45:b2:04:96:cd:ce:da:08: 67:39:c8:a8:e8:3a:d0:60:9f:73:f4:ef:eb:e7:7a: b9:a4:40:ec:45:bb:63:cd:31:8f:6d:df:e4:4a:4b: 60:fb:80:92:dc:09:f7:8f:e6:b4:da:72:5c:48:03: 38:c6:36:8e:1a:0b:48:4e:b4:4d:24:1e:1b:1f:b1: 2f:16:7a:ab:f3:e0:42:90:4e:5c:a8:4f:be:25:4d: 3b:d1:82:c5:22:dd:47:d7:b6:ed:05:cf:16:3f:a3: 89:4a:98:a1:b2:71:21:3e:52:98:23:db:d2:e5:f3: 9d:b8:7c:c0:07:39:04:28:6e:8e:7c:e5:76:20:3b: 80:89:f6:71:55:8d:e4:d6:a6:70:95:67:b4:14:c1: 44:a4:33:a6:59:88:c1:77:fc:b2:7b:fc:c0:bf:46: 6a:86:18:8b:b6:e4:f9:62:a8:45:36:bd:27:c2:02: af:0d:45:bc:d4:33:44:3e:cb:b0:3e:d2:45:2b:2c: 53:dc:af:c7:80:a2:3f:4b:0b:ea:25:3b:76:36:8c: f9:1a:7b:9f:16:36:87:e1:07:51:21:67:12:8a:ec: bd:12:76:a1:4d:21:dc:a5:b0:51:ad:64:8a:96:ac: 0c:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:50:41:88:F3:63:5C:34:45:B4:29:3F:01:92:31:4B:50:F1:EC:9D X509v3 Authority Key Identifier: keyid:89:BD:54:E7:D6:9C:14:7D:6B:56:F8:C6:A2:09:D3:DE:AE:A2:77:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ib1U59acFH1rVvjGognT3q6id90.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d800be-4acf-49f2-969d-db227c496804/1/NlBBiPNjXDRFtCk_AZIxS1Dx7J0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d800be-4acf-49f2-969d-db227c496804/1/ib1U59acFH1rVvjGognT3q6id90.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:f64::/48 Signature Algorithm: sha256WithRSAEncryption b4:7e:b0:1c:ed:a9:d9:5a:b0:fa:ac:88:fa:17:39:8f:ce:dd: 91:72:db:5c:77:df:1c:78:34:16:11:a1:49:03:91:60:54:40: 86:5f:a2:7e:bd:da:f7:64:c8:97:5a:64:91:ee:6d:5c:e0:9d: 83:22:fa:b8:2c:ac:fa:9c:af:08:17:58:56:75:f7:67:fe:41: 14:d4:76:82:4e:e0:41:69:84:57:70:1c:26:e2:f9:54:c3:d8: b8:9b:76:78:5e:30:ad:41:50:29:cb:77:0d:41:6f:06:04:df: 13:05:f7:42:90:23:68:3e:db:ff:05:db:b0:ba:90:8e:b8:83: e2:f8:48:7f:10:96:92:de:c1:41:0f:0c:1b:0b:f8:af:23:b8: f3:dc:8d:ad:bc:ef:01:21:1c:76:8d:c3:46:7c:5c:9a:b8:0a: 4a:9d:40:ff:df:27:08:ff:5d:f4:df:6f:75:0f:5b:ab:73:9b: d7:c8:cb:19:09:89:64:d1:3a:cd:87:37:dc:ed:ba:5f:c1:e1: 14:7f:25:86:03:eb:74:dd:b9:e1:4d:49:5c:91:0a:de:5c:1d: b4:dc:c6:46:3d:11:c5:85:e1:9c:6a:17:88:39:7c:7f:61:df: 47:35:61:8f:07:b9:a2:4d:36:ae:90:b2:da:4b:24:c6:82:7d: 7b:0a:2d:94 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt3xmdXQayX3qxf4/cKFlEOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5YmQ1NGU3ZDY5YzE0N2Q2YjU2ZjhjNmEyMDlkM2RlYWVh Mjc3ZGQwHhcNMjYwMTAxMDQxNzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNjUwNDE4OGYzNjM1YzM0NDViNDI5M2YwMTkyMzE0YjUwZjFlYzlkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlFtF7d07fTWrVob+e7JO9MNVmSN RbIEls3O2ghnOcio6DrQYJ9z9O/r53q5pEDsRbtjzTGPbd/kSktg+4CS3An3j+a0 2nJcSAM4xjaOGgtITrRNJB4bH7EvFnqr8+BCkE5cqE++JU070YLFIt1H17btBc8W P6OJSpihsnEhPlKYI9vS5fOduHzABzkEKG6OfOV2IDuAifZxVY3k1qZwlWe0FMFE pDOmWYjBd/yye/zAv0ZqhhiLtuT5YqhFNr0nwgKvDUW81DNEPsuwPtJFKyxT3K/H gKI/SwvqJTt2Noz5GnufFjaH4QdRIWcSiuy9EnahTSHcpbBRrWSKlqwM4QIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFDZQQYjzY1w0RbQpPwGSMUtQ8eydMB8GA1UdIwQY MBaAFIm9VOfWnBR9a1b4xqIJ096uonfdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaWIxVTU5YWNGSDFyVnZqR29nblQzcTZpZDkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kODAwYmUtNGFjZi00OWYyLTk2OWQt ZGIyMjdjNDk2ODA0LzEvTmxCQmlQTmpYRFJGdENrX0FaSXhTMUR4N0owLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83ZS9kODAwYmUtNGFjZi00OWYyLTk2OWQtZGIyMjdjNDk2ODA0 LzEvaWIxVTU5YWNGSDFyVnZqR29nblQzcTZpZDkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA9k MA0GCSqGSIb3DQEBCwUAA4IBAQC0frAc7anZWrD6rIj6FzmPzt2Rcttcd98ceDQW EaFJA5FgVECGX6J+vdr3ZMiXWmSR7m1c4J2DIvq4LKz6nK8IF1hWdfdn/kEU1HaC TuBBaYRXcBwm4vlUw9i4m3Z4XjCtQVApy3cNQW8GBN8TBfdCkCNoPtv/BduwupCO uIPi+Eh/EJaS3sFBDwwbC/ivI7jz3I2tvO8BIRx2jcNGfFyauApKnUD/3ycI/130 3291D1urc5vXyMsZCYlk0TrNhzfc7bpfweEUfyWGA+t03bnhTUlckQreXB203MZG PRHFheGcaheIOXx/Yd9HNWGPB7miTTaukLLaSyTGgn17Ci2U -----END CERTIFICATE-----Generated at Fri Jan 2 09:27:00 2026 by rpki-client