This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/nBGFXKb6cq1eY83ehMc1LrEsV2k.roa File: nBGFXKb6cq1eY83ehMc1LrEsV2k.roa (raw, json) Hash identifier: yc6zYFCIMRixKrtEpU1Po1nX/9fI4OaWnb535aPXUiU= Subject key identifier: 9C:11:85:5C:A6:FA:72:AD:5E:63:CD:DE:84:C7:35:2E:B1:2C:57:69 Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Certificate serial: 019B7910CD8E4CF70068351D610BD6F5DEEC Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/nBGFXKb6cq1eY83ehMc1LrEsV2k.roa Signing time: Thu 01 Jan 2026 10:18:22 +0000 ROA not before: Thu 01 Jan 2026 10:18:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 216418 IP address blocks: 2a12:bec0:430::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:cd:8e:4c:f7:00:68:35:1d:61:0b:d6:f5:de:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Validity Not Before: Jan 1 10:18:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9c11855ca6fa72ad5e63cdde84c7352eb12c5769 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:f0:4c:de:7c:a2:52:d0:b9:f5:4b:8c:24:b1: 85:33:f3:89:f3:21:18:e5:e6:f8:30:c6:df:ab:6e: ac:f6:84:cb:8e:79:bb:b4:b3:d7:2e:71:cc:43:a8: 05:79:69:23:c1:79:1f:dd:a1:60:d7:1f:1d:9b:3c: 22:db:64:bc:98:30:f0:07:be:0c:f2:73:c9:66:c8: a9:56:39:d4:5d:bc:cf:11:78:17:55:74:9e:e6:57: bf:98:32:bc:6b:f5:5d:03:c0:57:80:ab:6c:8b:cb: 6d:69:27:5e:7e:62:27:cf:ca:bb:e0:09:29:5c:75: 4f:13:8b:f8:6f:5f:7c:de:b1:df:e0:41:11:47:3d: cb:44:7c:42:55:60:e4:36:82:5e:57:cb:60:19:77: 94:c2:57:24:6d:04:6b:9f:31:a1:a1:a6:25:5a:19: 21:ad:84:72:b5:12:c3:40:22:61:c1:84:f0:10:f8: 77:d2:2e:c3:32:2c:eb:c1:7a:80:34:ce:1c:ac:0c: 0a:bf:21:90:df:bb:47:fe:5f:6d:19:d2:80:52:38: 08:34:cd:8e:23:ef:aa:00:74:ec:d0:23:30:ef:2a: 72:77:f6:e2:da:28:3c:70:a9:c3:c4:a2:f6:6e:f1: 88:bb:5c:1d:c1:37:d7:81:1b:1a:2a:82:d6:ee:53: 2a:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:11:85:5C:A6:FA:72:AD:5E:63:CD:DE:84:C7:35:2E:B1:2C:57:69 X509v3 Authority Key Identifier: keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/nBGFXKb6cq1eY83ehMc1LrEsV2k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a12:bec0:430::/44 Signature Algorithm: sha256WithRSAEncryption 47:f2:e4:de:84:fc:cd:e4:f3:b9:0f:35:0f:38:98:27:59:65: 2b:ca:f8:a9:66:72:de:db:fd:74:f0:f2:ea:08:75:7b:a3:2e: a8:96:14:28:a3:45:00:b9:fd:b5:8d:f2:3c:ed:a6:9d:c0:7a: 94:f2:29:55:2d:86:70:3f:65:13:77:df:1d:45:cb:d6:cf:be: 2b:1c:55:c1:47:fc:0a:05:cc:70:d8:e0:2e:10:f3:70:e5:67: e4:70:8e:e9:47:08:25:f0:16:26:94:03:fb:3a:d3:0b:fd:c7: 15:5f:44:88:b1:ca:3d:4e:94:96:a0:e3:a5:2f:95:cf:19:a0: ed:04:fc:30:92:a6:5a:ca:c1:95:2f:64:b2:23:09:e7:60:89: c6:47:0c:bb:ab:66:2d:88:72:12:04:92:5c:aa:e2:5c:06:fc: 62:4c:0f:f1:fa:d8:dc:38:fa:9b:6e:03:0e:c5:fa:ff:dd:6c: 45:f1:5c:7e:19:eb:25:50:05:96:13:ea:cc:ea:cf:1c:62:f4: a7:6b:f5:c4:58:ba:dd:fa:60:d0:59:05:04:f6:2c:54:34:3b: 83:fb:5b:c8:39:7a:9b:12:ab:7c:f2:b7:4c:c3:0a:c4:88:5c: 89:13:51:e8:d8:5e:56:de:f4:3c:a9:76:a9:c8:f6:5b:28:8d: 7a:80:ae:39 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt5EM2OTPcAaDUdYQvW9d7sMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj M2Q2NmYwHhcNMjYwMTAxMTAxODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5YzExODU1Y2E2ZmE3MmFkNWU2M2NkZGU4NGM3MzUyZWIxMmM1NzY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3/BM3nyiUtC59UuMJLGFM/OJ8yEY 5eb4MMbfq26s9oTLjnm7tLPXLnHMQ6gFeWkjwXkf3aFg1x8dmzwi22S8mDDwB74M 8nPJZsipVjnUXbzPEXgXVXSe5le/mDK8a/VdA8BXgKtsi8ttaSdefmInz8q74Akp XHVPE4v4b1983rHf4EERRz3LRHxCVWDkNoJeV8tgGXeUwlckbQRrnzGhoaYlWhkh rYRytRLDQCJhwYTwEPh30i7DMizrwXqANM4crAwKvyGQ37tH/l9tGdKAUjgINM2O I++qAHTs0CMw7ypyd/bi2ig8cKnDxKL2bvGIu1wdwTfXgRsaKoLW7lMqRQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFJwRhVym+nKtXmPN3oTHNS6xLFdpMB8GA1UdIwQY MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt NTUzNjljZjUwN2VlLzEvbkJHRlhLYjZjcTFlWTgzZWhNYzFMckVzVjJrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+wAQw MA0GCSqGSIb3DQEBCwUAA4IBAQBH8uTehPzN5PO5DzUPOJgnWWUryvipZnLe2/10 8PLqCHV7oy6olhQoo0UAuf21jfI87aadwHqU8ilVLYZwP2UTd98dRcvWz74rHFXB R/wKBcxw2OAuEPNw5WfkcI7pRwgl8BYmlAP7OtML/ccVX0SIsco9TpSWoOOlL5XP GaDtBPwwkqZaysGVL2SyIwnnYInGRwy7q2YtiHISBJJcquJcBvxiTA/x+tjcOPqb bgMOxfr/3WxF8Vx+GeslUAWWE+rM6s8cYvSna/XEWLrd+mDQWQUE9ixUNDuD+1vI OXqbEqt88rdMwwrEiFyJE1Ho2F5W3vQ8qXapyPZbKI16gK45 -----END CERTIFICATE-----Generated at Tue Jan 20 02:49:15 2026 by rpki-client