This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/605f1c-0d7a-4bd3-88b6-2f0a6bdbbe51/1/nf_1cbCkcbdXLxEQwplzBuketu8.roa File: nf_1cbCkcbdXLxEQwplzBuketu8.roa (raw, json) Hash identifier: ICxmeO8sKOHBNxGY+QBiOEBZtjuLr7p+A8Gk+MkpD0A= Subject key identifier: 9D:FF:F5:71:B0:A4:71:B7:57:2F:11:10:C2:99:73:06:E9:1E:B6:EF Certificate issuer: /CN=10f1d0dbe093c722350618f4045c25ba94317f87 Certificate serial: 019B7E39252294F3D83B8EFE127F3ECDC51D Authority key identifier: 10:F1:D0:DB:E0:93:C7:22:35:06:18:F4:04:5C:25:BA:94:31:7F:87 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EPHQ2-CTxyI1Bhj0BFwlupQxf4c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/605f1c-0d7a-4bd3-88b6-2f0a6bdbbe51/1/nf_1cbCkcbdXLxEQwplzBuketu8.roa Signing time: Fri 02 Jan 2026 10:20:32 +0000 ROA not before: Fri 02 Jan 2026 10:20:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9120 IP address blocks: 80.70.8.0/21 maxlen: 21 92.43.88.0/21 maxlen: 21 185.221.247.0/24 maxlen: 24 185.238.192.0/22 maxlen: 22 212.97.136.0/22 maxlen: 22 212.97.144.0/20 maxlen: 20 2a04:3f80::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/605f1c-0d7a-4bd3-88b6-2f0a6bdbbe51/1/EPHQ2-CTxyI1Bhj0BFwlupQxf4c.crl rsync://rpki.ripe.net/repository/DEFAULT/8d/605f1c-0d7a-4bd3-88b6-2f0a6bdbbe51/1/EPHQ2-CTxyI1Bhj0BFwlupQxf4c.mft rsync://rpki.ripe.net/repository/DEFAULT/EPHQ2-CTxyI1Bhj0BFwlupQxf4c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Feb 2026 21:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:25:22:94:f3:d8:3b:8e:fe:12:7f:3e:cd:c5:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=10f1d0dbe093c722350618f4045c25ba94317f87 Validity Not Before: Jan 2 10:20:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9dfff571b0a471b7572f1110c2997306e91eb6ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:45:57:e5:25:b9:1a:98:7c:a7:8c:af:d9:53: 8d:28:1b:ef:59:a4:a0:57:da:fb:3e:54:67:25:2f: 78:85:da:ef:9a:0d:b1:3e:53:9a:5d:32:5d:ec:be: ef:40:59:b3:72:aa:3a:4b:7b:82:11:c2:74:99:c7: b0:b2:06:bc:00:3e:21:d5:3b:01:89:39:dc:fd:dc: 4c:4d:54:b4:28:af:ce:5a:8a:c3:bb:f7:03:d7:4d: bb:66:b1:69:fd:2b:0a:0b:ba:a6:2e:aa:b2:ce:13: b8:47:b8:c4:9f:17:26:cf:5b:54:27:69:ba:69:2f: 66:da:70:64:2d:c8:90:1f:e1:a1:4f:41:e6:32:2c: 0e:33:ad:84:42:20:6e:a3:96:82:72:0d:dd:2a:28: cc:82:12:2f:07:0e:1d:7b:b4:d6:43:69:fa:1b:00: 90:28:24:c8:9e:47:4c:6f:19:8d:ea:86:1b:a1:14: 5b:d9:0f:90:a3:80:82:18:5e:17:e5:ee:67:fc:29: 71:1b:9d:67:ed:e4:d4:e4:71:8f:bd:fd:2b:e0:63: 2b:f5:f4:84:97:d9:40:e1:34:13:01:bf:90:1f:30: 26:f7:e7:56:17:b5:3c:f2:44:60:b8:a1:ba:af:ff: 91:77:97:8c:19:9e:04:0b:13:bf:ce:ae:89:a4:85: 8d:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:FF:F5:71:B0:A4:71:B7:57:2F:11:10:C2:99:73:06:E9:1E:B6:EF X509v3 Authority Key Identifier: keyid:10:F1:D0:DB:E0:93:C7:22:35:06:18:F4:04:5C:25:BA:94:31:7F:87 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EPHQ2-CTxyI1Bhj0BFwlupQxf4c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/605f1c-0d7a-4bd3-88b6-2f0a6bdbbe51/1/nf_1cbCkcbdXLxEQwplzBuketu8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/605f1c-0d7a-4bd3-88b6-2f0a6bdbbe51/1/EPHQ2-CTxyI1Bhj0BFwlupQxf4c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.70.8.0/21 92.43.88.0/21 185.221.247.0/24 185.238.192.0/22 212.97.136.0/22 212.97.144.0/20 IPv6: 2a04:3f80::/29 Signature Algorithm: sha256WithRSAEncryption 46:ec:a6:7f:41:f2:cb:83:b1:85:90:da:d0:4f:21:3a:5a:dc: d1:50:b7:30:3d:00:40:d9:62:dd:dd:3e:7a:a7:28:78:1a:95: aa:7b:cc:08:66:14:b1:e1:f4:dc:99:e4:39:20:5a:05:52:8f: 45:fb:71:43:f6:e5:5b:27:d7:3e:75:05:85:75:1f:3a:d3:eb: 0c:bd:a6:2c:4b:49:19:d1:97:d8:9f:9a:7e:72:a0:74:c9:e5: c3:81:b4:06:18:38:fe:db:70:81:40:66:b2:c5:fc:6e:a7:d2: 5c:90:d3:73:5d:7f:1c:3c:1b:0a:fc:68:c9:70:89:d9:32:5d: c0:eb:df:89:5c:6b:30:49:3d:29:c4:77:38:ad:48:0d:35:a5: 0f:e6:06:92:8b:c9:b1:09:c1:de:2f:1f:ce:81:28:a3:6b:f5: d7:1f:2f:e2:25:12:2a:ea:55:b3:0f:b8:dd:cb:d4:42:81:17: 0b:a4:b4:70:b6:4f:e0:6e:46:3c:56:1b:05:3e:f4:d8:22:91: 1a:e9:a8:86:83:ad:3d:b4:ab:40:ae:10:d2:87:f3:e7:2a:4a: 82:f4:1e:07:20:16:2f:00:7f:72:fa:21:88:45:c0:f5:65:d0: 94:cf:ce:52:d7:44:ce:38:52:6c:17:a1:5a:eb:5f:27:75:9a: 63:fa:fb:d3 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgISAZt+OSUilPPYO47+En8+zcUdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEwZjFkMGRiZTA5M2M3MjIzNTA2MThmNDA0NWMyNWJhOTQz MTdmODcwHhcNMjYwMTAyMTAyMDMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZGZmZjU3MWIwYTQ3MWI3NTcyZjExMTBjMjk5NzMwNmU5MWViNmVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEVX5SW5Gph8p4yv2VONKBvvWaSg V9r7PlRnJS94hdrvmg2xPlOaXTJd7L7vQFmzcqo6S3uCEcJ0mcewsga8AD4h1TsB iTnc/dxMTVS0KK/OWorDu/cD1027ZrFp/SsKC7qmLqqyzhO4R7jEnxcmz1tUJ2m6 aS9m2nBkLciQH+GhT0HmMiwOM62EQiBuo5aCcg3dKijMghIvBw4de7TWQ2n6GwCQ KCTInkdMbxmN6oYboRRb2Q+Qo4CCGF4X5e5n/ClxG51n7eTU5HGPvf0r4GMr9fSE l9lA4TQTAb+QHzAm9+dWF7U88kRguKG6r/+Rd5eMGZ4ECxO/zq6JpIWN6wIDAQAB o4ICNjCCAjIwHQYDVR0OBBYEFJ3/9XGwpHG3Vy8REMKZcwbpHrbvMB8GA1UdIwQY MBaAFBDx0Nvgk8ciNQYY9ARcJbqUMX+HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRVBIUTItQ1R4eUkxQmhqMEJGd2x1cFF4ZjRjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82MDVmMWMtMGQ3YS00YmQzLTg4YjYt MmYwYTZiZGJiZTUxLzEvbmZfMWNiQ2tjYmRYTHhFUXdwbHpCdWtldHU4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZC82MDVmMWMtMGQ3YS00YmQzLTg4YjYtMmYwYTZiZGJiZTUx LzEvRVBIUTItQ1R4eUkxQmhqMEJGd2x1cFF4ZjRjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDUEYIAwQD XCtYAwQAud33AwQCue7AAwQC1GGIAwQE1GGQMA0EAgACMAcDBQMqBD+AMA0GCSqG SIb3DQEBCwUAA4IBAQBG7KZ/QfLLg7GFkNrQTyE6WtzRULcwPQBA2WLd3T56pyh4 GpWqe8wIZhSx4fTcmeQ5IFoFUo9F+3FD9uVbJ9c+dQWFdR860+sMvaYsS0kZ0ZfY n5p+cqB0yeXDgbQGGDj+23CBQGayxfxup9JckNNzXX8cPBsK/GjJcInZMl3A69+J XGswST0pxHc4rUgNNaUP5gaSi8mxCcHeLx/OgSija/XXHy/iJRIq6lWzD7jdy9RC gRcLpLRwtk/gbkY8VhsFPvTYIpEa6aiGg609tKtArhDSh/PnKkqC9B4HIBYvAH9y +iGIRcD1ZdCUz85S10TOOFJsF6Fa618ndZpj+vvT -----END CERTIFICATE-----Generated at Mon Feb 2 08:02:59 2026 by rpki-client