This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/NOfTkKQFl3ruOsCGzSg45VC6KLA.roa File: NOfTkKQFl3ruOsCGzSg45VC6KLA.roa (raw, json) Hash identifier: WoHHZtSZ2RRzNCMrx4Mo4OnnRJ/xg4jH+vJaSGSMeKQ= Subject key identifier: 34:E7:D3:90:A4:05:97:7A:EE:3A:C0:86:CD:28:38:E5:50:BA:28:B0 Certificate issuer: /CN=126c660b30f5692b2b16e289b24901c518fda520 Certificate serial: 019B981E8109520EA6FC8B2D79F623713B38 Authority key identifier: 12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/NOfTkKQFl3ruOsCGzSg45VC6KLA.roa Signing time: Wed 07 Jan 2026 11:01:34 +0000 ROA not before: Wed 07 Jan 2026 11:01:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201931 IP address blocks: 185.217.232.0/23 maxlen: 23 185.217.234.0/24 maxlen: 24 2a07:6882::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.crl rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.mft rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:98:1e:81:09:52:0e:a6:fc:8b:2d:79:f6:23:71:3b:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=126c660b30f5692b2b16e289b24901c518fda520 Validity Not Before: Jan 7 11:01:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=34e7d390a405977aee3ac086cd2838e550ba28b0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:16:f7:bb:3d:33:b6:5a:7d:9f:45:62:73:52: 69:0b:b7:b0:02:db:e2:2c:63:31:ce:3b:f4:25:2d: b9:6a:ef:b8:a2:10:c5:82:8f:79:8a:2f:3a:90:06: 6d:8c:81:6c:2e:4b:80:4c:03:52:14:53:03:f6:ca: fd:0f:f2:25:5d:1f:d2:be:67:13:bb:ef:6b:5f:f3: d3:ad:1d:65:1d:11:dc:a4:cd:f7:47:ad:d2:76:79: 35:d4:7b:5a:5b:25:6c:e3:68:10:37:64:cd:9c:d1: b6:02:16:40:22:bc:ff:d4:6d:84:d6:e4:4b:26:33: f2:58:37:5f:78:3d:3c:c6:6c:80:23:9d:ff:de:ae: 22:64:2d:de:e6:74:21:a8:a1:65:e0:7a:bc:6f:39: 10:d3:fd:c5:83:2c:ba:68:46:50:02:a8:6b:70:07: c5:59:a5:79:59:b4:ab:36:be:06:5f:51:b5:df:9a: 8a:2c:7c:46:e8:9e:19:6c:f8:ba:fb:e3:1c:ee:13: 7a:9a:51:64:69:f7:a8:28:cd:a2:bd:2b:b1:18:e2: c6:73:c7:fb:ce:87:b1:6f:2f:0a:10:2b:d1:1a:dc: de:0c:89:6d:ae:cd:29:d1:95:dd:ae:c1:8b:34:5a: b1:36:05:cc:24:e3:c1:d7:f2:87:cb:31:24:f4:a7: 31:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:E7:D3:90:A4:05:97:7A:EE:3A:C0:86:CD:28:38:E5:50:BA:28:B0 X509v3 Authority Key Identifier: keyid:12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/NOfTkKQFl3ruOsCGzSg45VC6KLA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.217.232.0-185.217.234.255 IPv6: 2a07:6882::/32 Signature Algorithm: sha256WithRSAEncryption a5:61:2c:92:3f:bb:df:72:86:c2:c3:66:07:99:49:67:c4:ea: c6:63:48:00:d0:3b:bb:62:a8:5c:51:c8:07:ea:cb:7b:44:85: c7:47:c0:d0:9d:8d:15:9f:94:74:c4:96:7f:fa:57:cc:32:66: 27:3f:5a:f6:7d:79:9e:b0:53:28:79:67:51:64:97:95:b4:1d: 70:c0:5e:1b:64:3b:2b:fb:2b:56:fa:18:86:4d:99:1c:7d:7a: e9:54:96:23:8f:d6:69:f1:97:15:91:3d:62:68:ce:f4:19:5e: c5:e9:6b:44:a5:27:e5:53:58:97:8e:08:94:f6:2d:d3:eb:d5: a2:fa:fc:2d:cf:d8:a2:db:46:31:bb:6f:18:24:a6:10:a2:c7: 0a:e6:6b:4a:e3:24:e0:a3:a8:19:1b:31:e0:8b:33:16:b6:b8: 95:82:2f:2f:de:5b:fb:87:89:fb:aa:64:cb:9b:a0:b0:a2:a5: f5:3e:95:87:74:9b:5c:44:fd:48:46:75:d5:36:96:70:b5:d1: ae:95:cc:dd:72:6d:65:2b:f0:fd:8f:f0:a9:66:0c:25:80:35: d2:5d:31:6a:d2:d7:a7:18:27:c2:53:4f:57:f5:e1:11:39:ba: 05:c9:9c:e2:a5:cd:8d:4f:6e:e9:38:32:e9:96:4d:9f:cb:49: f4:cd:31:30 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZuYHoEJUg6m/IstefYjcTs4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEyNmM2NjBiMzBmNTY5MmIyYjE2ZTI4OWIyNDkwMWM1MThm ZGE1MjAwHhcNMjYwMTA3MTEwMTM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNGU3ZDM5MGE0MDU5NzdhZWUzYWMwODZjZDI4MzhlNTUwYmEyOGIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxb3uz0ztlp9n0Vic1JpC7ewAtvi LGMxzjv0JS25au+4ohDFgo95ii86kAZtjIFsLkuATANSFFMD9sr9D/IlXR/SvmcT u+9rX/PTrR1lHRHcpM33R63Sdnk11HtaWyVs42gQN2TNnNG2AhZAIrz/1G2E1uRL JjPyWDdfeD08xmyAI53/3q4iZC3e5nQhqKFl4Hq8bzkQ0/3Fgyy6aEZQAqhrcAfF WaV5WbSrNr4GX1G135qKLHxG6J4ZbPi6++Mc7hN6mlFkafeoKM2ivSuxGOLGc8f7 zoexby8KECvRGtzeDIltrs0p0ZXdrsGLNFqxNgXMJOPB1/KHyzEk9KcxpwIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFDTn05CkBZd67jrAhs0oOOVQuiiwMB8GA1UdIwQY MBaAFBJsZgsw9WkrKxbiibJJAcUY/aUgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjIt NDM4YWNiNzJmYzViLzEvTk9mVGtLUUZsM3J1T3NDR3pTZzQ1VkM2S0xBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjItNDM4YWNiNzJmYzVi LzEvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAO52egD BAC52eowDQQCAAIwBwMFACoHaIIwDQYJKoZIhvcNAQELBQADggEBAKVhLJI/u99y hsLDZgeZSWfE6sZjSADQO7tiqFxRyAfqy3tEhcdHwNCdjRWflHTEln/6V8wyZic/ WvZ9eZ6wUyh5Z1Fkl5W0HXDAXhtkOyv7K1b6GIZNmRx9eulUliOP1mnxlxWRPWJo zvQZXsXpa0SlJ+VTWJeOCJT2LdPr1aL6/C3P2KLbRjG7bxgkphCixwrma0rjJOCj qBkbMeCLMxa2uJWCLy/eW/uHifuqZMuboLCipfU+lYd0m1xE/UhGddU2lnC10a6V zN1ybWUr8P2P8KlmDCWANdJdMWrS16cYJ8JTT1f14RE5ugXJnOKlzY1Pbuk4MumW TZ/LSfTNMTA= -----END CERTIFICATE-----Generated at Tue Jan 20 02:46:11 2026 by rpki-client