This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/e8ad44-7197-42a7-8f45-e0fdccfb9fa3/1/NUXnQ9OqCv_Rm7SOHc_b83FferQ.roa File: NUXnQ9OqCv_Rm7SOHc_b83FferQ.roa (raw, json) Hash identifier: voALmNAe1lpDR2zgziHUyqH1UZhyx5NltBoqEXn/jvU= Subject key identifier: 35:45:E7:43:D3:AA:0A:FF:D1:9B:B4:8E:1D:CF:DB:F3:71:5F:7A:B4 Certificate issuer: /CN=73f82e0ed0f36e099237cc42cf8778b407828001 Certificate serial: 019B7B35C45C03178A3C263270CF1CE56E93 Authority key identifier: 73:F8:2E:0E:D0:F3:6E:09:92:37:CC:42:CF:87:78:B4:07:82:80:01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_guDtDzbgmSN8xCz4d4tAeCgAE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/e8ad44-7197-42a7-8f45-e0fdccfb9fa3/1/NUXnQ9OqCv_Rm7SOHc_b83FferQ.roa Signing time: Thu 01 Jan 2026 20:17:59 +0000 ROA not before: Thu 01 Jan 2026 20:17:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50673 IP address blocks: 141.98.32.0/22 maxlen: 22 195.114.100.0/23 maxlen: 23 195.182.1.0/24 maxlen: 24 2a09:e40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/e8ad44-7197-42a7-8f45-e0fdccfb9fa3/1/c_guDtDzbgmSN8xCz4d4tAeCgAE.crl rsync://rpki.ripe.net/repository/DEFAULT/92/e8ad44-7197-42a7-8f45-e0fdccfb9fa3/1/c_guDtDzbgmSN8xCz4d4tAeCgAE.mft rsync://rpki.ripe.net/repository/DEFAULT/c_guDtDzbgmSN8xCz4d4tAeCgAE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 05:01:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:c4:5c:03:17:8a:3c:26:32:70:cf:1c:e5:6e:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=73f82e0ed0f36e099237cc42cf8778b407828001 Validity Not Before: Jan 1 20:17:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3545e743d3aa0affd19bb48e1dcfdbf3715f7ab4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:de:4d:15:a9:66:a1:15:79:7f:5d:2c:5e:4e: 17:77:d6:a1:6c:31:ec:73:74:3b:c3:57:47:22:a2: 98:3a:17:0f:82:4a:df:8a:71:06:68:c6:54:a1:4d: 79:27:12:62:54:27:dd:0d:f9:72:e9:58:74:3c:46: ba:0d:3b:6b:22:7c:50:85:ab:1f:a2:05:c9:11:12: a8:30:83:41:e9:89:b7:9a:a1:ef:51:cb:74:86:2f: fa:67:a7:12:8d:94:3b:98:ac:e2:8c:b2:14:81:29: 3e:5e:ab:ed:70:26:5c:53:d4:b5:42:23:51:b1:b5: a0:86:bb:a3:3f:7f:f8:d8:dc:cc:66:49:c3:9e:ad: 93:ab:08:74:bc:d7:4b:24:b4:c2:d9:57:a2:89:55: 55:f8:ef:2c:ed:70:2c:22:95:17:8f:c0:16:bb:ca: ae:d3:f7:0b:b1:60:64:db:01:c1:d3:b2:44:b9:1f: 1f:cd:91:48:67:43:b0:78:56:25:e9:6a:98:84:cb: fc:33:53:2a:b0:72:e0:65:36:0b:5c:a8:1f:8c:7a: 46:26:38:2a:a0:a6:a6:5e:eb:e9:e8:73:da:72:bc: de:f4:7a:16:39:f2:cd:6b:16:d9:cc:3a:75:d8:6c: 95:09:48:7a:0b:a2:a5:29:30:b0:ec:f6:8b:9e:94: fb:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:45:E7:43:D3:AA:0A:FF:D1:9B:B4:8E:1D:CF:DB:F3:71:5F:7A:B4 X509v3 Authority Key Identifier: keyid:73:F8:2E:0E:D0:F3:6E:09:92:37:CC:42:CF:87:78:B4:07:82:80:01 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_guDtDzbgmSN8xCz4d4tAeCgAE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/e8ad44-7197-42a7-8f45-e0fdccfb9fa3/1/NUXnQ9OqCv_Rm7SOHc_b83FferQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/92/e8ad44-7197-42a7-8f45-e0fdccfb9fa3/1/c_guDtDzbgmSN8xCz4d4tAeCgAE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 141.98.32.0/22 195.114.100.0/23 195.182.1.0/24 IPv6: 2a09:e40::/32 Signature Algorithm: sha256WithRSAEncryption 98:6a:81:6e:35:b5:c1:5d:1a:dd:83:de:5b:33:14:22:50:1a: 03:ca:6e:77:03:26:31:0a:bd:3c:88:5d:41:8b:37:c9:47:c4: 42:2c:78:bb:1f:43:7c:d9:0f:09:ae:cc:3c:3d:55:ef:76:a2: 6c:97:26:86:b1:62:ef:47:1d:63:57:2d:40:57:b0:db:99:18: 38:8c:24:8e:ae:76:fb:a7:a8:37:3c:5a:fb:19:21:4a:89:d7: a2:58:ff:f3:ff:61:32:fb:f1:57:2c:3e:d2:82:7a:25:f2:fa: 86:74:e0:9e:d9:ea:03:a1:ad:ca:72:f2:95:fb:d2:b9:38:9f: 87:ee:72:b0:cf:2d:95:f9:94:bd:d4:c3:eb:9f:3e:51:8c:ca: 0c:46:df:06:e7:ec:ef:38:d3:92:bc:10:3c:28:25:1e:84:59: bd:78:68:6f:54:4a:55:4c:28:ec:87:13:9e:a0:87:ad:58:11: 58:0d:e7:4a:2a:36:dc:75:18:39:b0:56:a1:44:48:bd:80:92: 27:22:83:98:f3:ae:5c:17:4c:69:e8:4a:18:8c:f6:14:be:37: f0:cf:42:b8:a8:89:ca:9f:72:5d:53:c2:36:33:90:32:82:25: cd:c4:1d:1c:09:8d:8b:2d:d1:8a:b7:f3:3d:fa:c4:84:b0:78: 8b:a6:3c:67 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt7NcRcAxeKPCYycM8c5W6TMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDczZjgyZTBlZDBmMzZlMDk5MjM3Y2M0MmNmODc3OGI0MDc4 MjgwMDEwHhcNMjYwMTAxMjAxNzU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNTQ1ZTc0M2QzYWEwYWZmZDE5YmI0OGUxZGNmZGJmMzcxNWY3YWI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA895NFalmoRV5f10sXk4Xd9ahbDHs c3Q7w1dHIqKYOhcPgkrfinEGaMZUoU15JxJiVCfdDfly6Vh0PEa6DTtrInxQhasf ogXJERKoMINB6Ym3mqHvUct0hi/6Z6cSjZQ7mKzijLIUgSk+XqvtcCZcU9S1QiNR sbWghrujP3/42NzMZknDnq2Tqwh0vNdLJLTC2VeiiVVV+O8s7XAsIpUXj8AWu8qu 0/cLsWBk2wHB07JEuR8fzZFIZ0OweFYl6WqYhMv8M1MqsHLgZTYLXKgfjHpGJjgq oKamXuvp6HPacrze9HoWOfLNaxbZzDp12GyVCUh6C6KlKTCw7PaLnpT7DQIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFDVF50PTqgr/0Zu0jh3P2/NxX3q0MB8GA1UdIwQY MBaAFHP4Lg7Q824JkjfMQs+HeLQHgoABMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY19ndUR0RHpiZ21TTjh4Q3o0ZDR0QWVDZ0FFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9lOGFkNDQtNzE5Ny00MmE3LThmNDUt ZTBmZGNjZmI5ZmEzLzEvTlVYblE5T3FDdl9SbTdTT0hjX2I4M0ZmZXJRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Mi9lOGFkNDQtNzE5Ny00MmE3LThmNDUtZTBmZGNjZmI5ZmEz LzEvY19ndUR0RHpiZ21TTjh4Q3o0ZDR0QWVDZ0FFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCjWIgAwQB w3JkAwQAw7YBMA0EAgACMAcDBQAqCQ5AMA0GCSqGSIb3DQEBCwUAA4IBAQCYaoFu NbXBXRrdg95bMxQiUBoDym53AyYxCr08iF1BizfJR8RCLHi7H0N82Q8Jrsw8PVXv dqJslyaGsWLvRx1jVy1AV7DbmRg4jCSOrnb7p6g3PFr7GSFKideiWP/z/2Ey+/FX LD7Sgnol8vqGdOCe2eoDoa3KcvKV+9K5OJ+H7nKwzy2V+ZS91MPrnz5RjMoMRt8G 5+zvONOSvBA8KCUehFm9eGhvVEpVTCjshxOeoIetWBFYDedKKjbcdRg5sFahREi9 gJInIoOY865cF0xp6EoYjPYUvjfwz0K4qInKn3JdU8I2M5AygiXNxB0cCY2LLdGK t/M9+sSEsHiLpjxn -----END CERTIFICATE-----Generated at Sun Jan 11 11:45:39 2026 by rpki-client