This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/10ebcc-c832-4d33-88b5-bef872daece7/1/NsTjlsSI4lX0qLjKqEg3XtrMbkI.roa File: NsTjlsSI4lX0qLjKqEg3XtrMbkI.roa (raw, json) Hash identifier: kYkELCQG1T4zaMYs+mopJc/m0I2h07/cXT7cYGFzDkQ= Subject key identifier: 36:C4:E3:96:C4:88:E2:55:F4:A8:B8:CA:A8:48:37:5E:DA:CC:6E:42 Certificate issuer: /CN=1f0614e195c1656a28e8b19b22784e8b55bb4533 Certificate serial: 019B7B35B9CB532F13F6EE29B303D7AE9CAC Authority key identifier: 1F:06:14:E1:95:C1:65:6A:28:E8:B1:9B:22:78:4E:8B:55:BB:45:33 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HwYU4ZXBZWoo6LGbInhOi1W7RTM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/10ebcc-c832-4d33-88b5-bef872daece7/1/NsTjlsSI4lX0qLjKqEg3XtrMbkI.roa Signing time: Thu 01 Jan 2026 20:17:57 +0000 ROA not before: Thu 01 Jan 2026 20:17:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51373 IP address blocks: 91.218.156.0/22 maxlen: 22 91.218.156.0/24 maxlen: 24 91.218.157.0/24 maxlen: 24 91.218.158.0/24 maxlen: 24 91.218.159.0/24 maxlen: 24 94.24.28.0/24 maxlen: 24 94.24.79.0/24 maxlen: 24 178.251.120.0/24 maxlen: 24 185.44.216.0/22 maxlen: 22 185.44.216.0/24 maxlen: 24 185.44.217.0/24 maxlen: 24 185.44.218.0/24 maxlen: 24 185.44.219.0/24 maxlen: 24 185.80.59.0/24 maxlen: 24 193.33.8.0/23 maxlen: 23 2a04:9a40::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/10ebcc-c832-4d33-88b5-bef872daece7/1/HwYU4ZXBZWoo6LGbInhOi1W7RTM.crl rsync://rpki.ripe.net/repository/DEFAULT/9e/10ebcc-c832-4d33-88b5-bef872daece7/1/HwYU4ZXBZWoo6LGbInhOi1W7RTM.mft rsync://rpki.ripe.net/repository/DEFAULT/HwYU4ZXBZWoo6LGbInhOi1W7RTM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 14:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:b9:cb:53:2f:13:f6:ee:29:b3:03:d7:ae:9c:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1f0614e195c1656a28e8b19b22784e8b55bb4533 Validity Not Before: Jan 1 20:17:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=36c4e396c488e255f4a8b8caa848375edacc6e42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:2a:78:79:93:ee:26:03:a1:2b:c8:aa:67:84: 6d:70:03:6e:5e:50:28:8c:32:d3:a3:65:3e:c2:0c: 0e:6f:fb:14:20:ac:c3:ef:d5:4b:0e:38:21:24:0c: ca:a7:f2:3a:72:5a:92:6b:c1:e3:3d:f5:79:a7:e4: 53:cb:30:3c:db:f2:11:5f:2b:73:a7:92:04:b4:22: a5:8f:df:fc:25:2f:64:3b:45:b5:81:ef:9a:2e:ae: 6e:4f:9b:76:79:9e:bd:f6:5c:e8:3e:44:fc:38:91: 03:64:b1:4a:5a:0b:82:d3:5c:be:11:73:77:66:12: 82:fe:7a:6c:20:bb:7b:ff:cb:bf:36:56:b7:14:95: 6d:df:20:18:af:e7:b4:06:73:23:5b:ea:d0:70:59: 7b:c5:f6:77:e9:9a:56:08:e5:f1:1d:6f:56:af:73: ea:f2:c4:f4:3a:7f:99:6c:37:4d:4d:0e:1b:9e:e7: 31:89:1d:0e:2e:e0:1f:f6:fc:99:f1:8f:ad:09:86: f0:a7:b6:35:b5:08:c8:f5:b5:50:21:3b:99:f0:79: 98:08:91:52:fd:cf:42:49:f5:e6:13:ac:5d:94:7b: fc:4e:5b:c2:01:6e:84:ef:fe:e2:9b:e7:a1:45:fb: 5a:ef:12:fd:da:31:fd:84:2f:c0:26:69:59:27:68: de:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:C4:E3:96:C4:88:E2:55:F4:A8:B8:CA:A8:48:37:5E:DA:CC:6E:42 X509v3 Authority Key Identifier: keyid:1F:06:14:E1:95:C1:65:6A:28:E8:B1:9B:22:78:4E:8B:55:BB:45:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HwYU4ZXBZWoo6LGbInhOi1W7RTM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/10ebcc-c832-4d33-88b5-bef872daece7/1/NsTjlsSI4lX0qLjKqEg3XtrMbkI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/10ebcc-c832-4d33-88b5-bef872daece7/1/HwYU4ZXBZWoo6LGbInhOi1W7RTM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.218.156.0/22 94.24.28.0/24 94.24.79.0/24 178.251.120.0/24 185.44.216.0/22 185.80.59.0/24 193.33.8.0/23 IPv6: 2a04:9a40::/29 Signature Algorithm: sha256WithRSAEncryption 41:99:a2:6c:0e:d5:2c:79:a4:b9:d4:0a:46:46:2b:bb:a9:d2: b2:80:d5:fd:bd:01:7c:9d:f6:83:c6:d6:09:ba:27:91:7d:15: 19:58:57:4f:3d:2e:cb:35:5b:bb:07:e4:82:12:48:47:29:55: 67:39:8b:30:ec:66:3b:d6:97:f7:28:ee:99:68:a3:70:46:ef: f3:03:c6:ca:75:da:85:12:64:9f:fa:20:df:32:67:77:fd:ff: 0f:1b:b8:03:00:63:05:e9:ed:e2:65:ab:f7:2f:a1:dd:d2:47: c0:c8:60:89:9f:6a:81:67:6f:62:7a:f9:8f:94:61:9c:45:4d: 62:41:e1:3e:3a:eb:eb:8a:c6:0e:23:b0:b0:cd:6f:3c:5a:59: 1f:bd:f1:a5:fe:db:13:ef:35:84:4e:89:19:51:68:6f:f5:b5: b0:4b:d3:5b:90:4d:fe:c2:c6:ce:91:cb:aa:b0:46:cf:5e:46: 99:28:07:16:95:c6:0a:ea:bf:08:30:e5:bc:c3:9f:54:32:6c: da:01:6a:4f:a0:ef:71:74:50:57:99:8c:3d:c5:6b:5a:2c:10: 1f:5f:56:b2:e3:22:a7:13:31:c2:87:42:39:eb:8d:53:bd:8b: b1:c8:43:01:2e:69:02:af:db:e2:73:51:27:fd:8f:9c:a5:24: bb:68:aa:31 -----BEGIN CERTIFICATE----- MIIFMDCCBBigAwIBAgISAZt7NbnLUy8T9u4pswPXrpysMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFmMDYxNGUxOTVjMTY1NmEyOGU4YjE5YjIyNzg0ZThiNTVi YjQ1MzMwHhcNMjYwMTAxMjAxNzU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNmM0ZTM5NmM0ODhlMjU1ZjRhOGI4Y2FhODQ4Mzc1ZWRhY2M2ZTQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Cp4eZPuJgOhK8iqZ4RtcANuXlAo jDLTo2U+wgwOb/sUIKzD79VLDjghJAzKp/I6clqSa8HjPfV5p+RTyzA82/IRXytz p5IEtCKlj9/8JS9kO0W1ge+aLq5uT5t2eZ699lzoPkT8OJEDZLFKWguC01y+EXN3 ZhKC/npsILt7/8u/Nla3FJVt3yAYr+e0BnMjW+rQcFl7xfZ36ZpWCOXxHW9Wr3Pq 8sT0On+ZbDdNTQ4bnucxiR0OLuAf9vyZ8Y+tCYbwp7Y1tQjI9bVQITuZ8HmYCJFS /c9CSfXmE6xdlHv8TlvCAW6E7/7im+ehRfta7xL92jH9hC/AJmlZJ2jeywIDAQAB o4ICPDCCAjgwHQYDVR0OBBYEFDbE45bEiOJV9Ki4yqhIN17azG5CMB8GA1UdIwQY MBaAFB8GFOGVwWVqKOixmyJ4TotVu0UzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHdZVTRaWEJaV29vNkxHYkluaE9pMVc3UlRNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8xMGViY2MtYzgzMi00ZDMzLTg4YjUt YmVmODcyZGFlY2U3LzEvTnNUamxzU0k0bFgwcUxqS3FFZzNYdHJNYmtJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZS8xMGViY2MtYzgzMi00ZDMzLTg4YjUtYmVmODcyZGFlY2U3 LzEvSHdZVTRaWEJaV29vNkxHYkluaE9pMVc3UlRNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQCW9qcAwQA XhgcAwQAXhhPAwQAsvt4AwQCuSzYAwQAuVA7AwQBwSEIMA0EAgACMAcDBQMqBJpA MA0GCSqGSIb3DQEBCwUAA4IBAQBBmaJsDtUseaS51ApGRiu7qdKygNX9vQF8nfaD xtYJuieRfRUZWFdPPS7LNVu7B+SCEkhHKVVnOYsw7GY71pf3KO6ZaKNwRu/zA8bK ddqFEmSf+iDfMmd3/f8PG7gDAGMF6e3iZav3L6Hd0kfAyGCJn2qBZ29ievmPlGGc RU1iQeE+OuvrisYOI7CwzW88WlkfvfGl/tsT7zWETokZUWhv9bWwS9NbkE3+wsbO kcuqsEbPXkaZKAcWlcYK6r8IMOW8w59UMmzaAWpPoO9xdFBXmYw9xWtaLBAfX1ay 4yKnEzHCh0I5641TvYuxyEMBLmkCr9vic1En/Y+cpSS7aKox -----END CERTIFICATE-----Generated at Mon Jan 26 20:25:57 2026 by rpki-client