This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/nrPLRJPmPFUNnRKVYlt5xynJqbQ.roa File: nrPLRJPmPFUNnRKVYlt5xynJqbQ.roa (raw, json) Hash identifier: I11fElTQunbRvyiT3+4v3tCdsssjfQCu5kwVzj1TuOs= Subject key identifier: 9E:B3:CB:44:93:E6:3C:55:0D:9D:12:95:62:5B:79:C7:29:C9:A9:B4 Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb Certificate serial: 019B7CEDC96C938718B4E4836499AD2BA548 Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/nrPLRJPmPFUNnRKVYlt5xynJqbQ.roa Signing time: Fri 02 Jan 2026 04:18:36 +0000 ROA not before: Fri 02 Jan 2026 04:18:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43063 IP address blocks: 88.80.130.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.mft rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 09:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:c9:6c:93:87:18:b4:e4:83:64:99:ad:2b:a5:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb Validity Not Before: Jan 2 04:18:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9eb3cb4493e63c550d9d1295625b79c729c9a9b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:91:44:f3:e3:56:87:d7:0d:81:49:cf:6a:c4: b0:a1:05:58:b1:bc:fb:5b:bd:4d:08:1c:84:38:e5: 31:20:3b:3c:55:f8:7d:a5:2f:b4:db:f2:54:22:57: 6f:e9:04:66:34:6a:36:87:90:a0:e4:cc:57:ea:39: b6:10:d7:f6:97:b0:1b:2d:ee:5c:3a:8c:d6:37:15: b2:c7:d8:bc:f3:ad:0e:64:d0:15:11:71:4c:e5:b5: 8a:81:99:2c:48:1a:e1:fa:bb:0a:d3:4a:2d:f8:c0: 72:4b:81:cf:c3:68:7c:94:27:ba:c1:c6:72:8e:3d: 42:3b:1b:a7:ad:38:6b:72:78:60:4e:bd:27:b3:59: ea:c0:52:46:23:ba:3c:71:eb:37:45:17:53:e4:fe: 1b:c0:ee:f3:83:9b:73:23:1d:b2:d4:43:8a:7e:e2: 4d:dc:43:d7:eb:d9:ee:fe:90:63:1e:5f:aa:cf:63: 30:64:ff:6d:e1:50:fe:86:ee:18:48:7d:2f:bf:bc: 87:b7:0d:69:f8:76:b0:f8:3e:bd:fa:05:bf:82:42: 1a:9c:98:cb:7f:d1:b1:07:1e:39:da:57:41:29:0c: 7a:89:40:48:12:bb:d2:83:b2:4d:e6:7e:4b:36:92: fd:b1:aa:7b:0e:0b:4e:d6:b9:88:5a:ff:b7:4f:3e: 14:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:B3:CB:44:93:E6:3C:55:0D:9D:12:95:62:5B:79:C7:29:C9:A9:B4 X509v3 Authority Key Identifier: keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/nrPLRJPmPFUNnRKVYlt5xynJqbQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 88.80.130.0/24 Signature Algorithm: sha256WithRSAEncryption a0:9d:7e:19:34:2f:dd:41:b4:31:f1:f8:9f:6a:21:9f:cd:53: 4a:bf:b8:09:c4:9f:2f:c0:26:54:35:b6:d3:aa:14:1a:79:81: 11:1b:61:1c:88:af:c3:d1:2d:44:77:28:5e:ae:72:37:1d:53: 36:b0:94:c0:9e:96:4a:5d:5a:00:57:f3:9b:22:0f:1d:76:bd: 21:79:69:b8:01:4a:d4:8b:94:f4:c8:a9:3e:f0:fc:4b:10:71: f6:1e:a5:ee:3a:b7:17:98:9a:38:e8:f4:56:9b:f4:45:4e:00: 3b:a2:dc:71:65:f2:e6:8e:e5:ea:83:0c:32:65:f2:1c:da:f8: e2:46:bc:b7:da:d3:81:ef:65:57:04:1a:e1:83:ef:d5:9b:a8: 8d:ad:8d:3d:4a:33:e2:2b:79:92:65:da:db:5f:48:ff:4b:9e: 19:a0:34:00:79:d5:6c:f4:7d:b6:b5:a1:96:70:02:cf:22:3d: 03:e1:bd:86:21:03:6f:e2:c8:6c:7a:70:88:3d:f2:24:0c:df: ba:17:54:21:ae:aa:4b:a5:a5:e8:a7:f2:bc:c8:09:26:c4:07: 30:cf:33:5f:43:41:94:48:6b:ff:18:ef:6e:5f:86:8f:6f:b1: ac:e9:3f:bf:c5:f9:7e:05:b2:06:1f:eb:02:ef:7d:51:ba:28: 11:8c:e7:0b -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt87clsk4cYtOSDZJmtK6VIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2 MzFiZmIwHhcNMjYwMTAyMDQxODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZWIzY2I0NDkzZTYzYzU1MGQ5ZDEyOTU2MjViNzljNzI5YzlhOWI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJFE8+NWh9cNgUnPasSwoQVYsbz7 W71NCByEOOUxIDs8Vfh9pS+02/JUIldv6QRmNGo2h5Cg5MxX6jm2ENf2l7AbLe5c OozWNxWyx9i8860OZNAVEXFM5bWKgZksSBrh+rsK00ot+MByS4HPw2h8lCe6wcZy jj1COxunrThrcnhgTr0ns1nqwFJGI7o8ces3RRdT5P4bwO7zg5tzIx2y1EOKfuJN 3EPX69nu/pBjHl+qz2MwZP9t4VD+hu4YSH0vv7yHtw1p+Haw+D69+gW/gkIanJjL f9GxBx452ldBKQx6iUBIErvSg7JN5n5LNpL9sap7DgtO1rmIWv+3Tz4UywIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJ6zy0ST5jxVDZ0SlWJbeccpyam0MB8GA1UdIwQY MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt YWI4ZjFmMzM4N2VlLzEvbnJQTFJKUG1QRlVOblJLVllsdDV4eW5KcWJRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWFCCMA0G CSqGSIb3DQEBCwUAA4IBAQCgnX4ZNC/dQbQx8fifaiGfzVNKv7gJxJ8vwCZUNbbT qhQaeYERG2EciK/D0S1EdyhernI3HVM2sJTAnpZKXVoAV/ObIg8ddr0heWm4AUrU i5T0yKk+8PxLEHH2HqXuOrcXmJo46PRWm/RFTgA7otxxZfLmjuXqgwwyZfIc2vji Rry32tOB72VXBBrhg+/Vm6iNrY09SjPiK3mSZdrbX0j/S54ZoDQAedVs9H22taGW cALPIj0D4b2GIQNv4shsenCIPfIkDN+6F1QhrqpLpaXop/K8yAkmxAcwzzNfQ0GU SGv/GO9uX4aPb7Gs6T+/xfl+BbIGH+sC731RuigRjOcL -----END CERTIFICATE-----Generated at Mon Jan 19 14:22:37 2026 by rpki-client