This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/n2OaMmsp7MYKOaOewrEjivY2pIQ.roa File: n2OaMmsp7MYKOaOewrEjivY2pIQ.roa (raw, json) Hash identifier: nsH89Jtej2NAT9EYUnKfsM/5OMThC9ekm0EHJ9HQ3HA= Subject key identifier: 9F:63:9A:32:6B:29:EC:C6:0A:39:A3:9E:C2:B1:23:8A:F6:36:A4:84 Certificate issuer: /CN=3618be04417a6bcb9f33942a631518be533ffaf4 Certificate serial: 019B7EA6F3446323537773F9D26AD339075F Authority key identifier: 36:18:BE:04:41:7A:6B:CB:9F:33:94:2A:63:15:18:BE:53:3F:FA:F4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nhi-BEF6a8ufM5QqYxUYvlM_-vQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/n2OaMmsp7MYKOaOewrEjivY2pIQ.roa Signing time: Fri 02 Jan 2026 12:20:29 +0000 ROA not before: Fri 02 Jan 2026 12:20:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42346 IP address blocks: 83.137.24.0/21 maxlen: 21 109.106.32.0/21 maxlen: 21 109.106.40.0/22 maxlen: 22 185.93.216.0/22 maxlen: 22 185.127.172.0/22 maxlen: 22 194.63.148.0/22 maxlen: 22 195.60.192.0/22 maxlen: 22 212.120.32.0/19 maxlen: 24 213.213.160.0/19 maxlen: 19 2a00:5480::/29 maxlen: 29 2a02:ab0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/Nhi-BEF6a8ufM5QqYxUYvlM_-vQ.crl rsync://rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/Nhi-BEF6a8ufM5QqYxUYvlM_-vQ.mft rsync://rpki.ripe.net/repository/DEFAULT/Nhi-BEF6a8ufM5QqYxUYvlM_-vQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 06:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:f3:44:63:23:53:77:73:f9:d2:6a:d3:39:07:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3618be04417a6bcb9f33942a631518be533ffaf4 Validity Not Before: Jan 2 12:20:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9f639a326b29ecc60a39a39ec2b1238af636a484 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:5e:27:91:f2:bf:68:88:e0:8c:28:a7:10:e1: e0:05:41:ac:b0:8d:63:25:de:7f:c4:36:b7:73:bc: 64:63:90:a8:8e:96:d7:3b:d3:88:f1:61:63:f0:11: dd:10:71:3c:e8:42:23:e1:24:78:fe:1a:a1:17:c6: 69:41:bf:75:46:1f:5a:9d:af:69:fa:17:81:e7:a0: 13:6f:e8:23:1c:77:a0:52:d1:03:d0:06:61:b8:c6: 06:ec:a6:e9:c6:4f:1f:2f:a6:33:cf:a0:61:26:a0: be:8b:a2:d2:e4:9c:c5:44:43:65:e0:39:e9:ee:86: 7d:49:8d:f9:17:d3:74:cd:f6:b8:1a:2a:d6:e6:ec: 2c:7f:b6:6c:80:e0:54:0a:61:77:ab:95:fb:9d:b4: 70:44:b0:99:f6:e2:73:9a:88:35:57:0d:29:7d:29: 26:c7:16:5f:c1:10:e1:ab:30:f9:1f:8e:0c:f9:57: 2e:30:b7:75:cc:52:79:5b:f6:d7:45:5e:f5:f2:76: a2:09:80:b8:2e:07:f8:f2:f1:24:bb:91:e4:59:1e: 4b:ab:b4:75:6c:c0:8c:e7:fb:0d:0b:e4:5e:16:ec: 45:81:e9:82:c0:fc:7d:d9:2e:90:73:0a:97:0a:c5: 7b:80:05:13:d4:ac:11:75:43:aa:ea:9c:f3:58:b5: a0:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:63:9A:32:6B:29:EC:C6:0A:39:A3:9E:C2:B1:23:8A:F6:36:A4:84 X509v3 Authority Key Identifier: keyid:36:18:BE:04:41:7A:6B:CB:9F:33:94:2A:63:15:18:BE:53:3F:FA:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nhi-BEF6a8ufM5QqYxUYvlM_-vQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/n2OaMmsp7MYKOaOewrEjivY2pIQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/Nhi-BEF6a8ufM5QqYxUYvlM_-vQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 83.137.24.0/21 109.106.32.0-109.106.43.255 185.93.216.0/22 185.127.172.0/22 194.63.148.0/22 195.60.192.0/22 212.120.32.0/19 213.213.160.0/19 IPv6: 2a00:5480::/29 2a02:ab0::/29 Signature Algorithm: sha256WithRSAEncryption 96:9c:37:22:d3:75:66:cf:e7:c0:e6:f9:8e:99:f7:1e:7e:ce: 7d:86:3f:ae:76:31:b2:06:8b:7e:a4:a1:a5:b8:0b:f0:42:9b: c6:03:dd:7a:65:01:db:45:e4:3e:fc:c2:c4:ff:be:fb:a3:eb: 65:92:9c:ab:2e:db:6d:7c:9b:56:22:d0:9b:4d:4a:42:b9:10: 6f:1a:10:40:2c:a3:90:b0:35:a7:52:35:28:12:90:40:c4:f1: 38:ad:ab:37:14:eb:c8:cc:69:16:8c:b7:6d:d6:1d:14:ac:8f: 71:ef:8e:c4:25:5b:3f:18:9b:54:f3:5e:68:11:1d:16:95:2f: a1:29:50:b0:2d:93:86:54:7c:62:7c:dd:a1:76:c3:2c:35:5b: 37:fc:b0:fb:c0:bd:fa:14:e6:8d:5c:2d:69:55:4c:14:00:0c: 11:ce:c2:7a:e3:96:da:68:f5:70:c1:9e:58:ce:d1:90:60:41: 04:e0:d1:ed:56:3f:4a:fa:58:4f:40:33:5a:d0:d6:f2:ac:c4: 2a:aa:f0:5e:9b:b0:1e:67:22:02:43:4a:35:ad:b2:fa:8c:b6: 56:87:40:b7:a4:e8:79:35:83:d9:b7:c5:c3:3a:76:54:40:43: cb:5e:37:0d:7a:99:f8:7c:ad:00:a5:d2:54:4d:ce:75:f2:e7: 14:99:ce:ba -----BEGIN CERTIFICATE----- MIIFRTCCBC2gAwIBAgISAZt+pvNEYyNTd3P50mrTOQdfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2MThiZTA0NDE3YTZiY2I5ZjMzOTQyYTYzMTUxOGJlNTMz ZmZhZjQwHhcNMjYwMTAyMTIyMDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZjYzOWEzMjZiMjllY2M2MGEzOWEzOWVjMmIxMjM4YWY2MzZhNDg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqF4nkfK/aIjgjCinEOHgBUGssI1j Jd5/xDa3c7xkY5CojpbXO9OI8WFj8BHdEHE86EIj4SR4/hqhF8ZpQb91Rh9ana9p +heB56ATb+gjHHegUtED0AZhuMYG7Kbpxk8fL6Yzz6BhJqC+i6LS5JzFRENl4Dnp 7oZ9SY35F9N0zfa4GirW5uwsf7ZsgOBUCmF3q5X7nbRwRLCZ9uJzmog1Vw0pfSkm xxZfwRDhqzD5H44M+VcuMLd1zFJ5W/bXRV718naiCYC4Lgf48vEku5HkWR5Lq7R1 bMCM5/sNC+ReFuxFgemCwPx92S6QcwqXCsV7gAUT1KwRdUOq6pzzWLWgAQIDAQAB o4ICUTCCAk0wHQYDVR0OBBYEFJ9jmjJrKezGCjmjnsKxI4r2NqSEMB8GA1UdIwQY MBaAFDYYvgRBemvLnzOUKmMVGL5TP/r0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTmhpLUJFRjZhOHVmTTVRcVl4VVl2bE1fLXZRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8yMDYxZDktNjQ5YS00MTM2LThjOTMt MjI2OGU5N2E4YmMxLzEvbjJPYU1tc3A3TVlLT2FPZXdyRWppdlkycElRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNC8yMDYxZDktNjQ5YS00MTM2LThjOTMtMjI2OGU5N2E4YmMx LzEvTmhpLUJFRjZhOHVmTTVRcVl4VVl2bE1fLXZRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjA+BAIAATA4AwQDU4kYMAwD BAVtaiADBAJtaigDBAK5XdgDBAK5f6wDBALCP5QDBALDPMADBAXUeCADBAXV1aAw FAQCAAIwDgMFAyoAVIADBQMqAgqwMA0GCSqGSIb3DQEBCwUAA4IBAQCWnDci03Vm z+fA5vmOmfcefs59hj+udjGyBot+pKGluAvwQpvGA916ZQHbReQ+/MLE/777o+tl kpyrLtttfJtWItCbTUpCuRBvGhBALKOQsDWnUjUoEpBAxPE4ras3FOvIzGkWjLdt 1h0UrI9x747EJVs/GJtU815oER0WlS+hKVCwLZOGVHxifN2hdsMsNVs3/LD7wL36 FOaNXC1pVUwUAAwRzsJ645baaPVwwZ5YztGQYEEE4NHtVj9K+lhPQDNa0NbyrMQq qvBem7AeZyICQ0o1rbL6jLZWh0C3pOh5NYPZt8XDOnZUQEPLXjcNepn4fK0ApdJU Tc518ucUmc66 -----END CERTIFICATE-----Generated at Wed Jan 21 10:29:19 2026 by rpki-client