This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/NklSIVNcNIWeMyDnmkM31BBhz1c.roa File: NklSIVNcNIWeMyDnmkM31BBhz1c.roa (raw, json) Hash identifier: UKSW2BDTyMNTJDzhPRFU+Wzj1R5uLkgmHOPWx5CWEqQ= Subject key identifier: 36:49:52:21:53:5C:34:85:9E:33:20:E7:9A:43:37:D4:10:61:CF:57 Certificate issuer: /CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba Certificate serial: 019B7B36ADA58DA459D60AF1C5D0584484A0 Authority key identifier: 5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/NklSIVNcNIWeMyDnmkM31BBhz1c.roa Signing time: Thu 01 Jan 2026 20:18:59 +0000 ROA not before: Thu 01 Jan 2026 20:18:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212335 IP address blocks: 45.147.132.0/24 maxlen: 24 45.147.133.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 12:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:ad:a5:8d:a4:59:d6:0a:f1:c5:d0:58:44:84:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba Validity Not Before: Jan 1 20:18:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=36495221535c34859e3320e79a4337d41061cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:37:4b:2e:95:ee:7b:9c:a3:66:90:87:39:73: 6b:48:ac:37:a9:90:0a:cd:c0:3c:4e:ce:26:d7:ee: 8f:9b:b1:6a:f2:19:9a:42:aa:94:ed:51:99:ba:96: a6:3a:d3:38:8e:1f:8e:66:da:9f:4b:08:7d:d8:f7: dc:cd:e9:a8:97:2a:88:7f:36:7b:ae:fc:c4:64:84: 7a:c4:fb:12:53:6f:ae:c9:d8:02:13:a2:81:d4:99: e6:f1:7b:21:01:81:40:a3:fa:99:3c:02:ee:2c:e1: 1f:78:fc:c0:a2:3f:d5:2a:f4:a9:be:5a:6d:be:2b: 0e:2c:a4:66:1d:f5:b1:d6:43:9d:ef:ac:7e:aa:2b: 9f:fa:e7:d8:7f:32:e2:8e:9d:82:ab:28:18:02:fc: bb:4f:7c:4d:fb:e4:c8:59:60:91:58:dc:aa:1d:23: 94:d4:a7:a5:54:8c:34:51:7d:06:a2:53:1f:68:dc: f3:9f:a8:c0:03:ca:23:2d:e4:f1:57:46:8b:5d:a6: 7f:51:72:dd:ab:42:01:3e:be:27:68:39:a1:12:50: 54:b7:f4:a8:7a:7c:39:a0:c9:a6:58:c6:2e:de:94: 8f:2f:c7:d8:52:27:8d:6d:3c:b6:00:cb:8f:c2:14: 6d:5f:80:a4:b4:38:b4:ed:0e:b7:35:95:18:e9:74: ed:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:49:52:21:53:5C:34:85:9E:33:20:E7:9A:43:37:D4:10:61:CF:57 X509v3 Authority Key Identifier: keyid:5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/NklSIVNcNIWeMyDnmkM31BBhz1c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.147.132.0/23 Signature Algorithm: sha256WithRSAEncryption 15:fb:eb:23:f2:63:12:c8:1d:e1:a6:ff:48:30:05:d5:d9:5e: 18:5a:a3:80:e1:82:ea:79:50:da:93:7e:89:75:ec:f1:ab:62: 07:06:98:c0:66:8a:5f:6d:08:b5:1f:8d:7e:98:15:e9:95:be: 23:e6:d3:1e:9f:70:af:6d:01:0f:84:70:de:25:b4:4c:7f:ae: 22:b6:e5:57:6b:ae:72:0a:4a:55:80:12:d3:a0:6e:b8:11:1b: 89:8f:ec:bc:74:78:4b:eb:8f:2b:94:4c:51:ca:e6:70:0b:65: aa:a8:56:55:44:ee:af:92:51:6a:f9:54:63:f5:17:92:61:09: 60:01:c2:07:ac:fb:18:42:3c:4e:95:bd:b8:81:be:32:13:b4: ae:4c:e5:ef:ee:4e:00:78:43:84:3e:b0:e9:9a:f5:44:8e:7e: 5b:68:ff:34:24:62:dc:bc:1f:ac:11:cc:eb:b4:10:bb:80:a6: 77:61:e3:96:a7:7a:01:57:95:c2:a4:df:53:8f:19:33:29:5b: 98:7d:de:4e:51:31:0a:e5:17:f5:e5:28:dc:ec:2f:d7:c4:45: d4:c5:b3:cb:5d:dd:81:0d:f7:21:d2:e9:d1:da:e0:d6:67:dc: e9:e5:75:26:f0:57:4d:9e:3b:bc:03:df:f5:0b:19:83:01:9d: 30:4a:de:43 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7Nq2ljaRZ1grxxdBYRISgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjZjMxYWZjMzZjYjY5NTUwMDdmZTk3ZWQ0YTVlMzE4NWQy MjcxYmEwHhcNMjYwMTAxMjAxODU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNjQ5NTIyMTUzNWMzNDg1OWUzMzIwZTc5YTQzMzdkNDEwNjFjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+TdLLpXue5yjZpCHOXNrSKw3qZAK zcA8Ts4m1+6Pm7Fq8hmaQqqU7VGZupamOtM4jh+OZtqfSwh92PfczemolyqIfzZ7 rvzEZIR6xPsSU2+uydgCE6KB1Jnm8XshAYFAo/qZPALuLOEfePzAoj/VKvSpvlpt visOLKRmHfWx1kOd76x+qiuf+ufYfzLijp2CqygYAvy7T3xN++TIWWCRWNyqHSOU 1KelVIw0UX0GolMfaNzzn6jAA8ojLeTxV0aLXaZ/UXLdq0IBPr4naDmhElBUt/So enw5oMmmWMYu3pSPL8fYUieNbTy2AMuPwhRtX4CktDi07Q63NZUY6XTttQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFDZJUiFTXDSFnjMg55pDN9QQYc9XMB8GA1UdIwQY MBaAFFzzGvw2y2lVAH/pftSl4xhdInG6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQt NzM2ZDEyODg4Y2E4LzEvTmtsU0lWTmNOSVdlTXlEbm1rTTMxQkJoejFjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQtNzM2ZDEyODg4Y2E4 LzEvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZOEMA0G CSqGSIb3DQEBCwUAA4IBAQAV++sj8mMSyB3hpv9IMAXV2V4YWqOA4YLqeVDak36J dezxq2IHBpjAZopfbQi1H41+mBXplb4j5tMen3CvbQEPhHDeJbRMf64ituVXa65y CkpVgBLToG64ERuJj+y8dHhL648rlExRyuZwC2WqqFZVRO6vklFq+VRj9ReSYQlg AcIHrPsYQjxOlb24gb4yE7SuTOXv7k4AeEOEPrDpmvVEjn5baP80JGLcvB+sEczr tBC7gKZ3YeOWp3oBV5XCpN9TjxkzKVuYfd5OUTEK5Rf15Sjc7C/XxEXUxbPLXd2B Dfch0unR2uDWZ9zp5XUm8FdNnju8A9/1CxmDAZ0wSt5D -----END CERTIFICATE-----Generated at Fri Jan 2 19:25:05 2026 by rpki-client