This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/7d07ec-2e66-477a-93c6-f8bdd2d7927d/1/pf_a0nfpbks_qkQ4qrr2kzaKRXI.roa File: pf_a0nfpbks_qkQ4qrr2kzaKRXI.roa (raw, json) Hash identifier: vxuQLy7AbojQx6rQzhF+7IW/BG/BLw5H+3NoMpcGW1A= Subject key identifier: A5:FF:DA:D2:77:E9:6E:4B:3F:AA:44:38:AA:BA:F6:93:36:8A:45:72 Certificate issuer: /CN=667b2b1befba178f30d2a321c451b6eea5466274 Certificate serial: 019B7F151B199A8F842E64AFC42D2553D5F3 Authority key identifier: 66:7B:2B:1B:EF:BA:17:8F:30:D2:A3:21:C4:51:B6:EE:A5:46:62:74 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZnsrG--6F48w0qMhxFG27qVGYnQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/7d07ec-2e66-477a-93c6-f8bdd2d7927d/1/pf_a0nfpbks_qkQ4qrr2kzaKRXI.roa Signing time: Fri 02 Jan 2026 14:20:48 +0000 ROA not before: Fri 02 Jan 2026 14:20:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34312 IP address blocks: 89.200.248.0/21 maxlen: 21 193.111.6.0/23 maxlen: 23 195.95.206.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/7d07ec-2e66-477a-93c6-f8bdd2d7927d/1/ZnsrG--6F48w0qMhxFG27qVGYnQ.crl rsync://rpki.ripe.net/repository/DEFAULT/a8/7d07ec-2e66-477a-93c6-f8bdd2d7927d/1/ZnsrG--6F48w0qMhxFG27qVGYnQ.mft rsync://rpki.ripe.net/repository/DEFAULT/ZnsrG--6F48w0qMhxFG27qVGYnQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:1b:19:9a:8f:84:2e:64:af:c4:2d:25:53:d5:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=667b2b1befba178f30d2a321c451b6eea5466274 Validity Not Before: Jan 2 14:20:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a5ffdad277e96e4b3faa4438aabaf693368a4572 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:e1:63:54:09:bb:1d:58:45:16:40:cd:68:d9: 4d:43:99:f2:8e:8e:65:6a:c9:4b:03:0e:9d:e1:e2: e6:e2:f3:ec:b7:ed:67:5e:f4:e9:cb:49:22:08:a7: f0:ca:01:0d:03:55:8b:de:4b:69:65:fe:ca:bf:57: 13:d0:94:14:ce:6e:c8:14:ec:38:6d:0c:05:5c:63: f7:bd:73:06:4a:0a:d7:d8:83:9f:8e:87:e0:d9:b6: b4:41:c4:83:50:e1:1a:98:23:a9:8c:fa:4e:3d:96: ea:13:ff:88:cf:2f:0b:f2:2b:a8:e1:38:f2:49:df: 57:c9:33:df:d2:e2:f1:84:7f:24:95:2e:57:be:d8: 5f:93:93:48:b3:6f:9f:63:5b:f3:a5:1a:98:3b:cf: 01:b6:c0:ee:84:68:08:e9:ad:bd:08:55:a6:16:75: 8c:f7:53:9d:ff:36:e9:4f:f1:66:6c:cc:64:0e:ee: 59:5a:32:f5:09:db:95:a2:f8:07:08:ad:7a:c7:58: 2d:9b:35:04:7b:b7:cc:fc:a3:85:f6:ee:24:8d:25: 91:a1:43:76:52:cc:b2:86:56:b0:40:fe:c4:04:41: 2b:ab:ce:84:0b:09:d1:a1:ea:07:32:40:7a:31:98: 8e:b0:93:45:76:d9:10:bc:82:99:3a:5d:a8:7b:d2: b5:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:FF:DA:D2:77:E9:6E:4B:3F:AA:44:38:AA:BA:F6:93:36:8A:45:72 X509v3 Authority Key Identifier: keyid:66:7B:2B:1B:EF:BA:17:8F:30:D2:A3:21:C4:51:B6:EE:A5:46:62:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZnsrG--6F48w0qMhxFG27qVGYnQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/7d07ec-2e66-477a-93c6-f8bdd2d7927d/1/pf_a0nfpbks_qkQ4qrr2kzaKRXI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/7d07ec-2e66-477a-93c6-f8bdd2d7927d/1/ZnsrG--6F48w0qMhxFG27qVGYnQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.200.248.0/21 193.111.6.0/23 195.95.206.0/23 Signature Algorithm: sha256WithRSAEncryption 69:d7:0e:b3:54:58:58:66:db:78:1d:b5:a8:e3:d7:5d:69:52: c7:06:41:c0:58:fc:c4:61:72:ce:dc:44:50:38:16:c3:40:b1: 43:99:21:5d:00:ce:e5:7f:ae:6e:c7:01:7d:64:19:5b:85:39: 86:00:10:7a:e5:e9:0f:b4:4d:11:09:1e:ea:e4:0b:a0:a7:c8: fa:d7:03:7b:1d:f5:6a:df:ec:ff:b6:52:98:10:1f:20:81:55: 9a:f7:db:b0:86:f4:cb:d2:da:28:98:2f:7b:3b:06:eb:bc:41: 55:00:d8:05:42:84:7a:91:27:77:a2:05:28:3e:15:49:35:63: 19:07:ea:39:12:69:2e:7b:37:a5:31:5d:64:5d:e4:df:ea:06: 18:4a:68:0f:07:a1:b2:a7:61:92:9e:39:37:95:00:d3:35:2d: 39:a2:62:11:08:0b:48:8a:4d:bf:7a:61:1c:4b:d9:fc:4b:a8: f4:1b:21:f8:95:d9:8d:64:cb:89:e1:a0:01:62:3d:cc:d0:f4: 8b:6b:c4:d6:4b:7d:33:dc:cd:31:9c:13:b7:f6:49:be:0e:57: 1b:cf:c1:72:53:7a:72:e1:1b:67:6b:41:46:75:49:23:9c:88: 6d:cc:33:c1:c7:1b:d2:f7:74:54:9c:f2:f6:3a:14:d8:cc:2d: b4:32:4d:13 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt/FRsZmo+ELmSvxC0lU9XzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY2N2IyYjFiZWZiYTE3OGYzMGQyYTMyMWM0NTFiNmVlYTU0 NjYyNzQwHhcNMjYwMTAyMTQyMDQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNWZmZGFkMjc3ZTk2ZTRiM2ZhYTQ0MzhhYWJhZjY5MzM2OGE0NTcyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+FjVAm7HVhFFkDNaNlNQ5nyjo5l aslLAw6d4eLm4vPst+1nXvTpy0kiCKfwygENA1WL3ktpZf7Kv1cT0JQUzm7IFOw4 bQwFXGP3vXMGSgrX2IOfjofg2ba0QcSDUOEamCOpjPpOPZbqE/+Izy8L8iuo4Tjy Sd9XyTPf0uLxhH8klS5Xvthfk5NIs2+fY1vzpRqYO88BtsDuhGgI6a29CFWmFnWM 91Od/zbpT/FmbMxkDu5ZWjL1CduVovgHCK16x1gtmzUEe7fM/KOF9u4kjSWRoUN2 UsyyhlawQP7EBEErq86ECwnRoeoHMkB6MZiOsJNFdtkQvIKZOl2oe9K1twIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFKX/2tJ36W5LP6pEOKq69pM2ikVyMB8GA1UdIwQY MBaAFGZ7KxvvuhePMNKjIcRRtu6lRmJ0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWm5zckctLTZGNDh3MHFNaHhGRzI3cVZHWW5RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC83ZDA3ZWMtMmU2Ni00NzdhLTkzYzYt ZjhiZGQyZDc5MjdkLzEvcGZfYTBuZnBia3NfcWtRNHFycjJremFLUlhJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOC83ZDA3ZWMtMmU2Ni00NzdhLTkzYzYtZjhiZGQyZDc5Mjdk LzEvWm5zckctLTZGNDh3MHFNaHhGRzI3cVZHWW5RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDWcj4AwQB wW8GAwQBw1/OMA0GCSqGSIb3DQEBCwUAA4IBAQBp1w6zVFhYZtt4HbWo49ddaVLH BkHAWPzEYXLO3ERQOBbDQLFDmSFdAM7lf65uxwF9ZBlbhTmGABB65ekPtE0RCR7q 5Augp8j61wN7HfVq3+z/tlKYEB8ggVWa99uwhvTL0toomC97OwbrvEFVANgFQoR6 kSd3ogUoPhVJNWMZB+o5EmkuezelMV1kXeTf6gYYSmgPB6Gyp2GSnjk3lQDTNS05 omIRCAtIik2/emEcS9n8S6j0GyH4ldmNZMuJ4aABYj3M0PSLa8TWS30z3M0xnBO3 9km+Dlcbz8FyU3py4Rtna0FGdUkjnIhtzDPBxxvS93RUnPL2OhTYzC20Mk0T -----END CERTIFICATE-----Generated at Mon Feb 9 21:01:20 2026 by rpki-client