This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/Nl9enAQ5fxiyA3bgN-Zg8I6GiQM.roa File: Nl9enAQ5fxiyA3bgN-Zg8I6GiQM.roa (raw, json) Hash identifier: A7OWUX4yXC7G/EYKNd9MidD+EY701iJQatSHjQ+zADU= Subject key identifier: 36:5F:5E:9C:04:39:7F:18:B2:03:76:E0:37:E6:60:F0:8E:86:89:03 Certificate issuer: /CN=67e1cedfe0826f0f9775bdfa8e9425300bde9f13 Certificate serial: 019B7C80C8523AB61E1C61BF02F11696989F Authority key identifier: 67:E1:CE:DF:E0:82:6F:0F:97:75:BD:FA:8E:94:25:30:0B:DE:9F:13 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z-HO3-CCbw-Xdb36jpQlMAvenxM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/Nl9enAQ5fxiyA3bgN-Zg8I6GiQM.roa Signing time: Fri 02 Jan 2026 02:19:33 +0000 ROA not before: Fri 02 Jan 2026 02:19:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35205 IP address blocks: 194.126.129.0/24 maxlen: 24 2a05:3700::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/Z-HO3-CCbw-Xdb36jpQlMAvenxM.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/Z-HO3-CCbw-Xdb36jpQlMAvenxM.mft rsync://rpki.ripe.net/repository/DEFAULT/Z-HO3-CCbw-Xdb36jpQlMAvenxM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:c8:52:3a:b6:1e:1c:61:bf:02:f1:16:96:98:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67e1cedfe0826f0f9775bdfa8e9425300bde9f13 Validity Not Before: Jan 2 02:19:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=365f5e9c04397f18b20376e037e660f08e868903 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:a4:ed:cc:94:ab:1f:13:00:56:6c:e4:e9:7a: ca:77:4f:e3:a5:5e:73:eb:ad:10:24:b1:cc:58:2e: 82:fd:41:93:65:ef:41:1f:70:ac:3f:50:16:c5:76: 3b:38:5b:1f:4f:dc:55:ad:a6:5f:f3:a9:11:f6:cf: 82:b6:cc:8b:21:90:9e:9c:28:75:9c:4d:c3:67:15: 0b:da:7a:3f:1c:86:de:e7:37:dd:14:23:d5:0c:de: 59:e1:39:dd:0a:a8:40:26:56:4c:05:13:93:95:95: 6a:da:12:f1:94:be:5e:c2:49:dd:97:45:c2:67:85: 95:94:c1:0a:d8:5d:3b:a7:c1:e4:46:d1:29:c3:e4: bc:d0:27:61:75:ab:fe:2e:96:f5:94:1a:14:21:f3: 06:de:d6:e9:23:61:f0:e9:f1:f2:07:e8:e4:61:5f: b4:71:3f:b4:90:77:e4:88:08:f2:88:bb:c5:03:db: 2f:72:da:3c:97:c8:cc:06:79:87:e7:75:33:6d:f9: aa:b7:9a:8d:3a:e8:98:89:7e:35:a9:85:a1:72:56: 21:b8:be:3c:83:5e:55:ab:3f:2e:23:61:8c:2d:ca: e3:95:20:43:d7:2f:64:70:d7:5b:97:3b:7f:cf:34: 0a:9b:d3:e2:95:4a:b1:06:f3:4d:b6:f0:2a:8a:8b: b8:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:5F:5E:9C:04:39:7F:18:B2:03:76:E0:37:E6:60:F0:8E:86:89:03 X509v3 Authority Key Identifier: keyid:67:E1:CE:DF:E0:82:6F:0F:97:75:BD:FA:8E:94:25:30:0B:DE:9F:13 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z-HO3-CCbw-Xdb36jpQlMAvenxM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/Nl9enAQ5fxiyA3bgN-Zg8I6GiQM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/Z-HO3-CCbw-Xdb36jpQlMAvenxM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.126.129.0/24 IPv6: 2a05:3700::/29 Signature Algorithm: sha256WithRSAEncryption 41:85:3d:6f:08:9f:05:34:13:22:a1:1e:87:1e:99:8a:4a:38: 59:bc:5b:97:d8:d6:1a:ec:7e:57:65:5c:c6:e7:8d:d1:ef:42: 59:56:b4:43:5c:2c:8d:a3:eb:3f:2c:3d:69:cf:35:cf:5a:de: 7e:2c:fc:ff:38:45:3e:80:5f:5d:c4:23:48:9b:75:5e:a7:1a: 81:7f:0a:8f:56:28:d2:fc:28:68:58:f7:9a:d3:a2:c2:9f:61: 2d:d1:dc:18:66:76:1b:c0:1d:4a:8e:40:00:a0:9c:57:c5:37: 67:e5:4a:a8:58:9e:80:6e:5f:43:1d:7a:5a:f1:92:23:b2:7b: e7:e9:4f:65:d7:67:2b:80:a3:3d:c8:46:b7:61:c9:fe:92:53: b3:dc:5e:19:91:04:1d:2e:36:2e:44:c9:1e:3c:6f:7e:7e:f0: 57:76:7e:44:7c:c0:f7:88:3e:60:17:d5:2e:2b:cd:86:f3:9e: c5:9d:8c:78:14:ea:f0:27:ed:49:23:6c:da:f4:37:53:c7:97: 75:02:75:ae:91:8e:69:cc:ee:f3:d0:99:71:3a:cd:f9:82:4e: c7:4c:8c:1c:88:02:54:96:38:f7:6b:49:46:3c:68:03:71:a8: 52:18:39:99:bc:dc:09:76:3d:bd:fb:b4:15:31:0b:1a:9f:8e: 2a:99:e2:5c -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt8gMhSOrYeHGG/AvEWlpifMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY3ZTFjZWRmZTA4MjZmMGY5Nzc1YmRmYThlOTQyNTMwMGJk ZTlmMTMwHhcNMjYwMTAyMDIxOTMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNjVmNWU5YzA0Mzk3ZjE4YjIwMzc2ZTAzN2U2NjBmMDhlODY4OTAzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqaTtzJSrHxMAVmzk6XrKd0/jpV5z 660QJLHMWC6C/UGTZe9BH3CsP1AWxXY7OFsfT9xVraZf86kR9s+CtsyLIZCenCh1 nE3DZxUL2no/HIbe5zfdFCPVDN5Z4TndCqhAJlZMBROTlZVq2hLxlL5ewkndl0XC Z4WVlMEK2F07p8HkRtEpw+S80Cdhdav+Lpb1lBoUIfMG3tbpI2Hw6fHyB+jkYV+0 cT+0kHfkiAjyiLvFA9svcto8l8jMBnmH53Uzbfmqt5qNOuiYiX41qYWhclYhuL48 g15Vqz8uI2GMLcrjlSBD1y9kcNdblzt/zzQKm9PilUqxBvNNtvAqiou4nwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFDZfXpwEOX8YsgN24DfmYPCOhokDMB8GA1UdIwQY MBaAFGfhzt/ggm8Pl3W9+o6UJTAL3p8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWi1ITzMtQ0Nidy1YZGIzNmpwUWxNQXZlbnhNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8xOWZhNGEtZjQxZC00YmFmLWI5ZWEt ZWM5Yjc1NTIxMjk3LzEvTmw5ZW5BUTVmeGl5QTNiZ04tWmc4STZHaVFNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy8xOWZhNGEtZjQxZC00YmFmLWI5ZWEtZWM5Yjc1NTIxMjk3 LzEvWi1ITzMtQ0Nidy1YZGIzNmpwUWxNQXZlbnhNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwn6BMA0E AgACMAcDBQMqBTcAMA0GCSqGSIb3DQEBCwUAA4IBAQBBhT1vCJ8FNBMioR6HHpmK SjhZvFuX2NYa7H5XZVzG543R70JZVrRDXCyNo+s/LD1pzzXPWt5+LPz/OEU+gF9d xCNIm3VepxqBfwqPVijS/ChoWPea06LCn2Et0dwYZnYbwB1KjkAAoJxXxTdn5Uqo WJ6Abl9DHXpa8ZIjsnvn6U9l12crgKM9yEa3Ycn+klOz3F4ZkQQdLjYuRMkePG9+ fvBXdn5EfMD3iD5gF9UuK82G857FnYx4FOrwJ+1JI2za9DdTx5d1AnWukY5pzO7z 0JlxOs35gk7HTIwciAJUljj3a0lGPGgDcahSGDmZvNwJdj29+7QVMQsan44qmeJc -----END CERTIFICATE-----Generated at Mon Jan 26 22:32:39 2026 by rpki-client