This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/NYPoffrLoAbAwFWjaJWC9xF7tag.roa File: NYPoffrLoAbAwFWjaJWC9xF7tag.roa (raw, json) Hash identifier: QYIkGHhsJbFCCKO0D05wYVkIDI1TsV96ppLPRrx2sEQ= Subject key identifier: 35:83:E8:7D:FA:CB:A0:06:C0:C0:55:A3:68:95:82:F7:11:7B:B5:A8 Certificate issuer: /CN=22f344a63dcb70e89057deb8e2761dc45165881a Certificate serial: 019B77C6D5D9BB1A296329046A972DE7C405 Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/NYPoffrLoAbAwFWjaJWC9xF7tag.roa Signing time: Thu 01 Jan 2026 04:17:58 +0000 ROA not before: Thu 01 Jan 2026 04:17:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9009 IP address blocks: 85.28.32.0/20 maxlen: 24 85.28.32.0/23 maxlen: 23 85.28.32.0/24 maxlen: 24 85.28.33.0/24 maxlen: 24 85.28.34.0/24 maxlen: 24 85.28.48.0/20 maxlen: 24 85.28.56.0/22 maxlen: 22 85.28.56.0/24 maxlen: 24 85.28.58.0/24 maxlen: 24 109.238.192.0/20 maxlen: 24 109.238.192.0/22 maxlen: 24 109.238.196.0/23 maxlen: 23 109.238.201.0/24 maxlen: 24 109.238.202.0/24 maxlen: 24 109.238.203.0/24 maxlen: 24 109.238.204.0/24 maxlen: 24 109.238.206.0/24 maxlen: 24 109.238.207.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.mft rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 01:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:d5:d9:bb:1a:29:63:29:04:6a:97:2d:e7:c4:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a Validity Not Before: Jan 1 04:17:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3583e87dfacba006c0c055a3689582f7117bb5a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:b3:77:6c:61:c8:14:76:d1:2e:11:64:84:f7: 23:7e:09:c0:16:a8:98:8e:aa:6d:f1:a0:a5:fe:c8: 0f:3a:e0:fd:43:c6:75:fc:18:72:c3:19:65:fd:2e: 27:1c:3e:a6:4b:ec:b3:a7:52:9f:af:eb:70:c2:eb: 9d:74:5c:b3:73:e1:5c:7b:cd:ef:4e:92:ff:75:f2: 3d:f1:14:04:8e:d7:da:37:95:a1:d7:83:9e:2c:9f: ea:1e:c5:d0:db:49:f9:74:db:7d:a7:47:b9:ec:b6: 6b:b5:ef:3a:72:14:73:54:ce:d9:49:3e:50:7c:bc: a2:a5:67:64:38:84:ee:c4:ca:9c:93:80:12:9f:07: e7:f3:c1:d2:75:68:61:ea:16:39:e3:3d:26:02:7f: 5e:b3:27:38:98:bf:72:0f:10:12:8d:ad:9a:d0:29: a4:2a:1c:d7:7f:8d:dd:32:e1:5e:15:af:00:ae:13: 3f:91:51:d8:2a:8c:85:6d:c7:1b:37:63:7b:82:7e: ee:f5:7f:71:a5:cc:43:f4:e3:97:fc:0f:2f:9e:e7: 1f:94:4f:08:86:0e:0e:d5:2b:23:f8:0b:57:8f:e5: 3d:8c:e9:ff:f3:c6:57:b8:72:5a:cd:fd:25:21:65: 99:cd:01:56:f6:e7:12:40:bb:b0:db:6e:38:94:5d: e4:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:83:E8:7D:FA:CB:A0:06:C0:C0:55:A3:68:95:82:F7:11:7B:B5:A8 X509v3 Authority Key Identifier: keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/NYPoffrLoAbAwFWjaJWC9xF7tag.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.28.32.0/19 109.238.192.0/20 Signature Algorithm: sha256WithRSAEncryption 8d:7b:f5:82:3b:52:08:16:92:b7:ad:13:a2:13:37:14:2b:70: 9c:40:29:16:31:ef:c7:97:b8:66:37:3b:ae:33:5e:1a:4d:60: b0:18:3d:10:85:10:81:76:56:98:69:bc:33:64:a3:c4:ac:e7: ca:37:37:48:f6:02:64:11:09:42:cb:1f:65:60:b1:b5:c5:21: 74:89:b3:34:7f:ca:bd:78:57:d1:86:3f:12:eb:c3:34:9e:79: 5d:f3:4c:7e:5a:73:e5:b7:d9:0c:74:0d:4a:b7:6b:87:10:5e: e3:30:8c:8c:cd:e0:6a:e2:7e:84:58:df:92:e8:0f:14:18:f0: f3:19:42:66:5b:bd:7c:7d:bb:77:72:19:db:55:4c:48:a7:b0: 32:d1:24:cc:96:95:6c:c0:d1:81:00:33:bb:e4:54:d9:87:11: aa:c3:53:86:ae:8f:0c:df:35:18:68:d4:0f:f9:89:ce:d0:1d: ad:88:c3:fe:a8:e1:28:5c:c3:9c:ae:4f:14:de:49:1f:d8:6b: 41:b1:19:84:08:e4:da:37:0a:ba:cb:19:e6:de:dd:0c:8c:7c: 28:72:2c:99:35:a5:ff:7e:23:be:96:b1:07:d1:6a:13:76:f2: f7:3b:9a:87:62:39:7e:9c:56:6a:05:38:b6:ad:e9:1f:82:8a: 00:70:f7:2b -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt3xtXZuxopYykEapct58QFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyZjM0NGE2M2RjYjcwZTg5MDU3ZGViOGUyNzYxZGM0NTE2 NTg4MWEwHhcNMjYwMTAxMDQxNzU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNTgzZTg3ZGZhY2JhMDA2YzBjMDU1YTM2ODk1ODJmNzExN2JiNWE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbN3bGHIFHbRLhFkhPcjfgnAFqiY jqpt8aCl/sgPOuD9Q8Z1/Bhywxll/S4nHD6mS+yzp1Kfr+twwuuddFyzc+Fce83v TpL/dfI98RQEjtfaN5Wh14OeLJ/qHsXQ20n5dNt9p0e57LZrte86chRzVM7ZST5Q fLyipWdkOITuxMqck4ASnwfn88HSdWhh6hY54z0mAn9esyc4mL9yDxASja2a0Cmk KhzXf43dMuFeFa8ArhM/kVHYKoyFbccbN2N7gn7u9X9xpcxD9OOX/A8vnucflE8I hg4O1Ssj+AtXj+U9jOn/88ZXuHJazf0lIWWZzQFW9ucSQLuw2244lF3k9QIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFDWD6H36y6AGwMBVo2iVgvcRe7WoMB8GA1UdIwQY MBaAFCLzRKY9y3DokFfeuOJ2HcRRZYgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5Yzct ZmViYjY0YjVlMTY0LzEvTllQb2ZmckxvQWJBd0ZXamFKV0M5eEY3dGFnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5YzctZmViYjY0YjVlMTY0 LzEvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFVRwgAwQE be7AMA0GCSqGSIb3DQEBCwUAA4IBAQCNe/WCO1IIFpK3rROiEzcUK3CcQCkWMe/H l7hmNzuuM14aTWCwGD0QhRCBdlaYabwzZKPErOfKNzdI9gJkEQlCyx9lYLG1xSF0 ibM0f8q9eFfRhj8S68M0nnld80x+WnPlt9kMdA1Kt2uHEF7jMIyMzeBq4n6EWN+S 6A8UGPDzGUJmW718fbt3chnbVUxIp7Ay0STMlpVswNGBADO75FTZhxGqw1OGro8M 3zUYaNQP+YnO0B2tiMP+qOEoXMOcrk8U3kkf2GtBsRmECOTaNwq6yxnm3t0MjHwo ciyZNaX/fiO+lrEH0WoTdvL3O5qHYjl+nFZqBTi2rekfgooAcPcr -----END CERTIFICATE-----Generated at Sun Jan 18 08:54:48 2026 by rpki-client