This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/nKmF1TZGqw4Rl01o8Upo8B1uARg.roa File: nKmF1TZGqw4Rl01o8Upo8B1uARg.roa (raw, json) Hash identifier: jsNr28qDsooPsLwTF7PUY4RAqfXcXlMffZUWeSf+lRc= Subject key identifier: 9C:A9:85:D5:36:46:AB:0E:11:97:4D:68:F1:4A:68:F0:1D:6E:01:18 Certificate issuer: /CN=3bfa6636fe6440acf293b75705a7a1dcada8420b Certificate serial: 019B78A30166DA01C98C6BBE0357FD87589D Authority key identifier: 3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/nKmF1TZGqw4Rl01o8Upo8B1uARg.roa Signing time: Thu 01 Jan 2026 08:18:27 +0000 ROA not before: Thu 01 Jan 2026 08:18:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43870 IP address blocks: 79.140.160.0/20 maxlen: 24 79.140.160.0/21 maxlen: 24 79.140.168.0/22 maxlen: 24 79.140.172.0/24 maxlen: 24 79.140.174.0/23 maxlen: 24 80.245.80.0/20 maxlen: 24 80.245.80.0/22 maxlen: 24 80.245.84.0/23 maxlen: 24 149.3.184.0/21 maxlen: 24 2a00:cce0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/O_pmNv5kQKzyk7dXBaeh3K2oQgs.crl rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/O_pmNv5kQKzyk7dXBaeh3K2oQgs.mft rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:01:66:da:01:c9:8c:6b:be:03:57:fd:87:58:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3bfa6636fe6440acf293b75705a7a1dcada8420b Validity Not Before: Jan 1 08:18:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9ca985d53646ab0e11974d68f14a68f01d6e0118 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:48:2c:35:b8:b8:33:5b:d4:db:4c:48:f9:38: 27:28:be:e1:03:4e:dd:6f:f7:69:5a:a0:89:08:6f: 53:e5:3f:5d:59:c5:79:7c:20:5e:35:eb:88:6b:92: a5:37:34:c4:46:6b:34:6f:99:57:62:ae:06:79:a9: 00:8d:35:e1:7b:9d:f1:a0:da:e4:9f:51:e6:40:70: fd:44:cd:36:e6:e3:bd:9f:3c:1e:bf:f6:5c:db:37: 13:fc:62:87:be:10:40:b1:2c:19:85:ee:61:47:4b: 23:14:a2:c0:d1:2b:cb:0f:b7:0e:bb:f3:5c:60:3c: c0:a7:7a:52:de:39:a0:19:02:26:4d:2d:45:1d:98: a6:87:9a:79:35:6e:8f:0b:6e:95:e4:90:fb:aa:4b: 57:de:60:f6:04:32:9a:c2:1b:37:7c:74:d6:f4:43: c8:a4:c0:00:db:9b:fb:cc:95:35:50:fb:4b:9f:6b: 62:8a:ea:89:b2:1c:bf:a2:b0:f9:14:64:96:68:cc: ed:a6:2e:f0:7f:00:96:01:0f:8c:1d:9c:fe:d9:a9: 6b:2e:de:9a:52:22:16:cc:4a:c3:b1:07:04:75:46: 97:0d:98:1e:7b:d6:e9:24:43:ae:7f:55:76:2f:49: 28:7a:33:d0:59:17:2e:5c:ed:1a:04:40:33:85:6d: 5c:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:A9:85:D5:36:46:AB:0E:11:97:4D:68:F1:4A:68:F0:1D:6E:01:18 X509v3 Authority Key Identifier: keyid:3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/nKmF1TZGqw4Rl01o8Upo8B1uARg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/O_pmNv5kQKzyk7dXBaeh3K2oQgs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 79.140.160.0/20 80.245.80.0/20 149.3.184.0/21 IPv6: 2a00:cce0::/32 Signature Algorithm: sha256WithRSAEncryption 87:4f:15:f1:bc:31:9e:92:fa:77:28:76:ef:ba:2a:12:dd:ac: 3f:ff:50:29:a1:e3:b7:eb:92:ac:ec:67:35:e1:a5:a1:2c:ee: 57:38:1e:61:d3:8a:c1:27:de:c3:64:2e:a9:30:08:1f:b5:d8: c9:8a:0b:f7:78:1b:4b:91:3f:41:92:b2:e1:76:49:ee:c5:60: 2f:9f:d8:87:d3:f9:23:91:3c:77:f3:c3:b3:67:8b:57:1f:e4: aa:83:ee:6c:03:11:5f:1e:b9:8d:37:76:cc:f6:09:7f:0f:38: 28:28:6d:19:92:57:9e:e2:08:4a:47:86:38:f7:19:e0:b5:40: d5:ad:1d:b2:28:77:70:6d:51:6c:c7:be:08:29:62:09:10:67: 1d:fd:d3:55:47:98:d2:31:9d:b8:52:59:f4:86:09:65:b6:fe: de:1a:16:69:b1:2c:e9:dd:01:11:26:73:8e:2a:2b:47:f2:42: db:75:e8:51:c2:5c:ea:41:64:cc:25:2f:72:2f:3e:0b:bd:f1: 84:02:b1:2a:89:5e:91:2f:0e:b7:a4:2e:84:6e:0a:97:a4:2d: 8f:49:39:00:03:c3:20:f1:29:e5:db:e3:3c:ea:3e:f0:47:04: 60:03:01:0f:cb:93:c5:18:cf:ac:a5:91:c9:43:ad:2d:ac:9b: 74:ac:eb:79 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt4owFm2gHJjGu+A1f9h1idMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiZmE2NjM2ZmU2NDQwYWNmMjkzYjc1NzA1YTdhMWRjYWRh ODQyMGIwHhcNMjYwMTAxMDgxODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5Y2E5ODVkNTM2NDZhYjBlMTE5NzRkNjhmMTRhNjhmMDFkNmUwMTE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA50gsNbi4M1vU20xI+TgnKL7hA07d b/dpWqCJCG9T5T9dWcV5fCBeNeuIa5KlNzTERms0b5lXYq4GeakAjTXhe53xoNrk n1HmQHD9RM025uO9nzwev/Zc2zcT/GKHvhBAsSwZhe5hR0sjFKLA0SvLD7cOu/Nc YDzAp3pS3jmgGQImTS1FHZimh5p5NW6PC26V5JD7qktX3mD2BDKawhs3fHTW9EPI pMAA25v7zJU1UPtLn2tiiuqJshy/orD5FGSWaMztpi7wfwCWAQ+MHZz+2alrLt6a UiIWzErDsQcEdUaXDZgee9bpJEOuf1V2L0koejPQWRcuXO0aBEAzhW1chQIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFJyphdU2RqsOEZdNaPFKaPAdbgEYMB8GA1UdIwQY MBaAFDv6Zjb+ZECs8pO3VwWnodytqEILMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hNDdjZGYtZDIxYi00ZjFkLTg5MDEt OTJlYzUxNWM1OTVhLzEvbkttRjFUWkdxdzRSbDAxbzhVcG84QjF1QVJnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNi9hNDdjZGYtZDIxYi00ZjFkLTg5MDEtOTJlYzUxNWM1OTVh LzEvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQET4ygAwQE UPVQAwQDlQO4MA0EAgACMAcDBQAqAMzgMA0GCSqGSIb3DQEBCwUAA4IBAQCHTxXx vDGekvp3KHbvuioS3aw//1ApoeO365Ks7Gc14aWhLO5XOB5h04rBJ97DZC6pMAgf tdjJigv3eBtLkT9BkrLhdknuxWAvn9iH0/kjkTx388OzZ4tXH+Sqg+5sAxFfHrmN N3bM9gl/DzgoKG0Zklee4ghKR4Y49xngtUDVrR2yKHdwbVFsx74IKWIJEGcd/dNV R5jSMZ24Uln0hglltv7eGhZpsSzp3QERJnOOKitH8kLbdehRwlzqQWTMJS9yLz4L vfGEArEqiV6RLw63pC6EbgqXpC2PSTkAA8Mg8Snl2+M86j7wRwRgAwEPy5PFGM+s pZHJQ60trJt0rOt5 -----END CERTIFICATE-----Generated at Mon Feb 9 19:54:46 2026 by rpki-client