This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/nWKr43KJPGiZdKkpuyeThhqeASs.roa File: nWKr43KJPGiZdKkpuyeThhqeASs.roa (raw, json) Hash identifier: JJbd06WArevN7NTvfMbhFxIEnpHo49DD/vbrjs5BiOg= Subject key identifier: 9D:62:AB:E3:72:89:3C:68:99:74:A9:29:BB:27:93:86:1A:9E:01:2B Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4 Certificate serial: 019B77C73E42DA44B0631CF99056B748BDAB Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/nWKr43KJPGiZdKkpuyeThhqeASs.roa Signing time: Thu 01 Jan 2026 04:18:24 +0000 ROA not before: Thu 01 Jan 2026 04:18:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 2914 IP address blocks: 50.20.224.0/21 maxlen: 24 212.69.88.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 13:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:3e:42:da:44:b0:63:1c:f9:90:56:b7:48:bd:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4 Validity Not Before: Jan 1 04:18:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9d62abe372893c689974a929bb2793861a9e012b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:15:06:90:0c:e0:80:09:0c:df:0a:61:7e:b1: 5d:62:a1:5d:ee:3e:7e:b1:11:4a:80:36:20:c1:a8: e4:37:a3:f6:0b:e1:f4:30:ee:38:95:40:14:d2:ed: 4c:f6:61:73:bb:1c:45:34:e9:e4:af:09:fd:49:9c: e7:27:8a:26:03:a4:a6:86:59:c5:86:c8:da:b9:74: db:a4:4b:25:dc:91:cb:e7:c8:31:6d:11:fd:d7:35: 64:7e:95:e0:cc:eb:37:2a:8b:75:c6:9f:e1:49:75: 76:61:9a:d1:32:a2:01:d3:95:86:a0:bf:4f:b6:eb: e3:f7:1e:53:81:27:8b:24:3b:4a:68:eb:9b:a3:78: 5f:7d:b9:af:7e:aa:8e:d4:ed:cd:9f:5b:12:cb:5a: 99:e3:8e:30:27:25:5a:d2:a5:2d:60:9d:1b:a7:74: 0c:df:1f:09:99:c8:84:e2:97:63:fb:bd:33:0b:56: 16:cb:17:cd:37:97:c6:25:2d:df:d6:8f:77:b2:d3: ae:18:2c:df:5b:0d:ca:1d:5a:72:1f:6d:09:1c:c3: fc:0e:3f:f8:36:5c:e8:2b:92:ed:a7:0a:fc:b5:27: 3f:70:0a:43:e9:1d:b0:16:b7:d6:97:1d:c7:b2:43: e2:e4:af:5b:b1:25:30:6f:e5:8d:09:7e:d3:40:e6: 65:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:62:AB:E3:72:89:3C:68:99:74:A9:29:BB:27:93:86:1A:9E:01:2B X509v3 Authority Key Identifier: keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/nWKr43KJPGiZdKkpuyeThhqeASs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 50.20.224.0/21 212.69.88.0/22 Signature Algorithm: sha256WithRSAEncryption 07:80:48:f3:e1:ff:49:ea:6c:e6:d2:41:00:bf:51:a7:c2:83: c1:b8:7c:a0:51:2c:c3:41:b2:5a:f1:15:11:1f:64:77:ba:48: 40:00:02:51:ea:04:f5:26:32:df:ee:66:92:38:b4:20:b1:e3: e3:16:4e:44:17:48:bf:f2:5b:a8:94:7f:45:34:4e:a0:d4:5d: 80:b2:ed:fe:df:f7:7b:44:32:0a:30:ea:a7:fe:69:ce:ff:01: d7:e3:e0:59:ef:d9:d7:af:2a:95:88:62:90:95:32:a1:80:88: 38:82:80:48:59:e7:fd:8f:e3:e8:24:51:e1:ee:3d:29:75:a8: 34:00:94:69:e2:8f:b8:78:e4:84:27:59:6e:99:c5:a5:d0:b9: 02:78:66:23:44:03:0d:d2:de:43:21:dd:34:8e:5b:50:43:6a: 25:c1:93:cf:53:11:8f:19:06:69:66:0b:4c:a0:4f:52:69:6b: 40:a8:1d:8e:2c:e6:77:2e:e1:58:e2:8f:19:4d:bb:fc:ae:d1: 3d:99:23:49:16:f8:8c:17:ba:fa:56:66:47:02:cb:ac:7b:66: fa:fa:80:14:bd:ba:a4:e1:3a:85:a4:aa:ec:bd:90:19:70:2f: 8f:57:02:ba:91:b3:ab:73:19:58:dd:0e:07:37:6a:f1:f6:cd: 0d:99:76:d9 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt3xz5C2kSwYxz5kFa3SL2rMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi NWRlZTQwHhcNMjYwMTAxMDQxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZDYyYWJlMzcyODkzYzY4OTk3NGE5MjliYjI3OTM4NjFhOWUwMTJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxUGkAzggAkM3wphfrFdYqFd7j5+ sRFKgDYgwajkN6P2C+H0MO44lUAU0u1M9mFzuxxFNOnkrwn9SZznJ4omA6SmhlnF hsjauXTbpEsl3JHL58gxbRH91zVkfpXgzOs3Kot1xp/hSXV2YZrRMqIB05WGoL9P tuvj9x5TgSeLJDtKaOubo3hffbmvfqqO1O3Nn1sSy1qZ444wJyVa0qUtYJ0bp3QM 3x8JmciE4pdj+70zC1YWyxfNN5fGJS3f1o93stOuGCzfWw3KHVpyH20JHMP8Dj/4 NlzoK5Ltpwr8tSc/cApD6R2wFrfWlx3HskPi5K9bsSUwb+WNCX7TQOZlKQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFJ1iq+NyiTxomXSpKbsnk4YangErMB8GA1UdIwQY MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt NTlmNTk4NGI2NGVhLzEvbldLcjQzS0pQR2laZEtrcHV5ZVRoaHFlQVNzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDMhTgAwQC 1EVYMA0GCSqGSIb3DQEBCwUAA4IBAQAHgEjz4f9J6mzm0kEAv1GnwoPBuHygUSzD QbJa8RURH2R3ukhAAAJR6gT1JjLf7maSOLQgsePjFk5EF0i/8luolH9FNE6g1F2A su3+3/d7RDIKMOqn/mnO/wHX4+BZ79nXryqViGKQlTKhgIg4goBIWef9j+PoJFHh 7j0pdag0AJRp4o+4eOSEJ1lumcWl0LkCeGYjRAMN0t5DId00jltQQ2olwZPPUxGP GQZpZgtMoE9SaWtAqB2OLOZ3LuFY4o8ZTbv8rtE9mSNJFviMF7r6VmZHAsuse2b6 +oAUvbqk4TqFpKrsvZAZcC+PVwK6kbOrcxlY3Q4HN2rx9s0NmXbZ -----END CERTIFICATE-----Generated at Thu Jan 1 20:30:06 2026 by rpki-client