This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/NZSg7hN5dj36ijrS0iZ916AKsoM.roa File: NZSg7hN5dj36ijrS0iZ916AKsoM.roa (raw, json) Hash identifier: VS2r3z5DpXErRLlghndtWldrsOM22Uv0cqCOqDvPp5M= Subject key identifier: 35:94:A0:EE:13:79:76:3D:FA:8A:3A:D2:D2:26:7D:D7:A0:0A:B2:83 Certificate issuer: /CN=d03046d16cfc391b028b88743773ce005cf97b1d Certificate serial: 019B7CED8F02C8C5E0F2C958A663F1F1B954 Authority key identifier: D0:30:46:D1:6C:FC:39:1B:02:8B:88:74:37:73:CE:00:5C:F9:7B:1D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0DBG0Wz8ORsCi4h0N3POAFz5ex0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/NZSg7hN5dj36ijrS0iZ916AKsoM.roa Signing time: Fri 02 Jan 2026 04:18:21 +0000 ROA not before: Fri 02 Jan 2026 04:18:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14618 IP address blocks: 185.163.152.0/24 maxlen: 24 185.163.153.0/24 maxlen: 24 185.163.154.0/24 maxlen: 24 185.163.155.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/0DBG0Wz8ORsCi4h0N3POAFz5ex0.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/0DBG0Wz8ORsCi4h0N3POAFz5ex0.mft rsync://rpki.ripe.net/repository/DEFAULT/0DBG0Wz8ORsCi4h0N3POAFz5ex0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 15:30:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:8f:02:c8:c5:e0:f2:c9:58:a6:63:f1:f1:b9:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d03046d16cfc391b028b88743773ce005cf97b1d Validity Not Before: Jan 2 04:18:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3594a0ee1379763dfa8a3ad2d2267dd7a00ab283 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:8f:6a:33:bf:bf:69:c8:6d:51:42:4a:50:c9: ca:97:b3:54:b0:ff:ce:23:c1:aa:ac:bb:59:9a:de: 9e:01:97:70:06:e5:e0:78:60:50:ef:28:c0:ad:7d: 8e:7f:24:4b:80:24:a7:7c:86:b3:2d:4e:ca:fe:02: 53:00:05:da:0e:27:c9:1a:24:c3:6a:43:8f:4c:cc: a5:39:b2:31:0a:94:7f:ee:74:f3:6e:33:23:29:98: 12:68:70:41:84:73:3f:fc:5f:18:f2:66:9b:1e:fd: 46:c4:cc:2b:7c:0b:fa:78:bc:64:80:47:72:35:0e: a2:4b:cc:a3:65:dd:d9:0c:05:77:ed:35:8e:86:3c: e6:de:c4:62:1b:63:21:1c:30:fc:53:77:79:d7:dc: 48:22:87:5f:a1:11:55:82:73:af:d5:96:ef:a1:3c: 1d:a1:78:31:2d:6a:39:bd:46:f7:58:70:3e:05:27: 0b:d5:8c:ad:9a:c2:ba:9e:7f:84:64:0d:0a:a7:34: 90:f9:49:65:bb:9e:08:46:14:52:65:85:ef:3a:23: 30:6b:28:75:0c:a8:97:5a:96:75:8d:68:88:15:4d: f9:41:dc:5a:05:d8:e6:39:e8:a4:1c:fe:a8:65:a5: 92:db:91:eb:0e:e9:a1:60:44:2e:9e:51:ac:5a:e8: 2e:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:94:A0:EE:13:79:76:3D:FA:8A:3A:D2:D2:26:7D:D7:A0:0A:B2:83 X509v3 Authority Key Identifier: keyid:D0:30:46:D1:6C:FC:39:1B:02:8B:88:74:37:73:CE:00:5C:F9:7B:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0DBG0Wz8ORsCi4h0N3POAFz5ex0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/NZSg7hN5dj36ijrS0iZ916AKsoM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/0DBG0Wz8ORsCi4h0N3POAFz5ex0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.163.152.0/22 Signature Algorithm: sha256WithRSAEncryption 0b:74:70:02:bb:98:b5:b4:04:05:ea:92:b8:de:3d:60:8f:12: e2:9c:20:bc:d6:7e:9c:9f:1f:d3:1a:90:fa:02:3b:da:23:1f: 27:55:00:38:32:4a:c7:dd:ef:67:a6:27:31:96:39:ef:d6:d3: 59:3b:a5:61:c2:99:3f:8c:de:bd:dd:49:ac:39:92:d4:92:5b: 63:cf:df:63:25:d4:8d:5a:b0:5a:93:3e:a1:b8:46:39:bb:42: ad:1d:b9:71:db:07:94:21:97:25:f5:e4:c1:0a:97:78:76:4d: 3f:9b:03:53:97:de:76:ea:e0:84:ac:19:ca:e2:d8:7a:7b:89: a9:b6:49:ec:a2:b6:97:a5:c4:72:bb:cc:2f:1f:03:6e:6e:0f: b5:02:06:15:5f:a9:8c:cc:ba:7b:c1:3a:da:fe:8e:aa:45:48: b6:2b:e3:3e:a2:93:a8:d4:4c:ba:5c:84:a5:24:cb:b4:27:e7: 7e:6e:74:f7:97:e5:31:0b:e8:03:27:7d:25:a7:3f:48:c7:d6: 86:a1:44:96:16:58:51:95:27:e4:92:97:4a:a7:b7:31:15:8f: f0:f7:05:d8:93:37:1d:cc:84:af:f8:c4:ee:fb:b1:ff:6c:79: 96:1f:3e:96:23:16:32:f6:9e:bf:9c:07:0e:68:b4:43:f6:fa: 0f:34:26:ea -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt87Y8CyMXg8slYpmPx8blUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwMzA0NmQxNmNmYzM5MWIwMjhiODg3NDM3NzNjZTAwNWNm OTdiMWQwHhcNMjYwMTAyMDQxODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNTk0YTBlZTEzNzk3NjNkZmE4YTNhZDJkMjI2N2RkN2EwMGFiMjgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA149qM7+/achtUUJKUMnKl7NUsP/O I8GqrLtZmt6eAZdwBuXgeGBQ7yjArX2OfyRLgCSnfIazLU7K/gJTAAXaDifJGiTD akOPTMylObIxCpR/7nTzbjMjKZgSaHBBhHM//F8Y8mabHv1GxMwrfAv6eLxkgEdy NQ6iS8yjZd3ZDAV37TWOhjzm3sRiG2MhHDD8U3d519xIIodfoRFVgnOv1ZbvoTwd oXgxLWo5vUb3WHA+BScL1YytmsK6nn+EZA0KpzSQ+Ullu54IRhRSZYXvOiMwayh1 DKiXWpZ1jWiIFU35QdxaBdjmOeikHP6oZaWS25HrDumhYEQunlGsWuguiwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFDWUoO4TeXY9+oo60tImfdegCrKDMB8GA1UdIwQY MBaAFNAwRtFs/DkbAouIdDdzzgBc+XsdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMERCRzBXejhPUnNDaTRoME4zUE9BRno1ZXgwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xOGQxMzItOTk1MS00MDU1LWI1YTYt ZGMwZTFhNzI1MjIxLzEvTlpTZzdoTjVkajM2aWpyUzBpWjkxNkFLc29NLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS8xOGQxMzItOTk1MS00MDU1LWI1YTYtZGMwZTFhNzI1MjIx LzEvMERCRzBXejhPUnNDaTRoME4zUE9BRno1ZXgwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaOYMA0G CSqGSIb3DQEBCwUAA4IBAQALdHACu5i1tAQF6pK43j1gjxLinCC81n6cnx/TGpD6 AjvaIx8nVQA4MkrH3e9npicxljnv1tNZO6Vhwpk/jN693UmsOZLUkltjz99jJdSN WrBakz6huEY5u0KtHblx2weUIZcl9eTBCpd4dk0/mwNTl9526uCErBnK4th6e4mp tknsoraXpcRyu8wvHwNubg+1AgYVX6mMzLp7wTra/o6qRUi2K+M+opOo1Ey6XISl JMu0J+d+bnT3l+UxC+gDJ30lpz9Ix9aGoUSWFlhRlSfkkpdKp7cxFY/w9wXYkzcd zISv+MTu+7H/bHmWHz6WIxYy9p6/nAcOaLRD9voPNCbq -----END CERTIFICATE-----Generated at Wed Jan 7 23:47:57 2026 by rpki-client