This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/nF99YedSxhqR9dgcnLsv_2L92sk.roa File: nF99YedSxhqR9dgcnLsv_2L92sk.roa (raw, json) Hash identifier: WIdn73AcC+YDpBZl15hrNxPYqYXmjWiKL7Xydg0euEg= Subject key identifier: 9C:5F:7D:61:E7:52:C6:1A:91:F5:D8:1C:9C:BB:2F:FF:62:FD:DA:C9 Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Certificate serial: 019B7D5D2ABAD0CFB79C2D99E20E736B692F Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/nF99YedSxhqR9dgcnLsv_2L92sk.roa Signing time: Fri 02 Jan 2026 06:20:16 +0000 ROA not before: Fri 02 Jan 2026 06:20:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9312 IP address blocks: 193.19.108.0/24 maxlen: 24 194.242.2.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 11:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:2a:ba:d0:cf:b7:9c:2d:99:e2:0e:73:6b:69:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Validity Not Before: Jan 2 06:20:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9c5f7d61e752c61a91f5d81c9cbb2fff62fddac9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:15:b5:3d:c1:f4:e8:ae:f6:3c:87:4e:00:c3: d5:94:17:44:0c:b0:60:de:ac:00:81:e8:ec:c7:b3: 6f:8b:c8:40:81:e7:fd:94:0f:f6:e1:cc:d7:0f:e8: 68:ec:4a:90:8d:fb:df:be:fc:7d:42:0d:a6:45:de: 53:3b:fb:b0:30:3e:10:ea:d0:ba:85:a9:77:d7:8b: 5e:ef:87:39:27:c7:78:2a:c4:57:82:fa:de:64:8c: 4c:31:aa:14:e5:a4:2a:bd:b8:31:e6:f3:6f:39:2a: 4b:18:de:cd:ae:11:4c:ec:24:78:00:88:3a:ed:e9: 74:79:a1:40:62:1a:aa:5e:3f:cd:eb:75:45:64:fb: 1b:0e:4f:21:b7:73:c5:0c:80:e5:d4:17:2d:0a:93: 46:a5:0d:60:71:48:27:5a:95:71:75:7b:c9:d9:28: d7:2a:d1:fd:86:99:f6:c4:ee:54:28:88:49:c3:85: 73:56:aa:09:51:f6:80:09:e2:c3:cb:cf:9b:11:6e: 91:80:86:08:7f:66:5a:3f:f7:f5:b8:be:9e:b8:90: b4:00:21:2c:3c:a1:73:ca:68:a4:90:1e:17:3f:6c: ab:72:70:cb:30:51:48:42:05:5b:bf:05:a9:bb:5d: 6b:67:a9:a9:b5:4c:b2:ad:29:3d:3a:14:73:fe:1b: 8a:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:5F:7D:61:E7:52:C6:1A:91:F5:D8:1C:9C:BB:2F:FF:62:FD:DA:C9 X509v3 Authority Key Identifier: keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/nF99YedSxhqR9dgcnLsv_2L92sk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.19.108.0/24 194.242.2.0/24 Signature Algorithm: sha256WithRSAEncryption 74:e3:8f:69:e9:49:8f:67:ba:1c:3a:ba:fa:c6:bf:48:84:dc: 1f:84:1b:9d:92:bd:78:de:09:15:a4:3a:b3:53:3f:bb:aa:2b: 24:72:f3:11:c4:1e:ce:9a:2f:9d:30:d3:01:91:a4:e9:95:c0: 33:f4:cc:48:cc:b1:c2:c3:44:1b:4a:db:f5:15:04:fc:97:e2: dd:6c:cf:57:12:35:ca:c1:d1:13:e1:15:6d:01:16:51:8f:70: c8:64:13:aa:fe:11:68:44:6a:4a:26:ee:84:aa:bd:a7:33:11: 57:8d:67:5f:92:d5:5a:07:51:a5:5b:98:98:fc:40:0f:15:6a: e3:2c:ac:6b:ab:c2:6a:19:56:03:26:d3:f9:dd:83:a2:59:74: f6:dc:9f:88:31:98:be:6c:cf:48:77:5a:6c:25:fb:e4:d2:d5: fe:8f:2c:b8:4d:4e:25:5a:23:00:04:5a:45:77:69:67:26:fe: cd:44:3f:87:46:a8:b6:9e:a9:36:b5:40:bf:3c:d8:93:66:c2: af:50:ef:70:af:5b:80:8e:89:4e:01:8e:be:b8:98:d4:e9:da: ff:09:41:60:87:0d:76:51:02:58:54:47:57:e6:8b:40:34:85: 08:68:0e:bc:1d:d4:c6:af:35:99:d7:bf:a9:c5:dd:3d:19:36: bd:3f:59:54 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9XSq60M+3nC2Z4g5za2kvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw NWIwZTIwHhcNMjYwMTAyMDYyMDE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5YzVmN2Q2MWU3NTJjNjFhOTFmNWQ4MWM5Y2JiMmZmZjYyZmRkYWM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRW1PcH06K72PIdOAMPVlBdEDLBg 3qwAgejsx7Nvi8hAgef9lA/24czXD+ho7EqQjfvfvvx9Qg2mRd5TO/uwMD4Q6tC6 hal314te74c5J8d4KsRXgvreZIxMMaoU5aQqvbgx5vNvOSpLGN7NrhFM7CR4AIg6 7el0eaFAYhqqXj/N63VFZPsbDk8ht3PFDIDl1BctCpNGpQ1gcUgnWpVxdXvJ2SjX KtH9hpn2xO5UKIhJw4VzVqoJUfaACeLDy8+bEW6RgIYIf2ZaP/f1uL6euJC0ACEs PKFzymikkB4XP2yrcnDLMFFIQgVbvwWpu11rZ6mptUyyrSk9OhRz/huKHQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFJxffWHnUsYakfXYHJy7L/9i/drJMB8GA1UdIwQY MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt MmNjZWRiOTY2YTU4LzEvbkY5OVllZFN4aHFSOWRnY25Mc3ZfMkw5MnNrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4 LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwRNsAwQA wvICMA0GCSqGSIb3DQEBCwUAA4IBAQB0449p6UmPZ7ocOrr6xr9IhNwfhBudkr14 3gkVpDqzUz+7qiskcvMRxB7Omi+dMNMBkaTplcAz9MxIzLHCw0QbStv1FQT8l+Ld bM9XEjXKwdET4RVtARZRj3DIZBOq/hFoRGpKJu6Eqr2nMxFXjWdfktVaB1GlW5iY /EAPFWrjLKxrq8JqGVYDJtP53YOiWXT23J+IMZi+bM9Id1psJfvk0tX+jyy4TU4l WiMABFpFd2lnJv7NRD+HRqi2nqk2tUC/PNiTZsKvUO9wr1uAjolOAY6+uJjU6dr/ CUFghw12UQJYVEdX5otANIUIaA68HdTGrzWZ17+pxd09GTa9P1lU -----END CERTIFICATE-----Generated at Mon Jan 19 19:58:14 2026 by rpki-client