This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/vZrEmHx5jTTjHFQndlFS0EToTrg.roa File: vZrEmHx5jTTjHFQndlFS0EToTrg.roa (raw, json) Hash identifier: E6Qy1sejXLJ5Lndb5ofszM3ZryMZgNtjFfJuPT3/574= Subject key identifier: BD:9A:C4:98:7C:79:8D:34:E3:1C:54:27:76:51:52:D0:44:E8:4E:B8 Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Certificate serial: 019B7D5D2C484780A71E505B33D3BD26D5FE Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/vZrEmHx5jTTjHFQndlFS0EToTrg.roa Signing time: Fri 02 Jan 2026 06:20:16 +0000 ROA not before: Fri 02 Jan 2026 06:20:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 11172 IP address blocks: 193.26.114.0/24 maxlen: 24 2a10:6c01::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 11:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:2c:48:47:80:a7:1e:50:5b:33:d3:bd:26:d5:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Validity Not Before: Jan 2 06:20:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=bd9ac4987c798d34e31c5427765152d044e84eb8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:a4:af:27:d6:f9:88:66:42:b0:00:ee:3b:ad: a8:9f:09:30:2d:69:b0:6a:32:87:40:a2:6f:b8:ac: 1c:f7:cc:6b:4a:d7:ca:29:49:26:78:1d:1e:61:28: 77:59:c4:d5:f0:b4:7a:ec:b8:9b:5a:0d:a4:6e:0a: c6:b1:db:70:68:93:1f:e6:ba:2b:ce:e3:0a:9f:9a: 5a:79:3e:37:a3:6d:81:c5:60:38:3b:03:17:a1:96: 39:ff:cd:05:e5:d1:47:32:d6:5f:97:86:dd:ef:be: a7:e2:a3:8c:ad:6e:4e:99:6e:9f:08:dc:c9:e0:ca: 11:00:46:26:88:3d:3c:ef:d5:9a:87:9a:e7:78:c4: 8e:78:2c:ca:61:9f:88:d1:10:ed:15:36:af:82:90: 6c:c5:f1:8c:f4:5e:7c:6d:d7:1f:4a:f0:f5:c9:c5: 87:25:74:ab:13:60:88:84:2f:34:78:65:32:eb:62: 8b:e6:ac:05:38:3f:13:04:32:f3:e4:7c:67:02:8e: 22:af:40:aa:13:df:7a:dc:7e:a4:27:f9:a4:96:42: 42:b9:b1:cc:7a:0d:f0:8d:4b:fa:d6:4e:76:8b:58: 6b:26:12:3f:9a:fa:46:08:71:af:05:89:17:8e:05: 7e:9e:80:43:84:a7:1c:1f:91:2a:bc:fe:f9:29:a6: 88:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:9A:C4:98:7C:79:8D:34:E3:1C:54:27:76:51:52:D0:44:E8:4E:B8 X509v3 Authority Key Identifier: keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/vZrEmHx5jTTjHFQndlFS0EToTrg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.26.114.0/24 IPv6: 2a10:6c01::/32 Signature Algorithm: sha256WithRSAEncryption 94:57:9c:43:a8:4e:8a:60:58:79:ff:0a:05:c0:28:29:c2:99: 09:85:94:20:82:7e:98:99:cf:6f:2c:c0:7f:0d:51:a4:83:c0: b1:e7:8f:4c:22:f4:ae:fb:4c:38:1b:02:d9:d5:a5:10:3c:a9: 02:7a:87:35:8b:ed:29:b7:cc:0b:85:b6:3e:78:18:8e:62:86: 54:47:90:f6:8c:00:0a:af:70:5f:5d:76:69:0e:49:6e:e9:23: ad:af:5d:5f:c6:2c:6b:67:c0:8e:e6:af:fd:fe:0f:de:f9:5b: 5c:c9:e9:f9:d3:2e:12:7b:1d:52:58:cd:f1:25:ec:96:09:11: a8:4f:50:37:2a:58:d5:84:f5:e3:db:c9:5c:86:56:5b:43:3e: 9b:4e:e6:b2:46:f3:bc:bb:c8:b4:00:d0:d2:a5:26:09:3e:8e: 00:93:4b:e0:9c:36:ce:25:4b:21:5e:15:93:51:39:24:8e:4d: 9d:c1:df:3d:44:2b:e1:da:9d:55:16:fe:f5:1e:df:16:d5:07: f4:5e:19:11:f8:9e:d8:9e:f0:30:5b:a7:16:65:d8:bf:b2:ca: 47:b1:7c:ec:f5:de:13:b4:0e:5f:bf:b2:b7:29:55:6b:09:c8: 20:83:65:7e:89:95:c9:79:52:94:65:2f:4f:05:64:29:7b:47: dc:c1:3e:c0 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt9XSxIR4CnHlBbM9O9JtX+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw NWIwZTIwHhcNMjYwMTAyMDYyMDE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiZDlhYzQ5ODdjNzk4ZDM0ZTMxYzU0Mjc3NjUxNTJkMDQ0ZTg0ZWI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaSvJ9b5iGZCsADuO62onwkwLWmw ajKHQKJvuKwc98xrStfKKUkmeB0eYSh3WcTV8LR67LibWg2kbgrGsdtwaJMf5ror zuMKn5paeT43o22BxWA4OwMXoZY5/80F5dFHMtZfl4bd776n4qOMrW5OmW6fCNzJ 4MoRAEYmiD0879Wah5rneMSOeCzKYZ+I0RDtFTavgpBsxfGM9F58bdcfSvD1ycWH JXSrE2CIhC80eGUy62KL5qwFOD8TBDLz5HxnAo4ir0CqE9963H6kJ/mklkJCubHM eg3wjUv61k52i1hrJhI/mvpGCHGvBYkXjgV+noBDhKccH5EqvP75KaaIXwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFL2axJh8eY004xxUJ3ZRUtBE6E64MB8GA1UdIwQY MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt MmNjZWRiOTY2YTU4LzEvdlpyRW1IeDVqVFRqSEZRbmRsRlMwRVRvVHJnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4 LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwRpyMA0E AgACMAcDBQAqEGwBMA0GCSqGSIb3DQEBCwUAA4IBAQCUV5xDqE6KYFh5/woFwCgp wpkJhZQggn6Ymc9vLMB/DVGkg8Cx549MIvSu+0w4GwLZ1aUQPKkCeoc1i+0pt8wL hbY+eBiOYoZUR5D2jAAKr3BfXXZpDklu6SOtr11fxixrZ8CO5q/9/g/e+Vtcyen5 0y4Sex1SWM3xJeyWCRGoT1A3KljVhPXj28lchlZbQz6bTuayRvO8u8i0ANDSpSYJ Po4Ak0vgnDbOJUshXhWTUTkkjk2dwd89RCvh2p1VFv71Ht8W1Qf0XhkR+J7YnvAw W6cWZdi/sspHsXzs9d4TtA5fv7K3KVVrCcggg2V+iZXJeVKUZS9PBWQpe0fcwT7A -----END CERTIFICATE-----Generated at Mon Jan 19 19:57:15 2026 by rpki-client