This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/NdtTEs20dkxfICeXOI1a_zE5bjg.roa File: NdtTEs20dkxfICeXOI1a_zE5bjg.roa (raw, json) Hash identifier: CC61i+Iskxl9VrH0+/CY6ZPO9cAdAYPFiZKSdlc1ps8= Subject key identifier: 35:DB:53:12:CD:B4:76:4C:5F:20:27:97:38:8D:5A:FF:31:39:6E:38 Certificate issuer: /CN=03c33e43ef56527a169d6ac6d7e62c63d1973051 Certificate serial: 019B7BA526B64319CAD284999CA1D01BECFB Authority key identifier: 03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/NdtTEs20dkxfICeXOI1a_zE5bjg.roa Signing time: Thu 01 Jan 2026 22:19:39 +0000 ROA not before: Thu 01 Jan 2026 22:19:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212341 IP address blocks: 77.87.185.0/24 maxlen: 24 185.66.176.0/22 maxlen: 22 185.66.178.0/24 maxlen: 24 2a05:900::/32 maxlen: 32 2a05:901::/32 maxlen: 32 2a05:902::/32 maxlen: 32 2a05:903::/32 maxlen: 32 2a05:904::/32 maxlen: 32 2a05:905::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.crl rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.mft rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 07 Jan 2026 19:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:26:b6:43:19:ca:d2:84:99:9c:a1:d0:1b:ec:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=03c33e43ef56527a169d6ac6d7e62c63d1973051 Validity Not Before: Jan 1 22:19:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=35db5312cdb4764c5f202797388d5aff31396e38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:e6:b6:cf:49:59:d6:97:5e:47:72:2e:3d:fa: 6b:f2:8e:ab:52:56:ef:7e:4f:3f:bc:7a:94:20:20: da:b3:46:13:df:87:72:dc:01:77:bc:4c:50:43:32: 46:c3:f4:38:e7:a1:8d:ad:c2:a3:0b:ad:00:10:e8: 0c:95:35:f3:6b:04:43:af:b1:3a:48:df:eb:57:c4: 6c:3b:62:01:89:d5:c0:d7:43:b6:0d:49:3f:8e:d2: c9:4c:8f:40:7c:29:5b:58:ec:38:75:c3:bb:64:be: f3:2e:4f:4f:b7:6c:f3:f7:82:e4:28:ef:14:fc:80: 31:6c:4f:3b:e1:e0:47:17:77:57:fb:1d:91:fc:3e: 88:22:28:d7:52:62:f5:b6:24:10:9b:ed:4b:9c:54: 3d:75:27:1f:f9:e6:0b:e2:f6:0e:07:d7:d5:12:40: b8:bd:ec:1f:d6:ce:aa:2c:28:5d:0a:a8:75:58:d0: 56:37:a9:22:4a:3d:f6:1e:cc:ff:0c:35:a2:43:04: 3a:7d:86:d6:0d:a7:47:61:0b:19:19:a2:0f:31:17: 7d:e1:4f:34:53:53:ed:ad:9e:7f:02:d2:d9:83:a0: 3c:d4:f0:76:d8:42:76:2a:94:be:5b:1f:58:2d:77: 3b:8d:3f:3a:ff:a0:21:03:2c:9e:97:21:80:20:15: 7c:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:DB:53:12:CD:B4:76:4C:5F:20:27:97:38:8D:5A:FF:31:39:6E:38 X509v3 Authority Key Identifier: keyid:03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/NdtTEs20dkxfICeXOI1a_zE5bjg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.87.185.0/24 185.66.176.0/22 IPv6: 2a05:900::-2a05:905:ffff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 5d:72:9d:87:8d:57:b2:d6:df:5e:52:59:d5:a3:02:07:a0:8c: 99:db:d5:96:6a:5c:ad:75:e1:f4:1a:38:09:b8:41:8d:61:bc: b7:67:bf:f1:89:eb:2c:55:68:a7:9a:3c:45:25:82:a7:45:fe: fc:84:94:05:c3:97:41:9e:9e:0c:0c:c6:df:9f:4c:22:b7:93: 68:62:cc:72:72:13:25:99:f5:3e:7d:f0:9d:fc:7a:11:e0:eb: 4d:7e:aa:76:fe:42:f6:f3:0c:59:3a:05:cb:02:78:17:65:34: 57:e3:bd:11:af:6d:49:7d:e5:82:9b:0b:41:72:35:fb:f9:04: 79:b5:5a:37:e7:fe:ef:30:90:f9:09:af:7b:ac:21:10:1e:72: 32:88:08:d6:12:d2:2e:e3:d5:5d:98:39:7c:7d:5e:cc:88:80: 74:90:b3:5e:d2:ea:cb:24:e0:ee:7e:af:23:a7:ec:86:67:8c: 45:31:db:c6:68:d0:8d:27:6b:99:bb:a6:d2:f6:90:df:6d:7b: 62:35:a6:15:e6:63:95:73:a7:58:46:a7:a7:21:5b:14:a6:8e: ab:0e:c8:9e:19:d4:43:43:4d:a1:96:6a:4b:76:d3:24:aa:e6: 51:9c:94:05:32:e2:30:3f:d7:f9:d0:a5:fb:27:a3:a2:49:0e: 87:36:f5:d3 -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt7pSa2QxnK0oSZnKHQG+z7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAzYzMzZTQzZWY1NjUyN2ExNjlkNmFjNmQ3ZTYyYzYzZDE5 NzMwNTEwHhcNMjYwMTAxMjIxOTM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNWRiNTMxMmNkYjQ3NjRjNWYyMDI3OTczODhkNWFmZjMxMzk2ZTM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+a2z0lZ1pdeR3IuPfpr8o6rUlbv fk8/vHqUICDas0YT34dy3AF3vExQQzJGw/Q456GNrcKjC60AEOgMlTXzawRDr7E6 SN/rV8RsO2IBidXA10O2DUk/jtLJTI9AfClbWOw4dcO7ZL7zLk9Pt2zz94LkKO8U /IAxbE874eBHF3dX+x2R/D6IIijXUmL1tiQQm+1LnFQ9dScf+eYL4vYOB9fVEkC4 vewf1s6qLChdCqh1WNBWN6kiSj32Hsz/DDWiQwQ6fYbWDadHYQsZGaIPMRd94U80 U1PtrZ5/AtLZg6A81PB22EJ2KpS+Wx9YLXc7jT86/6AhAyyelyGAIBV8HwIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFDXbUxLNtHZMXyAnlziNWv8xOW44MB8GA1UdIwQY MBaAFAPDPkPvVlJ6Fp1qxtfmLGPRlzBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUt YTNhM2ViODc5ZjJiLzEvTmR0VEVzMjBka3hmSUNlWE9JMWFfekU1YmpnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUtYTNhM2ViODc5ZjJi LzEvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzASBAIAATAMAwQATVe5AwQC uUKwMBUEAgACMA8wDQMEACoFCQMFASoFCQQwDQYJKoZIhvcNAQELBQADggEBAF1y nYeNV7LW315SWdWjAgegjJnb1ZZqXK114fQaOAm4QY1hvLdnv/GJ6yxVaKeaPEUl gqdF/vyElAXDl0GengwMxt+fTCK3k2hizHJyEyWZ9T598J38ehHg601+qnb+Qvbz DFk6BcsCeBdlNFfjvRGvbUl95YKbC0FyNfv5BHm1Wjfn/u8wkPkJr3usIRAecjKI CNYS0i7j1V2YOXx9XsyIgHSQs17S6ssk4O5+ryOn7IZnjEUx28Zo0I0na5m7ptL2 kN9te2I1phXmY5Vzp1hGp6chWxSmjqsOyJ4Z1ENDTaGWakt20ySq5lGclAUy4jA/ 1/nQpfsno6JJDoc29dM= -----END CERTIFICATE-----Generated at Wed Jan 7 00:58:10 2026 by rpki-client