This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/caeeb6-8017-4c22-a81c-64075c2ae463/1/NuU8W7V2quwnNAYLT9_LV52Vbbk.roa File: NuU8W7V2quwnNAYLT9_LV52Vbbk.roa (raw, json) Hash identifier: SGhDxlcXeif+7R/rxn7Q7SC8rZycoqSPaENJlB28piw= Subject key identifier: 36:E5:3C:5B:B5:76:AA:EC:27:34:06:0B:4F:DF:CB:57:9D:95:6D:B9 Certificate issuer: /CN=f26681caa1d37e5899ba27dfbc36960e06b5d3f2 Certificate serial: 019B7B35D62AD95DCF6A99055EE258AAAC68 Authority key identifier: F2:66:81:CA:A1:D3:7E:58:99:BA:27:DF:BC:36:96:0E:06:B5:D3:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8maByqHTfliZuiffvDaWDga10_I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/caeeb6-8017-4c22-a81c-64075c2ae463/1/NuU8W7V2quwnNAYLT9_LV52Vbbk.roa Signing time: Thu 01 Jan 2026 20:18:04 +0000 ROA not before: Thu 01 Jan 2026 20:18:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57595 IP address blocks: 176.221.72.0/21 maxlen: 21 176.221.72.0/24 maxlen: 24 176.221.73.0/24 maxlen: 24 176.221.74.0/24 maxlen: 24 176.221.75.0/24 maxlen: 24 176.221.76.0/24 maxlen: 24 176.221.77.0/24 maxlen: 24 176.221.78.0/24 maxlen: 24 176.221.79.0/24 maxlen: 24 185.22.144.0/22 maxlen: 22 185.22.144.0/24 maxlen: 24 185.22.145.0/24 maxlen: 24 185.22.146.0/24 maxlen: 24 185.22.147.0/24 maxlen: 24 2a00:4440::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/caeeb6-8017-4c22-a81c-64075c2ae463/1/8maByqHTfliZuiffvDaWDga10_I.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/caeeb6-8017-4c22-a81c-64075c2ae463/1/8maByqHTfliZuiffvDaWDga10_I.mft rsync://rpki.ripe.net/repository/DEFAULT/8maByqHTfliZuiffvDaWDga10_I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:d6:2a:d9:5d:cf:6a:99:05:5e:e2:58:aa:ac:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f26681caa1d37e5899ba27dfbc36960e06b5d3f2 Validity Not Before: Jan 1 20:18:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=36e53c5bb576aaec2734060b4fdfcb579d956db9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:82:99:b8:ff:37:1e:bd:9f:54:a4:e6:9f:a0: 73:61:d1:43:5e:e5:fa:25:d8:d8:e6:4c:33:59:3b: 78:41:47:4b:44:dd:06:cc:b7:52:4f:cd:c0:c0:0d: a1:33:89:2b:b0:79:ce:9c:0b:8a:b0:c4:12:87:a6: 51:82:f4:0e:11:ef:1c:2b:b8:a4:04:5a:d6:93:fe: 2c:c1:89:16:70:69:21:5b:07:5e:57:da:29:b3:d8: 74:83:27:55:d8:d4:52:a3:f5:b7:8b:2f:b2:c1:5a: 95:89:e1:43:b4:71:dd:96:63:ca:43:be:99:a6:81: cd:d2:f6:37:20:f0:5a:81:e8:eb:ec:71:71:b2:ea: a6:ed:be:a0:7e:2f:af:7e:1f:fe:1d:53:7f:1f:a7: 5a:c7:5b:2e:38:db:fc:e7:00:6e:aa:53:a7:73:d5: cb:03:cb:d3:59:b8:e6:cc:28:ad:2f:34:85:9a:f9: 47:8d:1e:b0:89:9c:a9:f5:98:be:8e:91:9a:dd:1f: 58:95:66:9f:1c:36:65:5d:4a:78:35:d8:84:a2:4d: 26:fc:1f:81:fd:85:9a:85:a2:a9:cc:20:17:1b:63: 8d:e8:b2:38:b3:23:11:48:c3:3d:fb:df:f1:91:14: ca:1a:4c:bb:54:c1:95:83:30:76:62:a5:90:03:15: f1:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:E5:3C:5B:B5:76:AA:EC:27:34:06:0B:4F:DF:CB:57:9D:95:6D:B9 X509v3 Authority Key Identifier: keyid:F2:66:81:CA:A1:D3:7E:58:99:BA:27:DF:BC:36:96:0E:06:B5:D3:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8maByqHTfliZuiffvDaWDga10_I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/caeeb6-8017-4c22-a81c-64075c2ae463/1/NuU8W7V2quwnNAYLT9_LV52Vbbk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/caeeb6-8017-4c22-a81c-64075c2ae463/1/8maByqHTfliZuiffvDaWDga10_I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.221.72.0/21 185.22.144.0/22 IPv6: 2a00:4440::/32 Signature Algorithm: sha256WithRSAEncryption c7:31:24:ce:02:15:f3:7d:ff:3f:4a:d4:5c:f2:48:23:0f:a6: b7:47:f3:71:16:1b:3b:fe:1f:7b:57:e6:bd:a7:30:51:5b:d5: 88:0b:28:cb:d6:5d:8c:a1:75:da:10:69:59:6e:68:f1:a2:e8: 82:48:4d:73:69:fe:fd:fd:d0:f3:ea:b8:3e:c8:7e:1f:2e:3a: 12:99:23:97:39:f4:a9:89:05:5f:01:64:f9:da:59:35:1a:84: a3:d8:90:24:7d:2c:8a:99:5e:7c:0e:4b:e9:be:66:a0:18:ae: 5e:53:98:da:db:a0:4f:91:26:5e:40:b5:24:91:e8:2f:1b:d6: 6a:24:6f:13:1d:8d:dd:fe:ee:5b:52:85:5d:42:44:b1:6b:15: 8e:42:de:b7:f9:71:77:04:11:0f:79:16:f0:a2:e5:54:e8:6d: 26:b8:2e:b0:80:b5:15:7d:af:5d:91:2e:7c:50:a1:00:76:ee: 3a:1e:50:f2:96:ac:d5:82:e7:51:cd:67:e6:88:9b:b0:a2:04: fe:fc:4e:c3:da:00:d5:6f:d4:74:cd:40:28:47:dd:70:8a:a1: 11:c6:5d:50:12:60:9e:d6:59:4c:94:b5:65:30:c2:af:1a:90: 65:e4:3c:0c:06:dd:68:26:a0:b8:31:7c:0c:6a:eb:18:d8:1d: d4:6b:91:65 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt7NdYq2V3PapkFXuJYqqxoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYyNjY4MWNhYTFkMzdlNTg5OWJhMjdkZmJjMzY5NjBlMDZi NWQzZjIwHhcNMjYwMTAxMjAxODA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNmU1M2M1YmI1NzZhYWVjMjczNDA2MGI0ZmRmY2I1NzlkOTU2ZGI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIKZuP83Hr2fVKTmn6BzYdFDXuX6 JdjY5kwzWTt4QUdLRN0GzLdST83AwA2hM4krsHnOnAuKsMQSh6ZRgvQOEe8cK7ik BFrWk/4swYkWcGkhWwdeV9ops9h0gydV2NRSo/W3iy+ywVqVieFDtHHdlmPKQ76Z poHN0vY3IPBagejr7HFxsuqm7b6gfi+vfh/+HVN/H6dax1suONv85wBuqlOnc9XL A8vTWbjmzCitLzSFmvlHjR6wiZyp9Zi+jpGa3R9YlWafHDZlXUp4NdiEok0m/B+B /YWahaKpzCAXG2ON6LI4syMRSMM9+9/xkRTKGky7VMGVgzB2YqWQAxXxEQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFDblPFu1dqrsJzQGC0/fy1edlW25MB8GA1UdIwQY MBaAFPJmgcqh035Ymbon37w2lg4GtdPyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOG1hQnlxSFRmbGladWlmZnZEYVdEZ2ExMF9JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jYWVlYjYtODAxNy00YzIyLWE4MWMt NjQwNzVjMmFlNDYzLzEvTnVVOFc3VjJxdXduTkFZTFQ5X0xWNTJWYmJrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi9jYWVlYjYtODAxNy00YzIyLWE4MWMtNjQwNzVjMmFlNDYz LzEvOG1hQnlxSFRmbGladWlmZnZEYVdEZ2ExMF9JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsN1IAwQC uRaQMA0EAgACMAcDBQAqAERAMA0GCSqGSIb3DQEBCwUAA4IBAQDHMSTOAhXzff8/ StRc8kgjD6a3R/NxFhs7/h97V+a9pzBRW9WICyjL1l2MoXXaEGlZbmjxouiCSE1z af79/dDz6rg+yH4fLjoSmSOXOfSpiQVfAWT52lk1GoSj2JAkfSyKmV58Dkvpvmag GK5eU5ja26BPkSZeQLUkkegvG9ZqJG8THY3d/u5bUoVdQkSxaxWOQt63+XF3BBEP eRbwouVU6G0muC6wgLUVfa9dkS58UKEAdu46HlDylqzVgudRzWfmiJuwogT+/E7D 2gDVb9R0zUAoR91wiqERxl1QEmCe1llMlLVlMMKvGpBl5DwMBt1oJqC4MXwMausY 2B3Ua5Fl -----END CERTIFICATE-----Generated at Tue Feb 10 04:53:19 2026 by rpki-client