This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/b667aa-c415-4bbc-ad4c-c3377c1e3a2d/1/nvqn9Sh2i2lWg6Hwialk_8ZJzDk.roa File: nvqn9Sh2i2lWg6Hwialk_8ZJzDk.roa (raw, json) Hash identifier: 6lPfxX/n9LNcIDr5UXSvVe33ZTrPhgW6L/X4P6452WE= Subject key identifier: 9E:FA:A7:F5:28:76:8B:69:56:83:A1:F0:89:A9:64:FF:C6:49:CC:39 Certificate issuer: /CN=e9318a5198dcd3fcac2498055385d9af2110a6b4 Certificate serial: 019B797ED249C01EF6ACC99307391B6A2492 Authority key identifier: E9:31:8A:51:98:DC:D3:FC:AC:24:98:05:53:85:D9:AF:21:10:A6:B4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6TGKUZjc0_ysJJgFU4XZryEQprQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/b667aa-c415-4bbc-ad4c-c3377c1e3a2d/1/nvqn9Sh2i2lWg6Hwialk_8ZJzDk.roa Signing time: Thu 01 Jan 2026 12:18:33 +0000 ROA not before: Thu 01 Jan 2026 12:18:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43190 IP address blocks: 77.95.248.0/21 maxlen: 21 185.217.32.0/22 maxlen: 22 2a00:1478::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/b667aa-c415-4bbc-ad4c-c3377c1e3a2d/1/6TGKUZjc0_ysJJgFU4XZryEQprQ.crl rsync://rpki.ripe.net/repository/DEFAULT/c8/b667aa-c415-4bbc-ad4c-c3377c1e3a2d/1/6TGKUZjc0_ysJJgFU4XZryEQprQ.mft rsync://rpki.ripe.net/repository/DEFAULT/6TGKUZjc0_ysJJgFU4XZryEQprQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:d2:49:c0:1e:f6:ac:c9:93:07:39:1b:6a:24:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e9318a5198dcd3fcac2498055385d9af2110a6b4 Validity Not Before: Jan 1 12:18:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9efaa7f528768b695683a1f089a964ffc649cc39 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:b5:4d:4d:f5:5f:7c:c0:19:fe:fa:df:cb:0b: c8:02:6a:58:f6:1e:fa:c1:b8:cb:8c:9c:3a:90:2c: 67:4d:74:28:24:4a:c3:90:0e:57:19:af:63:63:ed: e9:66:b7:11:20:82:d4:14:e0:4b:f3:a9:06:32:f2: 13:1d:90:60:3c:b6:7e:4e:3d:e2:81:4b:a7:1d:41: 49:be:60:3d:4d:8d:ac:39:67:04:a7:79:11:3b:1c: 97:11:f8:80:35:f2:1e:c6:f2:a4:46:a7:5c:0e:14: 72:c2:c2:76:99:37:83:39:0d:85:e9:3d:20:cd:eb: eb:c3:f4:17:80:e7:56:43:3e:82:1a:26:f1:1e:1b: 32:bc:a9:dc:c7:bc:ef:b1:8a:fa:a7:5b:4a:33:36: 7f:6c:38:17:dc:be:f5:b3:35:46:5e:02:12:68:6b: dd:83:5a:a0:51:bc:f0:26:eb:5d:c1:d8:8d:d2:91: 0b:c8:57:a6:44:19:63:be:ec:ea:bb:01:ff:82:10: 2e:d7:89:06:79:38:61:66:5a:b1:55:37:6a:00:b9: 5f:e0:16:2a:97:38:a8:7d:6c:58:66:9c:3c:43:48: d7:c0:db:cc:a1:cb:9f:a3:93:2e:fa:79:c1:00:d5: 2b:15:07:92:5e:8b:09:93:6d:25:f1:ed:82:65:41: 0c:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:FA:A7:F5:28:76:8B:69:56:83:A1:F0:89:A9:64:FF:C6:49:CC:39 X509v3 Authority Key Identifier: keyid:E9:31:8A:51:98:DC:D3:FC:AC:24:98:05:53:85:D9:AF:21:10:A6:B4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6TGKUZjc0_ysJJgFU4XZryEQprQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/b667aa-c415-4bbc-ad4c-c3377c1e3a2d/1/nvqn9Sh2i2lWg6Hwialk_8ZJzDk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/b667aa-c415-4bbc-ad4c-c3377c1e3a2d/1/6TGKUZjc0_ysJJgFU4XZryEQprQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.95.248.0/21 185.217.32.0/22 IPv6: 2a00:1478::/32 Signature Algorithm: sha256WithRSAEncryption 5c:97:6e:3a:bc:2d:e2:9b:33:ae:bc:1b:73:46:48:09:89:cb: a0:3c:c5:a4:82:01:4c:8e:cc:2f:2b:21:db:72:cf:c5:4c:c7: 73:5e:9a:43:ec:ff:60:fb:13:bd:e5:06:52:5e:7d:31:36:da: a5:25:7d:77:d7:9b:e9:59:5b:2d:59:70:d5:84:fb:a7:bc:13: 53:26:8c:9a:e3:f2:d3:e0:c8:b2:a1:50:ea:4c:d0:7a:7c:39: 77:15:c6:bb:de:0f:29:0b:20:0f:13:64:d9:dd:21:1a:13:1d: 75:c7:39:fe:1e:4e:92:ad:44:2a:74:1f:c2:bf:14:f8:97:9c: 02:b2:61:d3:c9:41:6d:fe:9b:06:16:f1:aa:89:3b:90:cc:23: c3:7f:fa:6d:54:2f:4b:d1:29:c9:8a:c3:9b:a0:7e:80:53:a7: c9:5a:30:b9:dd:bd:df:72:18:1d:da:3a:a3:e2:5b:e9:93:b7: aa:ff:55:53:83:bf:03:5f:4d:13:a5:4d:e4:9f:43:73:2a:42: 34:97:35:f4:e2:ef:33:55:e4:68:50:01:c1:e9:a3:83:a8:af: fc:51:5b:10:fe:bb:d2:c3:c5:54:b4:6d:98:e6:ff:7b:5a:ef: e1:d7:ff:2b:02:fc:10:5e:45:46:68:57:fc:4c:df:c6:ba:2a: 31:de:b6:aa -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt5ftJJwB72rMmTBzkbaiSSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU5MzE4YTUxOThkY2QzZmNhYzI0OTgwNTUzODVkOWFmMjEx MGE2YjQwHhcNMjYwMTAxMTIxODMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZWZhYTdmNTI4NzY4YjY5NTY4M2ExZjA4OWE5NjRmZmM2NDljYzM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbVNTfVffMAZ/vrfywvIAmpY9h76 wbjLjJw6kCxnTXQoJErDkA5XGa9jY+3pZrcRIILUFOBL86kGMvITHZBgPLZ+Tj3i gUunHUFJvmA9TY2sOWcEp3kROxyXEfiANfIexvKkRqdcDhRywsJ2mTeDOQ2F6T0g zevrw/QXgOdWQz6CGibxHhsyvKncx7zvsYr6p1tKMzZ/bDgX3L71szVGXgISaGvd g1qgUbzwJutdwdiN0pELyFemRBljvuzquwH/ghAu14kGeThhZlqxVTdqALlf4BYq lziofWxYZpw8Q0jXwNvMocufo5Mu+nnBANUrFQeSXosJk20l8e2CZUEMxwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFJ76p/UodotpVoOh8ImpZP/GScw5MB8GA1UdIwQY MBaAFOkxilGY3NP8rCSYBVOF2a8hEKa0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNlRHS1VaamMwX3lzSkpnRlU0WFpyeUVRcHJRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iNjY3YWEtYzQxNS00YmJjLWFkNGMt YzMzNzdjMWUzYTJkLzEvbnZxbjlTaDJpMmxXZzZId2lhbGtfOFpKekRrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOC9iNjY3YWEtYzQxNS00YmJjLWFkNGMtYzMzNzdjMWUzYTJk LzEvNlRHS1VaamMwX3lzSkpnRlU0WFpyeUVRcHJRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDTV/4AwQC udkgMA0EAgACMAcDBQAqABR4MA0GCSqGSIb3DQEBCwUAA4IBAQBcl246vC3imzOu vBtzRkgJicugPMWkggFMjswvKyHbcs/FTMdzXppD7P9g+xO95QZSXn0xNtqlJX13 15vpWVstWXDVhPunvBNTJoya4/LT4MiyoVDqTNB6fDl3Fca73g8pCyAPE2TZ3SEa Ex11xzn+Hk6SrUQqdB/CvxT4l5wCsmHTyUFt/psGFvGqiTuQzCPDf/ptVC9L0SnJ isOboH6AU6fJWjC53b3fchgd2jqj4lvpk7eq/1VTg78DX00TpU3kn0NzKkI0lzX0 4u8zVeRoUAHB6aODqK/8UVsQ/rvSw8VUtG2Y5v97Wu/h1/8rAvwQXkVGaFf8TN/G uiox3raq -----END CERTIFICATE-----Generated at Sun Jan 18 13:13:30 2026 by rpki-client