This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/nQU1rY2ErLKpGm3xNOk2Vd6maac.roa File: nQU1rY2ErLKpGm3xNOk2Vd6maac.roa (raw, json) Hash identifier: I6X6MYBEOfSMB0M7TNs7z1Yj80MN+WqIyp43IIumKAY= Subject key identifier: 9D:05:35:AD:8D:84:AC:B2:A9:1A:6D:F1:34:E9:36:55:DE:A6:69:A7 Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205 Certificate serial: 019B783552F34E57D834CD23506A64007457 Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/nQU1rY2ErLKpGm3xNOk2Vd6maac.roa Signing time: Thu 01 Jan 2026 06:18:39 +0000 ROA not before: Thu 01 Jan 2026 06:18:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12414 IP address blocks: 5.199.144.0/20 maxlen: 24 82.139.64.0/18 maxlen: 24 185.117.108.0/22 maxlen: 24 217.26.96.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.mft rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:35:52:f3:4e:57:d8:34:cd:23:50:6a:64:00:74:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205 Validity Not Before: Jan 1 06:18:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9d0535ad8d84acb2a91a6df134e93655dea669a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:32:80:8b:ef:4e:2e:87:ef:08:86:29:db:57: 3c:fe:61:11:50:b7:14:1d:b8:61:d8:60:f4:fc:4a: 79:dc:99:58:ff:29:f6:c6:ab:34:e7:68:5b:c8:a7: 3c:93:a2:f3:c3:f8:7a:c0:4d:20:d8:ce:40:46:f4: d2:34:c2:ca:04:69:b7:a3:77:e5:b6:c0:a9:3a:dd: e0:44:13:7d:af:78:48:43:6a:65:c4:b8:a9:b7:26: 2b:86:af:97:b5:21:d1:de:ce:d5:17:ee:c9:9e:5a: c2:d8:a7:d2:58:62:9e:a7:17:59:17:ca:8c:66:3e: fc:81:4d:b9:fc:e0:de:54:3d:60:4d:46:fb:07:79: 84:d7:3c:37:15:c1:5b:2c:81:62:62:50:68:5b:b5: ae:74:25:be:c7:29:b3:9f:ab:2a:5c:79:94:fd:a2: 8b:4d:6f:e6:2b:d5:70:cd:62:9e:f4:ee:1f:05:86: 60:1a:87:1f:38:0c:55:55:5a:bf:3d:5d:2a:b8:29: 8e:9e:fd:ef:33:e6:db:c2:ba:cb:f6:c1:69:82:cc: c4:a6:5c:6c:bd:dd:91:60:a6:3d:64:8f:c1:c1:ed: 18:33:6c:49:bb:90:0d:03:5b:c9:92:15:03:10:13: 1e:da:79:02:94:90:a8:2b:dc:29:8f:1a:6f:ad:df: ad:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:05:35:AD:8D:84:AC:B2:A9:1A:6D:F1:34:E9:36:55:DE:A6:69:A7 X509v3 Authority Key Identifier: keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/nQU1rY2ErLKpGm3xNOk2Vd6maac.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.199.144.0/20 82.139.64.0/18 185.117.108.0/22 217.26.96.0/20 Signature Algorithm: sha256WithRSAEncryption 8c:f4:26:24:20:6d:49:e2:87:60:b7:50:c4:fc:06:a3:e9:b4: 23:a6:ac:2e:23:54:b5:02:0b:1f:73:26:f8:4d:6a:b5:23:65: c7:4e:00:f4:46:83:72:2e:97:d0:04:cf:37:93:c9:7a:e6:38: 66:e2:1a:3a:ba:32:75:81:d9:4d:61:ef:51:0d:f3:13:a7:cd: df:75:3f:67:d2:84:ae:12:90:59:d5:38:ab:cb:7c:50:6b:70: c5:e8:99:31:27:de:46:9f:b2:72:84:84:b8:0a:be:bf:05:49: 62:d5:6e:4f:8f:7d:9e:8e:30:9a:e7:b4:be:a7:76:cb:18:e7: 45:5f:a9:02:01:2d:9e:73:8b:e0:1c:a7:15:82:81:e5:d7:59: a6:09:f5:ed:c1:ef:36:24:5a:90:5e:14:71:64:f3:19:6c:fa: 7a:09:0f:23:42:24:ab:49:76:eb:82:4c:b0:aa:16:40:29:7c: 72:f5:f7:89:d8:d5:af:f2:dd:4d:be:0f:e8:c3:cc:2f:15:16: 26:2c:7c:dc:81:bb:7f:56:2a:5a:7a:fe:c8:f9:0e:0e:db:b0: 6c:ce:82:2b:a2:f2:df:2f:cd:23:c3:5a:5b:6f:3d:2c:a7:b9: 75:f5:f8:c1:be:ac:94:58:8c:99:c7:10:15:0e:43:f7:ab:23: 86:bc:9c:4d -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt4NVLzTlfYNM0jUGpkAHRXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk Y2UyMDUwHhcNMjYwMTAxMDYxODM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZDA1MzVhZDhkODRhY2IyYTkxYTZkZjEzNGU5MzY1NWRlYTY2OWE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDKAi+9OLofvCIYp21c8/mERULcU Hbhh2GD0/Ep53JlY/yn2xqs052hbyKc8k6Lzw/h6wE0g2M5ARvTSNMLKBGm3o3fl tsCpOt3gRBN9r3hIQ2plxLiptyYrhq+XtSHR3s7VF+7JnlrC2KfSWGKepxdZF8qM Zj78gU25/ODeVD1gTUb7B3mE1zw3FcFbLIFiYlBoW7WudCW+xymzn6sqXHmU/aKL TW/mK9VwzWKe9O4fBYZgGocfOAxVVVq/PV0quCmOnv3vM+bbwrrL9sFpgszEplxs vd2RYKY9ZI/Bwe0YM2xJu5ANA1vJkhUDEBMe2nkClJCoK9wpjxpvrd+t4wIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFJ0FNa2NhKyyqRpt8TTpNlXepmmnMB8GA1UdIwQY MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et ODcyYjM3MTBjMmExLzEvblFVMXJZMkVyTEtwR20zeE5PazJWZDZtYWFjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEBceQAwQG UotAAwQCuXVsAwQE2RpgMA0GCSqGSIb3DQEBCwUAA4IBAQCM9CYkIG1J4odgt1DE /Aaj6bQjpqwuI1S1Agsfcyb4TWq1I2XHTgD0RoNyLpfQBM83k8l65jhm4ho6ujJ1 gdlNYe9RDfMTp83fdT9n0oSuEpBZ1Tiry3xQa3DF6JkxJ95Gn7JyhIS4Cr6/BUli 1W5Pj32ejjCa57S+p3bLGOdFX6kCAS2ec4vgHKcVgoHl11mmCfXtwe82JFqQXhRx ZPMZbPp6CQ8jQiSrSXbrgkywqhZAKXxy9feJ2NWv8t1Nvg/ow8wvFRYmLHzcgbt/ Vipaev7I+Q4O27BszoIrovLfL80jw1pbbz0sp7l19fjBvqyUWIyZxxAVDkP3qyOG vJxN -----END CERTIFICATE-----Generated at Mon Jan 26 20:42:33 2026 by rpki-client