This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/9de767-3a28-49ab-ae28-2348ba6fb4c3/1/NxS44xqtw9wnJjtyrxmTBDUCj5c.roa File: NxS44xqtw9wnJjtyrxmTBDUCj5c.roa (raw, json) Hash identifier: HUNSDs/gJPWUN3iy9W3sRGZH+ajPQ9ZIuVJ3VIFyz4M= Subject key identifier: 37:14:B8:E3:1A:AD:C3:DC:27:26:3B:72:AF:19:93:04:35:02:8F:97 Certificate issuer: /CN=0dc2061405956993cc63a60db0f963525d357731 Certificate serial: 019B7A5B86F8D3F755ECB5DF7B7D1591DA10 Authority key identifier: 0D:C2:06:14:05:95:69:93:CC:63:A6:0D:B0:F9:63:52:5D:35:77:31 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DcIGFAWVaZPMY6YNsPljUl01dzE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/9de767-3a28-49ab-ae28-2348ba6fb4c3/1/NxS44xqtw9wnJjtyrxmTBDUCj5c.roa Signing time: Thu 01 Jan 2026 16:19:37 +0000 ROA not before: Thu 01 Jan 2026 16:19:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 24853 IP address blocks: 185.139.80.0/22 maxlen: 22 193.111.162.0/24 maxlen: 24 2a07:1400::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/9de767-3a28-49ab-ae28-2348ba6fb4c3/1/DcIGFAWVaZPMY6YNsPljUl01dzE.crl rsync://rpki.ripe.net/repository/DEFAULT/d7/9de767-3a28-49ab-ae28-2348ba6fb4c3/1/DcIGFAWVaZPMY6YNsPljUl01dzE.mft rsync://rpki.ripe.net/repository/DEFAULT/DcIGFAWVaZPMY6YNsPljUl01dzE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:86:f8:d3:f7:55:ec:b5:df:7b:7d:15:91:da:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0dc2061405956993cc63a60db0f963525d357731 Validity Not Before: Jan 1 16:19:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3714b8e31aadc3dc27263b72af19930435028f97 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:96:39:f7:31:7b:92:00:96:ad:ae:76:07:9b: 92:04:75:31:74:28:e9:3f:91:71:6e:a4:df:8a:cf: 85:80:8c:7c:a1:0d:03:bb:d3:24:2a:93:6e:37:fd: ce:17:4a:9d:42:e5:c3:fe:c5:01:61:54:61:aa:0f: 7b:b0:99:86:09:2f:00:3a:6b:46:7d:63:6e:20:5a: 59:76:5f:a3:48:6a:d2:1d:4a:89:7c:03:c3:12:1d: 16:2c:ff:d4:b9:4d:eb:c3:57:0b:72:a4:1c:d4:6f: 2d:5f:c5:5f:eb:3e:ff:f8:72:a7:a9:b2:db:33:74: 25:79:c5:50:01:3e:32:87:2c:a3:bd:dc:d2:80:63: d0:4c:3d:66:53:64:14:4c:43:fe:49:dc:08:7f:19: 84:94:13:85:63:0c:70:78:07:5a:e4:be:c0:5f:89: 83:bc:9d:d2:30:6d:9d:17:a3:06:b2:d2:3a:91:46: 09:d2:59:2c:58:9c:21:1b:29:36:a5:11:98:b9:91: ba:63:fe:b4:05:e7:f0:71:b6:24:92:7d:41:dc:ce: d5:32:35:a6:71:64:5b:e6:b6:b7:1d:96:d8:00:47: 04:bc:09:ed:3e:51:5c:74:af:0d:24:8d:c4:13:20: 58:23:71:f9:18:05:cc:14:f7:b0:81:cd:d3:08:6c: f7:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:14:B8:E3:1A:AD:C3:DC:27:26:3B:72:AF:19:93:04:35:02:8F:97 X509v3 Authority Key Identifier: keyid:0D:C2:06:14:05:95:69:93:CC:63:A6:0D:B0:F9:63:52:5D:35:77:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DcIGFAWVaZPMY6YNsPljUl01dzE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/9de767-3a28-49ab-ae28-2348ba6fb4c3/1/NxS44xqtw9wnJjtyrxmTBDUCj5c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/9de767-3a28-49ab-ae28-2348ba6fb4c3/1/DcIGFAWVaZPMY6YNsPljUl01dzE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.139.80.0/22 193.111.162.0/24 IPv6: 2a07:1400::/29 Signature Algorithm: sha256WithRSAEncryption 6c:41:14:e2:33:f9:b8:2e:0e:fe:1c:6c:13:74:7f:27:7f:9d: b3:b0:b5:67:5a:e1:60:99:7a:e0:4d:a9:96:82:3a:0b:1e:d2: 83:0c:fa:58:f1:6b:ea:d7:c1:3a:95:b8:f9:5a:7f:9f:64:1b: b7:89:18:9a:a3:2e:df:7a:3c:a9:f3:6a:49:f9:2a:93:66:70: 99:9f:e7:16:04:d7:18:5f:ae:cd:35:16:54:cb:cb:32:61:cb: 5a:d0:5b:ea:17:81:1c:30:e3:fe:4d:1f:d3:89:a3:e9:d0:6d: d4:ac:68:7b:ea:fa:98:b4:1e:e2:b4:bb:5b:42:fa:61:d8:bb: ef:e7:07:47:a0:a8:27:d2:56:80:69:ce:db:47:76:82:64:6f: ea:d6:18:2e:3a:67:ce:3c:6f:a0:75:00:e6:cf:b8:91:82:e3: 15:48:6f:75:1f:e0:59:02:d1:ff:dd:f8:2c:2a:cd:de:a4:8c: b1:9e:53:36:67:08:13:01:3a:27:cf:04:86:d1:b6:6e:8f:74: d5:1b:74:b5:9b:11:2c:be:53:a8:17:8e:8f:65:7a:fd:8b:65: 00:c9:28:0e:d8:99:8f:d7:df:31:fc:bf:34:77:1a:8c:33:20: 9d:08:32:29:d4:f7:f7:de:73:dd:9b:96:08:75:0a:99:b3:06: b1:a3:58:75 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt6W4b40/dV7LXfe30VkdoQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkYzIwNjE0MDU5NTY5OTNjYzYzYTYwZGIwZjk2MzUyNWQz NTc3MzEwHhcNMjYwMTAxMTYxOTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNzE0YjhlMzFhYWRjM2RjMjcyNjNiNzJhZjE5OTMwNDM1MDI4Zjk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9ZY59zF7kgCWra52B5uSBHUxdCjp P5FxbqTfis+FgIx8oQ0Du9MkKpNuN/3OF0qdQuXD/sUBYVRhqg97sJmGCS8AOmtG fWNuIFpZdl+jSGrSHUqJfAPDEh0WLP/UuU3rw1cLcqQc1G8tX8Vf6z7/+HKnqbLb M3QlecVQAT4yhyyjvdzSgGPQTD1mU2QUTEP+SdwIfxmElBOFYwxweAda5L7AX4mD vJ3SMG2dF6MGstI6kUYJ0lksWJwhGyk2pRGYuZG6Y/60BefwcbYkkn1B3M7VMjWm cWRb5ra3HZbYAEcEvAntPlFcdK8NJI3EEyBYI3H5GAXMFPewgc3TCGz3mwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFDcUuOMarcPcJyY7cq8ZkwQ1Ao+XMB8GA1UdIwQY MBaAFA3CBhQFlWmTzGOmDbD5Y1JdNXcxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRGNJR0ZBV1ZhWlBNWTZZTnNQbGpVbDAxZHpFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy85ZGU3NjctM2EyOC00OWFiLWFlMjgt MjM0OGJhNmZiNGMzLzEvTnhTNDR4cXR3OXduSmp0eXJ4bVRCRFVDajVjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNy85ZGU3NjctM2EyOC00OWFiLWFlMjgtMjM0OGJhNmZiNGMz LzEvRGNJR0ZBV1ZhWlBNWTZZTnNQbGpVbDAxZHpFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuYtQAwQA wW+iMA0EAgACMAcDBQMqBxQAMA0GCSqGSIb3DQEBCwUAA4IBAQBsQRTiM/m4Lg7+ HGwTdH8nf52zsLVnWuFgmXrgTamWgjoLHtKDDPpY8Wvq18E6lbj5Wn+fZBu3iRia oy7fejyp82pJ+SqTZnCZn+cWBNcYX67NNRZUy8syYcta0FvqF4EcMOP+TR/TiaPp 0G3UrGh76vqYtB7itLtbQvph2Lvv5wdHoKgn0laAac7bR3aCZG/q1hguOmfOPG+g dQDmz7iRguMVSG91H+BZAtH/3fgsKs3epIyxnlM2ZwgTATonzwSG0bZuj3TVG3S1 mxEsvlOoF46PZXr9i2UAySgO2JmP198x/L80dxqMMyCdCDIp1Pf33nPdm5YIdQqZ swaxo1h1 -----END CERTIFICATE-----Generated at Mon Feb 9 22:28:31 2026 by rpki-client