This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/baf9f3-0e48-4c47-bc26-1b1100731448/1/NcnGkdErOmMk_0NOiHBMY1BqThA.roa File: NcnGkdErOmMk_0NOiHBMY1BqThA.roa (raw, json) Hash identifier: PgvTT7EFBgrWeXVoNUr6zZBzW+dMw+OFLBnU00RhurU= Subject key identifier: 35:C9:C6:91:D1:2B:3A:63:24:FF:43:4E:88:70:4C:63:50:6A:4E:10 Certificate issuer: /CN=73cfe11e8a7093bdc95bc01e20db4376e22aa516 Certificate serial: 019BF9BD974E1A56C820BD5B36D0A1767DC3 Authority key identifier: 73:CF:E1:1E:8A:70:93:BD:C9:5B:C0:1E:20:DB:43:76:E2:2A:A5:16 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c8_hHopwk73JW8AeINtDduIqpRY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/baf9f3-0e48-4c47-bc26-1b1100731448/1/NcnGkdErOmMk_0NOiHBMY1BqThA.roa Signing time: Mon 26 Jan 2026 09:58:30 +0000 ROA not before: Mon 26 Jan 2026 09:58:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8075 IP address blocks: 185.238.165.0/24 maxlen: 24 213.109.150.0/24 maxlen: 24 2001:3bc0:b1d::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/baf9f3-0e48-4c47-bc26-1b1100731448/1/c8_hHopwk73JW8AeINtDduIqpRY.crl rsync://rpki.ripe.net/repository/DEFAULT/d8/baf9f3-0e48-4c47-bc26-1b1100731448/1/c8_hHopwk73JW8AeINtDduIqpRY.mft rsync://rpki.ripe.net/repository/DEFAULT/c8_hHopwk73JW8AeINtDduIqpRY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f9:bd:97:4e:1a:56:c8:20:bd:5b:36:d0:a1:76:7d:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=73cfe11e8a7093bdc95bc01e20db4376e22aa516 Validity Not Before: Jan 26 09:58:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=35c9c691d12b3a6324ff434e88704c63506a4e10 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:a1:7a:1e:18:18:44:07:c5:d7:0d:5f:5c:2a: bf:f7:e0:45:75:60:df:40:0c:db:69:fa:d9:90:73: ec:af:98:81:b0:d4:df:f1:42:75:ff:cd:1f:bc:73: 91:e0:db:06:9f:3e:40:bc:23:49:58:54:5a:77:ab: 9e:4d:83:86:4b:56:74:69:b7:92:51:fb:33:02:e7: 9b:0f:37:59:52:6b:a2:3c:78:0b:dc:22:07:a9:40: b8:0c:c9:8d:9f:84:87:e2:98:f5:5e:35:c8:c5:31: ad:40:0f:50:22:6c:83:7e:aa:ac:24:61:6d:c1:f7: b3:3d:d0:07:54:57:c8:d6:fa:45:9d:d9:bd:90:dd: 31:01:cf:38:ae:35:da:c8:cd:63:32:be:9f:1c:d8: 14:a3:e8:5f:bd:dc:05:e3:40:eb:38:16:e8:87:02: c8:f4:6f:a6:22:e5:d2:96:fe:ef:b9:0f:da:6a:be: 0c:0a:18:9d:a9:9e:bc:fe:01:f9:35:04:35:af:dc: 45:86:b6:71:6c:e3:22:ad:f8:a5:1d:55:7c:ca:c6: 1f:be:2d:09:b2:f3:73:e0:29:16:8b:5a:08:14:f1: 6b:43:e7:d3:59:3a:f3:83:a9:fa:fb:63:30:9d:8a: 02:a5:3d:cf:25:a2:13:41:ca:12:71:3e:c2:1d:be: c3:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:C9:C6:91:D1:2B:3A:63:24:FF:43:4E:88:70:4C:63:50:6A:4E:10 X509v3 Authority Key Identifier: keyid:73:CF:E1:1E:8A:70:93:BD:C9:5B:C0:1E:20:DB:43:76:E2:2A:A5:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8_hHopwk73JW8AeINtDduIqpRY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/baf9f3-0e48-4c47-bc26-1b1100731448/1/NcnGkdErOmMk_0NOiHBMY1BqThA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/baf9f3-0e48-4c47-bc26-1b1100731448/1/c8_hHopwk73JW8AeINtDduIqpRY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.238.165.0/24 213.109.150.0/24 IPv6: 2001:3bc0:b1d::/48 Signature Algorithm: sha256WithRSAEncryption 08:ab:64:ed:88:cd:14:38:4a:27:c8:f7:8f:41:bf:d7:d2:37: c0:10:8f:f4:e6:35:89:c1:72:56:b3:73:c2:0e:48:7e:71:05: 44:66:84:7b:08:30:ad:4e:58:b6:f6:0c:fb:40:75:0d:1d:90: 7a:36:76:2f:5f:bb:80:e5:a4:24:39:0e:98:b6:75:3b:28:f1: 63:89:31:71:5f:b5:e3:72:b1:9d:36:76:1b:e1:6e:1f:11:5a: df:45:7d:28:80:b9:20:d5:fd:8c:d6:43:ee:7c:62:84:0d:88: 34:db:38:06:70:3f:14:13:d7:f7:d7:1e:d2:a3:9f:4e:6c:1e: e0:f9:50:3d:ad:26:25:3f:84:58:6e:ac:03:34:72:db:4a:9b: d3:df:41:58:8a:a7:d0:ee:3d:9e:98:c9:59:36:19:9d:af:4d: ff:7b:55:55:96:d4:dd:51:bf:0a:60:07:3f:a0:e2:d3:2c:71: 15:53:99:48:de:d3:9e:7c:88:ea:11:b9:fb:5a:88:c3:95:17: d8:86:8e:fc:45:25:63:6d:d5:2c:b0:29:7f:9c:39:77:1d:ae: cb:92:d6:90:f3:c8:b6:65:1a:a4:87:37:54:a2:67:e4:85:d6: 59:cb:f0:80:81:5f:ee:e4:ea:97:a3:60:00:1a:fa:f3:5b:0e: 57:13:f1:f3 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZv5vZdOGlbIIL1bNtChdn3DMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDczY2ZlMTFlOGE3MDkzYmRjOTViYzAxZTIwZGI0Mzc2ZTIy YWE1MTYwHhcNMjYwMTI2MDk1ODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNWM5YzY5MWQxMmIzYTYzMjRmZjQzNGU4ODcwNGM2MzUwNmE0ZTEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKF6HhgYRAfF1w1fXCq/9+BFdWDf QAzbafrZkHPsr5iBsNTf8UJ1/80fvHOR4NsGnz5AvCNJWFRad6ueTYOGS1Z0abeS UfszAuebDzdZUmuiPHgL3CIHqUC4DMmNn4SH4pj1XjXIxTGtQA9QImyDfqqsJGFt wfezPdAHVFfI1vpFndm9kN0xAc84rjXayM1jMr6fHNgUo+hfvdwF40DrOBbohwLI 9G+mIuXSlv7vuQ/aar4MChidqZ68/gH5NQQ1r9xFhrZxbOMirfilHVV8ysYfvi0J svNz4CkWi1oIFPFrQ+fTWTrzg6n6+2MwnYoCpT3PJaITQcoScT7CHb7DYQIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFDXJxpHRKzpjJP9DTohwTGNQak4QMB8GA1UdIwQY MBaAFHPP4R6KcJO9yVvAHiDbQ3biKqUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYzhfaEhvcHdrNzNKVzhBZUlOdERkdUlxcFJZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9iYWY5ZjMtMGU0OC00YzQ3LWJjMjYt MWIxMTAwNzMxNDQ4LzEvTmNuR2tkRXJPbU1rXzBOT2lIQk1ZMUJxVGhBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOC9iYWY5ZjMtMGU0OC00YzQ3LWJjMjYtMWIxMTAwNzMxNDQ4 LzEvYzhfaEhvcHdrNzNKVzhBZUlOdERkdUlxcFJZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAue6lAwQA 1W2WMA8EAgACMAkDBwAgATvACx0wDQYJKoZIhvcNAQELBQADggEBAAirZO2IzRQ4 SifI949Bv9fSN8AQj/TmNYnBclazc8IOSH5xBURmhHsIMK1OWLb2DPtAdQ0dkHo2 di9fu4DlpCQ5Dpi2dTso8WOJMXFfteNysZ02dhvhbh8RWt9FfSiAuSDV/YzWQ+58 YoQNiDTbOAZwPxQT1/fXHtKjn05sHuD5UD2tJiU/hFhurAM0cttKm9PfQViKp9Du PZ6YyVk2GZ2vTf97VVWW1N1RvwpgBz+g4tMscRVTmUje0558iOoRuftaiMOVF9iG jvxFJWNt1SywKX+cOXcdrsuS1pDzyLZlGqSHN1SiZ+SF1lnL8ICBX+7k6pejYAAa +vNbDlcT8fM= -----END CERTIFICATE-----Generated at Mon Feb 9 18:23:33 2026 by rpki-client