This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/60ccfa-0930-46b4-8317-f8ca9cb63317/1/NDhq8_kQqGPgm41GchZ3TtgeGeg.roa File: NDhq8_kQqGPgm41GchZ3TtgeGeg.roa (raw, json) Hash identifier: +9TejtgpguDTAT190VXenQHqi2LFLLtouTU0DZkmU8U= Subject key identifier: 34:38:6A:F3:F9:10:A8:63:E0:9B:8D:46:72:16:77:4E:D8:1E:19:E8 Certificate issuer: /CN=b4430ba11506741d676ea202e291ec7ec6191b17 Certificate serial: 019B7EA6F6E006D1DB0DF2D478C9F64B37A9 Authority key identifier: B4:43:0B:A1:15:06:74:1D:67:6E:A2:02:E2:91:EC:7E:C6:19:1B:17 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tEMLoRUGdB1nbqIC4pHsfsYZGxc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/60ccfa-0930-46b4-8317-f8ca9cb63317/1/NDhq8_kQqGPgm41GchZ3TtgeGeg.roa Signing time: Fri 02 Jan 2026 12:20:29 +0000 ROA not before: Fri 02 Jan 2026 12:20:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51225 IP address blocks: 91.218.4.0/22 maxlen: 24 2001:7f8:94::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/60ccfa-0930-46b4-8317-f8ca9cb63317/1/tEMLoRUGdB1nbqIC4pHsfsYZGxc.crl rsync://rpki.ripe.net/repository/DEFAULT/df/60ccfa-0930-46b4-8317-f8ca9cb63317/1/tEMLoRUGdB1nbqIC4pHsfsYZGxc.mft rsync://rpki.ripe.net/repository/DEFAULT/tEMLoRUGdB1nbqIC4pHsfsYZGxc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:f6:e0:06:d1:db:0d:f2:d4:78:c9:f6:4b:37:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4430ba11506741d676ea202e291ec7ec6191b17 Validity Not Before: Jan 2 12:20:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=34386af3f910a863e09b8d467216774ed81e19e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:53:dd:b0:59:57:87:01:13:1c:ad:26:2e:97: 5b:1f:30:48:0d:74:6f:b8:c4:48:cb:de:4a:f9:fe: 58:03:35:8b:b4:2d:64:dc:a2:88:d1:ff:2d:02:a7: 6b:f5:a3:43:1e:93:dc:a1:fd:bf:7f:c4:7a:86:5c: 87:70:59:cc:49:6c:84:af:1d:b8:e4:7d:98:4d:40: d7:67:83:3f:bf:bc:b7:aa:fa:71:ee:39:e3:34:b1: f3:80:14:db:61:e0:3a:48:74:1a:9c:ce:4b:e0:85: ab:05:f7:2c:e5:51:b6:d8:8c:4b:d4:fe:c2:65:38: 51:a7:40:23:25:eb:86:00:dd:ab:4f:86:a1:ed:d3: 86:ae:89:df:83:10:c3:27:4b:a4:a1:21:ab:a9:f5: 0a:aa:4f:05:a7:2b:ae:fd:a1:57:81:42:32:19:4e: b0:73:da:37:fe:ac:e7:b5:86:6e:1e:c8:1c:e3:42: af:62:87:1e:1a:00:30:c5:6d:b2:ee:39:9d:db:2a: db:e1:4a:35:ba:71:31:48:44:29:d3:3c:50:31:a1: 2f:fc:ad:a9:7f:e4:9b:63:e8:d7:0d:ce:09:38:8f: 2f:c1:d3:66:d2:41:aa:2f:42:a4:b2:39:8d:b1:e4: 9a:8c:6f:72:27:7f:7c:4c:85:dd:49:84:88:61:db: ed:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:38:6A:F3:F9:10:A8:63:E0:9B:8D:46:72:16:77:4E:D8:1E:19:E8 X509v3 Authority Key Identifier: keyid:B4:43:0B:A1:15:06:74:1D:67:6E:A2:02:E2:91:EC:7E:C6:19:1B:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tEMLoRUGdB1nbqIC4pHsfsYZGxc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/60ccfa-0930-46b4-8317-f8ca9cb63317/1/NDhq8_kQqGPgm41GchZ3TtgeGeg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/60ccfa-0930-46b4-8317-f8ca9cb63317/1/tEMLoRUGdB1nbqIC4pHsfsYZGxc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.218.4.0/22 IPv6: 2001:7f8:94::/48 Signature Algorithm: sha256WithRSAEncryption c0:ea:6e:fb:65:a6:33:11:0d:00:09:3f:2d:f8:d5:89:03:aa: 93:47:74:a2:6d:58:92:7f:06:8f:2b:d8:88:e2:b0:14:d8:b3: 33:23:32:df:09:81:ee:25:17:90:f2:7a:d1:57:5e:cd:93:21: c2:1b:28:f0:f7:cd:46:f9:da:fd:31:03:74:84:60:7a:b3:a6: 01:11:3d:65:72:77:37:da:80:e8:cd:66:31:8a:cd:61:26:79: 5a:d4:cb:be:2c:1d:d1:03:5a:b4:16:4e:17:0b:01:4a:9d:68: 91:99:ef:09:ad:2a:9c:94:d3:88:b7:3a:01:b7:17:54:53:34: a2:d2:97:9b:b8:b3:9b:6a:24:c2:27:ab:38:b0:00:c7:52:5e: 93:ff:bb:06:8b:03:a3:f6:96:f3:2b:5f:8e:f7:f4:f2:b2:d2: 2f:bf:05:12:df:9d:f5:fd:31:c1:67:9a:b5:8c:9f:72:6f:4a: b0:31:71:10:ae:b9:bf:cf:36:8e:f2:b4:b3:13:70:69:1c:7c: 46:0c:4b:c9:d0:1b:c8:84:4b:00:c9:d2:11:96:fb:a0:f8:de: 7a:67:01:c4:bf:93:af:ee:e4:60:2e:36:c5:be:8d:06:da:f0: 8d:0d:ae:5d:2d:f4:63:b1:4f:1e:63:06:00:3e:27:fb:d1:9a: 1a:fc:7b:c6 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt+pvbgBtHbDfLUeMn2SzepMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0NDMwYmExMTUwNjc0MWQ2NzZlYTIwMmUyOTFlYzdlYzYx OTFiMTcwHhcNMjYwMTAyMTIyMDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNDM4NmFmM2Y5MTBhODYzZTA5YjhkNDY3MjE2Nzc0ZWQ4MWUxOWU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4FPdsFlXhwETHK0mLpdbHzBIDXRv uMRIy95K+f5YAzWLtC1k3KKI0f8tAqdr9aNDHpPcof2/f8R6hlyHcFnMSWyErx24 5H2YTUDXZ4M/v7y3qvpx7jnjNLHzgBTbYeA6SHQanM5L4IWrBfcs5VG22IxL1P7C ZThRp0AjJeuGAN2rT4ah7dOGronfgxDDJ0ukoSGrqfUKqk8Fpyuu/aFXgUIyGU6w c9o3/qzntYZuHsgc40KvYoceGgAwxW2y7jmd2yrb4Uo1unExSEQp0zxQMaEv/K2p f+SbY+jXDc4JOI8vwdNm0kGqL0KksjmNseSajG9yJ398TIXdSYSIYdvt/wIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFDQ4avP5EKhj4JuNRnIWd07YHhnoMB8GA1UdIwQY MBaAFLRDC6EVBnQdZ26iAuKR7H7GGRsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdEVNTG9SVUdkQjFuYnFJQzRwSHNmc1laR3hjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi82MGNjZmEtMDkzMC00NmI0LTgzMTct ZjhjYTljYjYzMzE3LzEvTkRocThfa1FxR1BnbTQxR2NoWjNUdGdlR2VnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi82MGNjZmEtMDkzMC00NmI0LTgzMTctZjhjYTljYjYzMzE3 LzEvdEVNTG9SVUdkQjFuYnFJQzRwSHNmc1laR3hjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCW9oEMA8E AgACMAkDBwAgAQf4AJQwDQYJKoZIhvcNAQELBQADggEBAMDqbvtlpjMRDQAJPy34 1YkDqpNHdKJtWJJ/Bo8r2IjisBTYszMjMt8Jge4lF5DyetFXXs2TIcIbKPD3zUb5 2v0xA3SEYHqzpgERPWVydzfagOjNZjGKzWEmeVrUy74sHdEDWrQWThcLAUqdaJGZ 7wmtKpyU04i3OgG3F1RTNKLSl5u4s5tqJMInqziwAMdSXpP/uwaLA6P2lvMrX473 9PKy0i+/BRLfnfX9McFnmrWMn3JvSrAxcRCuub/PNo7ytLMTcGkcfEYMS8nQG8iE SwDJ0hGW+6D43npnAcS/k6/u5GAuNsW+jQba8I0Nrl0t9GOxTx5jBgA+J/vRmhr8 e8Y= -----END CERTIFICATE-----Generated at Tue Feb 10 04:31:15 2026 by rpki-client