This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/nMKIJnqj3oR3yZ-S33_tCuj09H8.roa File: nMKIJnqj3oR3yZ-S33_tCuj09H8.roa (raw, json) Hash identifier: Rm4zRm/OXMsW0P+MyrvP+GDQwYIX3dgTuHJhNyB3VN8= Subject key identifier: 9C:C2:88:26:7A:A3:DE:84:77:C9:9F:92:DF:7F:ED:0A:E8:F4:F4:7F Certificate issuer: /CN=571cb51cba68eb7ef9867a75d17ab28018196aa1 Certificate serial: 019B7F15DC84D2DAB1932AD10DD9C2978B84 Authority key identifier: 57:1C:B5:1C:BA:68:EB:7E:F9:86:7A:75:D1:7A:B2:80:18:19:6A:A1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vxy1HLpo6375hnp10XqygBgZaqE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/nMKIJnqj3oR3yZ-S33_tCuj09H8.roa Signing time: Fri 02 Jan 2026 14:21:37 +0000 ROA not before: Fri 02 Jan 2026 14:21:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 33659 IP address blocks: 91.200.136.0/22 maxlen: 22 185.188.192.0/22 maxlen: 22 195.211.116.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/Vxy1HLpo6375hnp10XqygBgZaqE.crl rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/Vxy1HLpo6375hnp10XqygBgZaqE.mft rsync://rpki.ripe.net/repository/DEFAULT/Vxy1HLpo6375hnp10XqygBgZaqE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 14:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:dc:84:d2:da:b1:93:2a:d1:0d:d9:c2:97:8b:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=571cb51cba68eb7ef9867a75d17ab28018196aa1 Validity Not Before: Jan 2 14:21:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9cc288267aa3de8477c99f92df7fed0ae8f4f47f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:4d:19:2c:bc:c9:9a:d5:fc:fe:50:92:37:f4: d9:7e:36:da:a3:65:36:77:e3:9a:db:76:a7:f4:83: 78:68:76:4d:d9:f6:25:9e:8a:64:40:80:ba:6f:58: b7:6b:6f:92:4f:38:24:ce:3f:f8:b2:a2:78:e4:55: 3c:ec:c9:bf:04:64:88:1d:62:d3:28:78:73:ed:da: e1:c9:1b:77:d5:0e:c1:74:95:7f:ad:1c:6b:59:f3: bd:3c:37:38:74:7f:f8:d0:1e:31:a2:7e:07:23:db: c8:6e:92:12:77:93:54:bf:1e:89:01:7b:f1:b7:fd: 04:fb:c5:61:bc:c1:db:21:58:8a:fd:5d:ed:31:28: 04:be:02:fb:00:3d:f3:5d:82:f4:0f:5d:6f:00:cd: d7:f1:7c:68:50:e5:f7:c3:26:99:f9:06:7d:58:d1: f4:fa:b2:ea:1e:62:4d:a0:f0:e2:91:01:fb:43:17: a7:fb:29:02:5b:ff:15:0f:aa:1e:2d:fb:82:b6:c2: 2a:0c:c3:e5:a6:ce:2c:9b:d8:e1:0e:80:e0:52:84: 63:f1:c0:fe:91:fa:d5:02:be:58:bd:00:11:5f:11: 2f:c6:cb:81:02:e4:85:c3:1d:f5:01:d8:d2:07:70: f1:07:54:94:34:fb:13:1c:a5:8a:90:fd:c6:70:ba: 48:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:C2:88:26:7A:A3:DE:84:77:C9:9F:92:DF:7F:ED:0A:E8:F4:F4:7F X509v3 Authority Key Identifier: keyid:57:1C:B5:1C:BA:68:EB:7E:F9:86:7A:75:D1:7A:B2:80:18:19:6A:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vxy1HLpo6375hnp10XqygBgZaqE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/nMKIJnqj3oR3yZ-S33_tCuj09H8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/Vxy1HLpo6375hnp10XqygBgZaqE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.200.136.0/22 185.188.192.0/22 195.211.116.0/22 Signature Algorithm: sha256WithRSAEncryption 8a:9d:8b:03:e5:77:23:dd:bb:19:bc:c0:bd:04:b7:8b:b9:15: 0a:2a:a4:58:c3:95:ec:b9:37:1d:12:de:8a:29:4b:0d:7b:4c: 98:6c:c0:4b:5c:00:24:73:45:f7:34:90:a9:d1:78:eb:db:ae: 5c:d8:f5:e8:fa:4b:9c:c4:e4:7d:26:d1:a5:85:e6:28:cc:ba: 19:2c:66:a4:d1:49:14:42:61:dd:77:6b:38:8b:ad:43:d0:24: c1:75:60:60:27:3b:3c:f1:80:ae:ca:79:4a:9c:c4:7e:af:f8: ed:7d:13:d0:d8:c9:40:4a:8b:8b:a5:2c:19:3b:63:f8:d0:dd: a8:05:c8:32:1b:21:4c:a6:18:0f:af:07:02:dd:88:43:4c:e0: 57:6c:b5:45:3c:01:a8:97:8a:4a:4b:81:fd:75:d8:03:d3:1a: 56:29:10:f9:a0:29:ab:43:05:31:83:95:a6:94:b4:d3:55:60: 04:cb:cb:a6:c0:91:c6:34:92:76:7c:78:9d:84:a2:fb:48:c0: 8f:85:0c:4b:f3:2e:fd:21:de:f6:0d:0a:69:cb:f8:fe:a8:a1: 58:46:e5:80:51:c8:8f:a8:41:4e:3d:c8:b1:17:b1:55:9d:10: 34:32:ef:65:e5:a1:3b:d0:bc:66:07:7e:aa:eb:d1:31:cc:87: 21:b2:ed:e8 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt/FdyE0tqxkyrRDdnCl4uEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU3MWNiNTFjYmE2OGViN2VmOTg2N2E3NWQxN2FiMjgwMTgx OTZhYTEwHhcNMjYwMTAyMTQyMTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5Y2MyODgyNjdhYTNkZTg0NzdjOTlmOTJkZjdmZWQwYWU4ZjRmNDdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6k0ZLLzJmtX8/lCSN/TZfjbao2U2 d+Oa23an9IN4aHZN2fYlnopkQIC6b1i3a2+STzgkzj/4sqJ45FU87Mm/BGSIHWLT KHhz7drhyRt31Q7BdJV/rRxrWfO9PDc4dH/40B4xon4HI9vIbpISd5NUvx6JAXvx t/0E+8VhvMHbIViK/V3tMSgEvgL7AD3zXYL0D11vAM3X8XxoUOX3wyaZ+QZ9WNH0 +rLqHmJNoPDikQH7Qxen+ykCW/8VD6oeLfuCtsIqDMPlps4sm9jhDoDgUoRj8cD+ kfrVAr5YvQARXxEvxsuBAuSFwx31AdjSB3DxB1SUNPsTHKWKkP3GcLpIVQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFJzCiCZ6o96Ed8mfkt9/7Qro9PR/MB8GA1UdIwQY MBaAFFcctRy6aOt++YZ6ddF6soAYGWqhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVnh5MUhMcG82Mzc1aG5wMTBYcXlnQmdaYXFFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9iOGQyYTgtNTNhOS00MmMwLWI3Yzkt ZGQ4NjI3NzRhMDkyLzEvbk1LSUpucWozb1IzeVotUzMzX3RDdWowOUg4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi9iOGQyYTgtNTNhOS00MmMwLWI3YzktZGQ4NjI3NzRhMDky LzEvVnh5MUhMcG82Mzc1aG5wMTBYcXlnQmdaYXFFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW8iIAwQC ubzAAwQCw9N0MA0GCSqGSIb3DQEBCwUAA4IBAQCKnYsD5Xcj3bsZvMC9BLeLuRUK KqRYw5XsuTcdEt6KKUsNe0yYbMBLXAAkc0X3NJCp0Xjr265c2PXo+kucxOR9JtGl heYozLoZLGak0UkUQmHdd2s4i61D0CTBdWBgJzs88YCuynlKnMR+r/jtfRPQ2MlA SouLpSwZO2P40N2oBcgyGyFMphgPrwcC3YhDTOBXbLVFPAGol4pKS4H9ddgD0xpW KRD5oCmrQwUxg5WmlLTTVWAEy8umwJHGNJJ2fHidhKL7SMCPhQxL8y79Id72DQpp y/j+qKFYRuWAUciPqEFOPcixF7FVnRA0Mu9l5aE70LxmB36q69ExzIchsu3o -----END CERTIFICATE-----Generated at Tue Jan 20 21:17:18 2026 by rpki-client