This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/NM07OftKQkCH2joVcvMTn-HHTmY.roa File: NM07OftKQkCH2joVcvMTn-HHTmY.roa (raw, json) Hash identifier: rU/LdGSeAxe5BfVN3XEqDaj1sPRpRHFtD8l5ShzGTNQ= Subject key identifier: 34:CD:3B:39:FB:4A:42:40:87:DA:3A:15:72:F3:13:9F:E1:C7:4E:66 Certificate issuer: /CN=bb2b48f64358011c7842d3cec5cb2d47068b836d Certificate serial: 019B7E37643EEAB2F5D2FE0CB664498CF045 Authority key identifier: BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/NM07OftKQkCH2joVcvMTn-HHTmY.roa Signing time: Fri 02 Jan 2026 10:18:37 +0000 ROA not before: Fri 02 Jan 2026 10:18:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215484 IP address blocks: 188.128.128.0/22 maxlen: 24 2a02:25af:dead::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/uytI9kNYARx4QtPOxcstRwaLg20.crl rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/uytI9kNYARx4QtPOxcstRwaLg20.mft rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:64:3e:ea:b2:f5:d2:fe:0c:b6:64:49:8c:f0:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bb2b48f64358011c7842d3cec5cb2d47068b836d Validity Not Before: Jan 2 10:18:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=34cd3b39fb4a424087da3a1572f3139fe1c74e66 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:4a:d0:44:6d:ed:9e:97:a2:47:c7:2c:83:26: 45:d0:6a:e6:15:b8:d4:f2:87:d9:88:a8:7b:42:47: 29:2c:b7:82:21:4f:3e:10:ff:6a:19:86:73:47:55: 08:c2:55:09:c1:a7:69:13:c7:3e:5e:32:7f:db:b9: 19:f5:f1:0a:a4:3c:97:2c:f7:7e:2a:7e:37:65:c5: 26:30:6b:6d:ed:72:c8:20:24:ac:8f:d3:65:7a:2f: 57:39:d0:f7:a2:8a:7c:0c:bd:97:d0:cc:51:79:d7: e7:af:d2:35:95:6c:7c:fa:ad:b3:e2:c7:2d:ef:8b: 53:80:a1:b6:76:98:a8:5a:75:af:86:fb:40:fd:64: 4a:7f:e5:64:bd:a1:66:36:da:45:13:07:99:4d:e4: 75:19:bf:ec:e4:3d:9c:dd:6c:a4:ed:da:c8:d4:b2: 11:cd:d5:a3:cc:10:26:6d:8c:44:00:20:67:9e:74: b9:73:c6:20:1d:1a:f5:b9:78:87:cc:fe:4b:a8:d3: be:83:c7:74:d7:56:86:64:28:52:1c:50:34:9b:45: aa:fd:9c:db:48:a5:a8:16:78:db:a2:06:8b:1f:fe: 97:bf:0f:94:8f:42:09:f4:d7:e7:4c:ef:2e:3c:5c: 6f:4f:da:c3:78:de:3f:33:e4:fa:6c:6a:79:ee:c3: ec:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:CD:3B:39:FB:4A:42:40:87:DA:3A:15:72:F3:13:9F:E1:C7:4E:66 X509v3 Authority Key Identifier: keyid:BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/NM07OftKQkCH2joVcvMTn-HHTmY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/uytI9kNYARx4QtPOxcstRwaLg20.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 188.128.128.0/22 IPv6: 2a02:25af:dead::/48 Signature Algorithm: sha256WithRSAEncryption 0e:64:30:6a:df:19:9f:74:a7:28:e3:18:62:55:ff:1c:a6:5b: 75:36:04:5a:84:32:7a:07:92:f3:37:e7:a8:2f:70:5c:29:0c: 98:fb:6a:67:27:26:a1:b9:31:6a:98:e8:02:f4:9a:47:76:03: 05:3a:d2:66:fd:91:29:ac:d3:22:1c:24:28:48:1d:df:c7:11: 16:8c:43:18:3d:f2:69:cd:51:4e:b0:ec:2f:6f:d3:ee:b9:6d: 89:57:59:ba:a5:ce:f0:55:b4:e0:e8:66:c4:60:37:42:ab:6a: ad:cf:49:52:91:dc:96:de:ea:29:16:95:3c:14:c7:84:19:ab: 8d:f3:24:66:b2:61:cc:db:5f:3f:89:e9:cb:ea:47:79:82:29: ca:dc:73:a8:c5:b5:40:85:3a:43:9e:6c:dc:57:b4:97:c2:53: 3b:15:4a:7c:36:c6:23:d3:af:40:12:a8:89:70:4f:84:1f:65: 80:c4:7c:3d:93:81:13:57:22:1f:bd:1e:20:b3:95:7e:8d:93: 5c:a5:c0:00:fb:a6:47:71:72:57:8f:52:ed:2b:cd:bc:7a:0a: a5:97:8d:ae:1a:6a:a2:10:7e:5e:21:1c:75:1d:cc:e9:44:f6: a5:80:8b:6f:a1:1a:5f:48:8f:b6:6f:f3:95:77:18:9d:91:9c: 5f:de:37:84 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt+N2Q+6rL10v4MtmRJjPBFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJiMmI0OGY2NDM1ODAxMWM3ODQyZDNjZWM1Y2IyZDQ3MDY4 YjgzNmQwHhcNMjYwMTAyMTAxODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNGNkM2IzOWZiNGE0MjQwODdkYTNhMTU3MmYzMTM5ZmUxYzc0ZTY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00rQRG3tnpeiR8csgyZF0GrmFbjU 8ofZiKh7QkcpLLeCIU8+EP9qGYZzR1UIwlUJwadpE8c+XjJ/27kZ9fEKpDyXLPd+ Kn43ZcUmMGtt7XLIICSsj9Nlei9XOdD3oop8DL2X0MxRedfnr9I1lWx8+q2z4sct 74tTgKG2dpioWnWvhvtA/WRKf+VkvaFmNtpFEweZTeR1Gb/s5D2c3Wyk7drI1LIR zdWjzBAmbYxEACBnnnS5c8YgHRr1uXiHzP5LqNO+g8d011aGZChSHFA0m0Wq/Zzb SKWoFnjbogaLH/6Xvw+Uj0IJ9NfnTO8uPFxvT9rDeN4/M+T6bGp57sPsBQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFDTNOzn7SkJAh9o6FXLzE5/hx05mMB8GA1UdIwQY MBaAFLsrSPZDWAEceELTzsXLLUcGi4NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdXl0STlrTllBUng0UXRQT3hjc3RSd2FMZzIwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9mNjZiNmItY2RkZS00MGNiLWExODIt YzUyMjk4NjNhZWJhLzEvTk0wN09mdEtRa0NIMmpvVmN2TVRuLUhIVG1ZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYi9mNjZiNmItY2RkZS00MGNiLWExODItYzUyMjk4NjNhZWJh LzEvdXl0STlrTllBUng0UXRQT3hjc3RSd2FMZzIwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCvICAMA8E AgACMAkDBwAqAiWv3q0wDQYJKoZIhvcNAQELBQADggEBAA5kMGrfGZ90pyjjGGJV /xymW3U2BFqEMnoHkvM356gvcFwpDJj7amcnJqG5MWqY6AL0mkd2AwU60mb9kSms 0yIcJChIHd/HERaMQxg98mnNUU6w7C9v0+65bYlXWbqlzvBVtODoZsRgN0Kraq3P SVKR3Jbe6ikWlTwUx4QZq43zJGayYczbXz+J6cvqR3mCKcrcc6jFtUCFOkOebNxX tJfCUzsVSnw2xiPTr0ASqIlwT4QfZYDEfD2TgRNXIh+9HiCzlX6Nk1ylwAD7pkdx clePUu0rzbx6CqWXja4aaqIQfl4hHHUdzOlE9qWAi2+hGl9Ij7Zv85V3GJ2RnF/e N4Q= -----END CERTIFICATE-----Generated at Mon Feb 9 20:09:09 2026 by rpki-client