This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/NcdnAUjF0ZmvIFIsYxSjccA1H5U.roa File: NcdnAUjF0ZmvIFIsYxSjccA1H5U.roa (raw, json) Hash identifier: yrpUGMxgOjNevSVTIVpW6O91noTiRG2R4yZAODEyOJ0= Subject key identifier: 35:C7:67:01:48:C5:D1:99:AF:20:52:2C:63:14:A3:71:C0:35:1F:95 Certificate issuer: /CN=6991c56f11a7171c6153239769f557beba10182d Certificate serial: 019B77C6F1B161D79F6A7E2B4F92BD7250C4 Authority key identifier: 69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/NcdnAUjF0ZmvIFIsYxSjccA1H5U.roa Signing time: Thu 01 Jan 2026 04:18:05 +0000 ROA not before: Thu 01 Jan 2026 04:18:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29632 IP address blocks: 95.164.40.0/22 maxlen: 22 95.164.49.0/24 maxlen: 24 95.164.50.0/24 maxlen: 24 95.164.56.0/22 maxlen: 22 95.164.72.0/22 maxlen: 22 95.164.76.0/24 maxlen: 24 95.164.80.0/22 maxlen: 22 95.164.170.0/23 maxlen: 23 95.164.172.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.mft rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 09:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:f1:b1:61:d7:9f:6a:7e:2b:4f:92:bd:72:50:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6991c56f11a7171c6153239769f557beba10182d Validity Not Before: Jan 1 04:18:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=35c7670148c5d199af20522c6314a371c0351f95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:ad:b9:66:8f:16:92:9b:5e:5e:cf:bb:6b:5c: 0c:9d:e5:fb:e2:54:8f:7f:ff:13:93:45:a1:e0:4a: e5:59:2b:69:12:c7:07:54:cb:53:e9:6d:3b:6f:c9: 12:55:be:07:ef:7c:46:b9:f2:3e:e4:6d:71:ca:f1: b3:1c:7f:23:88:12:d6:a6:c4:dd:be:e5:2a:41:ce: 50:f9:54:6c:c1:9b:d8:b0:ff:58:bc:61:4c:49:14: b1:50:dc:d4:43:5c:94:21:ed:6d:53:15:e3:a2:1b: c4:bb:60:05:ff:c4:82:66:a6:a8:23:10:62:04:b9: 60:07:c1:24:6a:f2:10:a7:ff:9f:44:db:34:a4:c2: a6:b6:eb:7a:56:5e:b4:29:66:d6:32:e0:c8:df:e1: db:5a:1b:f4:a9:09:7c:3e:47:f5:fe:e5:cd:3d:64: 14:5e:4f:88:86:cc:7f:09:43:5e:04:25:42:f8:fd: aa:9c:81:df:29:a9:a9:4f:d1:18:68:0e:b6:20:ed: 74:f8:a1:cb:34:f3:b4:a8:f9:82:f2:31:16:87:69: 42:4d:b4:e2:cf:68:f1:5a:a6:a3:53:d8:6e:1b:34: 98:f0:6a:27:27:b0:61:09:1f:e2:94:32:c7:72:67: da:41:90:5d:c5:08:ed:16:75:c3:06:d7:3f:0d:61: 7d:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:C7:67:01:48:C5:D1:99:AF:20:52:2C:63:14:A3:71:C0:35:1F:95 X509v3 Authority Key Identifier: keyid:69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/NcdnAUjF0ZmvIFIsYxSjccA1H5U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 95.164.40.0/22 95.164.49.0-95.164.50.255 95.164.56.0/22 95.164.72.0-95.164.76.255 95.164.80.0/22 95.164.170.0-95.164.175.255 Signature Algorithm: sha256WithRSAEncryption c5:36:02:dc:39:19:2e:17:0d:93:ab:b7:40:17:9e:7f:0d:4e: 58:37:c5:6b:74:0a:e1:c6:7a:ad:26:6a:e9:6b:48:14:0f:c0: df:b8:a3:04:43:80:e2:e2:c0:62:7d:9e:41:57:14:75:1c:94: 2d:59:46:f4:e2:4d:e7:0b:c0:40:3f:7f:39:b3:c5:a8:83:b2: c4:44:0f:51:97:56:c6:8a:d2:86:5c:30:db:40:70:4a:74:2e: 21:a5:8d:6e:40:bb:f5:1a:f1:fa:94:1b:88:51:9c:28:e1:12: 5a:c9:d5:21:5c:a0:fc:82:2b:03:90:1f:88:3c:40:fc:10:56: a6:fc:66:bb:ea:bd:04:7a:60:30:64:1e:99:e6:ec:54:66:7d: 5a:61:87:4e:50:e3:00:78:c9:be:2f:63:c2:56:2d:7c:dc:b7: b0:ba:11:d5:b6:e9:6e:9d:ff:ed:74:b1:29:79:39:ec:cc:c9: 97:47:9a:e9:a9:7a:1f:f6:4a:f3:b0:d7:e6:9d:af:b8:a8:7f: 51:e6:c4:9b:03:ab:55:29:4c:0f:57:44:02:a7:ba:18:79:a2: 82:ab:b3:b2:f6:13:1c:0d:82:86:ee:7c:87:ca:ff:7c:29:2f: e7:fe:88:26:7a:c5:77:0a:5f:28:25:fd:4f:be:94:9f:9a:4f: d8:a3:52:19 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgISAZt3xvGxYdefan4rT5K9clDEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY5OTFjNTZmMTFhNzE3MWM2MTUzMjM5NzY5ZjU1N2JlYmEx MDE4MmQwHhcNMjYwMTAxMDQxODA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNWM3NjcwMTQ4YzVkMTk5YWYyMDUyMmM2MzE0YTM3MWMwMzUxZjk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzK25Zo8WkpteXs+7a1wMneX74lSP f/8Tk0Wh4ErlWStpEscHVMtT6W07b8kSVb4H73xGufI+5G1xyvGzHH8jiBLWpsTd vuUqQc5Q+VRswZvYsP9YvGFMSRSxUNzUQ1yUIe1tUxXjohvEu2AF/8SCZqaoIxBi BLlgB8EkavIQp/+fRNs0pMKmtut6Vl60KWbWMuDI3+HbWhv0qQl8Pkf1/uXNPWQU Xk+Ihsx/CUNeBCVC+P2qnIHfKampT9EYaA62IO10+KHLNPO0qPmC8jEWh2lCTbTi z2jxWqajU9huGzSY8GonJ7BhCR/ilDLHcmfaQZBdxQjtFnXDBtc/DWF9mQIDAQAB o4ICPzCCAjswHQYDVR0OBBYEFDXHZwFIxdGZryBSLGMUo3HANR+VMB8GA1UdIwQY MBaAFGmRxW8RpxccYVMjl2n1V766EBgtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYt NjVkMTU2NzM0MGZkLzEvTmNkbkFVakYwWm12SUZJc1l4U2pjY0ExSDVVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYtNjVkMTU2NzM0MGZk LzEvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCX6QoMAwD BABfpDEDBABfpDIDBAJfpDgwDAMEA1+kSAMEAF+kTAMEAl+kUDAMAwQBX6SqAwQE X6SgMA0GCSqGSIb3DQEBCwUAA4IBAQDFNgLcORkuFw2Tq7dAF55/DU5YN8VrdArh xnqtJmrpa0gUD8DfuKMEQ4Di4sBifZ5BVxR1HJQtWUb04k3nC8BAP385s8Wog7LE RA9Rl1bGitKGXDDbQHBKdC4hpY1uQLv1GvH6lBuIUZwo4RJaydUhXKD8gisDkB+I PED8EFam/Ga76r0EemAwZB6Z5uxUZn1aYYdOUOMAeMm+L2PCVi183LewuhHVtulu nf/tdLEpeTnszMmXR5rpqXof9krzsNfmna+4qH9R5sSbA6tVKUwPV0QCp7oYeaKC q7Oy9hMcDYKG7nyHyv98KS/n/ogmesV3Cl8oJf1PvpSfmk/Yo1IZ -----END CERTIFICATE-----Generated at Wed Jan 21 12:45:34 2026 by rpki-client