This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/d0fad1-b8b1-4960-b67f-02edf08f7cf8/1/nks_nylvyyAWgimwBxXdFa9G4BY.roa File: nks_nylvyyAWgimwBxXdFa9G4BY.roa (raw, json) Hash identifier: EfY1nN8r7wAgqL2Y5iO6rc+wziVBHna5GQmLFyhBJBU= Subject key identifier: 9E:4B:3F:9F:29:6F:CB:20:16:82:29:B0:07:15:DD:15:AF:46:E0:16 Certificate issuer: /CN=9a1a08692f228da0c41b317c6fa7cc5c3bec51e1 Certificate serial: 019B7DCB64C2B48AEDD0D5F9874D96590322 Authority key identifier: 9A:1A:08:69:2F:22:8D:A0:C4:1B:31:7C:6F:A7:CC:5C:3B:EC:51:E1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mhoIaS8ijaDEGzF8b6fMXDvsUeE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/d0fad1-b8b1-4960-b67f-02edf08f7cf8/1/nks_nylvyyAWgimwBxXdFa9G4BY.roa Signing time: Fri 02 Jan 2026 08:20:40 +0000 ROA not before: Fri 02 Jan 2026 08:20:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204903 IP address blocks: 185.236.104.0/22 maxlen: 22 185.236.104.0/24 maxlen: 24 185.236.105.0/24 maxlen: 24 185.236.106.0/24 maxlen: 24 185.236.107.0/24 maxlen: 24 2a12:7bc0::/32 maxlen: 32 2a12:7bc0:102::/48 maxlen: 48 2a12:7bc0:103::/48 maxlen: 48 2a12:7bc0:104::/48 maxlen: 48 2a12:7bc0:105::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/d0fad1-b8b1-4960-b67f-02edf08f7cf8/1/mhoIaS8ijaDEGzF8b6fMXDvsUeE.crl rsync://rpki.ripe.net/repository/DEFAULT/fd/d0fad1-b8b1-4960-b67f-02edf08f7cf8/1/mhoIaS8ijaDEGzF8b6fMXDvsUeE.mft rsync://rpki.ripe.net/repository/DEFAULT/mhoIaS8ijaDEGzF8b6fMXDvsUeE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 29 Jan 2026 09:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:64:c2:b4:8a:ed:d0:d5:f9:87:4d:96:59:03:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9a1a08692f228da0c41b317c6fa7cc5c3bec51e1 Validity Not Before: Jan 2 08:20:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9e4b3f9f296fcb20168229b00715dd15af46e016 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:95:7d:4e:c1:48:e9:2d:a5:84:a4:c9:0a:b3: a4:8a:31:8c:73:5b:ef:96:f5:e5:58:4e:cf:f3:78: 09:48:2a:34:84:f6:21:b1:5f:e3:33:e9:5a:67:8d: 7e:70:fe:1b:d9:11:42:45:29:43:d9:bf:8d:ee:2c: 84:37:f7:85:8a:de:39:46:1c:b2:79:c7:5f:e6:ed: 30:66:56:fd:49:99:fc:a0:26:b8:c0:12:8b:07:3d: 98:bd:1e:12:ea:25:83:47:b5:b8:79:c2:7f:2a:55: 75:3f:d6:c8:6f:d3:23:48:f9:9e:b1:df:a4:a7:ee: a5:e5:2d:51:be:17:e9:25:3c:a8:12:6a:c2:58:1c: cc:a9:a7:57:33:99:84:78:ca:f6:34:47:09:51:3b: db:d1:d4:31:bc:ec:16:f5:32:5b:45:19:9b:13:c6: 5e:be:5a:84:ae:fa:6c:34:3d:f2:fa:0b:c4:99:0c: a4:eb:7f:b2:4e:46:91:21:6c:00:5f:ac:be:c2:4c: 4b:98:83:e0:22:1d:d9:5f:75:ff:bd:ce:db:71:75: f7:94:56:38:cf:ab:1b:c0:2c:d6:e4:b5:66:02:f4: 61:e7:e2:36:e9:f1:3e:9e:38:d1:65:04:49:1d:68: d7:f1:0b:26:f4:18:59:69:75:e0:f7:99:53:15:a0: 3a:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:4B:3F:9F:29:6F:CB:20:16:82:29:B0:07:15:DD:15:AF:46:E0:16 X509v3 Authority Key Identifier: keyid:9A:1A:08:69:2F:22:8D:A0:C4:1B:31:7C:6F:A7:CC:5C:3B:EC:51:E1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mhoIaS8ijaDEGzF8b6fMXDvsUeE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d0fad1-b8b1-4960-b67f-02edf08f7cf8/1/nks_nylvyyAWgimwBxXdFa9G4BY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d0fad1-b8b1-4960-b67f-02edf08f7cf8/1/mhoIaS8ijaDEGzF8b6fMXDvsUeE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.236.104.0/22 IPv6: 2a12:7bc0::/32 Signature Algorithm: sha256WithRSAEncryption 89:12:eb:eb:94:c9:86:d7:3c:d9:84:e9:10:41:63:0d:cc:da: a8:68:04:74:d5:18:68:d3:76:5c:98:93:d7:ca:a6:69:b3:6c: 17:94:c5:59:3a:08:5a:41:8d:e6:fd:f7:d4:aa:0f:de:79:3d: db:5e:db:b7:c1:0b:f6:f7:cb:e9:c9:e1:02:60:0a:36:83:81: d2:ad:35:74:39:2f:99:ed:02:ab:be:89:e0:0e:11:a5:4f:54: 06:3c:5d:dc:4a:ac:c6:9b:5f:8e:9b:13:40:de:dc:60:6a:2a: 1e:63:28:d1:7f:c6:ef:e2:40:35:23:4c:a2:0b:6a:c8:6c:13: d2:dc:c1:5b:36:82:57:0e:1b:68:67:25:b1:64:13:19:d5:f4: 60:dc:0d:d3:a0:21:8f:0e:f3:7d:9d:00:27:01:b2:f9:b6:c5: 64:a5:bf:ed:66:c8:43:8b:68:1a:aa:ab:eb:e2:a7:df:a4:20: dc:11:e8:ca:11:9a:6f:4a:18:41:42:be:e3:78:4c:80:be:15: e8:b7:66:12:12:9d:a4:02:44:37:db:0b:3e:b1:c6:d7:cc:e7: fe:c2:ba:09:5a:4b:4d:93:5d:f1:aa:6c:19:a9:e8:f7:2b:68: 28:a8:3f:80:dc:45:33:77:b9:a7:d6:b6:5e:c5:54:d4:3c:01: 49:30:b1:2c -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt9y2TCtIrt0NX5h02WWQMiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlhMWEwODY5MmYyMjhkYTBjNDFiMzE3YzZmYTdjYzVjM2Jl YzUxZTEwHhcNMjYwMTAyMDgyMDQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZTRiM2Y5ZjI5NmZjYjIwMTY4MjI5YjAwNzE1ZGQxNWFmNDZlMDE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJV9TsFI6S2lhKTJCrOkijGMc1vv lvXlWE7P83gJSCo0hPYhsV/jM+laZ41+cP4b2RFCRSlD2b+N7iyEN/eFit45Rhyy ecdf5u0wZlb9SZn8oCa4wBKLBz2YvR4S6iWDR7W4ecJ/KlV1P9bIb9MjSPmesd+k p+6l5S1RvhfpJTyoEmrCWBzMqadXM5mEeMr2NEcJUTvb0dQxvOwW9TJbRRmbE8Ze vlqErvpsND3y+gvEmQyk63+yTkaRIWwAX6y+wkxLmIPgIh3ZX3X/vc7bcXX3lFY4 z6sbwCzW5LVmAvRh5+I26fE+njjRZQRJHWjX8Qsm9BhZaXXg95lTFaA6LwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFJ5LP58pb8sgFoIpsAcV3RWvRuAWMB8GA1UdIwQY MBaAFJoaCGkvIo2gxBsxfG+nzFw77FHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbWhvSWFTOGlqYURFR3pGOGI2Zk1YRHZzVWVFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9kMGZhZDEtYjhiMS00OTYwLWI2N2Yt MDJlZGYwOGY3Y2Y4LzEvbmtzX255bHZ5eUFXZ2ltd0J4WGRGYTlHNEJZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZC9kMGZhZDEtYjhiMS00OTYwLWI2N2YtMDJlZGYwOGY3Y2Y4 LzEvbWhvSWFTOGlqYURFR3pGOGI2Zk1YRHZzVWVFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuexoMA0E AgACMAcDBQAqEnvAMA0GCSqGSIb3DQEBCwUAA4IBAQCJEuvrlMmG1zzZhOkQQWMN zNqoaAR01Rho03ZcmJPXyqZps2wXlMVZOghaQY3m/ffUqg/eeT3bXtu3wQv298vp yeECYAo2g4HSrTV0OS+Z7QKrvongDhGlT1QGPF3cSqzGm1+OmxNA3txgaioeYyjR f8bv4kA1I0yiC2rIbBPS3MFbNoJXDhtoZyWxZBMZ1fRg3A3ToCGPDvN9nQAnAbL5 tsVkpb/tZshDi2gaqqvr4qffpCDcEejKEZpvShhBQr7jeEyAvhXot2YSEp2kAkQ3 2ws+scbXzOf+wroJWktNk13xqmwZqej3K2goqD+A3EUzd7mn1rZexVTUPAFJMLEs -----END CERTIFICATE-----Generated at Wed Jan 28 19:14:33 2026 by rpki-client