This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/nNI8cWDrdupy6QxxnpymseWXDm8.roa File: nNI8cWDrdupy6QxxnpymseWXDm8.roa (raw, json) Hash identifier: /qGCtHyxtyMb0gDue0+bsmpvI9xz1vBM6ikbcYD+rGo= Subject key identifier: 9C:D2:3C:71:60:EB:76:EA:72:E9:0C:71:9E:9C:A6:B1:E5:97:0E:6F Certificate issuer: /CN=a4eb9eb5547c7f5f1aafc0ada140805419618726 Certificate serial: 019B7AC79344C7175FBB1A0FF13E759E52A6 Authority key identifier: A4:EB:9E:B5:54:7C:7F:5F:1A:AF:C0:AD:A1:40:80:54:19:61:87:26 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOuetVR8f18ar8CtoUCAVBlhhyY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/nNI8cWDrdupy6QxxnpymseWXDm8.roa Signing time: Thu 01 Jan 2026 18:17:38 +0000 ROA not before: Thu 01 Jan 2026 18:17:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35467 IP address blocks: 31.186.160.0/21 maxlen: 22 37.0.16.0/21 maxlen: 22 81.92.176.0/20 maxlen: 21 83.136.192.0/21 maxlen: 24 91.106.224.0/21 maxlen: 23 93.95.144.0/21 maxlen: 22 145.87.224.0/19 maxlen: 20 185.35.32.0/22 maxlen: 23 185.55.108.0/22 maxlen: 23 185.250.160.0/22 maxlen: 24 212.52.224.0/19 maxlen: 22 217.27.224.0/20 maxlen: 24 217.27.224.0/21 maxlen: 22 217.27.232.0/21 maxlen: 24 2a02:5b0::/32 maxlen: 48 2a02:5b0::/40 maxlen: 40 2a02:5b0:700::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/pOuetVR8f18ar8CtoUCAVBlhhyY.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/pOuetVR8f18ar8CtoUCAVBlhhyY.mft rsync://rpki.ripe.net/repository/DEFAULT/pOuetVR8f18ar8CtoUCAVBlhhyY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 03:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:93:44:c7:17:5f:bb:1a:0f:f1:3e:75:9e:52:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a4eb9eb5547c7f5f1aafc0ada140805419618726 Validity Not Before: Jan 1 18:17:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9cd23c7160eb76ea72e90c719e9ca6b1e5970e6f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:47:38:70:f1:15:59:aa:66:2c:3c:03:8b:5e: 8e:fc:f8:ed:72:8e:62:b6:86:5d:22:ed:b6:4e:6c: 8a:cd:6c:37:43:74:58:9b:da:58:34:8b:9a:19:e0: 38:53:d0:f7:76:df:46:d3:e5:d3:66:a5:98:dc:b4: a6:be:a4:f2:ee:41:26:d2:52:ef:18:3e:57:b9:58: 8a:b1:12:a6:4a:8f:23:ec:9a:f0:f2:86:7e:14:8a: 8d:9b:8f:cd:1a:da:ea:48:09:eb:7f:9a:eb:5b:94: f8:f1:ec:77:8f:b6:ae:86:bd:34:4a:a0:d9:59:85: b9:a6:96:b7:4f:73:bf:7d:ce:88:13:69:99:ab:8f: e2:f1:c2:29:86:b6:fc:33:4f:f8:e1:ad:a2:74:43: b2:dc:29:49:de:c4:e8:da:6f:c9:e1:35:ee:25:2c: 73:16:e7:7a:82:33:64:53:3a:88:8e:87:28:d4:17: 6c:73:1b:cd:4e:73:d6:d9:8e:80:77:c5:5d:90:e6: 16:75:8e:fb:e9:b2:f2:74:80:b0:29:a7:c5:97:12: 76:7e:88:e5:6e:25:23:56:87:1c:37:69:8a:fd:bd: 1b:d2:bc:42:fb:98:49:76:10:69:9a:d7:54:9d:b2: 56:3d:1d:32:d2:8f:94:5f:2f:d2:9c:42:cb:97:50: dd:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:D2:3C:71:60:EB:76:EA:72:E9:0C:71:9E:9C:A6:B1:E5:97:0E:6F X509v3 Authority Key Identifier: keyid:A4:EB:9E:B5:54:7C:7F:5F:1A:AF:C0:AD:A1:40:80:54:19:61:87:26 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOuetVR8f18ar8CtoUCAVBlhhyY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/nNI8cWDrdupy6QxxnpymseWXDm8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/pOuetVR8f18ar8CtoUCAVBlhhyY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.186.160.0/21 37.0.16.0/21 81.92.176.0/20 83.136.192.0/21 91.106.224.0/21 93.95.144.0/21 145.87.224.0/19 185.35.32.0/22 185.55.108.0/22 185.250.160.0/22 212.52.224.0/19 217.27.224.0/20 IPv6: 2a02:5b0::/32 Signature Algorithm: sha256WithRSAEncryption ae:0c:93:0d:1f:52:ba:d0:e2:e3:2a:05:b7:22:0e:fb:25:b8: bb:1b:4e:da:4e:60:60:64:3b:8d:02:0c:4f:3d:bc:69:27:d3: 11:89:31:80:a9:0b:7b:c0:37:22:9a:02:71:48:e5:86:7f:b1: 10:7d:99:49:76:73:a9:85:ba:1d:e3:31:9e:02:57:b3:ba:8e: 53:83:f6:3e:d1:e4:b4:33:3a:22:19:da:57:26:49:4c:fc:ed: 07:e2:68:2c:11:ba:2a:1e:ca:4e:53:68:87:8a:f2:a2:07:b8: fd:e0:d9:24:0d:3d:c7:ff:b7:d0:38:96:34:5b:9f:ff:e0:ba: 85:c5:b3:54:1d:1b:a0:6f:c6:da:83:a7:4c:71:d2:2e:02:46: 66:10:55:43:e2:58:b0:ac:45:cb:8f:85:0c:48:52:72:25:ba: dd:b2:d7:27:f3:82:62:d4:70:0d:c2:f5:d0:84:ef:02:b4:fe: ec:d2:87:47:a1:54:50:86:f2:a6:b1:a3:6c:7c:eb:46:4e:2f: c3:55:db:72:82:ea:a3:9b:d2:f6:46:39:ec:89:d5:82:c8:1a: 41:e9:ae:32:db:8b:1b:03:4e:3c:00:5c:07:c5:17:f8:d0:41: 46:38:25:3a:ea:0e:3e:54:67:73:39:34:96:54:c7:ff:b5:ee: 78:55:94:29 -----BEGIN CERTIFICATE----- MIIFTjCCBDagAwIBAgISAZt6x5NExxdfuxoP8T51nlKmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE0ZWI5ZWI1NTQ3YzdmNWYxYWFmYzBhZGExNDA4MDU0MTk2 MTg3MjYwHhcNMjYwMTAxMTgxNzM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5Y2QyM2M3MTYwZWI3NmVhNzJlOTBjNzE5ZTljYTZiMWU1OTcwZTZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkc4cPEVWapmLDwDi16O/Pjtco5i toZdIu22TmyKzWw3Q3RYm9pYNIuaGeA4U9D3dt9G0+XTZqWY3LSmvqTy7kEm0lLv GD5XuViKsRKmSo8j7Jrw8oZ+FIqNm4/NGtrqSAnrf5rrW5T48ex3j7auhr00SqDZ WYW5ppa3T3O/fc6IE2mZq4/i8cIphrb8M0/44a2idEOy3ClJ3sTo2m/J4TXuJSxz Fud6gjNkUzqIjoco1BdscxvNTnPW2Y6Ad8VdkOYWdY776bLydICwKafFlxJ2fojl biUjVoccN2mK/b0b0rxC+5hJdhBpmtdUnbJWPR0y0o+UXy/SnELLl1Dd7wIDAQAB o4ICWjCCAlYwHQYDVR0OBBYEFJzSPHFg63bqcukMcZ6cprHllw5vMB8GA1UdIwQY MBaAFKTrnrVUfH9fGq/AraFAgFQZYYcmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcE91ZXRWUjhmMThhcjhDdG9VQ0FWQmxoaHlZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi80Y2Q3MmQtZDhhNS00NmNlLTg2NzQt MGQyMjIzMmMzNGEwLzEvbk5JOGNXRHJkdXB5NlF4eG5weW1zZVdYRG04LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi80Y2Q3MmQtZDhhNS00NmNlLTg2NzQtMGQyMjIzMmMzNGEw LzEvcE91ZXRWUjhmMThhcjhDdG9VQ0FWQmxoaHlZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDH7qgAwQD JQAQAwQEUVywAwQDU4jAAwQDW2rgAwQDXV+QAwQFkVfgAwQCuSMgAwQCuTdsAwQC ufqgAwQF1DTgAwQE2RvgMA0EAgACMAcDBQAqAgWwMA0GCSqGSIb3DQEBCwUAA4IB AQCuDJMNH1K60OLjKgW3Ig77Jbi7G07aTmBgZDuNAgxPPbxpJ9MRiTGAqQt7wDci mgJxSOWGf7EQfZlJdnOphbod4zGeAlezuo5Tg/Y+0eS0MzoiGdpXJklM/O0H4mgs EboqHspOU2iHivKiB7j94NkkDT3H/7fQOJY0W5//4LqFxbNUHRugb8bag6dMcdIu AkZmEFVD4liwrEXLj4UMSFJyJbrdstcn84Ji1HANwvXQhO8CtP7s0odHoVRQhvKm saNsfOtGTi/DVdtyguqjm9L2RjnsidWCyBpB6a4y24sbA048AFwHxRf40EFGOCU6 6g4+VGdzOTSWVMf/te54VZQp -----END CERTIFICATE-----Generated at Tue Jan 20 07:56:30 2026 by rpki-client