This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/nsxr-ZEmdIF029lEL2jBOA29dhU.roa File: nsxr-ZEmdIF029lEL2jBOA29dhU.roa (raw, json) Hash identifier: CXCtk7B2cvL2XBTY4M31Fepzk6WUvK7IZRfvv/B2wes= Subject key identifier: 9E:CC:6B:F9:91:26:74:81:74:DB:D9:44:2F:68:C1:38:0D:BD:76:15 Certificate issuer: /CN=415c10f84dc22937ef6d15eb71bbb4a5308162bf Certificate serial: 019AA6352B364E80FE30F6DB40FB5A35DB99 Authority key identifier: 41:5C:10:F8:4D:C2:29:37:EF:6D:15:EB:71:BB:B4:A5:30:81:62:BF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QVwQ-E3CKTfvbRXrcbu0pTCBYr8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/nsxr-ZEmdIF029lEL2jBOA29dhU.roa Signing time: Fri 21 Nov 2025 11:38:13 +0000 ROA not before: Fri 21 Nov 2025 11:38:13 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 197524 IP address blocks: 5.22.240.0/21 maxlen: 21 88.133.0.0/17 maxlen: 17 88.133.128.0/20 maxlen: 20 88.133.156.0/22 maxlen: 22 91.235.8.0/22 maxlen: 23 109.199.160.0/19 maxlen: 19 185.9.64.0/22 maxlen: 22 185.18.36.0/22 maxlen: 23 185.93.200.0/22 maxlen: 23 2a01:a980::/29 maxlen: 29 2a05:fa40::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/QVwQ-E3CKTfvbRXrcbu0pTCBYr8.crl rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/QVwQ-E3CKTfvbRXrcbu0pTCBYr8.mft rsync://rpki.ripe.net/repository/DEFAULT/QVwQ-E3CKTfvbRXrcbu0pTCBYr8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 11:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:a6:35:2b:36:4e:80:fe:30:f6:db:40:fb:5a:35:db:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=415c10f84dc22937ef6d15eb71bbb4a5308162bf Validity Not Before: Nov 21 11:38:13 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=9ecc6bf99126748174dbd9442f68c1380dbd7615 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:f3:f1:9b:9c:1c:ae:f2:aa:2c:c6:21:14:91: b0:75:c4:6a:ac:0c:71:51:8d:6f:27:32:53:7c:e7: 00:b0:84:36:fb:7a:0b:bb:f2:cf:0c:20:cf:6b:b4: b1:ac:00:e0:6c:81:9c:18:44:e7:2e:a2:94:e6:8c: 22:75:72:8e:13:8c:9f:69:7b:01:d2:bb:d2:b4:b8: 62:82:89:dd:d4:39:c7:d1:f3:9c:8c:ae:05:ab:22: ef:6f:42:8a:98:2c:5b:02:fb:bb:c2:29:cf:e4:00: 07:81:a3:1c:75:20:33:7d:c3:24:6e:a8:63:42:3d: 10:a5:d0:96:66:3b:e8:8b:88:37:01:8a:e0:c0:33: d9:de:ea:61:51:6a:5c:53:a9:4d:da:13:bc:fd:81: f9:e9:87:3c:9d:b9:19:f1:a4:ec:85:81:d6:95:3b: 0d:ea:57:3c:39:6a:73:4d:40:bd:84:3d:94:1f:8e: 12:4f:29:bc:fe:37:a5:85:e7:1e:d6:40:f2:fa:d4: 43:9d:4e:18:1d:49:ef:89:7f:01:89:a2:3d:c9:b0: 8b:1d:fa:9c:fd:a0:cc:62:04:c6:61:0e:c3:99:02: 01:4a:30:d8:43:52:ce:8c:74:94:7b:c7:d0:4d:58: c9:cb:ec:88:f8:ee:5b:4f:af:9b:02:9f:93:e4:fc: 4b:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:CC:6B:F9:91:26:74:81:74:DB:D9:44:2F:68:C1:38:0D:BD:76:15 X509v3 Authority Key Identifier: keyid:41:5C:10:F8:4D:C2:29:37:EF:6D:15:EB:71:BB:B4:A5:30:81:62:BF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QVwQ-E3CKTfvbRXrcbu0pTCBYr8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/nsxr-ZEmdIF029lEL2jBOA29dhU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/QVwQ-E3CKTfvbRXrcbu0pTCBYr8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.22.240.0/21 88.133.0.0-88.133.143.255 88.133.156.0/22 91.235.8.0/22 109.199.160.0/19 185.9.64.0/22 185.18.36.0/22 185.93.200.0/22 IPv6: 2a01:a980::/29 2a05:fa40::/29 Signature Algorithm: sha256WithRSAEncryption 3f:d8:58:4f:b1:a7:fc:41:9c:d6:e2:63:33:d9:bf:10:1f:62: 12:f7:76:d0:77:3f:72:3b:5b:20:89:af:ae:fa:43:0e:9e:f8: d9:ec:fa:9f:12:c0:6a:4e:07:0e:46:79:17:57:77:49:c5:26: 08:a8:b1:f2:0e:df:33:1c:18:8f:b9:05:c0:1f:d4:cf:1f:d6: bc:37:15:4c:c6:84:e1:15:10:ae:ae:de:84:e1:f1:48:d1:54: 53:2a:d3:e4:6c:d3:1c:a6:96:d3:7c:28:bc:da:90:09:e2:48: a5:52:f1:63:ae:33:04:a6:14:f3:f0:47:c0:5b:4e:be:3c:a7: 27:1d:52:c7:de:f9:be:44:dc:2e:f3:e1:0d:02:a4:fb:de:e6: 82:69:1b:32:31:93:16:f0:51:94:0f:de:b4:1f:09:35:07:20: bd:ac:9e:8a:5c:c7:f0:55:f1:83:41:c4:cd:79:7c:a1:b3:f3: 32:12:52:52:5c:3d:3c:f5:2f:6d:76:1c:d9:09:8c:4e:34:71: 3e:9d:31:f9:71:d8:8d:ec:41:3c:11:a7:65:d9:d8:79:31:2b: c7:91:c4:02:45:5c:f3:ea:49:b9:f1:fa:18:f9:ef:a9:25:a8: a2:69:09:03:6f:ee:02:46:2f:42:3f:f4:d6:5f:74:4e:2c:97: 68:4e:48:10 -----BEGIN CERTIFICATE----- MIIFRDCCBCygAwIBAgISAZqmNSs2ToD+MPbbQPtaNduZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxNWMxMGY4NGRjMjI5MzdlZjZkMTVlYjcxYmJiNGE1MzA4 MTYyYmYwHhcNMjUxMTIxMTEzODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZWNjNmJmOTkxMjY3NDgxNzRkYmQ5NDQyZjY4YzEzODBkYmQ3NjE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/Pxm5wcrvKqLMYhFJGwdcRqrAxx UY1vJzJTfOcAsIQ2+3oLu/LPDCDPa7SxrADgbIGcGETnLqKU5owidXKOE4yfaXsB 0rvStLhigond1DnH0fOcjK4FqyLvb0KKmCxbAvu7winP5AAHgaMcdSAzfcMkbqhj Qj0QpdCWZjvoi4g3AYrgwDPZ3uphUWpcU6lN2hO8/YH56Yc8nbkZ8aTshYHWlTsN 6lc8OWpzTUC9hD2UH44STym8/jelhece1kDy+tRDnU4YHUnviX8BiaI9ybCLHfqc /aDMYgTGYQ7DmQIBSjDYQ1LOjHSUe8fQTVjJy+yI+O5bT6+bAp+T5PxLWwIDAQAB o4ICUDCCAkwwHQYDVR0OBBYEFJ7Ma/mRJnSBdNvZRC9owTgNvXYVMB8GA1UdIwQY MBaAFEFcEPhNwik3720V63G7tKUwgWK/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUVZ3US1FM0NLVGZ2YlJYcmNidTBwVENCWXI4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi81YzU3ZTctN2JhOC00YTYyLThkMTUt YzZiNmZkMTJjZTI3LzEvbnN4ci1aRW1kSUYwMjlsRUwyakJPQTI5ZGhVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNi81YzU3ZTctN2JhOC00YTYyLThkMTUtYzZiNmZkMTJjZTI3 LzEvUVZ3US1FM0NLVGZ2YlJYcmNidTBwVENCWXI4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTA9BAIAATA3AwQDBRbwMAsD AwBYhQMEBFiFgAMEAliFnAMEAlvrCAMEBW3HoAMEArkJQAMEArkSJAMEArldyDAU BAIAAjAOAwUDKgGpgAMFAyoF+kAwDQYJKoZIhvcNAQELBQADggEBAD/YWE+xp/xB nNbiYzPZvxAfYhL3dtB3P3I7WyCJr676Qw6e+Nns+p8SwGpOBw5GeRdXd0nFJgio sfIO3zMcGI+5BcAf1M8f1rw3FUzGhOEVEK6u3oTh8UjRVFMq0+Rs0xymltN8KLza kAniSKVS8WOuMwSmFPPwR8BbTr48pycdUsfe+b5E3C7z4Q0CpPve5oJpGzIxkxbw UZQP3rQfCTUHIL2snopcx/BV8YNBxM15fKGz8zISUlJcPTz1L212HNkJjE40cT6d Mflx2I3sQTwRp2XZ2HkxK8eRxAJFXPPqSbnx+hj576klqKJpCQNv7gJGL0I/9NZf dE4sl2hOSBA= -----END CERTIFICATE-----Generated at Sat Dec 6 20:51:41 2025 by rpki-client