This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/NhizW-ek-7aBlPA-k4gKD6nEmiM.roa File: NhizW-ek-7aBlPA-k4gKD6nEmiM.roa (raw, json) Hash identifier: RyGmgOgA3HoLOtCbkKTtGrQGGeDOxSawDRY04RL9fa8= Subject key identifier: 36:18:B3:5B:E7:A4:FB:B6:81:94:F0:3E:93:88:0A:0F:A9:C4:9A:23 Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a Certificate serial: 019B78A370C5BD65BE23A884CD857360AEA1 Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/NhizW-ek-7aBlPA-k4gKD6nEmiM.roa Signing time: Thu 01 Jan 2026 08:18:55 +0000 ROA not before: Thu 01 Jan 2026 08:18:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39326 IP address blocks: 37.235.54.0/24 maxlen: 24 37.235.55.0/24 maxlen: 24 151.236.19.0/24 maxlen: 24 188.190.5.0/24 maxlen: 24 2a03:f80:44::/48 maxlen: 48 2a03:f80:441::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:70:c5:bd:65:be:23:a8:84:cd:85:73:60:ae:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a Validity Not Before: Jan 1 08:18:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3618b35be7a4fbb68194f03e93880a0fa9c49a23 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:65:1c:00:a3:20:5d:d1:6d:da:82:22:de:ce: 1e:22:28:e8:ad:ba:90:c0:f5:f4:18:45:58:d4:8d: 3e:c1:2b:bb:61:6b:86:87:98:2c:d6:60:b2:2e:41: ed:2f:f2:c2:0f:17:d2:c8:9e:b9:a8:8e:0b:86:ab: 3e:24:c0:57:56:f1:03:ec:ad:c5:7f:4b:ec:65:30: 88:e4:bd:5c:38:f4:e0:f2:fa:a8:44:5c:0d:d3:97: c8:2e:79:5a:b8:bf:b7:69:31:27:f9:c0:d5:04:c5: f4:c5:e4:ca:d1:ca:af:23:f1:b0:af:2c:d6:17:2b: 18:47:95:3f:2f:4e:14:2b:54:d6:72:2d:98:3e:3f: b5:13:06:4b:53:86:c8:93:03:8e:95:f1:1a:76:88: 9a:b1:43:c9:a5:07:0b:29:15:7c:50:e4:f1:0b:8a: d9:5e:6b:51:0d:ac:ee:eb:f3:97:8d:40:73:ae:de: 21:5b:24:f0:61:ff:1b:8f:30:e7:e3:c0:9a:50:13: ea:b4:a3:32:73:c7:db:ee:83:02:ea:7e:f3:2a:94: cc:e3:8f:1f:68:a5:7a:85:eb:96:92:85:f0:00:39: 99:e8:55:5d:3f:67:83:bc:20:bd:1b:7c:72:32:8a: ac:a1:52:26:99:a1:be:24:a3:41:04:14:07:ac:b2: 08:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:18:B3:5B:E7:A4:FB:B6:81:94:F0:3E:93:88:0A:0F:A9:C4:9A:23 X509v3 Authority Key Identifier: keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/NhizW-ek-7aBlPA-k4gKD6nEmiM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.235.54.0/23 151.236.19.0/24 188.190.5.0/24 IPv6: 2a03:f80:44::/48 2a03:f80:441::/48 Signature Algorithm: sha256WithRSAEncryption 6a:c2:8e:bc:b6:a9:dd:da:68:b3:e5:01:6f:95:be:59:d3:78: 9c:62:2b:53:ed:cc:a1:03:eb:0c:24:ef:c2:e7:15:9a:7f:9f: c5:b8:68:00:96:5b:3c:05:99:78:df:70:b5:1e:c1:76:1e:0a: 21:4f:cb:30:31:1f:37:fe:86:58:45:e5:fb:6c:35:61:78:8a: a8:9e:64:94:42:dd:2b:5c:12:74:4d:4b:9a:fb:ed:93:83:58: e4:bc:ee:b3:f7:0e:6a:20:98:99:01:dd:c4:2a:95:a9:44:34: be:87:9b:8c:6f:6f:02:6b:d4:58:bf:60:2e:fd:fa:b0:a6:38: 3f:38:17:e2:7b:08:20:e8:64:b8:38:11:17:da:72:28:e5:4a: 57:4c:fa:a4:ea:63:60:00:9e:17:f8:1d:5e:1d:5a:4d:eb:6f: ed:05:84:59:f9:23:4b:5e:9b:58:63:f2:99:32:3c:5a:1f:a0: d7:f4:04:72:ca:bd:c5:f2:1d:ed:07:1a:37:ab:d7:5b:39:aa: d9:9a:63:e4:97:e2:54:9a:21:bc:7a:5a:54:aa:33:d6:d8:2f: 57:a8:53:cb:de:4d:95:ab:03:dc:50:4b:e9:f6:b6:8a:ff:53: 30:9d:eb:51:9c:b3:aa:02:17:a0:6c:18:e0:09:08:d1:82:06: 08:d9:c1:e7 -----BEGIN CERTIFICATE----- MIIFIzCCBAugAwIBAgISAZt4o3DFvWW+I6iEzYVzYK6hMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj MjhmNmEwHhcNMjYwMTAxMDgxODU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNjE4YjM1YmU3YTRmYmI2ODE5NGYwM2U5Mzg4MGEwZmE5YzQ5YTIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWUcAKMgXdFt2oIi3s4eIijorbqQ wPX0GEVY1I0+wSu7YWuGh5gs1mCyLkHtL/LCDxfSyJ65qI4Lhqs+JMBXVvED7K3F f0vsZTCI5L1cOPTg8vqoRFwN05fILnlauL+3aTEn+cDVBMX0xeTK0cqvI/GwryzW FysYR5U/L04UK1TWci2YPj+1EwZLU4bIkwOOlfEadoiasUPJpQcLKRV8UOTxC4rZ XmtRDazu6/OXjUBzrt4hWyTwYf8bjzDn48CaUBPqtKMyc8fb7oMC6n7zKpTM448f aKV6heuWkoXwADmZ6FVdP2eDvCC9G3xyMoqsoVImmaG+JKNBBBQHrLIIIQIDAQAB o4ICLzCCAiswHQYDVR0OBBYEFDYYs1vnpPu2gZTwPpOICg+pxJojMB8GA1UdIwQY MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt YjM4ZTI2NzdiM2RjLzEvTmhpelctZWstN2FCbFBBLWs0Z0tENm5FbWlNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQBJes2AwQA l+wTAwQAvL4FMBgEAgACMBIDBwAqAw+AAEQDBwAqAw+ABEEwDQYJKoZIhvcNAQEL BQADggEBAGrCjry2qd3aaLPlAW+VvlnTeJxiK1PtzKED6wwk78LnFZp/n8W4aACW WzwFmXjfcLUewXYeCiFPyzAxHzf+hlhF5ftsNWF4iqieZJRC3StcEnRNS5r77ZOD WOS87rP3DmogmJkB3cQqlalENL6Hm4xvbwJr1Fi/YC79+rCmOD84F+J7CCDoZLg4 ERfacijlSldM+qTqY2AAnhf4HV4dWk3rb+0FhFn5I0tem1hj8pkyPFofoNf0BHLK vcXyHe0HGjer11s5qtmaY+SX4lSaIbx6WlSqM9bYL1eoU8veTZWrA9xQS+n2tor/ UzCd61Gcs6oCF6BsGOAJCNGCBgjZwec= -----END CERTIFICATE-----Generated at Sun Jan 25 16:38:10 2026 by rpki-client