This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/NYre9NG9YeEOV-9DADYBR1_ANFc.roa File: NYre9NG9YeEOV-9DADYBR1_ANFc.roa (raw, json) Hash identifier: SGio3sReojeOyDGlNC4y1GQcfv+IKwO1tdbB5z6Ax9c= Subject key identifier: 35:8A:DE:F4:D1:BD:61:E1:0E:57:EF:43:00:36:01:47:5F:C0:34:57 Certificate issuer: /CN=d3c35bc9b7f8550be3e467c54a9d3a66e2443bd4 Certificate serial: 019B77C74B34B3AF16410446E3EB05DF8EC5 Authority key identifier: D3:C3:5B:C9:B7:F8:55:0B:E3:E4:67:C5:4A:9D:3A:66:E2:44:3B:D4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08Nbybf4VQvj5GfFSp06ZuJEO9Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/NYre9NG9YeEOV-9DADYBR1_ANFc.roa Signing time: Thu 01 Jan 2026 04:18:28 +0000 ROA not before: Thu 01 Jan 2026 04:18:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62020 IP address blocks: 185.9.0.0/24 maxlen: 24 185.9.2.0/24 maxlen: 24 2a03:4440::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/08Nbybf4VQvj5GfFSp06ZuJEO9Q.crl rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/08Nbybf4VQvj5GfFSp06ZuJEO9Q.mft rsync://rpki.ripe.net/repository/DEFAULT/08Nbybf4VQvj5GfFSp06ZuJEO9Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 01:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:4b:34:b3:af:16:41:04:46:e3:eb:05:df:8e:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d3c35bc9b7f8550be3e467c54a9d3a66e2443bd4 Validity Not Before: Jan 1 04:18:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=358adef4d1bd61e10e57ef43003601475fc03457 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:50:d9:22:37:9a:15:60:5f:e7:56:b2:c2:da: de:20:63:9b:14:e8:1c:3c:0e:a0:28:b0:5c:cb:85: 2c:cd:18:27:67:54:cf:68:b9:fb:b9:9c:bf:92:59: 70:01:fb:d7:3f:c2:d2:28:d1:1b:e1:f3:37:3d:ed: fd:a8:04:b7:5c:01:4a:f1:13:6a:f7:b0:0b:8c:9a: db:78:b7:44:85:16:c4:a4:a8:0e:c4:1b:ff:57:72: d0:f3:f7:cb:1e:63:c5:38:4b:1c:eb:82:23:7d:b2: 82:d6:39:ef:13:3a:ca:6c:4d:ef:47:0e:27:1e:69: c5:c1:40:06:96:3a:71:88:2e:ac:80:8b:15:b0:b7: 1f:4f:0a:32:cf:0d:e1:15:ac:88:c7:41:dd:a2:3e: 2f:cd:2d:96:39:86:b7:27:64:30:af:b8:1c:ff:d2: 5e:23:2a:b4:26:b8:8d:82:50:c5:41:25:cf:14:70: b9:39:0c:2f:b9:5d:01:e6:7e:49:a3:4a:ed:0d:ea: 2e:1f:51:94:9c:f2:18:d4:ea:78:ab:e1:c3:8f:72: 6c:a2:f0:0e:eb:e2:c9:60:f6:10:8c:cc:84:32:e8: 61:ca:82:3d:44:32:e4:a7:e2:d4:fd:04:e6:d0:f7: 9d:dc:9b:9f:20:ba:90:6b:07:74:10:f4:32:e7:04: 77:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:8A:DE:F4:D1:BD:61:E1:0E:57:EF:43:00:36:01:47:5F:C0:34:57 X509v3 Authority Key Identifier: keyid:D3:C3:5B:C9:B7:F8:55:0B:E3:E4:67:C5:4A:9D:3A:66:E2:44:3B:D4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08Nbybf4VQvj5GfFSp06ZuJEO9Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/NYre9NG9YeEOV-9DADYBR1_ANFc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/08Nbybf4VQvj5GfFSp06ZuJEO9Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.9.0.0/24 185.9.2.0/24 IPv6: 2a03:4440::/32 Signature Algorithm: sha256WithRSAEncryption 44:a6:e4:74:08:69:8d:42:c0:0e:ae:a1:13:99:b3:0c:8a:dc: 2c:1a:5f:1f:2e:7c:a2:f8:4d:70:56:1a:5c:97:16:98:13:d6: ab:5f:af:e4:14:2a:04:33:68:ba:99:17:25:33:d2:89:ca:0c: 38:04:27:52:87:b9:6b:44:93:b1:c1:dd:63:28:f2:33:aa:46: a0:a1:42:12:fe:28:d6:52:26:39:b0:e1:15:7c:e1:d1:98:66: 01:fc:7e:80:14:cd:c5:53:dd:c3:c3:a2:26:f7:05:31:64:fd: f9:77:13:76:d8:ed:cb:04:42:64:d0:78:79:45:3a:91:2c:d0: 89:95:a0:72:6d:9a:1e:f6:ab:ab:fa:d1:3c:7f:59:1e:4b:4c: 66:85:33:de:e8:5a:5e:26:49:72:35:16:32:64:00:40:a2:51: 0e:c4:1f:28:31:27:96:96:52:2d:99:71:84:07:60:af:ae:8d: 1b:fb:45:e9:5a:89:82:97:28:24:23:ef:7d:88:33:ce:12:41: 83:7a:ea:cf:a4:9d:d7:58:83:c1:63:4e:69:c4:5f:25:e8:d4: 19:60:06:53:38:5e:9d:e7:af:47:bc:78:27:01:04:07:c8:79: 1e:b6:0c:cd:a6:e1:a3:81:25:b5:ad:7e:16:f0:bd:14:91:7e: e2:de:db:b5 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt3x0s0s68WQQRG4+sF347FMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzYzM1YmM5YjdmODU1MGJlM2U0NjdjNTRhOWQzYTY2ZTI0 NDNiZDQwHhcNMjYwMTAxMDQxODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNThhZGVmNGQxYmQ2MWUxMGU1N2VmNDMwMDM2MDE0NzVmYzAzNDU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlDZIjeaFWBf51aywtreIGObFOgc PA6gKLBcy4UszRgnZ1TPaLn7uZy/kllwAfvXP8LSKNEb4fM3Pe39qAS3XAFK8RNq 97ALjJrbeLdEhRbEpKgOxBv/V3LQ8/fLHmPFOEsc64IjfbKC1jnvEzrKbE3vRw4n HmnFwUAGljpxiC6sgIsVsLcfTwoyzw3hFayIx0Hdoj4vzS2WOYa3J2Qwr7gc/9Je Iyq0JriNglDFQSXPFHC5OQwvuV0B5n5Jo0rtDeouH1GUnPIY1Op4q+HDj3JsovAO 6+LJYPYQjMyEMuhhyoI9RDLkp+LU/QTm0Ped3JufILqQawd0EPQy5wR36QIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFDWK3vTRvWHhDlfvQwA2AUdfwDRXMB8GA1UdIwQY MBaAFNPDW8m3+FUL4+RnxUqdOmbiRDvUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDhOYnliZjRWUXZqNUdmRlNwMDZadUpFTzlRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy84YmE4YmItYzFjMC00ZDM1LTkwYTct Y2RhNWMzNzY2ZjAzLzEvTllyZTlORzlZZUVPVi05REFEWUJSMV9BTkZjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYy84YmE4YmItYzFjMC00ZDM1LTkwYTctY2RhNWMzNzY2ZjAz LzEvMDhOYnliZjRWUXZqNUdmRlNwMDZadUpFTzlRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuQkAAwQA uQkCMA0EAgACMAcDBQAqA0RAMA0GCSqGSIb3DQEBCwUAA4IBAQBEpuR0CGmNQsAO rqETmbMMitwsGl8fLnyi+E1wVhpclxaYE9arX6/kFCoEM2i6mRclM9KJygw4BCdS h7lrRJOxwd1jKPIzqkagoUIS/ijWUiY5sOEVfOHRmGYB/H6AFM3FU93Dw6Im9wUx ZP35dxN22O3LBEJk0Hh5RTqRLNCJlaBybZoe9qur+tE8f1keS0xmhTPe6FpeJkly NRYyZABAolEOxB8oMSeWllItmXGEB2Cvro0b+0XpWomClygkI+99iDPOEkGDeurP pJ3XWIPBY05pxF8l6NQZYAZTOF6d569HvHgnAQQHyHketgzNpuGjgSW1rX4W8L0U kX7i3tu1 -----END CERTIFICATE-----Generated at Sun Jan 25 12:06:02 2026 by rpki-client