This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/NvAf-nH1w6EiGE9EpJz1duIzkVw.roa File: NvAf-nH1w6EiGE9EpJz1duIzkVw.roa (raw, json) Hash identifier: bwe7C45RRQtIzIlIMP4B3/mPa5O8hzeJmz+qxMwmGW8= Subject key identifier: 36:F0:1F:FA:71:F5:C3:A1:22:18:4F:44:A4:9C:F5:76:E2:33:91:5C Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b Certificate serial: 019B7F84153BCBAE4664E4AB6F0452298E3D Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/NvAf-nH1w6EiGE9EpJz1duIzkVw.roa Signing time: Fri 02 Jan 2026 16:22:01 +0000 ROA not before: Fri 02 Jan 2026 16:22:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60253 IP address blocks: 92.205.80.0/21 maxlen: 21 92.205.156.0/22 maxlen: 24 92.205.192.0/20 maxlen: 24 188.121.60.0/24 maxlen: 24 188.121.61.0/24 maxlen: 24 2a00:116a::/40 maxlen: 48 2a00:116a:100::/40 maxlen: 48 2a00:116a:200::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.mft rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:15:3b:cb:ae:46:64:e4:ab:6f:04:52:29:8e:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b Validity Not Before: Jan 2 16:22:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=36f01ffa71f5c3a122184f44a49cf576e233915c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:6d:69:9e:5f:6a:00:20:14:e5:39:28:48:f3: 12:c6:6f:b4:ad:bd:a1:d1:6e:81:ea:d9:1e:49:ed: b3:2f:bf:30:8f:3e:fb:bb:b7:8c:5d:21:10:79:dd: ec:f4:25:0b:b6:93:00:70:6d:7c:9a:fa:1b:69:b7: e4:c7:46:cb:36:79:01:e1:f2:04:07:59:50:2d:a0: f7:a3:27:26:e1:cb:31:ba:4d:57:2c:a6:83:6e:3b: d3:57:64:d6:e9:ee:5a:73:4b:b9:d6:65:7c:9a:53: 4c:1e:31:01:59:8e:14:bc:89:aa:74:31:fc:62:0f: 26:80:1a:96:53:ad:1f:9d:c9:c1:ec:25:62:be:33: 4c:37:bf:2c:06:bf:4a:8e:9d:8d:8a:98:fc:aa:86: a5:78:40:a7:90:ba:58:8d:7e:ce:86:ee:d9:c9:09: cc:e0:6e:cb:d3:bf:c0:4c:02:54:38:fe:a3:af:16: 8e:8f:51:ed:04:20:f4:52:35:c5:d1:cb:4c:0e:88: eb:fb:cc:cc:93:95:9e:d7:89:51:da:ba:f9:a1:e1: 0c:3d:7e:46:90:6c:4f:fb:87:3e:e6:b6:a6:04:45: a3:59:f9:6e:c4:13:e6:e9:ab:ae:2f:fd:69:d5:6e: 97:67:82:dd:41:04:00:a8:ac:88:f6:72:4e:c9:86: 24:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:F0:1F:FA:71:F5:C3:A1:22:18:4F:44:A4:9C:F5:76:E2:33:91:5C X509v3 Authority Key Identifier: keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/NvAf-nH1w6EiGE9EpJz1duIzkVw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 92.205.80.0/21 92.205.156.0/22 92.205.192.0/20 188.121.60.0/23 IPv6: 2a00:116a::-2a00:116a:2ff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 7f:4b:77:b4:b8:90:bf:a3:6c:97:30:af:df:39:42:43:e8:91: a2:38:e5:2d:27:2a:1f:3d:66:7f:41:51:ed:d4:38:5f:8e:15: 3e:21:81:16:e4:bc:2d:94:87:93:ca:8b:a0:2f:c9:f3:c9:01: ef:e9:35:c2:34:87:f3:ec:f5:f2:5b:9d:21:d6:02:f9:3c:53: a3:9d:7a:38:50:b2:d0:ff:bf:54:71:6f:52:3e:8b:40:fd:a2: 12:0f:7d:3f:64:86:80:c1:e4:c9:ef:c5:fd:bf:e5:31:c2:e9: 90:4a:0b:59:d6:c9:91:4e:1b:87:94:a0:e3:ad:4c:5f:53:82: aa:7e:a3:f8:99:4f:ca:8e:83:8b:67:1c:e9:3a:62:8e:84:d6: b4:43:4a:51:53:42:0b:bb:c5:04:eb:bd:e8:58:aa:23:f8:d6: 10:8c:e3:16:c4:44:81:bc:f9:8d:c7:84:5f:f8:05:32:e1:4a: 7a:52:e8:1a:df:46:c3:c2:b2:ba:fb:b7:26:b1:5b:e5:8d:d8: 88:fa:db:c6:1c:8b:9f:b5:a5:0a:99:be:c1:40:22:96:2d:80: e5:84:b1:3b:02:08:01:2f:63:15:66:d0:c2:e8:ea:97:b5:0d: 2d:7f:31:4f:6e:f4:ff:63:58:8d:6e:28:46:ec:f5:35:9f:c2: 11:64:70:6a -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgISAZt/hBU7y65GZOSrbwRSKY49MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0 ZTk4MWIwHhcNMjYwMTAyMTYyMjAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNmYwMWZmYTcxZjVjM2ExMjIxODRmNDRhNDljZjU3NmUyMzM5MTVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr21pnl9qACAU5TkoSPMSxm+0rb2h 0W6B6tkeSe2zL78wjz77u7eMXSEQed3s9CULtpMAcG18mvobabfkx0bLNnkB4fIE B1lQLaD3oycm4csxuk1XLKaDbjvTV2TW6e5ac0u51mV8mlNMHjEBWY4UvImqdDH8 Yg8mgBqWU60fncnB7CVivjNMN78sBr9Kjp2Nipj8qoaleECnkLpYjX7Ohu7ZyQnM 4G7L07/ATAJUOP6jrxaOj1HtBCD0UjXF0ctMDojr+8zMk5We14lR2rr5oeEMPX5G kGxP+4c+5ramBEWjWfluxBPm6auuL/1p1W6XZ4LdQQQAqKyI9nJOyYYkzwIDAQAB o4ICNDCCAjAwHQYDVR0OBBYEFDbwH/px9cOhIhhPRKSc9XbiM5FcMB8GA1UdIwQY MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt MTYxZjM0MjM4N2QxLzEvTnZBZi1uSDF3NkVpR0U5RXBKejFkdUl6a1Z3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAeBAIAATAYAwQDXM1QAwQC XM2cAwQEXM3AAwQBvHk8MBcEAgACMBEwDwMFASoAEWoDBgAqABFqAjANBgkqhkiG 9w0BAQsFAAOCAQEAf0t3tLiQv6NslzCv3zlCQ+iRojjlLScqHz1mf0FR7dQ4X44V PiGBFuS8LZSHk8qLoC/J88kB7+k1wjSH8+z18ludIdYC+TxTo516OFCy0P+/VHFv Uj6LQP2iEg99P2SGgMHkye/F/b/lMcLpkEoLWdbJkU4bh5Sg461MX1OCqn6j+JlP yo6Di2cc6TpijoTWtENKUVNCC7vFBOu96FiqI/jWEIzjFsREgbz5jceEX/gFMuFK elLoGt9Gw8Kyuvu3JrFb5Y3YiPrbxhyLn7WlCpm+wUAili2A5YSxOwIIAS9jFWbQ wujql7UNLX8xT270/2NYjW4oRuz1NZ/CEWRwag== -----END CERTIFICATE-----Generated at Sun Jan 25 12:47:10 2026 by rpki-client