This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/NjCxVetchGZ0XWn7taqHcdtexeY.roa File: NjCxVetchGZ0XWn7taqHcdtexeY.roa (raw, json) Hash identifier: luZWHi8jfVZ+lGh40HXz9Aj5QcdjwpUbYNovF4whMXA= Subject key identifier: 36:30:B1:55:EB:5C:84:66:74:5D:69:FB:B5:AA:87:71:DB:5E:C5:E6 Certificate issuer: /CN=4dd1b2587490ad061cb207176bdeec81a531588c Certificate serial: 019B7AC9514BBC1C700118A5F5CFF14B92D6 Authority key identifier: 4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/NjCxVetchGZ0XWn7taqHcdtexeY.roa Signing time: Thu 01 Jan 2026 18:19:32 +0000 ROA not before: Thu 01 Jan 2026 18:19:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 40009 IP address blocks: 5.23.20.0/24 maxlen: 24 80.231.16.0/23 maxlen: 23 80.231.162.0/23 maxlen: 23 80.231.162.0/24 maxlen: 24 80.231.163.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.crl rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.mft rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c9:51:4b:bc:1c:70:01:18:a5:f5:cf:f1:4b:92:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4dd1b2587490ad061cb207176bdeec81a531588c Validity Not Before: Jan 1 18:19:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3630b155eb5c8466745d69fbb5aa8771db5ec5e6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:3d:de:28:ea:63:14:6a:1e:6a:35:f8:0c:93: 30:3d:98:48:ee:fa:56:91:cf:7e:32:71:33:b5:40: fc:cb:0c:9c:f8:d3:74:f9:37:02:4e:1b:f8:c2:2e: 63:74:99:90:f8:bb:c4:87:dc:1d:90:be:bf:6c:c6: b9:cd:93:d6:ae:33:3e:6a:d1:ea:48:dc:17:09:7c: e9:72:3e:e4:61:a8:e9:53:e2:90:5e:72:a0:90:04: 08:20:d5:37:f5:7b:4e:37:31:95:55:6e:da:1a:2c: b5:59:9e:eb:37:09:55:87:9d:38:8b:33:ca:e5:f7: 30:b3:3c:7e:c6:32:d4:30:3f:c1:fb:58:ff:c6:9e: de:f6:5d:32:39:a8:01:4d:69:ed:d5:46:00:14:41: 50:91:43:5e:ea:07:d6:9a:06:c8:72:00:59:83:a4: e7:f6:b1:5b:cf:3b:1c:9d:a3:3f:c7:c1:f6:c0:6f: a2:48:12:51:a6:a0:f7:34:1a:5f:1d:fb:81:5b:56: 5f:2d:e8:ee:30:41:40:d5:1c:4b:91:73:9d:3e:33: 28:88:c4:d4:a2:81:a0:ed:51:0a:c0:91:05:9f:4a: 71:60:c5:db:e4:8b:54:f6:81:9d:35:ce:82:34:14: a1:13:f1:78:a8:59:ad:af:b4:41:89:b4:84:88:b3: 01:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:30:B1:55:EB:5C:84:66:74:5D:69:FB:B5:AA:87:71:DB:5E:C5:E6 X509v3 Authority Key Identifier: keyid:4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/NjCxVetchGZ0XWn7taqHcdtexeY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.23.20.0/24 80.231.16.0/23 80.231.162.0/23 Signature Algorithm: sha256WithRSAEncryption 0e:f6:f6:62:9f:dd:ad:82:24:c7:20:33:db:d9:cb:76:e3:aa: 5d:10:6b:17:e4:1f:be:35:22:ad:38:fc:b4:81:a7:2b:f8:08: 84:03:67:a4:c6:ee:83:e8:a4:a9:9c:dd:8e:ec:cd:79:5e:47: f0:b1:7c:dd:4b:07:7b:ca:e1:33:9d:b2:b3:94:aa:4a:77:ff: 7c:54:1a:17:e1:0d:38:20:a1:9f:f0:b7:0e:02:55:1f:cb:bc: e7:8e:8c:59:77:53:f9:dd:a9:e9:43:06:61:b5:7e:02:ac:98: e7:01:7e:3e:39:aa:ec:11:af:78:d7:78:09:76:b3:5a:ee:02: 15:98:6a:88:7a:70:ea:18:a3:4b:42:37:70:f7:af:61:06:f3: e6:62:bf:7c:28:39:8d:c2:15:f9:ce:e5:a3:93:85:c0:b5:b1: ad:14:d4:5d:67:c8:21:11:5f:32:ad:1a:4f:63:4c:da:04:ad: bd:e0:f1:1b:85:45:d0:57:fd:14:9b:1c:f1:3c:0d:8e:19:99: 0e:82:d7:c4:95:62:d5:d3:5a:39:e6:b7:a7:59:71:bf:57:fc: bf:65:f3:97:a9:79:2a:29:26:40:b3:c7:b6:42:00:c2:a2:f1: 65:ae:46:80:6a:07:1c:51:65:e9:90:fd:87:2d:4c:be:ec:23: e5:25:d2:b5 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt6yVFLvBxwARil9c/xS5LWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRkZDFiMjU4NzQ5MGFkMDYxY2IyMDcxNzZiZGVlYzgxYTUz MTU4OGMwHhcNMjYwMTAxMTgxOTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNjMwYjE1NWViNWM4NDY2NzQ1ZDY5ZmJiNWFhODc3MWRiNWVjNWU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0T3eKOpjFGoeajX4DJMwPZhI7vpW kc9+MnEztUD8ywyc+NN0+TcCThv4wi5jdJmQ+LvEh9wdkL6/bMa5zZPWrjM+atHq SNwXCXzpcj7kYajpU+KQXnKgkAQIINU39XtONzGVVW7aGiy1WZ7rNwlVh504izPK 5fcwszx+xjLUMD/B+1j/xp7e9l0yOagBTWnt1UYAFEFQkUNe6gfWmgbIcgBZg6Tn 9rFbzzscnaM/x8H2wG+iSBJRpqD3NBpfHfuBW1ZfLejuMEFA1RxLkXOdPjMoiMTU ooGg7VEKwJEFn0pxYMXb5ItU9oGdNc6CNBShE/F4qFmtr7RBibSEiLMBEwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFDYwsVXrXIRmdF1p+7Wqh3HbXsXmMB8GA1UdIwQY MBaAFE3Rslh0kK0GHLIHF2ve7IGlMViMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUt ZGI0NjNjNWZiMGI0LzEvTmpDeFZldGNoR1owWFduN3RhcUhjZHRleGVZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUtZGI0NjNjNWZiMGI0 LzEvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABRcUAwQB UOcQAwQBUOeiMA0GCSqGSIb3DQEBCwUAA4IBAQAO9vZin92tgiTHIDPb2ct246pd EGsX5B++NSKtOPy0gacr+AiEA2ekxu6D6KSpnN2O7M15XkfwsXzdSwd7yuEznbKz lKpKd/98VBoX4Q04IKGf8LcOAlUfy7znjoxZd1P53anpQwZhtX4CrJjnAX4+Oars Ea9413gJdrNa7gIVmGqIenDqGKNLQjdw969hBvPmYr98KDmNwhX5zuWjk4XAtbGt FNRdZ8ghEV8yrRpPY0zaBK294PEbhUXQV/0UmxzxPA2OGZkOgtfElWLV01o55ren WXG/V/y/ZfOXqXkqKSZAs8e2QgDCovFlrkaAagccUWXpkP2HLUy+7CPlJdK1 -----END CERTIFICATE-----Generated at Sun Jan 25 09:19:05 2026 by rpki-client