This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/niUr6FHPmgY6CtuAz4gWdWka0MA.roa File: niUr6FHPmgY6CtuAz4gWdWka0MA.roa (raw, json) Hash identifier: IuoDMTxSe/qrJgdwIn4nlwn1wmvo4BWmMWaqX2zRdbA= Subject key identifier: 9E:25:2B:E8:51:CF:9A:06:3A:0A:DB:80:CF:88:16:75:69:1A:D0:C0 Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3 Certificate serial: 019B7B36C3FAFC3FB075D87C0DD3572CFDA3 Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/niUr6FHPmgY6CtuAz4gWdWka0MA.roa Signing time: Thu 01 Jan 2026 20:19:05 +0000 ROA not before: Thu 01 Jan 2026 20:19:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213020 IP address blocks: 185.221.27.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.mft rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:c3:fa:fc:3f:b0:75:d8:7c:0d:d3:57:2c:fd:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3 Validity Not Before: Jan 1 20:19:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9e252be851cf9a063a0adb80cf881675691ad0c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:81:1d:c6:b3:b0:e0:87:fb:c7:b1:13:2f:85: 6b:e5:85:13:83:9c:1e:ff:f3:c7:5f:02:b6:d7:c0: 0f:a5:00:c0:1f:a6:ab:8d:4a:40:39:67:62:37:b6: e7:8e:48:ab:99:93:47:96:96:d1:bc:5d:98:cd:94: 07:08:f1:9b:26:2d:bc:8a:6b:10:65:5e:89:85:2a: d8:7e:bf:5d:b6:01:c9:cd:41:7b:bd:f8:c3:84:8c: b5:6b:4a:a6:d4:cd:af:8c:77:85:58:1d:20:13:61: 44:ac:42:5b:05:5b:73:6e:8d:77:76:7e:4e:e4:f5: 7b:80:8a:b6:dd:22:5f:10:6d:39:49:0c:69:5a:95: 9b:c0:4b:00:94:be:60:0d:18:68:6c:be:4c:b9:d9: 98:fe:58:04:ec:45:7e:5c:3e:62:86:79:80:ae:17: 59:60:e8:17:e5:c8:d2:04:e8:7d:6a:d0:05:37:e8: d3:c5:f7:99:0f:ae:29:8b:3f:b6:2f:2d:28:8f:11: c4:54:e9:a9:3c:d2:12:a9:8a:f0:d4:15:97:0b:54: af:4f:f4:e0:bb:f7:28:22:cb:64:c0:ec:87:78:6e: 2c:60:9b:5f:fa:ba:80:e5:48:4e:1b:c9:1f:09:9b: 08:0e:a1:90:bc:d3:72:d7:e2:53:e8:9e:ef:8a:43: 5d:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:25:2B:E8:51:CF:9A:06:3A:0A:DB:80:CF:88:16:75:69:1A:D0:C0 X509v3 Authority Key Identifier: keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/niUr6FHPmgY6CtuAz4gWdWka0MA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.221.27.0/24 Signature Algorithm: sha256WithRSAEncryption 0d:04:9f:cc:97:3d:67:f9:ac:53:f7:ea:7f:e2:57:3c:bd:6b: 01:8a:99:a1:08:89:17:5a:7b:07:ed:72:17:33:17:43:fd:d0: e3:33:30:cd:7e:ac:8e:54:c3:49:9d:d3:a3:1d:ff:4b:0d:ae: e6:ea:12:50:e7:3c:dc:f1:d8:6a:a6:9b:73:56:fd:7f:3c:53: 11:7e:ae:da:5a:5f:ef:19:f8:5d:5b:03:ab:12:03:31:c6:b5: 9b:a1:44:06:ac:20:28:a2:78:a3:d1:94:56:45:34:61:97:20: 0c:68:a5:2e:52:ef:60:17:12:cd:3b:0b:cc:58:88:7d:97:d7: 70:c6:79:8b:ec:d7:1b:ab:3d:86:70:6f:9a:a7:40:8e:4a:cb: 34:5a:03:4f:58:97:92:06:64:b5:9a:1b:00:48:4f:c2:82:c3: bb:2f:e1:d1:de:8f:84:8c:21:e1:6d:dd:83:67:ca:68:dc:47: ce:96:06:d2:e2:3f:bc:35:67:ec:4e:84:f5:2e:46:47:ac:e6: da:cf:74:92:ac:22:97:bf:03:07:7a:73:9d:b3:e0:0e:74:1c: 3b:f5:89:ae:f9:ad:7f:3a:9c:7e:0e:47:82:8c:4a:c6:a4:aa: ea:b9:15:6e:03:61:52:94:c6:7e:52:cf:ea:84:b3:a9:38:57: e5:95:aa:e6 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7NsP6/D+wddh8DdNXLP2jMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz YWE5YjMwHhcNMjYwMTAxMjAxOTA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZTI1MmJlODUxY2Y5YTA2M2EwYWRiODBjZjg4MTY3NTY5MWFkMGMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5YEdxrOw4If7x7ETL4Vr5YUTg5we //PHXwK218APpQDAH6arjUpAOWdiN7bnjkirmZNHlpbRvF2YzZQHCPGbJi28imsQ ZV6JhSrYfr9dtgHJzUF7vfjDhIy1a0qm1M2vjHeFWB0gE2FErEJbBVtzbo13dn5O 5PV7gIq23SJfEG05SQxpWpWbwEsAlL5gDRhobL5MudmY/lgE7EV+XD5ihnmArhdZ YOgX5cjSBOh9atAFN+jTxfeZD64piz+2Ly0ojxHEVOmpPNISqYrw1BWXC1SvT/Tg u/coIstkwOyHeG4sYJtf+rqA5UhOG8kfCZsIDqGQvNNy1+JT6J7vikNdMwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJ4lK+hRz5oGOgrbgM+IFnVpGtDAMB8GA1UdIwQY MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt MGFlMmU5MjJhMjkyLzEvbmlVcjZGSFBtZ1k2Q3R1QXo0Z1dkV2thME1BLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud0bMA0G CSqGSIb3DQEBCwUAA4IBAQANBJ/Mlz1n+axT9+p/4lc8vWsBipmhCIkXWnsH7XIX MxdD/dDjMzDNfqyOVMNJndOjHf9LDa7m6hJQ5zzc8dhqpptzVv1/PFMRfq7aWl/v GfhdWwOrEgMxxrWboUQGrCAoonij0ZRWRTRhlyAMaKUuUu9gFxLNOwvMWIh9l9dw xnmL7Ncbqz2GcG+ap0COSss0WgNPWJeSBmS1mhsASE/CgsO7L+HR3o+EjCHhbd2D Z8po3EfOlgbS4j+8NWfsToT1LkZHrObaz3SSrCKXvwMHenOds+AOdBw79Ymu+a1/ Opx+DkeCjErGpKrquRVuA2FSlMZ+Us/qhLOpOFfllarm -----END CERTIFICATE-----Generated at Sun Jan 25 12:18:12 2026 by rpki-client