This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/NjoBWFZasR4u5kKYBTzr17mcUXo.roa File: NjoBWFZasR4u5kKYBTzr17mcUXo.roa (raw, json) Hash identifier: 5hFL56Dz1c0tBp4+xkoRBXQC3H4xXKPV9W/AB2fy/u0= Subject key identifier: 36:3A:01:58:56:5A:B1:1E:2E:E6:42:98:05:3C:EB:D7:B9:9C:51:7A Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2 Certificate serial: 019B7DCB23A511A9F8AB61DD9D3960CE9EA9 Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/NjoBWFZasR4u5kKYBTzr17mcUXo.roa Signing time: Fri 02 Jan 2026 08:20:23 +0000 ROA not before: Fri 02 Jan 2026 08:20:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62904 IP address blocks: 2a0b:7140:8::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.mft rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 05:01:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:23:a5:11:a9:f8:ab:61:dd:9d:39:60:ce:9e:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2 Validity Not Before: Jan 2 08:20:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=363a0158565ab11e2ee64298053cebd7b99c517a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:81:de:9d:0e:8e:1a:3c:0e:52:0c:16:8a:5f: c0:68:3a:bc:d0:af:ec:76:92:f5:bc:32:b6:9a:a4: 75:34:59:e4:15:b8:bb:5e:1a:f6:c4:c7:45:4b:c6: f5:2f:b0:8a:e5:67:c4:55:74:62:f5:56:1c:11:1c: 9e:7d:ec:0e:1f:e3:a4:a8:eb:40:63:cc:66:6b:08: 26:de:74:0f:19:3e:98:53:f6:d1:1b:a2:6a:7d:e4: 4b:0b:b5:d4:a2:b3:8b:be:1a:f6:6b:d2:8d:d5:19: 19:93:87:89:0e:cd:35:46:70:de:60:6a:80:3d:a2: 7b:44:e3:02:c9:22:32:24:25:77:09:cc:ac:e7:fc: f6:e6:6b:18:c5:12:6e:d8:a6:b4:19:36:98:24:30: 30:2d:5b:a9:2f:5e:80:44:00:96:8f:2b:ac:b9:06: 73:9b:42:f8:e9:04:09:e4:53:f9:cc:dc:3f:69:a0: 88:3a:b4:2c:da:bc:03:60:6f:2a:4d:91:35:d0:34: 39:29:ec:ff:43:51:1d:07:5f:2c:2f:60:d1:e5:af: 20:95:f0:6f:50:53:1c:19:9c:50:44:5f:64:54:b1: f1:87:3c:e0:ab:1c:c3:c5:c5:47:12:a1:1d:9d:99: 07:a1:7e:8c:78:6e:17:ae:fd:79:5b:d0:30:4a:bc: 34:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:3A:01:58:56:5A:B1:1E:2E:E6:42:98:05:3C:EB:D7:B9:9C:51:7A X509v3 Authority Key Identifier: keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/NjoBWFZasR4u5kKYBTzr17mcUXo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0b:7140:8::/48 Signature Algorithm: sha256WithRSAEncryption 91:34:39:32:d7:a7:86:af:58:2c:47:97:9d:67:1f:66:32:c4: cd:2e:55:ac:d2:c1:4e:a9:82:e1:45:ed:bc:3b:66:90:0d:15: 0c:5e:b3:5f:9e:45:03:f2:f1:8c:62:59:d6:61:8f:9c:64:9d: 73:e9:e3:d0:6c:20:64:4f:5f:22:f9:ad:bb:72:fc:13:90:de: db:bb:d5:6f:d5:63:1f:79:7b:6e:1a:86:81:47:2c:1c:ce:8b: d3:ca:37:b9:eb:5e:3c:0c:b2:a5:ff:35:b5:c4:14:83:b7:2a: 02:ac:97:ad:5e:b5:21:03:56:e5:ba:bf:f4:b6:0f:f5:67:47: 0b:56:16:50:b1:ed:44:92:13:91:a3:0f:e0:e5:d1:06:bc:9b: e3:a6:d9:2c:51:9a:38:95:7b:82:b7:c9:69:6c:9c:3f:1f:b2: f7:fc:3d:a6:80:42:ad:5c:ad:fc:89:8f:51:d7:06:33:c8:e8: c7:f1:c6:fc:94:71:82:5b:1f:b8:06:d5:13:66:c6:07:2c:e2: 8b:fe:b2:86:b8:4a:b9:41:94:5a:2a:1c:cf:e7:39:c5:a1:88: 47:57:7e:4d:35:ed:de:e4:a8:97:84:68:ab:d7:59:25:03:db: 00:64:0e:dc:c7:cc:e4:c9:9e:2b:7d:c8:3f:da:6d:16:b8:ec: 37:8b:62:63 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt9yyOlEan4q2HdnTlgzp6pMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy MWZjZjIwHhcNMjYwMTAyMDgyMDIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNjNhMDE1ODU2NWFiMTFlMmVlNjQyOTgwNTNjZWJkN2I5OWM1MTdhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4HenQ6OGjwOUgwWil/AaDq80K/s dpL1vDK2mqR1NFnkFbi7Xhr2xMdFS8b1L7CK5WfEVXRi9VYcERyefewOH+OkqOtA Y8xmawgm3nQPGT6YU/bRG6JqfeRLC7XUorOLvhr2a9KN1RkZk4eJDs01RnDeYGqA PaJ7ROMCySIyJCV3Ccys5/z25msYxRJu2Ka0GTaYJDAwLVupL16ARACWjyusuQZz m0L46QQJ5FP5zNw/aaCIOrQs2rwDYG8qTZE10DQ5Kez/Q1EdB18sL2DR5a8glfBv UFMcGZxQRF9kVLHxhzzgqxzDxcVHEqEdnZkHoX6MeG4Xrv15W9AwSrw0SwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFDY6AVhWWrEeLuZCmAU869e5nFF6MB8GA1UdIwQY MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt Mzk1NTk1OWVhZjgxLzEvTmpvQldGWmFzUjR1NWtLWUJUenIxN21jVVhvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgtxQAAI MA0GCSqGSIb3DQEBCwUAA4IBAQCRNDky16eGr1gsR5edZx9mMsTNLlWs0sFOqYLh Re28O2aQDRUMXrNfnkUD8vGMYlnWYY+cZJ1z6ePQbCBkT18i+a27cvwTkN7bu9Vv 1WMfeXtuGoaBRywczovTyje56148DLKl/zW1xBSDtyoCrJetXrUhA1blur/0tg/1 Z0cLVhZQse1EkhORow/g5dEGvJvjptksUZo4lXuCt8lpbJw/H7L3/D2mgEKtXK38 iY9R1wYzyOjH8cb8lHGCWx+4BtUTZsYHLOKL/rKGuEq5QZRaKhzP5znFoYhHV35N Ne3e5KiXhGir11klA9sAZA7cx8zkyZ4rfcg/2m0WuOw3i2Jj -----END CERTIFICATE-----Generated at Sun Jan 25 16:15:23 2026 by rpki-client