This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/NJRcO67OlUn-IGiJT8guZ_TuAV8.roa File: NJRcO67OlUn-IGiJT8guZ_TuAV8.roa (raw, json) Hash identifier: seZ+L6NijADUgFTgnLwHb3u5+uU9gSkf5FEv7ta5fbk= Subject key identifier: 34:94:5C:3B:AE:CE:95:49:FE:20:68:89:4F:C8:2E:67:F4:EE:01:5F Certificate issuer: /CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46 Certificate serial: 019B7D5BCC376CE3335CA4D2EF624497C995 Authority key identifier: 03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/NJRcO67OlUn-IGiJT8guZ_TuAV8.roa Signing time: Fri 02 Jan 2026 06:18:46 +0000 ROA not before: Fri 02 Jan 2026 06:18:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34696 IP address blocks: 185.128.60.0/24 maxlen: 24 185.128.61.0/24 maxlen: 24 185.128.62.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.crl rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.mft rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 21:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5b:cc:37:6c:e3:33:5c:a4:d2:ef:62:44:97:c9:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46 Validity Not Before: Jan 2 06:18:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=34945c3baece9549fe2068894fc82e67f4ee015f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:e1:98:bb:3e:69:b7:da:a6:31:dd:eb:90:1a: 2a:3c:4f:ea:a3:54:25:14:01:bf:43:1e:2f:77:53: 72:53:4c:72:79:44:12:75:6f:1a:31:9a:93:8d:c7: a6:80:15:50:fc:07:93:78:ca:e1:cd:bd:b5:f7:5f: aa:26:06:ee:a0:a4:3e:a7:21:27:28:a6:59:15:48: 07:8a:7f:d0:c2:49:55:ba:2e:9e:af:fe:07:5a:87: 8e:7d:10:8b:bc:47:9e:1a:78:eb:bf:39:06:5b:9b: 91:6e:67:dd:d8:1b:62:f7:ea:14:1f:2b:39:4b:28: ef:e9:83:cd:0b:1d:06:c0:c2:ac:c4:04:42:bf:f1: e7:96:38:1b:91:93:5c:07:06:d5:d2:a0:3d:99:d0: de:b6:cb:c5:78:df:f6:a0:0e:b8:7d:b8:bc:1e:a2: c8:2e:2b:70:fd:1f:a4:12:b8:bf:02:74:6d:ad:f1: 95:b0:09:63:7b:a4:38:b8:aa:c0:41:7f:45:eb:9a: 33:7f:1b:e8:a1:bc:69:70:7d:2e:ce:65:7c:c3:a2: c2:5f:cb:95:d5:d2:db:f6:b3:36:03:48:3b:05:19: 9b:64:1d:d4:81:fa:34:48:78:a2:a1:a0:f3:7c:d4: 2a:28:19:41:68:59:5e:20:ef:87:29:de:02:0d:0d: 5b:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:94:5C:3B:AE:CE:95:49:FE:20:68:89:4F:C8:2E:67:F4:EE:01:5F X509v3 Authority Key Identifier: keyid:03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/NJRcO67OlUn-IGiJT8guZ_TuAV8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.128.60.0-185.128.62.255 Signature Algorithm: sha256WithRSAEncryption 40:2b:39:f9:ca:ff:90:9d:52:3b:ca:6c:4e:18:75:b0:ca:00: 78:6a:00:c9:9f:af:6d:41:2b:fa:7f:89:ca:bf:24:ea:b1:cc: 72:d5:b7:43:12:25:c5:87:8c:2b:4c:7a:67:5b:b8:b1:4f:22: cf:9d:f7:25:3e:35:aa:cf:b9:8f:b8:34:b0:d1:7f:de:57:2b: e3:7a:1c:a4:31:3c:5e:04:62:56:ef:e9:46:eb:79:d2:f7:f0: b7:81:90:1d:c5:48:da:2d:af:ee:5c:9f:8a:30:f1:a8:f8:5b: 17:5a:46:88:fc:c0:33:3b:61:85:89:67:2f:16:d2:a2:12:7e: 1a:16:2a:ad:42:41:fb:2a:b5:10:3a:37:32:a6:bb:6e:89:7c: 63:96:38:36:90:9d:36:ae:37:65:03:25:ae:8a:24:1b:46:1f: b7:69:21:d1:56:a9:b7:49:77:42:f7:b8:14:d0:a9:79:51:16: 06:5d:55:64:44:a2:6e:59:11:90:0e:77:36:9c:12:57:21:05: 8e:19:f5:d2:67:f6:1a:1a:cd:45:ae:d4:8f:15:94:8e:a0:8a: 46:45:b4:4b:49:f0:c7:20:cf:21:bf:8a:0b:5d:f8:24:86:ea: 9d:e7:9f:2a:80:f5:7d:2e:7a:f3:98:e6:d3:a5:e1:82:c5:c6: 77:d6:d7:9f -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt9W8w3bOMzXKTS72JEl8mVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAzY2JkYjA1OTVmYzQ4OTAyOTM4YTc4ZjQyYzFlYWYwYTE1 OWJmNDYwHhcNMjYwMTAyMDYxODQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNDk0NWMzYmFlY2U5NTQ5ZmUyMDY4ODk0ZmM4MmU2N2Y0ZWUwMTVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6OGYuz5pt9qmMd3rkBoqPE/qo1Ql FAG/Qx4vd1NyU0xyeUQSdW8aMZqTjcemgBVQ/AeTeMrhzb2191+qJgbuoKQ+pyEn KKZZFUgHin/QwklVui6er/4HWoeOfRCLvEeeGnjrvzkGW5uRbmfd2Bti9+oUHys5 Syjv6YPNCx0GwMKsxARCv/HnljgbkZNcBwbV0qA9mdDetsvFeN/2oA64fbi8HqLI Litw/R+kEri/AnRtrfGVsAlje6Q4uKrAQX9F65ozfxvoobxpcH0uzmV8w6LCX8uV 1dLb9rM2A0g7BRmbZB3Ugfo0SHiioaDzfNQqKBlBaFleIO+HKd4CDQ1b+wIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFDSUXDuuzpVJ/iBoiU/ILmf07gFfMB8GA1UdIwQY MBaAFAPL2wWV/EiQKTinj0LB6vChWb9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYt ZjY2MTM4MDY2MzU4LzEvTkpSY082N09sVW4tSUdpSlQ4Z3VaX1R1QVY4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYtZjY2MTM4MDY2MzU4 LzEvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK5gDwD BAC5gD4wDQYJKoZIhvcNAQELBQADggEBAEArOfnK/5CdUjvKbE4YdbDKAHhqAMmf r21BK/p/icq/JOqxzHLVt0MSJcWHjCtMemdbuLFPIs+d9yU+NarPuY+4NLDRf95X K+N6HKQxPF4EYlbv6UbredL38LeBkB3FSNotr+5cn4ow8aj4WxdaRoj8wDM7YYWJ Zy8W0qISfhoWKq1CQfsqtRA6NzKmu26JfGOWODaQnTauN2UDJa6KJBtGH7dpIdFW qbdJd0L3uBTQqXlRFgZdVWREom5ZEZAOdzacElchBY4Z9dJn9hoazUWu1I8VlI6g ikZFtEtJ8McgzyG/igtd+CSG6p3nnyqA9X0uevOY5tOl4YLFxnfW158= -----END CERTIFICATE-----Generated at Mon Jan 26 07:09:53 2026 by rpki-client