This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/Nf1GLWHH5S4xnQq4dEe73SmQVsE.roa File: Nf1GLWHH5S4xnQq4dEe73SmQVsE.roa (raw, json) Hash identifier: QPJuLoZDzY8eonJVvSRYMDnynsieOzZqr/yxLPKKOzw= Subject key identifier: 35:FD:46:2D:61:C7:E5:2E:31:9D:0A:B8:74:47:BB:DD:29:90:56:C1 Certificate issuer: /CN=568ae803b9ba38855401827b3eece14505a9c0f6 Certificate serial: 019B7A5ADB3673F04B1730EFC506573596DE Authority key identifier: 56:8A:E8:03:B9:BA:38:85:54:01:82:7B:3E:EC:E1:45:05:A9:C0:F6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VoroA7m6OIVUAYJ7PuzhRQWpwPY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/Nf1GLWHH5S4xnQq4dEe73SmQVsE.roa Signing time: Thu 01 Jan 2026 16:18:53 +0000 ROA not before: Thu 01 Jan 2026 16:18:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198150 IP address blocks: 2a00:1c28:6::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/VoroA7m6OIVUAYJ7PuzhRQWpwPY.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/VoroA7m6OIVUAYJ7PuzhRQWpwPY.mft rsync://rpki.ripe.net/repository/DEFAULT/VoroA7m6OIVUAYJ7PuzhRQWpwPY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:db:36:73:f0:4b:17:30:ef:c5:06:57:35:96:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=568ae803b9ba38855401827b3eece14505a9c0f6 Validity Not Before: Jan 1 16:18:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=35fd462d61c7e52e319d0ab87447bbdd299056c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:cc:16:88:15:fd:5d:d4:fd:97:0a:ec:05:db: 90:54:c9:ab:04:44:59:f1:bd:2c:d9:75:1b:cc:ad: e4:77:a8:75:c4:9f:67:4a:68:0c:4a:6d:72:d7:de: d4:64:80:b9:5f:84:03:9a:f5:e8:6e:98:67:11:c5: d8:11:4e:ac:87:54:8c:d9:ce:e1:04:d3:67:95:19: 76:1c:05:35:39:03:26:49:f5:64:1a:cf:25:e6:a8: 11:5b:97:d4:75:dd:82:ea:7e:ca:c6:01:3c:67:d3: fd:8e:c5:96:6f:3a:81:d0:06:b1:af:47:5f:a7:e7: 2c:89:ce:17:8d:5d:10:b4:58:4a:33:94:e4:8c:cf: 46:50:7d:48:4f:3c:88:9a:ee:26:9c:fc:56:a3:cd: 4a:3a:b3:1a:99:8b:52:c3:95:93:da:91:aa:bb:1c: c4:04:7e:0e:a9:9f:50:2f:1c:20:5d:99:2e:c9:47: ba:8a:26:df:8a:73:e8:35:6f:d6:ba:8c:65:92:68: 9f:b4:6f:e3:9e:bf:fc:14:0c:1a:17:57:82:b9:ae: 1b:62:23:18:90:07:f8:37:94:c9:fd:f8:22:83:f9: 1d:08:cc:d0:b9:c7:a0:e4:a2:a0:2b:7f:5f:86:52: 95:bd:20:e3:a4:d6:32:f3:8f:0c:1c:9f:5c:ac:91: 19:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:FD:46:2D:61:C7:E5:2E:31:9D:0A:B8:74:47:BB:DD:29:90:56:C1 X509v3 Authority Key Identifier: keyid:56:8A:E8:03:B9:BA:38:85:54:01:82:7B:3E:EC:E1:45:05:A9:C0:F6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VoroA7m6OIVUAYJ7PuzhRQWpwPY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/Nf1GLWHH5S4xnQq4dEe73SmQVsE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/VoroA7m6OIVUAYJ7PuzhRQWpwPY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a00:1c28:6::/48 Signature Algorithm: sha256WithRSAEncryption 52:20:d9:54:fb:2a:e1:9e:c7:74:f0:5c:ed:f7:f3:c9:75:01: 95:7b:1c:f5:7f:54:81:1c:f1:65:63:5c:30:b7:f9:7f:17:8f: 03:70:ab:a7:ad:f6:92:ab:94:a2:25:a9:1b:6b:b0:55:ab:bc: 2f:d1:ac:1e:11:8f:6f:1b:30:07:cf:6d:3f:b9:6a:2d:54:3a: 37:a2:39:b3:25:50:ec:3f:1d:2c:ca:de:a2:d7:d8:63:60:52: 40:4d:78:8a:d1:d6:25:59:a7:c2:4a:e9:f8:35:a2:0d:0b:8c: 77:dc:01:ae:8f:27:cc:1f:62:ef:4e:40:05:4a:bb:48:81:fb: f2:2f:d3:3d:92:0b:b6:4e:48:51:46:c7:7e:6d:c4:34:c8:be: 89:d1:0a:68:08:09:83:ff:9e:c7:a4:5b:c0:03:93:2f:03:60: 4c:d3:d7:ba:01:a2:27:c5:8a:b6:2c:20:ca:c3:de:82:3b:fe: c6:af:79:a4:92:81:fc:99:64:e2:bc:23:24:6e:36:fd:13:45: bc:a4:bd:4c:79:0e:61:f7:97:0c:f7:d9:7c:5e:7a:ac:36:5d: 0f:a7:f3:2c:79:60:c5:c6:be:c5:36:99:0f:15:f2:0c:fa:84: db:7c:6b:16:83:e8:87:bf:81:5f:0f:ef:ae:07:95:2a:f2:dc: 96:9d:72:5b -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt6Wts2c/BLFzDvxQZXNZbeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU2OGFlODAzYjliYTM4ODU1NDAxODI3YjNlZWNlMTQ1MDVh OWMwZjYwHhcNMjYwMTAxMTYxODUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNWZkNDYyZDYxYzdlNTJlMzE5ZDBhYjg3NDQ3YmJkZDI5OTA1NmMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMwWiBX9XdT9lwrsBduQVMmrBERZ 8b0s2XUbzK3kd6h1xJ9nSmgMSm1y197UZIC5X4QDmvXobphnEcXYEU6sh1SM2c7h BNNnlRl2HAU1OQMmSfVkGs8l5qgRW5fUdd2C6n7KxgE8Z9P9jsWWbzqB0Aaxr0df p+csic4XjV0QtFhKM5TkjM9GUH1ITzyImu4mnPxWo81KOrMamYtSw5WT2pGquxzE BH4OqZ9QLxwgXZkuyUe6iibfinPoNW/WuoxlkmiftG/jnr/8FAwaF1eCua4bYiMY kAf4N5TJ/fgig/kdCMzQuceg5KKgK39fhlKVvSDjpNYy848MHJ9crJEZfQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFDX9Ri1hx+UuMZ0KuHRHu90pkFbBMB8GA1UdIwQY MBaAFFaK6AO5ujiFVAGCez7s4UUFqcD2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVm9yb0E3bTZPSVZVQVlKN1B1emhSUVdwd1BZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8yNzhkNWYtOWVlNi00NDc3LTlmZTAt OGVhZThiNzVlOWNhLzEvTmYxR0xXSEg1UzR4blFxNGRFZTczU21RVnNFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS8yNzhkNWYtOWVlNi00NDc3LTlmZTAtOGVhZThiNzVlOWNh LzEvVm9yb0E3bTZPSVZVQVlKN1B1emhSUVdwd1BZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgAcKAAG MA0GCSqGSIb3DQEBCwUAA4IBAQBSINlU+yrhnsd08Fzt9/PJdQGVexz1f1SBHPFl Y1wwt/l/F48DcKunrfaSq5SiJakba7BVq7wv0aweEY9vGzAHz20/uWotVDo3ojmz JVDsPx0syt6i19hjYFJATXiK0dYlWafCSun4NaINC4x33AGujyfMH2LvTkAFSrtI gfvyL9M9kgu2TkhRRsd+bcQ0yL6J0QpoCAmD/57HpFvAA5MvA2BM09e6AaInxYq2 LCDKw96CO/7Gr3mkkoH8mWTivCMkbjb9E0W8pL1MeQ5h95cM99l8XnqsNl0Pp/Ms eWDFxr7FNpkPFfIM+oTbfGsWg+iHv4FfD++uB5Uq8tyWnXJb -----END CERTIFICATE-----Generated at Sun Jan 25 17:33:39 2026 by rpki-client