This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/nkzcn1sgGDpbfyqNM00anSE1XXM.roa File: nkzcn1sgGDpbfyqNM00anSE1XXM.roa (raw, json) Hash identifier: /+3MitTOfIJS1gt2shgI9n07vci+NIdPgsMA89TtpO0= Subject key identifier: 9E:4C:DC:9F:5B:20:18:3A:5B:7F:2A:8D:33:4D:1A:9D:21:35:5D:73 Certificate issuer: /CN=f82554a856a422b061ae64c577630f91d408cd4a Certificate serial: 019B7F15102D4C43B5B22286FC34E0F3C4EC Authority key identifier: F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/nkzcn1sgGDpbfyqNM00anSE1XXM.roa Signing time: Fri 02 Jan 2026 14:20:45 +0000 ROA not before: Fri 02 Jan 2026 14:20:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198978 IP address blocks: 89.234.130.0/24 maxlen: 24 89.234.131.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.mft rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 20:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:10:2d:4c:43:b5:b2:22:86:fc:34:e0:f3:c4:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f82554a856a422b061ae64c577630f91d408cd4a Validity Not Before: Jan 2 14:20:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9e4cdc9f5b20183a5b7f2a8d334d1a9d21355d73 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:a9:e6:0a:b6:44:8d:9a:5c:fa:0d:d3:8d:cf: d7:18:58:18:1a:26:d4:78:3a:2b:d7:cb:1f:da:c1: 23:df:2d:fc:12:0e:87:34:50:4d:8f:58:e1:8e:2b: 36:58:b4:de:fe:0e:70:9a:5a:a8:16:76:ec:5c:93: 27:fd:b7:5b:81:6e:a3:b6:c7:15:83:49:eb:3b:90: 6d:50:dd:f9:75:3c:db:99:1a:f0:97:91:39:16:ba: 9e:21:23:6c:59:a8:0d:44:75:1f:8e:db:c2:09:b5: a7:18:78:af:25:31:16:3d:cb:7e:f7:15:d6:b0:85: 36:09:69:e9:f7:45:25:65:89:b5:75:c4:db:5e:00: 75:29:9b:63:df:3d:5f:2f:dc:f8:92:b8:ea:fe:17: 76:9a:fc:7e:dc:3d:6e:64:3e:c8:1c:24:e9:9f:4b: 3d:05:65:72:1e:28:e1:b8:78:a9:1b:ea:08:48:38: 50:ea:24:69:c9:53:6d:1c:b6:ed:99:6c:7e:c1:3f: c4:db:55:5a:0d:af:7d:98:3f:a8:c9:b2:b9:1e:59: 0f:bf:d9:d0:64:32:3f:1b:8d:d7:4e:25:91:9f:b6: cd:12:a2:94:52:1c:e8:a4:5a:e3:d7:fc:e6:7d:30: dc:74:ce:96:a9:0f:d2:24:bc:3a:00:a9:af:d6:b3: 59:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:4C:DC:9F:5B:20:18:3A:5B:7F:2A:8D:33:4D:1A:9D:21:35:5D:73 X509v3 Authority Key Identifier: keyid:F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/nkzcn1sgGDpbfyqNM00anSE1XXM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.234.130.0/23 Signature Algorithm: sha256WithRSAEncryption 61:ff:16:e3:69:d6:0c:3e:12:1a:b7:c7:b7:60:da:cc:05:de: 96:91:8f:12:0d:ea:1e:23:41:d3:bd:37:bb:55:39:2e:3f:a8: 4c:0c:41:37:29:81:fa:28:41:80:a0:9d:86:f3:f4:8d:28:f5: 23:ab:ce:71:93:4d:5f:fe:31:99:ec:c2:d5:92:47:47:4b:c7: 14:87:b7:50:c6:18:f6:ea:a6:05:17:bb:5c:7d:81:93:1b:53: 03:85:fc:c4:fa:2e:74:fe:bd:c1:82:d2:fa:e8:98:c1:d5:52: f8:1e:26:ef:19:e4:e4:be:48:ec:62:79:a9:ed:09:95:36:c4: 32:a3:b4:68:54:5d:54:05:15:94:55:03:f0:97:fb:b2:27:8f: 20:62:94:78:87:d5:96:02:13:c8:5b:6b:8c:9a:c4:61:e2:b7: 7a:fd:bc:0e:ab:a2:ec:03:12:95:6f:7f:82:40:66:ba:31:10: d3:70:93:25:ee:e0:e7:aa:57:09:30:dc:a7:b1:59:38:ff:20: 13:64:c8:f9:ca:8e:49:f2:dc:f7:5d:90:9a:19:25:4a:57:1b: 4d:12:53:3f:01:14:3d:19:b5:1f:e3:b2:31:a5:a4:72:75:25: 07:12:6c:c9:97:38:5e:ac:da:83:e8:9e:b8:1a:87:4e:b6:82: 01:5e:97:4c -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt/FRAtTEO1siKG/DTg88TsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY4MjU1NGE4NTZhNDIyYjA2MWFlNjRjNTc3NjMwZjkxZDQw OGNkNGEwHhcNMjYwMTAyMTQyMDQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZTRjZGM5ZjViMjAxODNhNWI3ZjJhOGQzMzRkMWE5ZDIxMzU1ZDczMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2anmCrZEjZpc+g3Tjc/XGFgYGibU eDor18sf2sEj3y38Eg6HNFBNj1jhjis2WLTe/g5wmlqoFnbsXJMn/bdbgW6jtscV g0nrO5BtUN35dTzbmRrwl5E5FrqeISNsWagNRHUfjtvCCbWnGHivJTEWPct+9xXW sIU2CWnp90UlZYm1dcTbXgB1KZtj3z1fL9z4krjq/hd2mvx+3D1uZD7IHCTpn0s9 BWVyHijhuHipG+oISDhQ6iRpyVNtHLbtmWx+wT/E21VaDa99mD+oybK5HlkPv9nQ ZDI/G43XTiWRn7bNEqKUUhzopFrj1/zmfTDcdM6WqQ/SJLw6AKmv1rNZzQIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFJ5M3J9bIBg6W38qjTNNGp0hNV1zMB8GA1UdIwQY MBaAFPglVKhWpCKwYa5kxXdjD5HUCM1KMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS1DVlVxRmFrSXJCaHJtVEZkMk1Qa2RRSXpVby5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNm LTk2NWQ2ZDYwM2JmYS8xL25remNuMXNnR0RwYmZ5cU5NMDBhblNFMVhYTS5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNmLTk2NWQ2ZDYwM2Jm YS8xLzEtQ1ZVcUZha0lyQmhybVRGZDJNUGtkUUl6VW8uY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFZ6oIw DQYJKoZIhvcNAQELBQADggEBAGH/FuNp1gw+Ehq3x7dg2swF3paRjxIN6h4jQdO9 N7tVOS4/qEwMQTcpgfooQYCgnYbz9I0o9SOrznGTTV/+MZnswtWSR0dLxxSHt1DG GPbqpgUXu1x9gZMbUwOF/MT6LnT+vcGC0vromMHVUvgeJu8Z5OS+SOxieantCZU2 xDKjtGhUXVQFFZRVA/CX+7InjyBilHiH1ZYCE8hba4yaxGHit3r9vA6rouwDEpVv f4JAZroxENNwkyXu4OeqVwkw3KexWTj/IBNkyPnKjkny3PddkJoZJUpXG00SUz8B FD0ZtR/jsjGlpHJ1JQcSbMmXOF6s2oPonrgah062ggFel0w= -----END CERTIFICATE-----Generated at Mon Jan 26 04:38:48 2026 by rpki-client