This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/nPz-o0NMmg3ZMjn3lPMLPMpeS14.roa File: nPz-o0NMmg3ZMjn3lPMLPMpeS14.roa (raw, json) Hash identifier: +nCIzLIahMHCgAiHoBvORWwAy+FTcigMvBYOrLAV22U= Subject key identifier: 9C:FC:FE:A3:43:4C:9A:0D:D9:32:39:F7:94:F3:0B:3C:CA:5E:4B:5E Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c Certificate serial: 019B7E38DBAA33E54F5D3F7322789BB20203 Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/nPz-o0NMmg3ZMjn3lPMLPMpeS14.roa Signing time: Fri 02 Jan 2026 10:20:14 +0000 ROA not before: Fri 02 Jan 2026 10:20:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 397227 IP address blocks: 37.209.192.0/24 maxlen: 24 37.209.194.0/24 maxlen: 24 37.209.196.0/24 maxlen: 24 37.209.198.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:db:aa:33:e5:4f:5d:3f:73:22:78:9b:b2:02:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c Validity Not Before: Jan 2 10:20:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9cfcfea3434c9a0dd93239f794f30b3cca5e4b5e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:d1:83:b9:34:50:25:0a:27:aa:47:4b:a0:ce: a2:99:ea:b0:49:1e:91:e5:aa:6b:e7:fe:12:24:65: ee:bf:a4:94:9f:5b:06:17:98:16:b8:05:ef:d2:bd: d3:90:6d:f1:98:ae:c7:70:73:47:5e:55:61:0a:4f: 63:e1:4a:67:58:ec:53:7c:46:c5:7c:60:12:92:ba: 78:5b:ce:5a:cd:ed:7a:fa:4c:0c:3f:24:46:76:d7: e8:59:b8:6c:c4:08:90:7e:3f:04:ad:a6:ca:5d:07: ed:2b:c4:ca:8a:10:15:70:24:86:c5:64:c5:e1:12: 29:db:a9:31:d7:1a:95:ce:04:0e:4b:af:4e:f9:23: 4e:42:03:0e:b1:cc:82:f6:86:dc:d5:ff:ab:0a:8f: 99:f2:fc:b8:f3:f0:64:f8:74:51:3c:3f:19:0a:2d: 96:f6:43:01:17:35:dd:cf:34:47:e0:5b:c7:2b:c0: 60:b6:d9:5c:bf:16:2b:64:cc:ce:1f:84:ba:e3:84: 10:e5:b2:09:ce:af:03:79:a0:b9:23:ac:83:e1:44: fd:64:b6:c0:ea:78:7b:c8:05:31:f1:7a:f9:84:01: 40:92:fb:a2:9d:30:a4:d8:fc:33:c6:fd:b0:8e:24: e8:fc:d4:21:44:64:38:1c:34:b8:9c:bb:93:f1:b8: af:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:FC:FE:A3:43:4C:9A:0D:D9:32:39:F7:94:F3:0B:3C:CA:5E:4B:5E X509v3 Authority Key Identifier: keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/nPz-o0NMmg3ZMjn3lPMLPMpeS14.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.209.192.0/24 37.209.194.0/24 37.209.196.0/24 37.209.198.0/24 Signature Algorithm: sha256WithRSAEncryption 6d:b3:21:24:11:d9:6c:05:a0:18:e9:05:28:e9:6c:81:12:64: 6c:e8:be:6b:47:54:5f:c5:53:17:6f:88:cf:4e:f8:74:81:1b: a0:93:0b:f3:69:bf:30:95:78:55:12:29:0f:ef:de:29:e7:d4: 56:94:cf:71:bb:e6:e7:ec:e4:db:1d:d6:b4:02:83:f1:d3:ab: b7:07:64:37:cc:7d:23:18:02:a4:e6:e6:50:a2:7b:ae:a3:20: a2:9c:2d:be:e7:07:04:77:0e:a8:77:f7:63:0c:4f:dc:ab:59: 72:b0:07:fe:02:e9:9c:cd:b8:c5:3a:31:1f:82:d1:1f:b7:bc: a8:0c:d0:35:22:cc:6e:db:dd:44:03:8d:7c:20:dd:d7:69:65: b6:78:af:42:ac:b2:60:09:7b:bf:88:6a:27:41:d0:c1:80:0e: 60:39:29:3b:24:35:99:d7:ea:07:e4:20:98:68:e3:ce:b4:e6: fd:01:6f:07:4f:12:0a:3a:b7:33:1c:85:95:94:fa:57:4b:94: de:21:0c:91:78:f8:0d:66:bb:a0:b9:8e:10:d3:de:2e:59:c0: 06:cf:93:e9:cf:d5:72:a7:f3:b4:f1:2a:cc:7a:b7:b1:dc:df: e7:3f:45:c1:b0:b2:ec:35:18:88:5b:94:b3:df:95:26:6c:82: e3:03:17:1d -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt+ONuqM+VPXT9zInibsgIDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj OGJmMmMwHhcNMjYwMTAyMTAyMDE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5Y2ZjZmVhMzQzNGM5YTBkZDkzMjM5Zjc5NGYzMGIzY2NhNWU0YjVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9NGDuTRQJQonqkdLoM6imeqwSR6R 5apr5/4SJGXuv6SUn1sGF5gWuAXv0r3TkG3xmK7HcHNHXlVhCk9j4UpnWOxTfEbF fGASkrp4W85aze16+kwMPyRGdtfoWbhsxAiQfj8ErabKXQftK8TKihAVcCSGxWTF 4RIp26kx1xqVzgQOS69O+SNOQgMOscyC9obc1f+rCo+Z8vy48/Bk+HRRPD8ZCi2W 9kMBFzXdzzRH4FvHK8BgttlcvxYrZMzOH4S644QQ5bIJzq8DeaC5I6yD4UT9ZLbA 6nh7yAUx8Xr5hAFAkvuinTCk2Pwzxv2wjiTo/NQhRGQ4HDS4nLuT8bivAwIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFJz8/qNDTJoN2TI595TzCzzKXkteMB8GA1UdIwQY MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt NDE2Zjg1ZWUyMzdiLzEvblB6LW8wTk1tZzNaTWpuM2xQTUxQTXBlUzE0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQBtsyEkEdlsBaAY6QUo 6WyBEmRs6L5rR1RfxVMXb4jPTvh0gRugkwvzab8wlXhVEikP794p59RWlM9xu+bn 7OTbHda0AoPx06u3B2Q3zH0jGAKk5uZQonuuoyCinC2+5wcEdw6od/djDE/cq1ly sAf+AumczbjFOjEfgtEft7yoDNA1Isxu291EA418IN3XaWW2eK9CrLJgCXu/iGon QdDBgA5gOSk7JDWZ1+oH5CCYaOPOtOb9AW8HTxIKOrczHIWVlPpXS5TeIQyRePgN ZruguY4Q094uWcAGz5Ppz9Vyp/O08SrMerex3N/nP0XBsLLsNRiIW5Sz35UmbILj Axcd -----END CERTIFICATE-----Generated at Sun Jan 25 10:37:34 2026 by rpki-client