This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/a1fdd6-730e-4af0-8a56-460273f16ddd/1/NYfYWYZMa_439o1QRYF0WdRM5MM.roa File: NYfYWYZMa_439o1QRYF0WdRM5MM.roa (raw, json) Hash identifier: 8UO+Z6kVQhD/teXdacx0W8x4zMZ5SdEkPaLtrfrmHy8= Subject key identifier: 35:87:D8:59:86:4C:6B:FE:37:F6:8D:50:45:81:74:59:D4:4C:E4:C3 Certificate issuer: /CN=1b31e73e6d3fc745f127a7ed990aa41214905e61 Certificate serial: 019B7C128DA96FCA21258D5943EC42C05310 Authority key identifier: 1B:31:E7:3E:6D:3F:C7:45:F1:27:A7:ED:99:0A:A4:12:14:90:5E:61 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GzHnPm0_x0XxJ6ftmQqkEhSQXmE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/a1fdd6-730e-4af0-8a56-460273f16ddd/1/NYfYWYZMa_439o1QRYF0WdRM5MM.roa Signing time: Fri 02 Jan 2026 00:19:09 +0000 ROA not before: Fri 02 Jan 2026 00:19:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21230 IP address blocks: 84.43.128.0/19 maxlen: 19 84.43.160.0/19 maxlen: 19 84.43.192.0/21 maxlen: 21 84.43.200.0/21 maxlen: 21 84.43.208.0/21 maxlen: 21 84.43.216.0/21 maxlen: 21 84.43.224.0/21 maxlen: 21 84.43.232.0/21 maxlen: 21 84.43.240.0/20 maxlen: 20 185.221.32.0/22 maxlen: 22 193.110.216.0/21 maxlen: 21 2a00:82a0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/a1fdd6-730e-4af0-8a56-460273f16ddd/1/GzHnPm0_x0XxJ6ftmQqkEhSQXmE.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/a1fdd6-730e-4af0-8a56-460273f16ddd/1/GzHnPm0_x0XxJ6ftmQqkEhSQXmE.mft rsync://rpki.ripe.net/repository/DEFAULT/GzHnPm0_x0XxJ6ftmQqkEhSQXmE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:8d:a9:6f:ca:21:25:8d:59:43:ec:42:c0:53:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1b31e73e6d3fc745f127a7ed990aa41214905e61 Validity Not Before: Jan 2 00:19:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3587d859864c6bfe37f68d5045817459d44ce4c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:4a:78:d2:d5:6b:9d:ad:8e:91:67:4f:e6:30: be:8f:62:6c:c9:49:88:c4:31:9f:65:db:ec:36:c8: 04:31:8c:cc:83:a8:2d:06:40:aa:8c:57:de:c9:ac: 12:3e:85:d6:c2:3c:39:2d:86:da:17:66:1c:1d:fd: b2:94:74:5e:5f:94:df:17:46:21:8f:0f:85:47:ab: ae:15:d7:86:08:e5:58:a5:64:b2:b2:34:ba:d7:b6: 5f:f4:11:ea:32:20:cb:d7:75:b3:40:7f:49:47:b8: c7:2e:b2:b4:72:d5:04:e2:5f:d7:74:15:9d:99:21: 46:8c:fb:4e:0a:a8:7e:48:cc:90:7e:d1:d9:d6:5f: 72:10:9c:c9:ba:83:d1:c5:7f:81:3a:7e:ca:a9:34: 3d:80:c0:4a:ce:95:08:be:fd:4c:08:35:30:b8:66: 35:65:bf:f5:e9:8d:a9:0f:fd:7c:7d:6c:dd:5e:27: 02:59:14:96:3f:d1:b4:ef:e7:cb:ac:71:a0:30:b8: fb:aa:fc:32:d6:61:f4:dd:bf:b6:5e:ad:db:bc:13: 14:3f:72:7e:cd:22:75:cb:a2:0e:6c:03:40:82:4f: b4:d7:17:4c:a4:a1:4e:3b:8c:44:47:0d:54:2b:26: 06:54:bf:12:59:00:87:22:c5:06:34:ae:34:0e:25: f7:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:87:D8:59:86:4C:6B:FE:37:F6:8D:50:45:81:74:59:D4:4C:E4:C3 X509v3 Authority Key Identifier: keyid:1B:31:E7:3E:6D:3F:C7:45:F1:27:A7:ED:99:0A:A4:12:14:90:5E:61 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GzHnPm0_x0XxJ6ftmQqkEhSQXmE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a1fdd6-730e-4af0-8a56-460273f16ddd/1/NYfYWYZMa_439o1QRYF0WdRM5MM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a1fdd6-730e-4af0-8a56-460273f16ddd/1/GzHnPm0_x0XxJ6ftmQqkEhSQXmE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 84.43.128.0/17 185.221.32.0/22 193.110.216.0/21 IPv6: 2a00:82a0::/32 Signature Algorithm: sha256WithRSAEncryption c0:b8:28:e1:ca:73:89:ed:26:33:19:3a:a0:72:5b:00:83:78: 72:4c:a5:d5:bf:6c:e3:90:04:e6:69:53:47:af:84:14:4f:14: 26:cc:f7:f5:90:09:94:6a:ae:b3:f6:af:94:9b:04:67:da:06: 8c:52:e3:d4:2d:f9:53:be:73:28:35:3c:c6:9d:31:03:84:21: 54:5a:a9:e3:32:36:8a:7c:ea:25:19:11:73:48:37:74:87:f0: 77:e4:f5:b9:ad:d7:15:04:cb:07:e4:55:06:f3:d8:55:86:2a: 52:aa:ee:55:1e:5d:b1:c2:58:26:36:53:0e:d8:05:55:ce:40: 73:be:16:2c:52:d6:40:49:c1:99:73:0a:ba:56:f6:69:3d:78: 3e:29:ab:49:fa:29:e0:9e:4a:b6:66:ce:9d:09:4f:16:59:26: dd:ad:90:85:de:2a:aa:d3:02:f3:df:0b:09:36:00:32:6e:39: 0f:53:22:9a:91:16:a5:7f:15:59:29:74:a3:8a:6d:fb:75:ca: 24:8d:2c:c7:f8:8a:72:3e:12:bf:20:c8:ad:88:fa:8c:82:99: 36:ba:7b:f4:c9:3a:b1:a3:fe:08:e8:96:89:52:c6:cf:66:4c: b5:3d:9c:e9:22:59:f8:f1:40:a0:31:41:fa:ba:b2:98:51:ea: 2d:13:f0:36 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt8Eo2pb8ohJY1ZQ+xCwFMQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFiMzFlNzNlNmQzZmM3NDVmMTI3YTdlZDk5MGFhNDEyMTQ5 MDVlNjEwHhcNMjYwMTAyMDAxOTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNTg3ZDg1OTg2NGM2YmZlMzdmNjhkNTA0NTgxNzQ1OWQ0NGNlNGMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Up40tVrna2OkWdP5jC+j2JsyUmI xDGfZdvsNsgEMYzMg6gtBkCqjFfeyawSPoXWwjw5LYbaF2YcHf2ylHReX5TfF0Yh jw+FR6uuFdeGCOVYpWSysjS617Zf9BHqMiDL13WzQH9JR7jHLrK0ctUE4l/XdBWd mSFGjPtOCqh+SMyQftHZ1l9yEJzJuoPRxX+BOn7KqTQ9gMBKzpUIvv1MCDUwuGY1 Zb/16Y2pD/18fWzdXicCWRSWP9G07+fLrHGgMLj7qvwy1mH03b+2Xq3bvBMUP3J+ zSJ1y6IObANAgk+01xdMpKFOO4xERw1UKyYGVL8SWQCHIsUGNK40DiX3zwIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFDWH2FmGTGv+N/aNUEWBdFnUTOTDMB8GA1UdIwQY MBaAFBsx5z5tP8dF8Sen7ZkKpBIUkF5hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR3pIblBtMF94MFh4SjZmdG1RcWtFaFNRWG1FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9hMWZkZDYtNzMwZS00YWYwLThhNTYt NDYwMjczZjE2ZGRkLzEvTllmWVdZWk1hXzQzOW8xUVJZRjBXZFJNNU1NLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC9hMWZkZDYtNzMwZS00YWYwLThhNTYtNDYwMjczZjE2ZGRk LzEvR3pIblBtMF94MFh4SjZmdG1RcWtFaFNRWG1FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQHVCuAAwQC ud0gAwQDwW7YMA0EAgACMAcDBQAqAIKgMA0GCSqGSIb3DQEBCwUAA4IBAQDAuCjh ynOJ7SYzGTqgclsAg3hyTKXVv2zjkATmaVNHr4QUTxQmzPf1kAmUaq6z9q+UmwRn 2gaMUuPULflTvnMoNTzGnTEDhCFUWqnjMjaKfOolGRFzSDd0h/B35PW5rdcVBMsH 5FUG89hVhipSqu5VHl2xwlgmNlMO2AVVzkBzvhYsUtZAScGZcwq6VvZpPXg+KatJ +ingnkq2Zs6dCU8WWSbdrZCF3iqq0wLz3wsJNgAybjkPUyKakRalfxVZKXSjim37 dcokjSzH+IpyPhK/IMitiPqMgpk2unv0yTqxo/4I6JaJUsbPZky1PZzpIln48UCg MUH6urKYUeotE/A2 -----END CERTIFICATE-----Generated at Sun Jan 25 22:30:23 2026 by rpki-client