This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/NbcI4f3nr-LlP0WjObSw1c3DwAo.roa File: NbcI4f3nr-LlP0WjObSw1c3DwAo.roa (raw, json) Hash identifier: Z70k402H+gXJoea55XT/D7IkMhxZNkwbcIeLQcU3ovo= Subject key identifier: 35:B7:08:E1:FD:E7:AF:E2:E5:3F:45:A3:39:B4:B0:D5:CD:C3:C0:0A Certificate issuer: /CN=8eb441dadbbecb6965d4ea1f046cc5c8e28817fc Certificate serial: 019B7C117ACE2A4C051AE939C9021F95D629 Authority key identifier: 8E:B4:41:DA:DB:BE:CB:69:65:D4:EA:1F:04:6C:C5:C8:E2:88:17:FC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/NbcI4f3nr-LlP0WjObSw1c3DwAo.roa Signing time: Fri 02 Jan 2026 00:17:58 +0000 ROA not before: Fri 02 Jan 2026 00:17:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41435 IP address blocks: 2a0d:9880::/32 maxlen: 32 2a0d:9881::/32 maxlen: 32 2a0d:9882::/32 maxlen: 32 2a0d:9883::/32 maxlen: 32 2a0d:9884::/32 maxlen: 32 2a0d:9885::/32 maxlen: 32 2a0d:9886::/32 maxlen: 32 2a0d:9887::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.crl rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.mft rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:11:7a:ce:2a:4c:05:1a:e9:39:c9:02:1f:95:d6:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8eb441dadbbecb6965d4ea1f046cc5c8e28817fc Validity Not Before: Jan 2 00:17:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=35b708e1fde7afe2e53f45a339b4b0d5cdc3c00a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:52:b4:f0:dd:9a:e4:c6:85:84:fc:55:1d:64: 1a:65:e6:80:ca:02:a5:fc:12:7f:80:1a:b0:6d:a3: fe:1d:f7:a3:be:b3:3c:a5:6a:38:f5:01:9a:cd:37: ca:61:41:cc:a9:58:0c:c4:a8:d7:e6:fe:76:08:12: 26:0d:80:45:bf:4d:42:ea:02:08:fc:77:c4:a0:a5: d5:2c:d3:ba:d5:27:04:93:46:fb:5f:50:c0:84:94: 5e:23:3b:51:37:6c:27:7b:47:dc:e3:eb:96:a6:68: fd:34:95:f0:37:8d:c7:ab:b7:3e:be:49:9c:68:6b: cf:95:03:bf:cd:8e:3e:da:a4:ed:d4:7c:21:b7:4a: 08:ff:c5:a7:20:55:9c:2d:eb:c9:29:f0:ef:8a:1f: fa:76:58:eb:ce:44:cc:5b:ec:af:e6:32:12:ac:ff: b8:ad:d1:66:e7:7d:ef:4e:99:5c:99:89:30:8e:e5: 69:76:dc:89:9b:dc:d0:be:61:3e:7d:cd:40:f8:20: d6:3f:99:5f:42:db:18:23:10:bd:a4:e4:e1:b9:86: dd:62:1e:f3:50:c2:10:b7:cd:3b:19:fb:e2:c1:ca: 20:04:bc:cd:b0:6e:b5:83:28:a6:0d:53:40:c0:ae: c3:92:73:51:ff:26:ef:19:5a:13:f1:16:6d:9e:ce: e1:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:B7:08:E1:FD:E7:AF:E2:E5:3F:45:A3:39:B4:B0:D5:CD:C3:C0:0A X509v3 Authority Key Identifier: keyid:8E:B4:41:DA:DB:BE:CB:69:65:D4:EA:1F:04:6C:C5:C8:E2:88:17:FC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/NbcI4f3nr-LlP0WjObSw1c3DwAo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0d:9880::/29 Signature Algorithm: sha256WithRSAEncryption 7b:84:74:47:32:2c:1b:d9:57:50:26:48:82:34:6b:fd:0b:50: 88:4c:ac:d8:98:cc:10:77:27:58:72:79:e1:99:d5:37:1c:68: 2a:c2:63:0e:41:97:0f:37:04:e4:1b:04:a5:81:be:4b:ea:ff: b9:0c:45:fa:3f:7c:45:0f:4a:f1:47:12:6d:ae:a4:14:0a:68: 45:1d:37:04:0e:8d:fb:d3:0f:fb:a4:27:36:e5:a8:52:e0:fb: 93:81:69:4c:15:14:ba:e3:bd:46:e8:67:c2:b8:75:de:b5:13: 94:c3:37:5d:44:29:c0:da:02:08:f4:ba:28:1f:9b:9d:47:42: 56:d2:da:fd:c5:54:e3:58:33:5a:32:b6:09:e4:6b:da:72:c2: 78:04:42:45:06:83:b2:aa:a6:1f:b5:5f:c0:b1:8e:50:bf:de: 34:9a:2e:8a:7d:cf:96:08:ca:1b:96:9c:24:9c:ff:63:1e:bf: a0:cc:ba:a4:dc:6d:81:f8:f7:1d:ba:12:98:c2:45:4a:b9:16: 83:4f:7e:14:12:2f:05:0b:69:a5:7e:73:9d:c5:ee:46:65:22: 4d:42:b6:c4:16:6d:8d:08:eb:75:ba:d5:26:dc:d9:f2:46:7c: e0:84:32:5b:8f:f9:08:cf:33:d9:36:e9:19:0c:4a:3b:84:4d: ff:bd:23:d8 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt8EXrOKkwFGuk5yQIfldYpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhlYjQ0MWRhZGJiZWNiNjk2NWQ0ZWExZjA0NmNjNWM4ZTI4 ODE3ZmMwHhcNMjYwMTAyMDAxNzU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNWI3MDhlMWZkZTdhZmUyZTUzZjQ1YTMzOWI0YjBkNWNkYzNjMDBhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1K08N2a5MaFhPxVHWQaZeaAygKl /BJ/gBqwbaP+HfejvrM8pWo49QGazTfKYUHMqVgMxKjX5v52CBImDYBFv01C6gII /HfEoKXVLNO61ScEk0b7X1DAhJReIztRN2wne0fc4+uWpmj9NJXwN43Hq7c+vkmc aGvPlQO/zY4+2qTt1Hwht0oI/8WnIFWcLevJKfDvih/6dljrzkTMW+yv5jISrP+4 rdFm533vTplcmYkwjuVpdtyJm9zQvmE+fc1A+CDWP5lfQtsYIxC9pOThuYbdYh7z UMIQt807GfviwcogBLzNsG61gyimDVNAwK7DknNR/ybvGVoT8RZtns7hywIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFDW3COH956/i5T9Fozm0sNXNw8AKMB8GA1UdIwQY MBaAFI60QdrbvstpZdTqHwRsxcjiiBf8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvanJSQjJ0dS15MmxsMU9vZkJHekZ5T0tJRl93LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85NzhkMGYtOTI5Ny00YzcxLTljZmIt NDZiOTQ5MDkyY2JlLzEvTmJjSTRmM25yLUxsUDBXak9iU3cxYzNEd0FvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NS85NzhkMGYtOTI5Ny00YzcxLTljZmItNDZiOTQ5MDkyY2Jl LzEvanJSQjJ0dS15MmxsMU9vZkJHekZ5T0tJRl93LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg2YgDAN BgkqhkiG9w0BAQsFAAOCAQEAe4R0RzIsG9lXUCZIgjRr/QtQiEys2JjMEHcnWHJ5 4ZnVNxxoKsJjDkGXDzcE5BsEpYG+S+r/uQxF+j98RQ9K8UcSba6kFApoRR03BA6N +9MP+6QnNuWoUuD7k4FpTBUUuuO9Ruhnwrh13rUTlMM3XUQpwNoCCPS6KB+bnUdC VtLa/cVU41gzWjK2CeRr2nLCeARCRQaDsqqmH7VfwLGOUL/eNJouin3PlgjKG5ac JJz/Yx6/oMy6pNxtgfj3HboSmMJFSrkWg09+FBIvBQtppX5zncXuRmUiTUK2xBZt jQjrdbrVJtzZ8kZ84IQyW4/5CM8z2TbpGQxKO4RN/70j2A== -----END CERTIFICATE-----Generated at Sun Jan 25 07:17:30 2026 by rpki-client