This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/nf63dpM5Md5RBRi4P-HwEK-eN_E.roa File: nf63dpM5Md5RBRi4P-HwEK-eN_E.roa (raw, json) Hash identifier: 9d7TgxCegK25CmqdbC1sGXI3mJJK7sBKT2RoRfBWFdw= Subject key identifier: 9D:FE:B7:76:93:39:31:DE:51:05:18:B8:3F:E1:F0:10:AF:9E:37:F1 Certificate issuer: /CN=9338840926ac73ead5b6187919e88f10032299ca Certificate serial: 019B76EBA3957510AC33B40F56A62BA070C9 Authority key identifier: 93:38:84:09:26:AC:73:EA:D5:B6:18:79:19:E8:8F:10:03:22:99:CA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kziECSasc-rVthh5GeiPEAMimco.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/nf63dpM5Md5RBRi4P-HwEK-eN_E.roa Signing time: Thu 01 Jan 2026 00:18:32 +0000 ROA not before: Thu 01 Jan 2026 00:18:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34696 IP address blocks: 81.172.101.0/24 maxlen: 24 2a0d:340::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.crl rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.mft rsync://rpki.ripe.net/repository/DEFAULT/kziECSasc-rVthh5GeiPEAMimco.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 18:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:a3:95:75:10:ac:33:b4:0f:56:a6:2b:a0:70:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9338840926ac73ead5b6187919e88f10032299ca Validity Not Before: Jan 1 00:18:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9dfeb776933931de510518b83fe1f010af9e37f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:d3:1a:88:da:76:4d:6a:35:5a:29:8e:53:d9: 6f:f9:f5:eb:4b:bb:b3:de:e2:60:45:c2:47:e3:f3: a1:c0:68:2e:eb:81:52:d5:78:8b:df:26:f3:ca:af: 9b:b7:85:e8:00:cc:32:95:4a:ae:cf:06:e0:eb:1a: 98:53:5b:99:10:8b:fd:c0:80:e6:78:51:95:8d:4e: a2:38:09:9f:13:a5:59:63:6b:17:c1:3b:50:e3:52: 44:a5:dc:7c:75:0a:3c:fc:7b:aa:28:02:1b:20:87: 98:e5:93:46:5d:72:33:44:95:b0:d4:b7:bb:dd:60: e9:e9:0e:76:6a:d6:81:7c:b4:39:af:73:ec:71:ed: e4:9b:6f:c7:ab:5d:2b:9e:2a:6c:db:2f:f2:c9:bc: 9a:74:8b:39:62:03:fe:b6:68:b0:44:e4:6d:5d:2b: f5:1c:ee:16:2b:a4:d4:e3:a4:31:68:5b:c0:c6:f1: 4d:3d:73:18:34:46:59:f5:41:e2:03:a7:1a:1b:34: 12:8f:8b:23:84:19:bd:a3:47:f7:39:58:a3:fb:c8: 3c:67:5b:57:4e:68:2e:b5:b0:25:62:1a:7c:6c:17: d7:79:df:c9:61:2a:e3:6e:05:78:60:4b:33:a3:f6: 56:12:e4:f6:15:f9:6b:e9:b8:8e:6d:f0:bb:74:c0: 85:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:FE:B7:76:93:39:31:DE:51:05:18:B8:3F:E1:F0:10:AF:9E:37:F1 X509v3 Authority Key Identifier: keyid:93:38:84:09:26:AC:73:EA:D5:B6:18:79:19:E8:8F:10:03:22:99:CA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kziECSasc-rVthh5GeiPEAMimco.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/nf63dpM5Md5RBRi4P-HwEK-eN_E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.172.101.0/24 IPv6: 2a0d:340::/32 Signature Algorithm: sha256WithRSAEncryption 25:dd:6d:3b:0a:26:c4:6e:e8:06:0e:35:a8:1c:d5:0f:72:92: 7e:ba:0f:03:80:52:b0:47:09:33:2e:d1:f1:ab:8d:98:8f:69: 78:00:35:d6:9e:94:21:7a:40:07:61:58:b4:39:30:16:83:40: 74:cf:77:23:44:9b:0b:f5:78:9d:f6:a7:fc:e8:e5:cb:f2:82: 5f:b8:6d:8a:db:66:30:41:68:05:8c:d4:69:00:7a:57:37:0f: 5a:cb:d3:9b:1e:82:f7:d5:0c:05:26:1f:54:cf:f6:8e:83:2e: fd:77:49:13:4c:82:a6:70:bf:96:b2:05:d5:e7:32:6e:cf:56: 01:f1:e1:2c:17:d6:be:1f:b2:a8:5a:cd:9f:6c:e7:42:f5:e9: 53:c8:a7:76:3d:09:7a:b7:3f:11:77:7f:26:15:93:90:43:ad: a7:03:c6:84:b3:7f:a0:00:0d:23:51:2b:91:a7:19:42:d5:3c: ea:cc:5a:90:b4:e2:0e:03:60:51:d7:a0:6c:16:10:c8:d4:cc: a7:20:0e:20:0d:8e:6a:9c:88:cd:ea:dc:e2:93:b1:f4:79:c2: a7:62:18:92:37:bd:65:30:58:b0:2e:b6:fa:7f:4d:c3:ff:c0: 39:90:fe:af:ff:30:6d:96:88:a9:13:f4:c3:c5:59:80:6f:41: 0b:b9:ea:a4 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt266OVdRCsM7QPVqYroHDJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkzMzg4NDA5MjZhYzczZWFkNWI2MTg3OTE5ZTg4ZjEwMDMy Mjk5Y2EwHhcNMjYwMTAxMDAxODMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZGZlYjc3NjkzMzkzMWRlNTEwNTE4YjgzZmUxZjAxMGFmOWUzN2YxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtMaiNp2TWo1WimOU9lv+fXrS7uz 3uJgRcJH4/OhwGgu64FS1XiL3ybzyq+bt4XoAMwylUquzwbg6xqYU1uZEIv9wIDm eFGVjU6iOAmfE6VZY2sXwTtQ41JEpdx8dQo8/HuqKAIbIIeY5ZNGXXIzRJWw1Le7 3WDp6Q52ataBfLQ5r3Psce3km2/Hq10rnips2y/yybyadIs5YgP+tmiwRORtXSv1 HO4WK6TU46QxaFvAxvFNPXMYNEZZ9UHiA6caGzQSj4sjhBm9o0f3OVij+8g8Z1tX TmgutbAlYhp8bBfXed/JYSrjbgV4YEszo/ZWEuT2Fflr6biObfC7dMCFNQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFJ3+t3aTOTHeUQUYuD/h8BCvnjfxMB8GA1UdIwQY MBaAFJM4hAkmrHPq1bYYeRnojxADIpnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva3ppRUNTYXNjLXJWdGhoNUdlaVBFQU1pbWNvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8wYmQ0ZDMtZDQ2Yy00ODNmLTk1NmUt ZWE3YWU3MmJkMzJkLzEvbmY2M2RwTTVNZDVSQlJpNFAtSHdFSy1lTl9FLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OS8wYmQ0ZDMtZDQ2Yy00ODNmLTk1NmUtZWE3YWU3MmJkMzJk LzEva3ppRUNTYXNjLXJWdGhoNUdlaVBFQU1pbWNvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAUaxlMA0E AgACMAcDBQAqDQNAMA0GCSqGSIb3DQEBCwUAA4IBAQAl3W07CibEbugGDjWoHNUP cpJ+ug8DgFKwRwkzLtHxq42Yj2l4ADXWnpQhekAHYVi0OTAWg0B0z3cjRJsL9Xid 9qf86OXL8oJfuG2K22YwQWgFjNRpAHpXNw9ay9ObHoL31QwFJh9Uz/aOgy79d0kT TIKmcL+WsgXV5zJuz1YB8eEsF9a+H7KoWs2fbOdC9elTyKd2PQl6tz8Rd38mFZOQ Q62nA8aEs3+gAA0jUSuRpxlC1TzqzFqQtOIOA2BR16BsFhDI1MynIA4gDY5qnIjN 6tzik7H0ecKnYhiSN71lMFiwLrb6f03D/8A5kP6v/zBtloipE/TDxVmAb0ELueqk -----END CERTIFICATE-----Generated at Mon Jan 26 03:56:41 2026 by rpki-client