This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/nVRKQFqB65NKNXgGDeaDG2CWX9s.roa File: nVRKQFqB65NKNXgGDeaDG2CWX9s.roa (raw, json) Hash identifier: G1k/vLczxP7i+mwCpIUz1/TIX6GTJklZuRK8CIy1k64= Subject key identifier: 9D:54:4A:40:5A:81:EB:93:4A:35:78:06:0D:E6:83:1B:60:96:5F:DB Certificate issuer: /CN=46ba3f80039b9e784cfb24bf2c7ddb24e1900a76 Certificate serial: 019B77C6EAAC2A0F878423DE4B036C5D88CA Authority key identifier: 46:BA:3F:80:03:9B:9E:78:4C:FB:24:BF:2C:7D:DB:24:E1:90:0A:76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/nVRKQFqB65NKNXgGDeaDG2CWX9s.roa Signing time: Thu 01 Jan 2026 04:18:03 +0000 ROA not before: Thu 01 Jan 2026 04:18:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201512 IP address blocks: 176.101.88.0/24 maxlen: 24 176.101.89.0/24 maxlen: 24 176.101.90.0/24 maxlen: 24 176.101.91.0/24 maxlen: 24 176.101.92.0/24 maxlen: 24 176.101.93.0/24 maxlen: 24 176.101.94.0/24 maxlen: 24 176.101.95.0/24 maxlen: 24 2a03:720:40::/48 maxlen: 48 2a03:720:1040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.crl rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.mft rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:ea:ac:2a:0f:87:84:23:de:4b:03:6c:5d:88:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=46ba3f80039b9e784cfb24bf2c7ddb24e1900a76 Validity Not Before: Jan 1 04:18:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9d544a405a81eb934a3578060de6831b60965fdb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:4b:29:5a:d8:9d:ef:0c:1d:be:cc:cf:c6:65: 33:35:2a:87:79:7c:20:0a:be:e6:f4:84:4b:54:49: f3:a8:c7:37:da:8d:d7:b9:00:eb:2e:89:c5:99:c6: b3:42:cb:38:4c:07:89:35:a6:43:34:d6:03:dc:ab: 16:07:0f:b5:92:da:1f:18:18:28:73:26:07:d3:0f: 73:a1:d7:f8:4d:8a:30:72:92:de:82:1e:d2:4b:d7: 83:61:c5:03:98:a1:25:67:fc:02:c6:9d:6b:f7:93: 86:f3:b1:74:d2:9e:70:1f:c2:8c:b7:b4:cc:9c:eb: 22:d2:bf:c6:a2:9b:dd:a5:22:3a:e3:7c:6b:34:58: c8:04:2b:11:db:b1:3d:bb:ec:95:40:8e:5f:91:85: 8e:37:26:62:27:4a:d2:45:ed:f8:0c:16:eb:c3:12: 36:75:64:32:bd:36:c8:58:61:9e:52:7e:d8:76:03: a3:8c:9f:6a:1b:25:68:c1:02:1d:fa:e7:d8:b7:8c: 64:65:84:6f:c6:e7:f7:00:25:f4:ab:05:c0:9d:52: e8:41:ef:4d:a7:c5:63:c1:d2:95:e7:b8:a0:ab:90: f9:43:88:10:56:ed:fe:a4:07:eb:26:5f:18:d7:e8: b5:0d:bf:8c:e7:e7:c7:e8:40:2d:fe:51:84:3b:d7: 2b:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:54:4A:40:5A:81:EB:93:4A:35:78:06:0D:E6:83:1B:60:96:5F:DB X509v3 Authority Key Identifier: keyid:46:BA:3F:80:03:9B:9E:78:4C:FB:24:BF:2C:7D:DB:24:E1:90:0A:76 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/nVRKQFqB65NKNXgGDeaDG2CWX9s.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.101.88.0/21 IPv6: 2a03:720:40::/48 2a03:720:1040::/48 Signature Algorithm: sha256WithRSAEncryption 2a:db:d3:a1:cf:30:3a:b9:09:71:4d:d2:64:b3:74:d8:da:91: b3:93:1f:45:aa:2c:7f:e1:b6:51:df:57:39:ca:3a:c0:e5:4a: 8c:52:54:3c:06:c9:2d:9f:18:de:28:5e:84:14:d6:4c:11:c4: 25:9c:aa:90:80:2d:07:ea:94:45:ba:ae:1c:fe:22:df:41:78: 30:e7:07:c7:6e:aa:9d:c6:ac:ce:95:c9:24:73:17:2d:a1:04: ca:11:a9:18:23:d8:95:82:6d:38:b9:86:84:11:54:40:99:4f: c2:4e:3e:65:0a:bc:1f:fd:7e:b3:f5:d8:38:77:89:27:6c:30: b9:78:7f:dc:4a:60:de:15:fb:26:7a:ca:e5:0e:2a:2f:91:52: 7e:50:41:29:85:8d:4c:ff:03:4c:90:97:be:f0:63:2b:b1:0e: bb:4b:a8:a8:ad:c9:e3:4a:d4:36:82:db:cc:df:02:ce:27:75: f9:df:66:a8:cd:45:95:0d:21:1e:1a:4d:8c:24:52:3c:63:d9: 0e:6f:3e:cc:60:bc:ec:67:19:29:ea:64:27:06:09:b3:0c:bc: 8c:dc:63:e1:b8:13:44:d2:a9:8e:6a:55:ee:27:5d:c5:56:48: ae:44:20:7f:0b:24:ce:ce:18:bd:b8:23:61:3f:d3:16:9f:ed: c3:28:34:ae -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZt3xuqsKg+HhCPeSwNsXYjKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ2YmEzZjgwMDM5YjllNzg0Y2ZiMjRiZjJjN2RkYjI0ZTE5 MDBhNzYwHhcNMjYwMTAxMDQxODAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZDU0NGE0MDVhODFlYjkzNGEzNTc4MDYwZGU2ODMxYjYwOTY1ZmRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7kspWtid7wwdvszPxmUzNSqHeXwg Cr7m9IRLVEnzqMc32o3XuQDrLonFmcazQss4TAeJNaZDNNYD3KsWBw+1ktofGBgo cyYH0w9zodf4TYowcpLegh7SS9eDYcUDmKElZ/wCxp1r95OG87F00p5wH8KMt7TM nOsi0r/GopvdpSI643xrNFjIBCsR27E9u+yVQI5fkYWONyZiJ0rSRe34DBbrwxI2 dWQyvTbIWGGeUn7YdgOjjJ9qGyVowQId+ufYt4xkZYRvxuf3ACX0qwXAnVLoQe9N p8VjwdKV57igq5D5Q4gQVu3+pAfrJl8Y1+i1Db+M5+fH6EAt/lGEO9crIQIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFJ1USkBageuTSjV4Bg3mgxtgll/bMB8GA1UdIwQY MBaAFEa6P4ADm554TPskvyx92yThkAp2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUnJvX2dBT2JubmhNLXlTX0xIM2JKT0dRQ25ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jZmEyYWUtZTUyNC00YmQwLTg3NWIt ODlhY2UzODIyMGZiLzEvblZSS1FGcUI2NU5LTlhnR0RlYURHMkNXWDlzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NS9jZmEyYWUtZTUyNC00YmQwLTg3NWItODlhY2UzODIyMGZi LzEvUnJvX2dBT2JubmhNLXlTX0xIM2JKT0dRQ25ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQDsGVYMBgE AgACMBIDBwAqAwcgAEADBwAqAwcgEEAwDQYJKoZIhvcNAQELBQADggEBACrb06HP MDq5CXFN0mSzdNjakbOTH0WqLH/htlHfVznKOsDlSoxSVDwGyS2fGN4oXoQU1kwR xCWcqpCALQfqlEW6rhz+It9BeDDnB8duqp3GrM6VySRzFy2hBMoRqRgj2JWCbTi5 hoQRVECZT8JOPmUKvB/9frP12Dh3iSdsMLl4f9xKYN4V+yZ6yuUOKi+RUn5QQSmF jUz/A0yQl77wYyuxDrtLqKityeNK1DaC28zfAs4ndfnfZqjNRZUNIR4aTYwkUjxj 2Q5vPsxgvOxnGSnqZCcGCbMMvIzcY+G4E0TSqY5qVe4nXcVWSK5EIH8LJM7OGL24 I2E/0xaf7cMoNK4= -----END CERTIFICATE-----Generated at Mon Jan 26 00:14:17 2026 by rpki-client