This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/890311-48ee-486d-9359-e7ee4e75d3af/1/Nio_RrZ5Nln0tYiAmsafEDW2mdw.roa File: Nio_RrZ5Nln0tYiAmsafEDW2mdw.roa (raw, json) Hash identifier: vuFJHm7O0bajNnLfbrwtzNdm/nut7vgJNjCbdJojUQg= Subject key identifier: 36:2A:3F:46:B6:79:36:59:F4:B5:88:80:9A:C6:9F:10:35:B6:99:DC Certificate issuer: /CN=f7cb14a41f8d9e628dae88f4752822fc77dfec02 Certificate serial: 019B7C12A9A33D5ACF999927F998C57BF7CA Authority key identifier: F7:CB:14:A4:1F:8D:9E:62:8D:AE:88:F4:75:28:22:FC:77:DF:EC:02 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/98sUpB-NnmKNroj0dSgi_Hff7AI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/890311-48ee-486d-9359-e7ee4e75d3af/1/Nio_RrZ5Nln0tYiAmsafEDW2mdw.roa Signing time: Fri 02 Jan 2026 00:19:16 +0000 ROA not before: Fri 02 Jan 2026 00:19:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 137182 IP address blocks: 45.157.132.0/22 maxlen: 24 2a0f:4280::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/890311-48ee-486d-9359-e7ee4e75d3af/1/98sUpB-NnmKNroj0dSgi_Hff7AI.crl rsync://rpki.ripe.net/repository/DEFAULT/88/890311-48ee-486d-9359-e7ee4e75d3af/1/98sUpB-NnmKNroj0dSgi_Hff7AI.mft rsync://rpki.ripe.net/repository/DEFAULT/98sUpB-NnmKNroj0dSgi_Hff7AI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:a9:a3:3d:5a:cf:99:99:27:f9:98:c5:7b:f7:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f7cb14a41f8d9e628dae88f4752822fc77dfec02 Validity Not Before: Jan 2 00:19:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=362a3f46b6793659f4b588809ac69f1035b699dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:9a:d5:22:73:1b:cd:bc:1a:d9:7d:db:68:f7: 9d:c2:6f:63:f2:30:c7:af:cb:79:d8:82:0d:76:5b: ef:a4:05:43:60:40:65:14:d2:6c:a7:24:8f:fe:81: f8:d3:90:e6:25:13:05:48:fb:aa:40:8e:57:f8:b0: 89:4f:0f:6b:be:27:b1:36:be:8a:dd:e6:29:05:f1: a2:0e:7f:15:1c:b2:7b:ab:90:f1:ba:95:9b:f7:f9: 60:0e:15:85:1e:14:09:38:8e:37:a6:9a:55:f5:f0: 20:95:16:25:1c:1e:ca:fe:7f:77:da:b7:ff:aa:5e: 6f:2f:ad:ad:4d:65:f5:b6:c5:8e:00:63:ec:9d:33: d8:f0:9f:31:6e:9f:45:3a:0f:f5:9d:c1:ab:20:eb: a3:71:b9:de:71:13:cb:80:df:79:de:05:29:14:7d: c3:06:00:36:b6:1f:17:94:76:a6:3b:46:57:3c:ac: 0b:c4:41:2d:08:86:e1:29:58:79:b8:ed:1c:99:22: 54:fb:bb:b3:a9:eb:b8:35:1d:7b:22:b9:aa:0e:e3: 2b:a5:0a:10:a9:5f:c3:9b:1e:88:10:ac:da:10:5a: 8a:ee:88:55:8b:54:94:87:78:d4:18:cb:e1:43:ed: 34:46:b6:6b:f2:56:28:14:c7:c0:a4:f2:d5:16:18: b7:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:2A:3F:46:B6:79:36:59:F4:B5:88:80:9A:C6:9F:10:35:B6:99:DC X509v3 Authority Key Identifier: keyid:F7:CB:14:A4:1F:8D:9E:62:8D:AE:88:F4:75:28:22:FC:77:DF:EC:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/98sUpB-NnmKNroj0dSgi_Hff7AI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/890311-48ee-486d-9359-e7ee4e75d3af/1/Nio_RrZ5Nln0tYiAmsafEDW2mdw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/88/890311-48ee-486d-9359-e7ee4e75d3af/1/98sUpB-NnmKNroj0dSgi_Hff7AI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.157.132.0/22 IPv6: 2a0f:4280::/29 Signature Algorithm: sha256WithRSAEncryption 28:43:d0:e2:c8:d0:7f:0f:51:a6:fe:0a:ef:bf:57:65:2c:ea: cd:ba:fb:77:e5:de:8a:5c:88:8d:55:8c:d4:3b:e4:19:14:74: ca:29:1f:3d:4e:c5:06:8e:b6:02:2c:25:4c:e0:ea:ca:6f:c2: 3d:29:b6:d1:05:9c:f1:4d:f4:d6:c8:41:3e:fc:b1:1c:88:08: 44:5e:a3:d9:25:f6:42:8a:16:13:6b:a1:7f:47:e3:f6:3e:64: 8d:b5:54:77:fe:63:c5:ed:45:62:d6:88:a6:05:bd:dd:06:9c: 9e:2d:c4:3f:51:3a:3d:d8:b6:b0:ad:0c:35:dc:3f:c4:b1:fe: 05:96:85:4d:12:33:fe:8e:61:c5:fd:17:93:e3:45:59:a8:23: 35:4c:bd:06:60:66:13:4d:e3:60:3a:ab:54:9c:cb:f3:d9:41: 14:55:a5:91:70:8f:c5:59:1b:4c:12:99:f3:c5:89:a8:14:74: e0:db:a2:fd:bd:48:30:b9:82:cd:ec:8e:99:2a:6f:d5:4d:78: 31:8b:24:6f:78:bd:5c:17:8e:9c:3c:d4:f0:b0:59:e0:6c:19: 64:0e:81:b5:6f:55:da:7a:6e:00:0d:c9:81:a1:a7:69:29:3f: c1:8a:ed:02:b3:cc:1d:1f:95:f7:e3:c7:3a:a7:17:56:5d:ca: 39:ca:2e:49 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt8EqmjPVrPmZkn+ZjFe/fKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY3Y2IxNGE0MWY4ZDllNjI4ZGFlODhmNDc1MjgyMmZjNzdk ZmVjMDIwHhcNMjYwMTAyMDAxOTE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNjJhM2Y0NmI2NzkzNjU5ZjRiNTg4ODA5YWM2OWYxMDM1YjY5OWRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJrVInMbzbwa2X3baPedwm9j8jDH r8t52IINdlvvpAVDYEBlFNJspySP/oH405DmJRMFSPuqQI5X+LCJTw9rviexNr6K 3eYpBfGiDn8VHLJ7q5DxupWb9/lgDhWFHhQJOI43pppV9fAglRYlHB7K/n932rf/ ql5vL62tTWX1tsWOAGPsnTPY8J8xbp9FOg/1ncGrIOujcbnecRPLgN953gUpFH3D BgA2th8XlHamO0ZXPKwLxEEtCIbhKVh5uO0cmSJU+7uzqeu4NR17IrmqDuMrpQoQ qV/Dmx6IEKzaEFqK7ohVi1SUh3jUGMvhQ+00RrZr8lYoFMfApPLVFhi3TQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFDYqP0a2eTZZ9LWIgJrGnxA1tpncMB8GA1UdIwQY MBaAFPfLFKQfjZ5ija6I9HUoIvx33+wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOThzVXBCLU5ubUtOcm9qMGRTZ2lfSGZmN0FJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84OTAzMTEtNDhlZS00ODZkLTkzNTkt ZTdlZTRlNzVkM2FmLzEvTmlvX1JyWjVObG4wdFlpQW1zYWZFRFcybWR3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OC84OTAzMTEtNDhlZS00ODZkLTkzNTktZTdlZTRlNzVkM2Fm LzEvOThzVXBCLU5ubUtOcm9qMGRTZ2lfSGZmN0FJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZ2EMA0E AgACMAcDBQMqD0KAMA0GCSqGSIb3DQEBCwUAA4IBAQAoQ9DiyNB/D1Gm/grvv1dl LOrNuvt35d6KXIiNVYzUO+QZFHTKKR89TsUGjrYCLCVM4OrKb8I9KbbRBZzxTfTW yEE+/LEciAhEXqPZJfZCihYTa6F/R+P2PmSNtVR3/mPF7UVi1oimBb3dBpyeLcQ/ UTo92LawrQw13D/Esf4FloVNEjP+jmHF/ReT40VZqCM1TL0GYGYTTeNgOqtUnMvz 2UEUVaWRcI/FWRtMEpnzxYmoFHTg26L9vUgwuYLN7I6ZKm/VTXgxiyRveL1cF46c PNTwsFngbBlkDoG1b1Xaem4ADcmBoadpKT/Biu0Cs8wdH5X348c6pxdWXco5yi5J -----END CERTIFICATE-----Generated at Sun Jan 25 18:20:28 2026 by rpki-client