This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/f7a87a-c184-4904-94e3-2685986f6d01/1/nKLfpVUcp118xFJnNk1KItDI1Z4.roa File: nKLfpVUcp118xFJnNk1KItDI1Z4.roa (raw, json) Hash identifier: nILTBxf9pDPjeb+IYez6Oufx0RUp69esbdOKvblK8Uk= Subject key identifier: 9C:A2:DF:A5:55:1C:A7:5D:7C:C4:52:67:36:4D:4A:22:D0:C8:D5:9E Certificate issuer: /CN=e482fd07e20d406ea4152e492b000e554ebfcc80 Certificate serial: 019B7EA751EA1AC2FF360D40DABA8A22DB8F Authority key identifier: E4:82:FD:07:E2:0D:40:6E:A4:15:2E:49:2B:00:0E:55:4E:BF:CC:80 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5IL9B-INQG6kFS5JKwAOVU6_zIA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/f7a87a-c184-4904-94e3-2685986f6d01/1/nKLfpVUcp118xFJnNk1KItDI1Z4.roa Signing time: Fri 02 Jan 2026 12:20:53 +0000 ROA not before: Fri 02 Jan 2026 12:20:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41625 IP address blocks: 89.31.240.0/21 maxlen: 21 89.31.242.0/24 maxlen: 24 89.31.246.0/24 maxlen: 24 185.219.90.0/24 maxlen: 24 2a00:8900::/32 maxlen: 48 2a00:8900:ffff::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/f7a87a-c184-4904-94e3-2685986f6d01/1/5IL9B-INQG6kFS5JKwAOVU6_zIA.crl rsync://rpki.ripe.net/repository/DEFAULT/8d/f7a87a-c184-4904-94e3-2685986f6d01/1/5IL9B-INQG6kFS5JKwAOVU6_zIA.mft rsync://rpki.ripe.net/repository/DEFAULT/5IL9B-INQG6kFS5JKwAOVU6_zIA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:51:ea:1a:c2:ff:36:0d:40:da:ba:8a:22:db:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e482fd07e20d406ea4152e492b000e554ebfcc80 Validity Not Before: Jan 2 12:20:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9ca2dfa5551ca75d7cc45267364d4a22d0c8d59e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:ff:64:fa:50:b0:4a:6f:57:6e:00:eb:9f:ee: 87:b4:be:22:c0:cb:b7:82:44:c7:c1:ca:31:d5:36: d6:b3:55:a7:8f:fa:14:1d:09:b0:64:55:15:b4:85: 3c:49:eb:9c:e1:b2:81:63:96:24:48:86:9b:9e:ee: 2d:b1:07:69:31:8b:8e:ce:3c:a3:a6:b9:c6:b3:be: 92:df:35:25:0a:35:61:c6:63:50:af:5d:75:c3:71: e0:53:20:14:87:c9:7f:58:3f:cd:6c:ac:c8:33:07: 62:72:cc:3a:db:79:34:41:c6:c0:ea:46:4c:9c:3f: 43:32:a5:a4:cd:15:b8:ec:ac:ea:ef:95:a2:72:54: e6:db:5b:c8:b1:10:1b:4b:a4:d0:21:04:1f:c5:30: b9:bb:3c:14:3f:f4:99:20:aa:b7:cd:16:5e:9e:23: 65:2a:16:57:1c:af:6c:15:80:38:8b:0e:bf:03:85: 6a:08:51:fa:d3:a4:b0:2e:58:39:6b:15:de:24:83: 6d:ee:6e:ae:6a:d7:e6:61:c4:f3:28:89:9c:e5:5e: fc:55:32:c4:60:33:ac:bd:99:5b:cd:52:39:94:b3: a9:25:77:bc:eb:bf:82:d9:9e:1a:14:b4:ce:3f:e0: e0:76:de:56:96:19:6a:7f:30:34:98:ca:a2:8e:37: 84:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:A2:DF:A5:55:1C:A7:5D:7C:C4:52:67:36:4D:4A:22:D0:C8:D5:9E X509v3 Authority Key Identifier: keyid:E4:82:FD:07:E2:0D:40:6E:A4:15:2E:49:2B:00:0E:55:4E:BF:CC:80 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5IL9B-INQG6kFS5JKwAOVU6_zIA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/f7a87a-c184-4904-94e3-2685986f6d01/1/nKLfpVUcp118xFJnNk1KItDI1Z4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/f7a87a-c184-4904-94e3-2685986f6d01/1/5IL9B-INQG6kFS5JKwAOVU6_zIA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.31.240.0/21 185.219.90.0/24 IPv6: 2a00:8900::/32 Signature Algorithm: sha256WithRSAEncryption 99:fa:12:b3:8c:d2:6b:5a:8f:52:bd:b0:94:77:94:41:af:ab: 2a:3c:9b:f5:90:16:ce:02:fb:ad:46:e5:53:88:fd:c3:93:8b: 53:89:80:af:91:5b:ed:38:ef:57:f9:c2:03:29:d3:8a:29:dd: cd:cf:90:b7:00:23:a0:ea:a9:95:d7:2f:43:12:c2:26:1b:a2: 06:dc:fd:df:11:38:ab:94:ab:64:c0:7c:56:4b:75:1f:69:2d: 16:f0:26:01:4d:9c:c7:74:2c:d1:8c:e9:74:42:97:e2:78:2c: 8e:5e:74:87:35:58:3b:e7:a3:e1:63:b4:cb:14:cb:61:1d:fb: 12:5d:b3:5d:19:7e:4c:ea:b1:bb:a3:4f:b9:af:1f:7a:a4:a6: d0:4e:41:81:4f:df:36:bc:39:57:75:a4:0f:ed:e7:9c:37:5f: bc:8e:c5:ff:10:55:d3:aa:08:f0:e5:30:87:55:2e:fb:20:4a: d9:91:7f:e4:7d:86:78:d9:88:a9:f3:74:50:b7:02:55:2f:92: 5d:12:2d:92:29:62:70:98:15:3e:42:27:9e:2d:e5:fa:72:33: 3e:35:cd:f1:5d:a1:f2:62:44:da:54:2c:36:09:61:1b:70:36: 6a:c7:47:56:7a:74:d4:e1:83:40:a0:e4:2e:70:28:0f:a5:ef: 9f:ab:5b:cf -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt+p1HqGsL/Ng1A2rqKItuPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU0ODJmZDA3ZTIwZDQwNmVhNDE1MmU0OTJiMDAwZTU1NGVi ZmNjODAwHhcNMjYwMTAyMTIyMDUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5Y2EyZGZhNTU1MWNhNzVkN2NjNDUyNjczNjRkNGEyMmQwYzhkNTllMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAof9k+lCwSm9XbgDrn+6HtL4iwMu3 gkTHwcox1TbWs1Wnj/oUHQmwZFUVtIU8Seuc4bKBY5YkSIabnu4tsQdpMYuOzjyj prnGs76S3zUlCjVhxmNQr111w3HgUyAUh8l/WD/NbKzIMwdicsw623k0QcbA6kZM nD9DMqWkzRW47Kzq75WiclTm21vIsRAbS6TQIQQfxTC5uzwUP/SZIKq3zRZeniNl KhZXHK9sFYA4iw6/A4VqCFH606SwLlg5axXeJINt7m6uatfmYcTzKImc5V78VTLE YDOsvZlbzVI5lLOpJXe867+C2Z4aFLTOP+Dgdt5WlhlqfzA0mMqijjeEwwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFJyi36VVHKddfMRSZzZNSiLQyNWeMB8GA1UdIwQY MBaAFOSC/QfiDUBupBUuSSsADlVOv8yAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNUlMOUItSU5RRzZrRlM1Skt3QU9WVTZfeklBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9mN2E4N2EtYzE4NC00OTA0LTk0ZTMt MjY4NTk4NmY2ZDAxLzEvbktMZnBWVWNwMTE4eEZKbk5rMUtJdERJMVo0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZC9mN2E4N2EtYzE4NC00OTA0LTk0ZTMtMjY4NTk4NmY2ZDAx LzEvNUlMOUItSU5RRzZrRlM1Skt3QU9WVTZfeklBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDWR/wAwQA udtaMA0EAgACMAcDBQAqAIkAMA0GCSqGSIb3DQEBCwUAA4IBAQCZ+hKzjNJrWo9S vbCUd5RBr6sqPJv1kBbOAvutRuVTiP3Dk4tTiYCvkVvtOO9X+cIDKdOKKd3Nz5C3 ACOg6qmV1y9DEsImG6IG3P3fETirlKtkwHxWS3UfaS0W8CYBTZzHdCzRjOl0Qpfi eCyOXnSHNVg756PhY7TLFMthHfsSXbNdGX5M6rG7o0+5rx96pKbQTkGBT982vDlX daQP7eecN1+8jsX/EFXTqgjw5TCHVS77IErZkX/kfYZ42Yip83RQtwJVL5JdEi2S KWJwmBU+QieeLeX6cjM+Nc3xXaHyYkTaVCw2CWEbcDZqx0dWenTU4YNAoOQucCgP pe+fq1vP -----END CERTIFICATE-----Generated at Mon Jan 26 02:23:54 2026 by rpki-client