This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/1bmjaNGaI2UWie6zoQTb39HFS_s.roa File: 1bmjaNGaI2UWie6zoQTb39HFS_s.roa (raw, json) Hash identifier: +AxNVqmR9VnywOpnEpWpK60msZlPvTmRqEnJ2TvVddQ= Subject key identifier: D5:B9:A3:68:D1:9A:23:65:16:89:EE:B3:A1:04:DB:DF:D1:C5:4B:FB Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3 Certificate serial: 019B797E465736A2336F38AD5B83351B0450 Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/1bmjaNGaI2UWie6zoQTb39HFS_s.roa Signing time: Thu 01 Jan 2026 12:17:57 +0000 ROA not before: Thu 01 Jan 2026 12:17:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207886 IP address blocks: 193.104.7.0/24 maxlen: 24 193.104.12.0/24 maxlen: 24 193.104.41.0/24 maxlen: 24 193.104.67.0/24 maxlen: 24 2a10:8140::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.mft rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:46:57:36:a2:33:6f:38:ad:5b:83:35:1b:04:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3 Validity Not Before: Jan 1 12:17:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d5b9a368d19a23651689eeb3a104dbdfd1c54bfb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:73:c5:37:10:38:67:99:06:36:26:4f:be:72: db:2d:0a:a5:da:42:98:75:b0:3a:84:85:1f:d0:8a: f9:02:ad:5f:ad:ed:37:3d:1a:71:06:de:d6:8e:d3: 8d:3f:d8:e0:6b:e2:ad:7c:e6:53:82:98:ae:21:85: 8b:6d:e2:e0:5f:d2:c9:4e:33:f2:61:19:31:00:b7: 79:a2:ff:1c:e1:d6:e8:ab:13:ca:07:c0:95:83:21: 9c:30:ac:da:73:00:18:5d:d8:d1:92:7c:ff:27:b9: b6:ce:a0:7e:02:96:2e:60:47:bb:47:4a:4d:20:4d: 2a:a9:7f:e4:b7:7f:d2:87:d8:63:31:85:f9:ee:36: 19:82:8f:7b:6e:9d:2d:95:b9:d2:01:a7:35:89:1f: c9:14:12:e9:9d:5b:08:73:7a:29:4a:9c:07:9c:89: e8:58:56:ba:3d:60:fa:45:9a:79:6b:56:9b:d9:61: 66:d0:60:8c:bd:da:c0:8c:04:0b:5f:3d:2a:c4:6a: 6f:33:41:8f:e7:47:1b:ab:46:be:6f:33:ad:db:31: d1:1f:56:74:4a:f3:b9:53:3b:4d:98:1e:d7:89:dc: 78:0b:06:a0:28:01:06:a3:c3:c0:52:d8:1c:08:98: 29:4a:09:2d:75:36:84:f9:a2:78:51:95:29:bb:77: 5e:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:B9:A3:68:D1:9A:23:65:16:89:EE:B3:A1:04:DB:DF:D1:C5:4B:FB X509v3 Authority Key Identifier: keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/1bmjaNGaI2UWie6zoQTb39HFS_s.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.104.7.0/24 193.104.12.0/24 193.104.41.0/24 193.104.67.0/24 IPv6: 2a10:8140::/29 Signature Algorithm: sha256WithRSAEncryption 40:5a:e2:c4:a0:bc:1c:23:67:fd:a5:d6:71:60:05:1e:b0:83: 83:17:ea:f7:2f:eb:72:6b:73:da:91:34:e7:a1:cb:1f:22:9b: 17:8b:fa:30:60:a3:1d:28:e4:e6:2c:81:75:d0:64:a2:05:0d: f2:2e:d2:d5:8f:e5:46:64:3b:2b:05:ce:a1:45:9b:99:ef:14: 12:fe:6f:50:47:94:f7:00:d8:a2:e9:65:34:71:84:6b:d8:1a: 26:52:61:04:06:40:03:58:d7:ef:06:77:ef:f4:79:37:d6:6b: 92:64:fa:b7:48:0c:bd:bd:e4:cc:2f:ab:6b:76:3b:61:08:3d: df:c5:24:cc:bb:3d:4f:d4:e8:23:81:ea:94:d3:42:58:f2:7c: 94:08:54:39:7f:ac:d4:d4:29:55:33:b9:6d:25:39:fd:08:ec: 91:88:d8:17:02:f7:7d:df:d3:10:03:d4:43:49:cf:06:7a:1d: bd:d7:87:dc:6c:35:f5:95:d6:ff:f6:e9:ea:e0:6a:3d:7b:ea: be:ec:ac:d2:ed:ca:10:08:1a:0e:ee:4d:bb:2f:8b:a6:e9:1b: 97:34:8f:05:0b:05:f0:aa:11:95:93:c4:23:05:5d:7e:ea:e6: 54:cf:ef:13:e7:9e:6d:35:bc:80:57:5f:de:d2:cc:f0:cf:66: 7d:51:9f:2f -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt5fkZXNqIzbzitW4M1GwRQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2 MGY2ZjMwHhcNMjYwMTAxMTIxNzU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNWI5YTM2OGQxOWEyMzY1MTY4OWVlYjNhMTA0ZGJkZmQxYzU0YmZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3PFNxA4Z5kGNiZPvnLbLQql2kKY dbA6hIUf0Ir5Aq1fre03PRpxBt7WjtONP9jga+KtfOZTgpiuIYWLbeLgX9LJTjPy YRkxALd5ov8c4dboqxPKB8CVgyGcMKzacwAYXdjRknz/J7m2zqB+ApYuYEe7R0pN IE0qqX/kt3/Sh9hjMYX57jYZgo97bp0tlbnSAac1iR/JFBLpnVsIc3opSpwHnIno WFa6PWD6RZp5a1ab2WFm0GCMvdrAjAQLXz0qxGpvM0GP50cbq0a+bzOt2zHRH1Z0 SvO5UztNmB7Xidx4CwagKAEGo8PAUtgcCJgpSgktdTaE+aJ4UZUpu3de4wIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFNW5o2jRmiNlFonus6EE29/RxUv7MB8GA1UdIwQY MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It ZDFhYmY0ZWUzMmNiLzEvMWJtamFOR2FJMlVXaWU2em9RVGIzOUhGU19zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwWgHAwQA wWgMAwQAwWgpAwQAwWhDMA0EAgACMAcDBQMqEIFAMA0GCSqGSIb3DQEBCwUAA4IB AQBAWuLEoLwcI2f9pdZxYAUesIODF+r3L+tya3PakTTnocsfIpsXi/owYKMdKOTm LIF10GSiBQ3yLtLVj+VGZDsrBc6hRZuZ7xQS/m9QR5T3ANii6WU0cYRr2BomUmEE BkADWNfvBnfv9Hk31muSZPq3SAy9veTML6trdjthCD3fxSTMuz1P1OgjgeqU00JY 8nyUCFQ5f6zU1ClVM7ltJTn9COyRiNgXAvd939MQA9RDSc8Geh2914fcbDX1ldb/ 9unq4Go9e+q+7KzS7coQCBoO7k27L4um6RuXNI8FCwXwqhGVk8QjBV1+6uZUz+8T 555tNbyAV1/e0szwz2Z9UZ8v -----END CERTIFICATE-----Generated at Mon Jan 26 01:01:45 2026 by rpki-client