This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/c383bb-e806-4a6d-a2e8-ee5ca36f1d9a/1/nSoKCh55lGMD-7gl54YUpZEK_XE.roa File: nSoKCh55lGMD-7gl54YUpZEK_XE.roa (raw, json) Hash identifier: KtXsJGsRFXBW5jD73l5yCg/b8S+cXBnf2k08FtiPNjs= Subject key identifier: 9D:2A:0A:0A:1E:79:94:63:03:FB:B8:25:E7:86:14:A5:91:0A:FD:71 Certificate issuer: /CN=178235df535526d9e6d6aff6fa7ac52293a92c71 Certificate serial: 019B7DCA5B1C25DE7F9B0A659533376F6FEC Authority key identifier: 17:82:35:DF:53:55:26:D9:E6:D6:AF:F6:FA:7A:C5:22:93:A9:2C:71 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F4I131NVJtnm1q_2-nrFIpOpLHE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/c383bb-e806-4a6d-a2e8-ee5ca36f1d9a/1/nSoKCh55lGMD-7gl54YUpZEK_XE.roa Signing time: Fri 02 Jan 2026 08:19:32 +0000 ROA not before: Fri 02 Jan 2026 08:19:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25467 IP address blocks: 81.17.228.0/23 maxlen: 23 81.17.228.0/24 maxlen: 24 81.17.229.0/24 maxlen: 24 82.214.66.0/24 maxlen: 24 82.214.76.0/23 maxlen: 23 82.214.76.0/24 maxlen: 24 82.214.77.0/24 maxlen: 24 82.214.78.0/24 maxlen: 24 82.214.84.0/23 maxlen: 23 82.214.84.0/24 maxlen: 24 82.214.85.0/24 maxlen: 24 82.214.96.0/21 maxlen: 21 82.214.96.0/24 maxlen: 24 82.214.97.0/24 maxlen: 24 82.214.98.0/24 maxlen: 24 82.214.99.0/24 maxlen: 24 82.214.100.0/24 maxlen: 24 82.214.101.0/24 maxlen: 24 82.214.102.0/24 maxlen: 24 82.214.103.0/24 maxlen: 24 82.214.108.0/22 maxlen: 22 82.214.109.0/24 maxlen: 24 82.214.110.0/24 maxlen: 24 82.214.111.0/24 maxlen: 24 82.214.112.0/21 maxlen: 21 82.214.112.0/24 maxlen: 24 82.214.113.0/24 maxlen: 24 82.214.114.0/24 maxlen: 24 82.214.115.0/24 maxlen: 24 82.214.116.0/24 maxlen: 24 82.214.117.0/24 maxlen: 24 82.214.118.0/24 maxlen: 24 82.214.119.0/24 maxlen: 24 82.214.120.0/23 maxlen: 23 82.214.120.0/24 maxlen: 24 82.214.121.0/24 maxlen: 24 2a02:2230:200::/40 maxlen: 40 2a02:2230:1200::/40 maxlen: 40 2a02:2230:2200::/40 maxlen: 40 2a02:2230:3200::/40 maxlen: 40 2a02:2230:4200::/40 maxlen: 40 2a02:2230:6200::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/c383bb-e806-4a6d-a2e8-ee5ca36f1d9a/1/F4I131NVJtnm1q_2-nrFIpOpLHE.crl rsync://rpki.ripe.net/repository/DEFAULT/9b/c383bb-e806-4a6d-a2e8-ee5ca36f1d9a/1/F4I131NVJtnm1q_2-nrFIpOpLHE.mft rsync://rpki.ripe.net/repository/DEFAULT/F4I131NVJtnm1q_2-nrFIpOpLHE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 05:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:5b:1c:25:de:7f:9b:0a:65:95:33:37:6f:6f:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=178235df535526d9e6d6aff6fa7ac52293a92c71 Validity Not Before: Jan 2 08:19:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9d2a0a0a1e79946303fbb825e78614a5910afd71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:16:ce:5c:92:fe:bc:be:27:fa:2a:a9:6a:b1: 1e:05:14:49:d8:f4:70:42:21:6e:51:1f:8c:c4:12: 5c:ac:4f:64:73:76:56:d0:b4:83:5b:a7:21:51:d9: 44:9e:d9:6e:40:b3:63:34:11:94:ad:36:26:48:af: ba:0f:c7:49:ce:81:89:65:a6:f0:39:7f:19:49:22: 70:32:22:3e:9a:b5:a4:88:7f:1d:a1:53:fa:4f:3a: f7:65:6e:fd:c1:38:11:c5:19:39:15:7b:d4:34:39: 3c:f0:ad:ca:d6:85:a0:65:4d:b2:83:f4:af:37:53: 99:63:1b:45:78:b5:bc:e1:38:fd:c7:97:9f:aa:92: 6a:7e:23:f5:f1:0b:a7:2c:17:40:24:67:5e:17:37: 6e:12:9c:4b:57:9c:36:9b:12:ae:93:79:31:df:36: 55:81:c6:11:6a:87:3c:98:73:f8:c1:72:b4:d1:b2: 13:8d:99:20:56:b1:22:00:7d:68:57:fc:3c:24:d7: 04:df:ed:74:ee:d3:58:a4:fa:47:a5:29:20:00:25: 87:5f:4c:87:bf:43:89:fd:ac:88:39:58:f7:1c:54: 93:bf:95:d4:17:37:80:92:5b:27:4b:2b:94:4e:0e: b5:b6:c4:f1:fb:b8:3e:57:34:f9:b8:c6:1d:ab:a7: 28:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:2A:0A:0A:1E:79:94:63:03:FB:B8:25:E7:86:14:A5:91:0A:FD:71 X509v3 Authority Key Identifier: keyid:17:82:35:DF:53:55:26:D9:E6:D6:AF:F6:FA:7A:C5:22:93:A9:2C:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F4I131NVJtnm1q_2-nrFIpOpLHE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/c383bb-e806-4a6d-a2e8-ee5ca36f1d9a/1/nSoKCh55lGMD-7gl54YUpZEK_XE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/c383bb-e806-4a6d-a2e8-ee5ca36f1d9a/1/F4I131NVJtnm1q_2-nrFIpOpLHE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.17.228.0/23 82.214.66.0/24 82.214.76.0-82.214.78.255 82.214.84.0/23 82.214.96.0/21 82.214.108.0-82.214.121.255 IPv6: 2a02:2230:200::/40 2a02:2230:1200::/40 2a02:2230:2200::/40 2a02:2230:3200::/40 2a02:2230:4200::/40 2a02:2230:6200::/40 Signature Algorithm: sha256WithRSAEncryption 91:af:fe:90:ec:ef:26:ec:9e:90:95:bb:da:d7:24:b9:43:34: 6f:d5:89:3c:4a:d0:de:62:08:b2:7c:69:5b:6d:11:6d:55:b6: 8e:96:e8:a3:d3:40:72:3a:75:df:07:fd:98:b6:3f:e3:85:be: 2f:f1:7d:d3:3f:0b:21:71:71:e1:c6:4f:59:90:72:0a:39:b5: f3:21:99:4b:76:61:bb:29:c4:2e:80:6b:a1:b8:7f:21:d4:e6: 47:9c:18:67:33:52:c1:d4:bc:3b:b3:6a:c0:c2:ee:57:ca:d5: b7:fb:5b:2d:cf:0d:4b:45:4c:ac:31:59:41:7d:d1:98:d1:ce: 86:f4:67:58:8e:6e:7e:cc:54:37:c9:b1:bf:21:8e:40:37:e1: d3:4f:cf:2a:00:b8:95:c1:8b:65:8a:06:37:23:4e:5d:63:12: 73:4e:b4:6f:1d:1b:42:f7:ac:e1:69:13:18:05:e5:3b:66:11: e7:e5:5f:52:02:76:bf:1c:eb:48:70:49:e6:b6:95:65:0d:ed: 52:a3:e2:89:91:fd:16:1a:e5:6e:d1:3c:c7:47:ba:59:69:c8: cc:29:3b:ce:40:97:47:7c:8e:37:5e:07:ba:7d:61:b4:f9:18: c8:c2:91:57:3e:89:53:ea:3c:9e:4b:6b:29:09:05:99:30:00: 80:e5:dd:75 -----BEGIN CERTIFICATE----- MIIFZDCCBEygAwIBAgISAZt9ylscJd5/mwpllTM3b2/sMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE3ODIzNWRmNTM1NTI2ZDllNmQ2YWZmNmZhN2FjNTIyOTNh OTJjNzEwHhcNMjYwMTAyMDgxOTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZDJhMGEwYTFlNzk5NDYzMDNmYmI4MjVlNzg2MTRhNTkxMGFmZDcxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBbOXJL+vL4n+iqparEeBRRJ2PRw QiFuUR+MxBJcrE9kc3ZW0LSDW6chUdlEntluQLNjNBGUrTYmSK+6D8dJzoGJZabw OX8ZSSJwMiI+mrWkiH8doVP6Tzr3ZW79wTgRxRk5FXvUNDk88K3K1oWgZU2yg/Sv N1OZYxtFeLW84Tj9x5efqpJqfiP18QunLBdAJGdeFzduEpxLV5w2mxKuk3kx3zZV gcYRaoc8mHP4wXK00bITjZkgVrEiAH1oV/w8JNcE3+107tNYpPpHpSkgACWHX0yH v0OJ/ayIOVj3HFSTv5XUFzeAklsnSyuUTg61tsTx+7g+VzT5uMYdq6conwIDAQAB o4ICcDCCAmwwHQYDVR0OBBYEFJ0qCgoeeZRjA/u4JeeGFKWRCv1xMB8GA1UdIwQY MBaAFBeCNd9TVSbZ5tav9vp6xSKTqSxxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRjRJMTMxTlZKdG5tMXFfMi1uckZJcE9wTEhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9jMzgzYmItZTgwNi00YTZkLWEyZTgt ZWU1Y2EzNmYxZDlhLzEvblNvS0NoNTVsR01ELTdnbDU0WVVwWkVLX1hFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yi9jMzgzYmItZTgwNi00YTZkLWEyZTgtZWU1Y2EzNmYxZDlh LzEvRjRJMTMxTlZKdG5tMXFfMi1uckZJcE9wTEhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwOgQCAAEwNAMEAVER5AME AFLWQjAMAwQCUtZMAwQAUtZOAwQBUtZUAwQDUtZgMAwDBAJS1mwDBAFS1ngwNgQC AAIwMAMGACoCIjACAwYAKgIiMBIDBgAqAiIwIgMGACoCIjAyAwYAKgIiMEIDBgAq AiIwYjANBgkqhkiG9w0BAQsFAAOCAQEAka/+kOzvJuyekJW72tckuUM0b9WJPErQ 3mIIsnxpW20RbVW2jpboo9NAcjp13wf9mLY/44W+L/F90z8LIXFx4cZPWZByCjm1 8yGZS3ZhuynELoBrobh/IdTmR5wYZzNSwdS8O7NqwMLuV8rVt/tbLc8NS0VMrDFZ QX3RmNHOhvRnWI5ufsxUN8mxvyGOQDfh00/PKgC4lcGLZYoGNyNOXWMSc060bx0b Qves4WkTGAXlO2YR5+VfUgJ2vxzrSHBJ5raVZQ3tUqPiiZH9FhrlbtE8x0e6WWnI zCk7zkCXR3yON14Hun1htPkYyMKRVz6JU+o8nktrKQkFmTAAgOXddQ== -----END CERTIFICATE-----Generated at Sun Jan 25 15:12:49 2026 by rpki-client