This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/e13112-5758-4552-b2ad-ed1b9b8e6470/1/NBei4LdBsHZ6BQheCZXzva3D_io.roa File: NBei4LdBsHZ6BQheCZXzva3D_io.roa (raw, json) Hash identifier: Ao2IxiAhOOXCtUZ4UAP36ctfXjHHxfB4rqAgfIlvuRg= Subject key identifier: 34:17:A2:E0:B7:41:B0:76:7A:05:08:5E:09:95:F3:BD:AD:C3:FE:2A Certificate issuer: /CN=292fb09f7e68afe95f23913114e6c0a6aa726fdd Certificate serial: 019B79ED412F1692A877B4BBF4058435FA59 Authority key identifier: 29:2F:B0:9F:7E:68:AF:E9:5F:23:91:31:14:E6:C0:A6:AA:72:6F:DD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KS-wn35or-lfI5ExFObApqpyb90.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/e13112-5758-4552-b2ad-ed1b9b8e6470/1/NBei4LdBsHZ6BQheCZXzva3D_io.roa Signing time: Thu 01 Jan 2026 14:19:10 +0000 ROA not before: Thu 01 Jan 2026 14:19:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43967 IP address blocks: 91.200.180.0/24 maxlen: 24 91.200.181.0/24 maxlen: 24 91.200.182.0/24 maxlen: 24 91.200.183.0/24 maxlen: 24 178.159.224.0/24 maxlen: 24 178.159.225.0/24 maxlen: 24 178.159.226.0/24 maxlen: 24 178.159.227.0/24 maxlen: 24 178.159.228.0/24 maxlen: 24 178.159.229.0/24 maxlen: 24 178.159.230.0/24 maxlen: 24 178.159.231.0/24 maxlen: 24 178.159.232.0/24 maxlen: 24 178.159.233.0/24 maxlen: 24 178.159.234.0/24 maxlen: 24 178.159.235.0/24 maxlen: 24 178.159.236.0/24 maxlen: 24 178.159.237.0/24 maxlen: 24 178.159.238.0/24 maxlen: 24 178.159.239.0/24 maxlen: 24 193.160.97.0/24 maxlen: 24 194.31.44.0/22 maxlen: 22 194.31.44.0/24 maxlen: 24 194.31.45.0/24 maxlen: 24 194.31.46.0/24 maxlen: 24 194.31.47.0/24 maxlen: 24 195.211.136.0/24 maxlen: 24 195.211.137.0/24 maxlen: 24 195.211.138.0/24 maxlen: 24 195.211.139.0/24 maxlen: 24 195.211.140.0/24 maxlen: 24 195.211.141.0/24 maxlen: 24 195.211.142.0/24 maxlen: 24 195.211.143.0/24 maxlen: 24 195.211.144.0/24 maxlen: 24 195.211.145.0/24 maxlen: 24 195.211.146.0/24 maxlen: 24 195.211.147.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/e13112-5758-4552-b2ad-ed1b9b8e6470/1/KS-wn35or-lfI5ExFObApqpyb90.crl rsync://rpki.ripe.net/repository/DEFAULT/9e/e13112-5758-4552-b2ad-ed1b9b8e6470/1/KS-wn35or-lfI5ExFObApqpyb90.mft rsync://rpki.ripe.net/repository/DEFAULT/KS-wn35or-lfI5ExFObApqpyb90.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 08:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ed:41:2f:16:92:a8:77:b4:bb:f4:05:84:35:fa:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=292fb09f7e68afe95f23913114e6c0a6aa726fdd Validity Not Before: Jan 1 14:19:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3417a2e0b741b0767a05085e0995f3bdadc3fe2a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:62:5f:13:69:8b:cc:b0:ae:8f:94:a7:9f:0f: 51:57:e7:e3:87:57:83:bd:66:03:29:48:1b:28:16: cf:83:b2:99:65:5b:11:a2:08:42:63:38:80:ed:23: cc:cc:19:7b:54:d3:e3:39:52:2e:8d:6f:75:e2:c1: 87:10:fb:5f:a7:d3:70:fe:39:2d:e8:d3:62:b4:cb: 2a:49:c2:d9:a0:cc:f5:f0:6c:88:fd:93:72:8d:5b: 33:b0:39:71:11:99:87:33:f3:39:b3:3b:4c:3b:78: 66:27:f8:0b:9f:b7:c7:de:33:97:b2:bf:0a:66:6d: a1:52:45:df:a6:3c:a9:c1:8d:81:0c:a5:a9:ae:80: dc:cb:5f:ab:81:9e:94:05:66:bc:26:2b:c6:99:8f: 69:c2:5b:f7:a4:71:96:cf:af:a0:35:4e:66:b4:cb: 90:02:1f:51:eb:2c:8a:7c:1a:b7:74:e4:de:b8:00: 88:da:08:b4:67:4c:57:bb:0f:53:f2:cf:c9:62:84: 6d:dc:61:41:5a:2a:36:3a:60:74:4f:41:c7:14:2b: 66:bc:48:79:2d:cd:c6:b8:12:99:26:b4:63:2b:7d: 22:5d:a8:d3:cf:ec:10:37:e2:b1:94:0b:97:41:7d: dc:68:eb:9b:ab:2e:dc:18:c9:8f:3e:2e:d2:71:36: 85:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:17:A2:E0:B7:41:B0:76:7A:05:08:5E:09:95:F3:BD:AD:C3:FE:2A X509v3 Authority Key Identifier: keyid:29:2F:B0:9F:7E:68:AF:E9:5F:23:91:31:14:E6:C0:A6:AA:72:6F:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KS-wn35or-lfI5ExFObApqpyb90.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/e13112-5758-4552-b2ad-ed1b9b8e6470/1/NBei4LdBsHZ6BQheCZXzva3D_io.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/e13112-5758-4552-b2ad-ed1b9b8e6470/1/KS-wn35or-lfI5ExFObApqpyb90.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.200.180.0/22 178.159.224.0/20 193.160.97.0/24 194.31.44.0/22 195.211.136.0-195.211.147.255 Signature Algorithm: sha256WithRSAEncryption 5c:4e:f3:7f:e6:b0:69:ee:34:51:31:de:d1:bd:48:d4:ff:a3: 00:08:c1:56:06:5e:77:ea:27:59:95:29:f4:d3:f3:5d:3f:32: 8c:ae:da:ae:56:bc:fb:f8:cb:42:c0:5c:59:42:c4:d2:f2:fb: a1:cb:4f:b8:81:55:4c:3b:5c:23:65:ae:17:a8:1f:54:f2:da: 23:89:19:76:3b:14:b9:05:b9:d6:89:c2:e4:6c:16:e8:f2:0e: 86:fb:74:e9:a2:1c:57:cb:87:eb:57:bd:3b:f8:42:a1:f5:43: 74:5f:10:a2:56:c9:64:0b:d0:c1:d4:a6:d3:43:80:db:7d:26: 4e:97:20:0b:2f:1d:7f:b2:a7:05:d3:0b:93:05:f6:e5:39:c9: d9:e2:44:2d:e7:77:87:43:04:27:17:cc:59:c2:2d:01:67:e2: 83:f2:9d:d2:56:f4:53:ee:83:73:f0:37:c6:b6:63:2d:1b:33: a5:fd:c8:8e:a8:f6:7c:14:a4:7a:60:2c:07:dd:66:2c:46:7d: 54:54:a4:02:5a:7c:bf:31:24:02:9a:c8:50:68:37:00:d0:5c: fb:6d:76:3e:ea:7b:f9:08:82:a6:a1:ef:59:fc:56:3a:b1:e5: c8:a9:c6:8c:70:aa:11:a6:7e:57:0e:4f:31:c3:d4:ec:8c:ca: 36:bc:2f:84 -----BEGIN CERTIFICATE----- MIIFHTCCBAWgAwIBAgISAZt57UEvFpKod7S79AWENfpZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5MmZiMDlmN2U2OGFmZTk1ZjIzOTEzMTE0ZTZjMGE2YWE3 MjZmZGQwHhcNMjYwMTAxMTQxOTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNDE3YTJlMGI3NDFiMDc2N2EwNTA4NWUwOTk1ZjNiZGFkYzNmZTJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2JfE2mLzLCuj5Snnw9RV+fjh1eD vWYDKUgbKBbPg7KZZVsRoghCYziA7SPMzBl7VNPjOVIujW914sGHEPtfp9Nw/jkt 6NNitMsqScLZoMz18GyI/ZNyjVszsDlxEZmHM/M5sztMO3hmJ/gLn7fH3jOXsr8K Zm2hUkXfpjypwY2BDKWproDcy1+rgZ6UBWa8JivGmY9pwlv3pHGWz6+gNU5mtMuQ Ah9R6yyKfBq3dOTeuACI2gi0Z0xXuw9T8s/JYoRt3GFBWio2OmB0T0HHFCtmvEh5 Lc3GuBKZJrRjK30iXajTz+wQN+KxlAuXQX3caOubqy7cGMmPPi7ScTaFmQIDAQAB o4ICKTCCAiUwHQYDVR0OBBYEFDQXouC3QbB2egUIXgmV872tw/4qMB8GA1UdIwQY MBaAFCkvsJ9+aK/pXyORMRTmwKaqcm/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1Mtd24zNW9yLWxmSTVFeEZPYkFwcXB5YjkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9lMTMxMTItNTc1OC00NTUyLWIyYWQt ZWQxYjliOGU2NDcwLzEvTkJlaTRMZEJzSFo2QlFoZUNaWHp2YTNEX2lvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZS9lMTMxMTItNTc1OC00NTUyLWIyYWQtZWQxYjliOGU2NDcw LzEvS1Mtd24zNW9yLWxmSTVFeEZPYkFwcXB5YjkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCW8i0AwQE sp/gAwQAwaBhAwQCwh8sMAwDBAPD04gDBALD05AwDQYJKoZIhvcNAQELBQADggEB AFxO83/msGnuNFEx3tG9SNT/owAIwVYGXnfqJ1mVKfTT810/Moyu2q5WvPv4y0LA XFlCxNLy+6HLT7iBVUw7XCNlrheoH1Ty2iOJGXY7FLkFudaJwuRsFujyDob7dOmi HFfLh+tXvTv4QqH1Q3RfEKJWyWQL0MHUptNDgNt9Jk6XIAsvHX+ypwXTC5MF9uU5 ydniRC3nd4dDBCcXzFnCLQFn4oPyndJW9FPug3PwN8a2Yy0bM6X9yI6o9nwUpHpg LAfdZixGfVRUpAJafL8xJAKayFBoNwDQXPttdj7qe/kIgqah71n8Vjqx5cipxoxw qhGmflcOTzHD1OyMyja8L4Q= -----END CERTIFICATE-----Generated at Mon Jan 26 16:23:30 2026 by rpki-client