This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/nk_BFnPjxZUVaqPDlNJQf6RBw4A.roa File: nk_BFnPjxZUVaqPDlNJQf6RBw4A.roa (raw, json) Hash identifier: vVJ+n/DVIwr6d39NjXvbQOW6EJnb9U7HwwIO7E8CVpo= Subject key identifier: 9E:4F:C1:16:73:E3:C5:95:15:6A:A3:C3:94:D2:50:7F:A4:41:C3:80 Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c Certificate serial: 019B7A5B6C1AB603E448585E44150E7156A1 Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/nk_BFnPjxZUVaqPDlNJQf6RBw4A.roa Signing time: Thu 01 Jan 2026 16:19:30 +0000 ROA not before: Thu 01 Jan 2026 16:19:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197727 IP address blocks: 185.15.164.0/22 maxlen: 22 185.15.165.0/24 maxlen: 24 185.15.167.0/24 maxlen: 24 194.151.12.0/24 maxlen: 24 194.151.85.0/24 maxlen: 24 194.151.86.0/24 maxlen: 24 2001:67c:21ac::/48 maxlen: 48 2a03:ca40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.mft rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:6c:1a:b6:03:e4:48:58:5e:44:15:0e:71:56:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c Validity Not Before: Jan 1 16:19:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9e4fc11673e3c595156aa3c394d2507fa441c380 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:47:dc:c0:f1:39:a4:a4:34:36:13:cd:43:d1: 28:85:2e:9f:03:dc:e6:4b:32:30:d4:e3:9d:14:81: 3b:9d:b6:66:de:60:91:85:5d:02:17:33:3b:2b:38: 1c:d0:b9:b4:ab:4e:53:51:c4:6a:93:a3:50:f9:45: 33:53:32:3c:42:6e:02:72:f3:11:05:ef:47:b4:cf: d0:e2:dd:bb:a6:de:74:29:f0:54:bd:d1:28:a7:fa: da:f4:41:c6:f4:cc:6f:4d:13:a4:e7:47:df:fe:25: 95:36:ba:6e:f3:7a:8a:bc:d5:90:b5:43:d3:a4:23: 26:2e:c9:9e:b4:3b:13:3e:70:69:92:46:8f:ca:cb: 10:61:12:ff:2d:64:26:83:ee:49:19:ba:8c:ef:2d: 5f:13:01:30:2c:a7:77:d4:a6:34:d2:71:9a:a9:e4: 6a:a1:3b:27:90:1d:fe:47:35:78:a0:15:1f:b1:0a: 59:7d:e3:8f:2a:21:57:2a:6b:e5:d7:7f:8d:47:cb: 07:f0:e2:53:a2:da:d5:ae:17:fa:bc:17:48:8d:c4: ac:2c:29:fe:46:e3:71:d6:42:cb:df:51:c1:e4:18: 7e:1d:86:b6:40:c7:0b:79:ca:6a:9b:86:33:19:54: 29:a4:06:8b:85:f8:e5:ca:8c:ee:3a:9c:bb:e6:ad: 76:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:4F:C1:16:73:E3:C5:95:15:6A:A3:C3:94:D2:50:7F:A4:41:C3:80 X509v3 Authority Key Identifier: keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/nk_BFnPjxZUVaqPDlNJQf6RBw4A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.15.164.0/22 194.151.12.0/24 194.151.85.0-194.151.86.255 IPv6: 2001:67c:21ac::/48 2a03:ca40::/32 Signature Algorithm: sha256WithRSAEncryption 78:c2:f9:c7:2e:af:6f:57:66:8d:85:79:ad:1d:35:ed:9b:5e: ac:3e:29:a3:41:2c:5e:77:48:34:79:1d:62:6c:40:ab:df:e8: 6d:b6:34:ce:1d:4d:68:e9:6f:53:2d:73:c4:4b:9e:a4:99:11: 0f:32:10:0d:39:5e:48:c1:b8:d7:a8:71:dc:4d:64:86:38:b7: 19:69:0c:46:0f:81:2f:4b:34:07:84:96:a8:f3:50:92:82:24: 47:f8:7c:13:2c:2c:f3:89:f5:74:fd:56:e7:df:01:92:55:9f: c5:3b:fc:fb:7d:01:25:bb:a2:8b:5b:64:93:df:15:7d:fd:df: 5e:b1:6c:51:cf:93:03:a2:6f:ac:d3:63:da:4e:2a:d9:0b:0a: 56:68:f1:47:77:38:f2:11:55:f1:47:d6:28:3c:85:65:74:c8: 06:89:7e:58:80:b5:b4:5c:c2:80:5d:05:8c:8b:a0:1e:af:93: 52:ea:5a:5d:b9:e1:0b:3f:80:d5:db:08:1c:6c:8c:78:90:f5: 60:71:48:e6:d2:05:a5:d3:9b:e3:99:8b:97:22:47:81:58:b2: 25:48:16:02:55:15:eb:b2:4d:be:e0:ac:53:66:ca:bf:2a:a2: 4b:ca:f6:9b:18:ea:a1:89:82:b1:33:3b:38:86:3d:ae:72:df: 9a:c2:d9:cf -----BEGIN CERTIFICATE----- MIIFKTCCBBGgAwIBAgISAZt6W2watgPkSFheRBUOcVahMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGMzOTgwNjBmMWJmMjJmMDk5OWNiMDcxYjFiNDI2OTZkYmM0 M2UxMGMwHhcNMjYwMTAxMTYxOTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZTRmYzExNjczZTNjNTk1MTU2YWEzYzM5NGQyNTA3ZmE0NDFjMzgwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykfcwPE5pKQ0NhPNQ9EohS6fA9zm SzIw1OOdFIE7nbZm3mCRhV0CFzM7Kzgc0Lm0q05TUcRqk6NQ+UUzUzI8Qm4CcvMR Be9HtM/Q4t27pt50KfBUvdEop/ra9EHG9MxvTROk50ff/iWVNrpu83qKvNWQtUPT pCMmLsmetDsTPnBpkkaPyssQYRL/LWQmg+5JGbqM7y1fEwEwLKd31KY00nGaqeRq oTsnkB3+RzV4oBUfsQpZfeOPKiFXKmvl13+NR8sH8OJTotrVrhf6vBdIjcSsLCn+ RuNx1kLL31HB5Bh+HYa2QMcLecpqm4YzGVQppAaLhfjlyozuOpy75q12VwIDAQAB o4ICNTCCAjEwHQYDVR0OBBYEFJ5PwRZz48WVFWqjw5TSUH+kQcOAMB8GA1UdIwQY MBaAFMOYBg8b8i8JmcsHGxtCaW28Q+EMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAt YzkyN2I4YzJjN2M0LzEvbmtfQkZuUGp4WlVWYXFQRGxOSlFmNlJCdzRBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAtYzkyN2I4YzJjN2M0 LzEvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAgBAIAATAaAwQCuQ+kAwQA wpcMMAwDBADCl1UDBADCl1YwFgQCAAIwEAMHACABBnwhrAMFACoDykAwDQYJKoZI hvcNAQELBQADggEBAHjC+ccur29XZo2Fea0dNe2bXqw+KaNBLF53SDR5HWJsQKvf 6G22NM4dTWjpb1Mtc8RLnqSZEQ8yEA05XkjBuNeocdxNZIY4txlpDEYPgS9LNAeE lqjzUJKCJEf4fBMsLPOJ9XT9VuffAZJVn8U7/Pt9ASW7ootbZJPfFX39316xbFHP kwOib6zTY9pOKtkLClZo8Ud3OPIRVfFH1ig8hWV0yAaJfliAtbRcwoBdBYyLoB6v k1LqWl254Qs/gNXbCBxsjHiQ9WBxSObSBaXTm+OZi5ciR4FYsiVIFgJVFeuyTb7g rFNmyr8qokvK9psY6qGJgrEzOziGPa5y35rC2c8= -----END CERTIFICATE-----Generated at Sun Jan 25 15:36:40 2026 by rpki-client