This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/nhzxopyxtZ3ZNpXqMYr4_bVPXYw.roa File: nhzxopyxtZ3ZNpXqMYr4_bVPXYw.roa (raw, json) Hash identifier: XWNHr6I19HMZl/NwLAbZ/QL51wNU0N0GDXtB6ekbpGI= Subject key identifier: 9E:1C:F1:A2:9C:B1:B5:9D:D9:36:95:EA:31:8A:F8:FD:B5:4F:5D:8C Certificate issuer: /CN=aedaeea9117a1d5ccc320222955a09faa0798fd9 Certificate serial: 019B7F824722D7F19443BD7819604BE780DA Authority key identifier: AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/nhzxopyxtZ3ZNpXqMYr4_bVPXYw.roa Signing time: Fri 02 Jan 2026 16:20:02 +0000 ROA not before: Fri 02 Jan 2026 16:20:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 30282 IP address blocks: 31.186.224.0/24 maxlen: 24 31.186.230.0/24 maxlen: 24 31.186.240.0/23 maxlen: 23 31.186.242.0/23 maxlen: 23 31.186.246.0/23 maxlen: 23 31.186.252.0/22 maxlen: 22 77.242.204.0/22 maxlen: 22 95.172.78.0/23 maxlen: 23 95.172.90.0/23 maxlen: 23 2a02:b50:4000::/34 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.crl rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.mft rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:82:47:22:d7:f1:94:43:bd:78:19:60:4b:e7:80:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aedaeea9117a1d5ccc320222955a09faa0798fd9 Validity Not Before: Jan 2 16:20:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9e1cf1a29cb1b59dd93695ea318af8fdb54f5d8c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:c1:e3:89:f3:cd:8d:61:0e:2b:ae:9b:70:5c: 20:87:26:f8:70:5c:d3:55:77:5e:cf:39:19:e4:cf: 0f:c2:44:cd:2c:d0:cd:a8:2e:87:3c:6d:5d:98:ac: 2d:86:bf:12:2c:ad:1e:ae:9a:42:f2:d1:bb:18:6e: 57:5b:72:e3:65:ca:1a:42:fc:27:0e:f4:d6:3f:4e: 83:b6:40:8c:6d:a1:63:ab:cb:5e:76:14:28:33:da: e6:07:33:04:82:b3:ec:1e:82:d3:d6:d4:7f:e3:e9: 32:29:58:3e:93:fe:b9:28:a0:27:99:c0:5f:94:c1: 83:8b:68:d9:10:aa:51:d0:31:76:94:22:d6:f9:1c: ad:01:db:71:22:39:dd:a6:30:20:70:9d:82:c2:38: df:e6:3a:74:c3:eb:40:97:00:6c:87:88:1a:94:12: 90:9f:41:cb:3e:01:fd:5f:b5:fe:f4:e1:b4:d8:2e: 02:98:b9:2a:0c:e5:f2:ea:13:fc:be:24:ea:d4:b6: 0f:85:90:fb:0d:48:46:69:06:66:2a:db:d9:0a:93: c4:cb:b5:17:8c:7d:44:82:48:2b:b6:19:66:f9:21: 21:b2:0d:fd:dd:ef:66:32:be:da:51:a7:78:02:e9: 60:c8:19:11:7e:17:be:50:88:77:8f:27:54:70:ea: 11:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:1C:F1:A2:9C:B1:B5:9D:D9:36:95:EA:31:8A:F8:FD:B5:4F:5D:8C X509v3 Authority Key Identifier: keyid:AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/nhzxopyxtZ3ZNpXqMYr4_bVPXYw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.186.224.0/24 31.186.230.0/24 31.186.240.0/22 31.186.246.0/23 31.186.252.0/22 77.242.204.0/22 95.172.78.0/23 95.172.90.0/23 IPv6: 2a02:b50:4000::/34 Signature Algorithm: sha256WithRSAEncryption 48:6c:6e:7f:b6:fe:7c:b4:36:21:11:a6:b4:af:f7:bc:5d:4a: d0:e5:d9:11:18:b2:f3:d3:57:5d:6f:fd:d6:c9:a4:94:af:42: 46:d6:96:ea:81:74:10:82:64:95:9b:7d:a2:a2:28:9a:3f:e8: ef:47:9b:c1:6d:dd:dd:30:df:f2:bf:21:39:07:f9:d5:35:5c: 18:84:c9:24:3f:ab:c4:6a:e6:03:8a:2b:a1:df:38:11:d7:7b: 7a:e6:59:33:71:e7:90:b0:0f:32:b7:de:df:59:b1:9f:46:96: a2:3e:9a:59:4e:8d:b5:bb:3b:99:b6:b0:94:b0:98:45:22:8b: 0b:f8:6b:72:33:2b:6b:94:22:8f:75:56:26:12:9f:d4:93:06: 64:ea:fd:cf:04:f0:b6:4b:14:36:d3:24:4a:25:e2:47:18:9e: a3:f7:61:93:38:6f:45:1e:21:6a:dc:49:c9:4f:95:86:c2:dc: 14:96:b6:1f:31:2f:66:84:1a:06:d3:bf:c9:51:bf:11:80:26: e7:6b:8c:48:a6:6f:72:23:78:11:72:6b:6a:be:33:6e:85:08: 8b:4f:eb:73:05:44:a5:ad:16:4d:3d:0f:74:07:d3:e0:59:b1: ea:54:2c:23:b2:ed:57:a5:b2:8a:35:67:38:47:ff:08:3a:ae: e2:87:b0:52 -----BEGIN CERTIFICATE----- MIIFNzCCBB+gAwIBAgISAZt/gkci1/GUQ714GWBL54DaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFlZGFlZWE5MTE3YTFkNWNjYzMyMDIyMjk1NWEwOWZhYTA3 OThmZDkwHhcNMjYwMTAyMTYyMDAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZTFjZjFhMjljYjFiNTlkZDkzNjk1ZWEzMThhZjhmZGI1NGY1ZDhjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8HjifPNjWEOK66bcFwghyb4cFzT VXdezzkZ5M8PwkTNLNDNqC6HPG1dmKwthr8SLK0erppC8tG7GG5XW3LjZcoaQvwn DvTWP06DtkCMbaFjq8tedhQoM9rmBzMEgrPsHoLT1tR/4+kyKVg+k/65KKAnmcBf lMGDi2jZEKpR0DF2lCLW+RytAdtxIjndpjAgcJ2Cwjjf5jp0w+tAlwBsh4galBKQ n0HLPgH9X7X+9OG02C4CmLkqDOXy6hP8viTq1LYPhZD7DUhGaQZmKtvZCpPEy7UX jH1Egkgrthlm+SEhsg393e9mMr7aUad4AulgyBkRfhe+UIh3jydUcOoRAwIDAQAB o4ICQzCCAj8wHQYDVR0OBBYEFJ4c8aKcsbWd2TaV6jGK+P21T12MMB8GA1UdIwQY MBaAFK7a7qkReh1czDICIpVaCfqgeY/ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEt OTk4NjhjNTEzMjlhLzEvbmh6eG9weXh0WjNaTnBYcU1ZcjRfYlZQWFl3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEtOTk4NjhjNTEzMjlh LzEvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDA2BAIAATAwAwQAH7rgAwQA H7rmAwQCH7rwAwQBH7r2AwQCH7r8AwQCTfLMAwQBX6xOAwQBX6xaMA4EAgACMAgD BgYqAgtQQDANBgkqhkiG9w0BAQsFAAOCAQEASGxuf7b+fLQ2IRGmtK/3vF1K0OXZ ERiy89NXXW/91smklK9CRtaW6oF0EIJklZt9oqIomj/o70ebwW3d3TDf8r8hOQf5 1TVcGITJJD+rxGrmA4orod84Edd7euZZM3HnkLAPMrfe31mxn0aWoj6aWU6Ntbs7 mbawlLCYRSKLC/hrcjMra5Qij3VWJhKf1JMGZOr9zwTwtksUNtMkSiXiRxieo/dh kzhvRR4hatxJyU+VhsLcFJa2HzEvZoQaBtO/yVG/EYAm52uMSKZvciN4EXJrar4z boUIi0/rcwVEpa0WTT0PdAfT4Fmx6lQsI7LtV6WyijVnOEf/CDqu4oewUg== -----END CERTIFICATE-----Generated at Sun Jan 25 17:47:39 2026 by rpki-client