This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JN3hsGt4GP9frzrWMRbzjtbvrno.roa File: JN3hsGt4GP9frzrWMRbzjtbvrno.roa (raw, json) Hash identifier: bJGCfatjPZEw38VAYThgue1osu84Y13a1sacKbz5tcQ= Subject key identifier: 24:DD:E1:B0:6B:78:18:FF:5F:AF:3A:D6:31:16:F3:8E:D6:EF:AE:7A Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Certificate serial: 019BDAC9E15981F393CA99BF72BA6ECDF772 Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JN3hsGt4GP9frzrWMRbzjtbvrno.roa Signing time: Tue 20 Jan 2026 09:43:42 +0000 ROA not before: Tue 20 Jan 2026 09:43:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206092 IP address blocks: 45.67.96.0/24 maxlen: 24 45.130.80.0/24 maxlen: 24 45.130.81.0/24 maxlen: 24 45.130.83.0/24 maxlen: 24 45.135.186.0/24 maxlen: 24 45.140.135.0/24 maxlen: 24 89.38.70.0/24 maxlen: 24 89.47.15.0/24 maxlen: 24 91.217.249.0/24 maxlen: 24 185.192.16.0/24 maxlen: 24 185.192.71.0/24 maxlen: 24 188.212.135.0/24 maxlen: 24 193.19.109.0/24 maxlen: 24 203.26.81.0/24 maxlen: 24 203.159.81.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:da:c9:e1:59:81:f3:93:ca:99:bf:72:ba:6e:cd:f7:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Validity Not Before: Jan 20 09:43:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=24dde1b06b7818ff5faf3ad63116f38ed6efae7a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:19:8d:f7:2c:22:6b:c2:d6:a2:c4:96:bb:46: 9a:8e:e5:a7:f0:10:c4:11:7b:63:d1:9d:2c:cc:d6: b3:92:69:bf:21:43:26:33:c0:bf:ab:9d:6e:c0:90: cc:45:98:a1:6b:f4:53:5c:d9:1f:43:dc:ba:2c:d4: e1:3b:a3:c4:a4:1a:8e:5b:48:17:8c:c3:54:07:e0: 78:1b:42:73:9e:e6:0e:03:10:0b:74:6e:4c:62:f0: 28:9a:d9:58:f4:7b:f8:a5:cb:10:e9:76:55:2f:cb: 51:61:92:fc:86:87:b0:dc:26:a1:cc:da:6e:32:7c: 1d:6b:78:a0:7c:1b:69:02:7e:3a:5c:0c:61:a0:80: f4:59:86:fe:78:70:a0:69:d9:71:e8:83:82:e1:e2: f7:77:71:91:d0:b4:94:f0:5c:66:eb:ec:2f:4f:26: b2:cc:79:2b:15:68:ee:84:bc:1e:fa:43:1f:48:2f: 49:fc:e6:24:5a:57:ee:4e:41:99:a8:5a:1f:1e:9d: 69:5d:e9:e3:f0:db:a3:a7:90:ae:2a:08:89:d0:5a: a3:30:28:8d:c7:77:26:a2:fb:3b:16:e1:3c:b6:ff: 3b:c6:9e:c6:d4:10:b2:30:04:52:3c:71:d8:fe:06: 5c:5f:23:0d:bf:ab:af:6c:79:ab:cc:78:2f:8b:84: e1:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:DD:E1:B0:6B:78:18:FF:5F:AF:3A:D6:31:16:F3:8E:D6:EF:AE:7A X509v3 Authority Key Identifier: keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JN3hsGt4GP9frzrWMRbzjtbvrno.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.67.96.0/24 45.130.80.0/23 45.130.83.0/24 45.135.186.0/24 45.140.135.0/24 89.38.70.0/24 89.47.15.0/24 91.217.249.0/24 185.192.16.0/24 185.192.71.0/24 188.212.135.0/24 193.19.109.0/24 203.26.81.0/24 203.159.81.0/24 Signature Algorithm: sha256WithRSAEncryption 0b:e0:17:3e:a9:79:48:42:01:82:89:76:fd:cf:5c:f1:8d:e8: f2:36:75:69:cc:bf:69:46:03:fb:42:92:09:53:34:ad:ae:fd: e3:5f:38:b0:eb:e6:bf:ca:39:d9:50:a3:17:35:ec:68:89:9a: a2:56:a9:4f:57:94:06:fb:f7:91:fa:6d:0a:50:46:56:72:83: 66:44:ff:88:e8:0e:f4:b1:da:1a:ff:00:9f:38:81:87:50:c4: cc:07:94:e9:77:1b:a9:f5:62:35:00:08:5c:ad:f2:94:71:1f: f4:bc:34:3f:f8:4a:e1:9c:44:b2:d2:49:1b:9e:f7:21:79:dc: 00:90:55:2a:d7:8c:46:74:85:6e:e6:17:df:ed:7f:fa:a9:b4: a3:70:b9:86:72:76:07:88:03:c3:0d:e6:a3:69:1a:1a:c1:b4: 8c:96:23:00:3b:d3:76:14:9c:53:70:d5:af:66:1b:0c:c3:ea: 7c:e8:5e:ab:ff:2a:94:e8:05:09:66:ba:ea:4a:00:1a:7a:1f: a9:ed:b3:10:b7:47:62:3d:d7:e0:5b:2b:e3:07:3c:15:5a:66: 7a:0f:ab:65:2b:8d:8c:9b:5b:e4:fa:14:53:b7:f6:92:ca:c5: 4b:08:7a:d9:c7:e1:2f:a1:72:7a:5a:90:77:f2:13:b3:69:79: a2:44:aa:52 -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgISAZvayeFZgfOTypm/crpuzfdyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw NWIwZTIwHhcNMjYwMTIwMDk0MzQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyNGRkZTFiMDZiNzgxOGZmNWZhZjNhZDYzMTE2ZjM4ZWQ2ZWZhZTdhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxmN9ywia8LWosSWu0aajuWn8BDE EXtj0Z0szNazkmm/IUMmM8C/q51uwJDMRZiha/RTXNkfQ9y6LNThO6PEpBqOW0gX jMNUB+B4G0JznuYOAxALdG5MYvAomtlY9Hv4pcsQ6XZVL8tRYZL8hoew3CahzNpu Mnwda3igfBtpAn46XAxhoID0WYb+eHCgadlx6IOC4eL3d3GR0LSU8Fxm6+wvTyay zHkrFWjuhLwe+kMfSC9J/OYkWlfuTkGZqFofHp1pXenj8Nujp5CuKgiJ0FqjMCiN x3cmovs7FuE8tv87xp7G1BCyMARSPHHY/gZcXyMNv6uvbHmrzHgvi4ThoQIDAQAB o4ICVzCCAlMwHQYDVR0OBBYEFCTd4bBreBj/X6861jEW847W7656MB8GA1UdIwQY MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt MmNjZWRiOTY2YTU4LzEvSk4zaHNHdDRHUDlmcnpyV01SYnpqdGJ2cm5vLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4 LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQALUNgAwQB LYJQAwQALYJTAwQALYe6AwQALYyHAwQAWSZGAwQAWS8PAwQAW9n5AwQAucAQAwQA ucBHAwQAvNSHAwQAwRNtAwQAyxpRAwQAy59RMA0GCSqGSIb3DQEBCwUAA4IBAQAL 4Bc+qXlIQgGCiXb9z1zxjejyNnVpzL9pRgP7QpIJUzStrv3jXziw6+a/yjnZUKMX NexoiZqiVqlPV5QG+/eR+m0KUEZWcoNmRP+I6A70sdoa/wCfOIGHUMTMB5Tpdxup 9WI1AAhcrfKUcR/0vDQ/+ErhnESy0kkbnvchedwAkFUq14xGdIVu5hff7X/6qbSj cLmGcnYHiAPDDeajaRoawbSMliMAO9N2FJxTcNWvZhsMw+p86F6r/yqU6AUJZrrq SgAaeh+p7bMQt0diPdfgWyvjBzwVWmZ6D6tlK42Mm1vk+hRTt/aSysVLCHrZx+Ev oXJ6WpB38hOzaXmiRKpS -----END CERTIFICATE-----Generated at Sun Jan 25 10:21:15 2026 by rpki-client