This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/NbAa7vVuxBOczxUdgmV7yv_ihIM.roa File: NbAa7vVuxBOczxUdgmV7yv_ihIM.roa (raw, json) Hash identifier: FlSF6xU/X8MrL4smxRaqnNW5wgIas1ZABWQxPw3TwRw= Subject key identifier: 35:B0:1A:EE:F5:6E:C4:13:9C:CF:15:1D:82:65:7B:CA:FF:E2:84:83 Certificate issuer: /CN=bfe9f12c96ba20683aff5c958bfad8e4c577f7fe Certificate serial: 019AE59095907E3A31127EA545E7F0D9BA1A Authority key identifier: BF:E9:F1:2C:96:BA:20:68:3A:FF:5C:95:8B:FA:D8:E4:C5:77:F7:FE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-nxLJa6IGg6_1yVi_rY5MV39_4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/NbAa7vVuxBOczxUdgmV7yv_ihIM.roa Signing time: Wed 03 Dec 2025 18:54:09 +0000 ROA not before: Wed 03 Dec 2025 18:54:09 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 14789 IP address blocks: 2a09:bac0:439::/48 maxlen: 48 2a09:bac0:450::/48 maxlen: 48 2a09:bac0:477::/48 maxlen: 48 2a09:bac0:566::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/v-nxLJa6IGg6_1yVi_rY5MV39_4.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/v-nxLJa6IGg6_1yVi_rY5MV39_4.mft rsync://rpki.ripe.net/repository/DEFAULT/v-nxLJa6IGg6_1yVi_rY5MV39_4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 09:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:e5:90:95:90:7e:3a:31:12:7e:a5:45:e7:f0:d9:ba:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bfe9f12c96ba20683aff5c958bfad8e4c577f7fe Validity Not Before: Dec 3 18:54:09 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=35b01aeef56ec4139ccf151d82657bcaffe28483 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:1e:37:a4:63:da:f3:5f:e5:b6:da:e0:f1:c9: b1:b8:71:e1:fa:c9:95:62:f9:a7:9c:44:23:07:89: 28:e3:f8:26:65:a0:c7:ac:80:e3:12:a4:72:6a:06: 23:e2:3d:30:4c:8f:05:28:64:ed:62:db:cd:4f:72: 17:10:9f:e7:4f:a4:bc:f1:57:bb:37:22:69:50:dd: 7d:57:f6:68:3e:34:a4:19:3c:11:39:54:c1:2d:bc: 36:98:61:68:90:41:24:52:c0:0b:e1:b2:96:bc:d2: ed:33:0d:31:e0:7e:45:99:a8:89:24:e5:7f:68:66: 3a:bf:60:5f:6f:dc:a9:73:43:f3:59:49:32:83:da: af:79:de:f2:c7:17:a5:95:2f:c3:5d:30:c3:35:c9: f5:a7:4b:84:5c:18:01:55:a3:db:be:d6:46:35:ec: 08:f9:14:b0:bc:db:64:1c:78:08:7e:cb:c3:0a:48: cc:c7:03:0c:a0:51:17:31:f4:53:41:e9:e8:93:db: 45:31:6d:d5:a8:e1:09:ac:8b:34:23:4f:ca:7f:1b: d3:52:d8:f7:05:fe:25:0e:12:6d:72:54:a6:93:03: 72:68:55:f0:71:b8:ca:b6:b2:d9:7f:d8:56:e7:a4: cc:37:27:40:35:f2:31:13:59:35:1d:25:82:ce:8c: cb:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:B0:1A:EE:F5:6E:C4:13:9C:CF:15:1D:82:65:7B:CA:FF:E2:84:83 X509v3 Authority Key Identifier: keyid:BF:E9:F1:2C:96:BA:20:68:3A:FF:5C:95:8B:FA:D8:E4:C5:77:F7:FE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-nxLJa6IGg6_1yVi_rY5MV39_4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/NbAa7vVuxBOczxUdgmV7yv_ihIM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/v-nxLJa6IGg6_1yVi_rY5MV39_4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a09:bac0:439::/48 2a09:bac0:450::/48 2a09:bac0:477::/48 2a09:bac0:566::/48 Signature Algorithm: sha256WithRSAEncryption 48:41:9d:16:43:58:64:88:c2:a2:a4:92:25:45:fe:7e:19:32: c1:69:d1:48:da:18:7b:87:5f:b5:39:b6:27:f3:e3:47:b5:72: ef:d3:39:1c:bd:90:d5:95:11:42:9e:26:9d:f6:a1:e8:0b:dd: f9:88:64:48:69:d9:1f:27:c5:85:64:84:7c:3a:ea:8b:a6:98: 5d:d4:d0:00:3e:b2:15:88:14:9d:66:8a:96:ff:56:1c:b6:02: 31:b9:3c:43:86:87:8d:f9:bd:d2:f3:fa:ea:31:15:7c:11:ed: 60:c3:a3:cd:50:a7:a9:22:36:a1:51:2c:43:f8:ed:cf:26:30: 5e:40:f2:7f:dd:a4:20:3e:18:9d:5f:51:12:3f:d6:e4:ae:39: 2a:a6:5a:01:d8:5a:c2:7b:2f:82:ed:5c:70:a5:be:69:e7:f8: 4f:e9:80:d7:a0:f0:1d:69:6d:37:b4:31:32:5c:a1:3e:f0:b3: 13:2b:38:01:a1:1b:45:b4:e0:f0:45:ec:2c:ef:d4:dd:e6:6b: 8e:be:fd:e5:e0:24:40:95:c1:1e:25:d0:a5:b8:e7:7d:a8:0f: 7f:be:15:67:81:ff:82:34:08:05:fc:d8:fe:6b:32:26:a2:33: 70:1d:b8:13:e6:8f:27:70:46:c7:27:b6:e9:95:2a:d1:07:ae: a7:da:40:f4 -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZrlkJWQfjoxEn6lRefw2boaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJmZTlmMTJjOTZiYTIwNjgzYWZmNWM5NThiZmFkOGU0YzU3 N2Y3ZmUwHhcNMjUxMjAzMTg1NDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNWIwMWFlZWY1NmVjNDEzOWNjZjE1MWQ4MjY1N2JjYWZmZTI4NDgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0R43pGPa81/lttrg8cmxuHHh+smV YvmnnEQjB4ko4/gmZaDHrIDjEqRyagYj4j0wTI8FKGTtYtvNT3IXEJ/nT6S88Ve7 NyJpUN19V/ZoPjSkGTwROVTBLbw2mGFokEEkUsAL4bKWvNLtMw0x4H5FmaiJJOV/ aGY6v2Bfb9ypc0PzWUkyg9qved7yxxellS/DXTDDNcn1p0uEXBgBVaPbvtZGNewI +RSwvNtkHHgIfsvDCkjMxwMMoFEXMfRTQenok9tFMW3VqOEJrIs0I0/KfxvTUtj3 Bf4lDhJtclSmkwNyaFXwcbjKtrLZf9hW56TMNydANfIxE1k1HSWCzozLKQIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFDWwGu71bsQTnM8VHYJle8r/4oSDMB8GA1UdIwQY MBaAFL/p8SyWuiBoOv9clYv62OTFd/f+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdi1ueExKYTZJR2c2XzF5Vmlfclk1TVYzOV80LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80Y2U1NTgtNjNkNi00NjlhLWJiNWQt Zjc4MjBjNWU5NjZhLzEvTmJBYTd2VnV4Qk9jenhVZGdtVjd5dl9paElNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy80Y2U1NTgtNjNkNi00NjlhLWJiNWQtZjc4MjBjNWU5NjZh LzEvdi1ueExKYTZJR2c2XzF5Vmlfclk1TVYzOV80LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAKgm6wAQ5 AwcAKgm6wARQAwcAKgm6wAR3AwcAKgm6wAVmMA0GCSqGSIb3DQEBCwUAA4IBAQBI QZ0WQ1hkiMKipJIlRf5+GTLBadFI2hh7h1+1ObYn8+NHtXLv0zkcvZDVlRFCniad 9qHoC935iGRIadkfJ8WFZIR8OuqLpphd1NAAPrIViBSdZoqW/1YctgIxuTxDhoeN +b3S8/rqMRV8Ee1gw6PNUKepIjahUSxD+O3PJjBeQPJ/3aQgPhidX1ESP9bkrjkq ploB2FrCey+C7Vxwpb5p5/hP6YDXoPAdaW03tDEyXKE+8LMTKzgBoRtFtODwRews 79Td5muOvv3l4CRAlcEeJdCluOd9qA9/vhVngf+CNAgF/Nj+azImojNwHbgT5o8n cEbHJ7bplSrRB66n2kD0 -----END CERTIFICATE-----Generated at Sat Dec 6 19:45:38 2025 by rpki-client