This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/NzbIi-FrPomQ6ctOPJJUrBGgm1I.roa File: NzbIi-FrPomQ6ctOPJJUrBGgm1I.roa (raw, json) Hash identifier: PdBiVtgjdqqfmsvkZMECcdaQfrG9aEwqLBPPRyETYkY= Subject key identifier: 37:36:C8:8B:E1:6B:3E:89:90:E9:CB:4E:3C:92:54:AC:11:A0:9B:52 Certificate issuer: /CN=ffdec4a46a6e6e4f9a92d0ba2e0b3ab5658be1bd Certificate serial: 019B7FF133779F6A2BD06B8FAF9FAE13E20B Authority key identifier: FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_97EpGpubk-aktC6Lgs6tWWL4b0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/NzbIi-FrPomQ6ctOPJJUrBGgm1I.roa Signing time: Fri 02 Jan 2026 18:21:12 +0000 ROA not before: Fri 02 Jan 2026 18:21:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205749 IP address blocks: 2a04:92c7:31::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/_97EpGpubk-aktC6Lgs6tWWL4b0.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/_97EpGpubk-aktC6Lgs6tWWL4b0.mft rsync://rpki.ripe.net/repository/DEFAULT/_97EpGpubk-aktC6Lgs6tWWL4b0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 06:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f1:33:77:9f:6a:2b:d0:6b:8f:af:9f:ae:13:e2:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ffdec4a46a6e6e4f9a92d0ba2e0b3ab5658be1bd Validity Not Before: Jan 2 18:21:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3736c88be16b3e8990e9cb4e3c9254ac11a09b52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:ac:bf:d1:a7:0f:c1:25:5c:e2:19:95:f1:9c: 72:0f:87:8c:43:ac:41:64:fa:4f:49:19:84:7b:57: b2:38:3e:d3:f2:5a:29:fe:80:cf:9b:66:7c:4e:68: 9e:40:55:df:a7:50:cd:48:9f:c5:f7:19:b0:19:1e: 35:7b:73:e3:da:13:5a:15:44:8e:77:bb:61:6c:9d: 2f:a4:d5:59:ce:70:5b:d4:e8:8c:a6:ff:0a:4e:89: db:ba:de:63:57:e0:68:9b:bc:42:c7:b8:57:61:b7: a7:1f:38:46:02:65:36:ad:da:64:82:d0:bd:5d:86: 5b:0f:24:fe:bf:97:dc:58:b9:af:7e:dd:99:42:b6: 41:ce:d9:a7:34:3c:94:b3:1d:1f:cc:da:56:4f:71: 60:6a:52:0f:6e:de:2a:21:a1:95:d5:5f:0e:83:5d: 67:44:4a:3c:a1:df:40:ce:8a:39:38:00:60:6e:c5: 30:c9:e2:c4:d1:f9:69:c4:ff:8b:56:18:a0:24:22: 51:65:35:5a:b7:8b:07:02:6a:0f:d3:ef:e0:62:23: 30:f2:53:c1:a0:29:dc:97:af:bd:89:a6:af:9e:90: dc:b8:04:43:ae:31:67:c1:eb:0b:c6:be:da:69:82: d9:8d:5a:2b:b8:8e:e4:a5:89:2f:fe:41:7c:62:09: 5b:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:36:C8:8B:E1:6B:3E:89:90:E9:CB:4E:3C:92:54:AC:11:A0:9B:52 X509v3 Authority Key Identifier: keyid:FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_97EpGpubk-aktC6Lgs6tWWL4b0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/NzbIi-FrPomQ6ctOPJJUrBGgm1I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/_97EpGpubk-aktC6Lgs6tWWL4b0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a04:92c7:31::/48 Signature Algorithm: sha256WithRSAEncryption 3a:ec:d8:3c:b3:4d:94:14:15:9c:3b:71:22:eb:a8:2f:b6:b6: 3a:8d:6e:e3:db:11:7c:09:cd:87:25:99:6c:b7:b0:64:3a:98: 67:6b:39:db:64:10:4b:c4:35:8e:4a:00:b3:e1:58:93:07:07: b4:5b:e8:2d:79:37:2d:c1:12:e5:ad:95:4f:45:97:d5:b8:2a: a6:fd:31:06:76:47:35:0f:48:77:a8:5c:4b:db:85:4c:d3:97: 63:50:e7:e8:7a:cb:27:81:9d:8c:6c:42:73:ce:d2:3f:e8:40: 50:1c:3e:c9:d4:40:fc:e0:ce:5e:11:47:5b:82:17:98:21:62: 9b:67:48:e5:1f:b1:0f:3f:f7:72:39:83:d8:88:8a:cc:06:f0: 6d:fb:b0:5a:47:d2:17:e8:d6:2b:e8:34:62:01:27:47:e0:e7: 3c:7b:f3:c4:60:7d:ab:63:d5:fa:b9:a2:df:18:88:7a:74:00: d4:b4:91:94:77:11:20:d8:f2:f9:cc:64:67:e4:36:63:5c:10: c1:61:c8:dd:70:af:a8:99:00:81:bc:1e:44:82:56:f4:0b:cc: 2b:a7:a0:5f:23:d8:a8:14:ed:e3:fd:3f:cd:c6:cf:7e:ba:7f: 1d:2e:a3:03:7c:7c:89:a5:e8:d0:ac:a8:7e:fc:8c:00:1e:65: 5d:f9:53:03 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/8TN3n2or0GuPr5+uE+ILMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZmZGVjNGE0NmE2ZTZlNGY5YTkyZDBiYTJlMGIzYWI1NjU4 YmUxYmQwHhcNMjYwMTAyMTgyMTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNzM2Yzg4YmUxNmIzZTg5OTBlOWNiNGUzYzkyNTRhYzExYTA5YjUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKy/0acPwSVc4hmV8ZxyD4eMQ6xB ZPpPSRmEe1eyOD7T8lop/oDPm2Z8TmieQFXfp1DNSJ/F9xmwGR41e3Pj2hNaFUSO d7thbJ0vpNVZznBb1OiMpv8KTonbut5jV+Bom7xCx7hXYbenHzhGAmU2rdpkgtC9 XYZbDyT+v5fcWLmvft2ZQrZBztmnNDyUsx0fzNpWT3FgalIPbt4qIaGV1V8Og11n REo8od9Azoo5OABgbsUwyeLE0flpxP+LVhigJCJRZTVat4sHAmoP0+/gYiMw8lPB oCncl6+9iaavnpDcuARDrjFnwesLxr7aaYLZjVoruI7kpYkv/kF8YglbgQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFDc2yIvhaz6JkOnLTjySVKwRoJtSMB8GA1UdIwQY MBaAFP/exKRqbm5PmpLQui4LOrVli+G9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvXzk3RXBHcHViay1ha3RDNkxnczZ0V1dMNGIwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8xMWU1YjMtNDNhYS00Mjc5LTk0NDEt N2U4YzZkNGQ5YmVmLzEvTnpiSWktRnJQb21RNmN0T1BKSlVyQkdnbTFJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC8xMWU1YjMtNDNhYS00Mjc5LTk0NDEtN2U4YzZkNGQ5YmVm LzEvXzk3RXBHcHViay1ha3RDNkxnczZ0V1dMNGIwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgSSxwAx MA0GCSqGSIb3DQEBCwUAA4IBAQA67Ng8s02UFBWcO3Ei66gvtrY6jW7j2xF8Cc2H JZlst7BkOphnaznbZBBLxDWOSgCz4ViTBwe0W+gteTctwRLlrZVPRZfVuCqm/TEG dkc1D0h3qFxL24VM05djUOfoessngZ2MbEJzztI/6EBQHD7J1ED84M5eEUdbgheY IWKbZ0jlH7EPP/dyOYPYiIrMBvBt+7BaR9IX6NYr6DRiASdH4Oc8e/PEYH2rY9X6 uaLfGIh6dADUtJGUdxEg2PL5zGRn5DZjXBDBYcjdcK+omQCBvB5Eglb0C8wrp6Bf I9ioFO3j/T/Nxs9+un8dLqMDfHyJpejQrKh+/IwAHmVd+VMD -----END CERTIFICATE-----Generated at Sun Jan 25 13:02:25 2026 by rpki-client