This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/d994dd-de52-4612-b0fe-14987243ac56/1/NM6bC8g_JOCJcB_SqI4c_RpTy0s.roa File: NM6bC8g_JOCJcB_SqI4c_RpTy0s.roa (raw, json) Hash identifier: PVdIpdqsXSW7un2HJAR4RrNhmciVj3imB2fnXeIUv8I= Subject key identifier: 34:CE:9B:0B:C8:3F:24:E0:89:70:1F:D2:A8:8E:1C:FD:1A:53:CB:4B Certificate issuer: /CN=4d21cb9b2f8c5de9daa30889d9e2394537ba3e38 Certificate serial: 019B79100EA34A20F731045AB3C80B8E47A2 Authority key identifier: 4D:21:CB:9B:2F:8C:5D:E9:DA:A3:08:89:D9:E2:39:45:37:BA:3E:38 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TSHLmy-MXenaowiJ2eI5RTe6Pjg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/d994dd-de52-4612-b0fe-14987243ac56/1/NM6bC8g_JOCJcB_SqI4c_RpTy0s.roa Signing time: Thu 01 Jan 2026 10:17:34 +0000 ROA not before: Thu 01 Jan 2026 10:17:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57119 IP address blocks: 185.175.148.0/22 maxlen: 22 2a0b:fd00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/d994dd-de52-4612-b0fe-14987243ac56/1/TSHLmy-MXenaowiJ2eI5RTe6Pjg.crl rsync://rpki.ripe.net/repository/DEFAULT/df/d994dd-de52-4612-b0fe-14987243ac56/1/TSHLmy-MXenaowiJ2eI5RTe6Pjg.mft rsync://rpki.ripe.net/repository/DEFAULT/TSHLmy-MXenaowiJ2eI5RTe6Pjg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 19:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:0e:a3:4a:20:f7:31:04:5a:b3:c8:0b:8e:47:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4d21cb9b2f8c5de9daa30889d9e2394537ba3e38 Validity Not Before: Jan 1 10:17:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=34ce9b0bc83f24e089701fd2a88e1cfd1a53cb4b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:8a:3c:1f:75:83:af:a3:f2:fc:29:be:1f:d2: c6:95:30:58:94:7b:cd:1e:4b:b6:7e:dc:33:29:1d: 68:d2:80:9a:03:81:c6:a8:4d:aa:cb:fb:6e:6c:19: 8a:46:34:63:97:47:49:f2:a8:ed:4e:11:43:f1:bb: 5e:30:a7:27:21:29:25:0b:00:ad:5e:2d:26:98:8b: 6e:49:55:3e:7f:56:e4:d6:12:44:57:91:06:35:c4: 96:24:0f:7c:da:69:50:df:9e:4b:d8:a7:db:d9:64: 7f:ba:ea:38:37:79:be:d5:5c:d0:81:66:7d:19:6e: 96:75:03:9f:3b:41:9c:8a:da:a3:69:e4:d7:70:47: 32:d8:0c:ce:95:20:cc:f8:f2:4c:3f:6d:a2:47:51: 9f:2e:5d:f0:d7:8c:eb:f7:03:24:b1:43:ec:61:5c: 79:6c:4c:b4:24:bb:7a:fa:3a:59:67:6d:72:6e:f0: 3a:d8:61:3c:eb:fa:60:4d:b5:f7:d5:fc:14:0b:37: ba:0a:59:90:8c:c6:08:cf:8e:c0:26:b3:8d:78:aa: 49:07:d8:43:e9:b1:52:de:ce:44:27:e0:3c:20:55: 7b:55:2c:27:34:47:8e:eb:09:d8:06:1c:1e:dd:78: b1:31:20:c0:88:fc:23:7d:da:f0:c0:db:ac:bc:bf: ab:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:CE:9B:0B:C8:3F:24:E0:89:70:1F:D2:A8:8E:1C:FD:1A:53:CB:4B X509v3 Authority Key Identifier: keyid:4D:21:CB:9B:2F:8C:5D:E9:DA:A3:08:89:D9:E2:39:45:37:BA:3E:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TSHLmy-MXenaowiJ2eI5RTe6Pjg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/d994dd-de52-4612-b0fe-14987243ac56/1/NM6bC8g_JOCJcB_SqI4c_RpTy0s.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/d994dd-de52-4612-b0fe-14987243ac56/1/TSHLmy-MXenaowiJ2eI5RTe6Pjg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.175.148.0/22 IPv6: 2a0b:fd00::/32 Signature Algorithm: sha256WithRSAEncryption 1f:d3:b4:a3:35:15:f8:a8:e8:d4:08:02:3e:95:19:2e:47:fd: 9c:c3:48:b1:4d:d0:70:2a:8b:b3:e5:97:08:97:c4:bc:61:d8: 7b:6d:b8:cc:59:e9:28:65:ea:c4:80:e7:15:74:34:2e:2f:14: 8c:d6:7c:ad:bc:d4:db:71:ac:6f:69:62:3e:29:8e:c9:6f:19: 30:14:3d:27:f3:d5:e7:33:5c:a4:b9:70:75:24:99:b5:55:1e: 7e:c9:76:30:24:81:5b:87:54:e7:05:ae:b2:54:0e:aa:1c:fb: 86:fa:54:c2:b1:d3:ab:e8:4e:c0:ed:07:02:5a:56:99:f9:2c: f6:be:94:81:fa:e5:24:c4:bd:79:09:3a:10:e5:62:be:3f:ab: 7f:91:c5:8c:dd:66:1f:2b:c5:df:14:9d:3c:c5:6e:8f:69:ed: 5c:12:a5:11:40:c1:92:ad:87:b2:f0:99:2c:be:23:6a:b4:2d: 1c:11:98:5d:d7:d3:15:18:a8:c4:8d:6a:13:67:fb:4a:c7:80: 3e:5a:eb:87:66:09:ca:14:33:26:33:b2:60:6f:db:af:7a:bb: e6:e5:74:83:39:6c:f7:e4:3b:6f:df:5b:18:ff:d2:ea:be:23: f1:84:ff:be:f0:e5:61:0f:bc:fd:1a:9f:4c:94:4f:2f:03:33: 30:0c:8c:64 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt5EA6jSiD3MQRas8gLjkeiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRkMjFjYjliMmY4YzVkZTlkYWEzMDg4OWQ5ZTIzOTQ1Mzdi YTNlMzgwHhcNMjYwMTAxMTAxNzM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNGNlOWIwYmM4M2YyNGUwODk3MDFmZDJhODhlMWNmZDFhNTNjYjRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4o8H3WDr6Py/Cm+H9LGlTBYlHvN Hku2ftwzKR1o0oCaA4HGqE2qy/tubBmKRjRjl0dJ8qjtThFD8bteMKcnISklCwCt Xi0mmItuSVU+f1bk1hJEV5EGNcSWJA982mlQ355L2Kfb2WR/uuo4N3m+1VzQgWZ9 GW6WdQOfO0GcitqjaeTXcEcy2AzOlSDM+PJMP22iR1GfLl3w14zr9wMksUPsYVx5 bEy0JLt6+jpZZ21ybvA62GE86/pgTbX31fwUCze6ClmQjMYIz47AJrONeKpJB9hD 6bFS3s5EJ+A8IFV7VSwnNEeO6wnYBhwe3XixMSDAiPwjfdrwwNusvL+rmwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFDTOmwvIPyTgiXAf0qiOHP0aU8tLMB8GA1UdIwQY MBaAFE0hy5svjF3p2qMIidniOUU3uj44MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVFNITG15LU1YZW5hb3dpSjJlSTVSVGU2UGpnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9kOTk0ZGQtZGU1Mi00NjEyLWIwZmUt MTQ5ODcyNDNhYzU2LzEvTk02YkM4Z19KT0NKY0JfU3FJNGNfUnBUeTBzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi9kOTk0ZGQtZGU1Mi00NjEyLWIwZmUtMTQ5ODcyNDNhYzU2 LzEvVFNITG15LU1YZW5hb3dpSjJlSTVSVGU2UGpnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCua+UMA0E AgACMAcDBQAqC/0AMA0GCSqGSIb3DQEBCwUAA4IBAQAf07SjNRX4qOjUCAI+lRku R/2cw0ixTdBwKouz5ZcIl8S8Ydh7bbjMWekoZerEgOcVdDQuLxSM1nytvNTbcaxv aWI+KY7JbxkwFD0n89XnM1ykuXB1JJm1VR5+yXYwJIFbh1TnBa6yVA6qHPuG+lTC sdOr6E7A7QcCWlaZ+Sz2vpSB+uUkxL15CToQ5WK+P6t/kcWM3WYfK8XfFJ08xW6P ae1cEqURQMGSrYey8JksviNqtC0cEZhd19MVGKjEjWoTZ/tKx4A+WuuHZgnKFDMm M7Jgb9uvervm5XSDOWz35Dtv31sY/9LqviPxhP++8OVhD7z9Gp9MlE8vAzMwDIxk -----END CERTIFICATE-----Generated at Mon Jan 26 04:51:33 2026 by rpki-client