This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/NKrF44Cb48ibyskEc0pmLGMwSbQ.roa File: NKrF44Cb48ibyskEc0pmLGMwSbQ.roa (raw, json) Hash identifier: /FUxbrj5UG1STIUqFgYzP0jhCRLEmRamnELFeSKbL1M= Subject key identifier: 34:AA:C5:E3:80:9B:E3:C8:9B:CA:C9:04:73:4A:66:2C:63:30:49:B4 Certificate issuer: /CN=c44db8b0983acf97a3255152c2ea592adae7735b Certificate serial: 019B7835626DFE29B64328E1B48369EFCFAD Authority key identifier: C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/NKrF44Cb48ibyskEc0pmLGMwSbQ.roa Signing time: Thu 01 Jan 2026 06:18:43 +0000 ROA not before: Thu 01 Jan 2026 06:18:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 133499 IP address blocks: 94.139.40.0/21 maxlen: 32 119.13.224.0/20 maxlen: 32 121.91.176.0/20 maxlen: 32 185.101.68.0/22 maxlen: 32 212.70.0.0/23 maxlen: 32 212.70.4.0/22 maxlen: 32 212.70.16.0/20 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.mft rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 00:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:35:62:6d:fe:29:b6:43:28:e1:b4:83:69:ef:cf:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c44db8b0983acf97a3255152c2ea592adae7735b Validity Not Before: Jan 1 06:18:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=34aac5e3809be3c89bcac904734a662c633049b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:9d:a1:8f:bf:c0:ed:0d:9f:43:ad:35:7a:20: b9:fe:5a:68:16:f2:7a:24:67:5a:55:36:94:33:ec: 51:1c:51:fc:9e:ce:58:81:3b:b7:cb:5a:88:b4:12: 81:17:60:d9:4d:86:47:1d:50:f4:8a:bc:b5:4d:81: 5b:c9:2f:27:21:d1:a3:3e:2a:eb:97:33:b8:ba:f2: f0:42:8b:89:6a:08:b4:c3:ee:02:41:b5:7c:29:23: 49:43:d8:8b:02:83:a2:4c:a0:b3:57:4a:ba:fe:a1: dd:b1:6c:5f:5b:3b:52:53:d4:50:d8:46:27:68:44: 0c:1c:78:1f:81:84:ef:5f:d4:4b:a3:00:81:18:aa: c7:02:2a:91:0b:c0:f6:f8:6e:f9:d3:8a:b4:d4:89: f0:2c:95:b6:46:b7:65:f9:9d:23:db:b9:76:98:65: cf:72:0e:4a:85:4d:57:fe:6a:65:42:a2:3d:71:3c: 48:06:bb:01:68:6e:83:e5:a2:42:af:77:20:59:23: 1f:9b:0b:ef:35:69:d3:b6:db:e9:b0:9e:7e:79:be: 13:54:dc:c2:c1:07:db:a1:3e:78:ed:95:7b:31:c2: 31:fc:44:7f:0e:8b:8a:ae:62:fc:39:66:6a:9e:56: 28:d0:91:20:e8:01:6c:60:94:82:53:45:71:5c:dc: 87:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:AA:C5:E3:80:9B:E3:C8:9B:CA:C9:04:73:4A:66:2C:63:30:49:B4 X509v3 Authority Key Identifier: keyid:C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/NKrF44Cb48ibyskEc0pmLGMwSbQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 94.139.40.0/21 119.13.224.0/20 121.91.176.0/20 185.101.68.0/22 212.70.0.0/23 212.70.4.0/22 212.70.16.0/20 Signature Algorithm: sha256WithRSAEncryption 64:10:d4:57:23:b0:67:3d:2f:98:7b:b1:df:e5:5f:32:3d:90: e4:6a:3b:52:c5:18:5d:74:69:ba:8b:a9:1f:39:0c:aa:24:fa: 32:87:bb:54:16:05:32:6c:8b:72:60:61:c5:88:8d:26:de:cd: ed:cf:90:c7:7b:a7:37:d7:7a:a0:d9:8e:f2:aa:3b:ed:dd:19: b1:45:b6:81:e7:db:12:54:7b:14:5b:ef:09:6b:2f:1f:88:2a: 62:70:83:e5:40:4b:53:59:80:b7:f5:73:c2:43:93:14:4b:0b: f8:1a:82:fc:19:47:1a:3f:fc:1c:50:87:d5:2c:0c:42:f9:a4: 3b:a7:a9:ae:69:bc:36:06:f9:eb:1f:0a:5c:5e:4d:eb:8c:3d: 39:d4:29:8f:a7:ed:f8:85:07:63:47:91:a6:0f:81:e9:00:61: 63:ec:31:59:c8:1a:9f:17:7d:c3:53:8c:dc:7e:08:a5:59:eb: be:11:dc:30:33:2a:e5:46:55:1d:ae:43:45:7b:c7:7a:b7:2c: de:47:fe:b3:14:f8:06:39:02:d5:54:af:bf:fc:b3:59:6d:c1: cb:62:4a:87:8b:6f:8c:b5:e7:c7:d0:c7:76:58:6f:33:3e:56: ed:3a:8b:23:a1:df:dd:e3:f9:98:73:63:3a:0a:c7:2d:1b:bf: 04:8e:0f:c1 -----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgISAZt4NWJt/im2QyjhtINp78+tMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0NGRiOGIwOTgzYWNmOTdhMzI1NTE1MmMyZWE1OTJhZGFl NzczNWIwHhcNMjYwMTAxMDYxODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNGFhYzVlMzgwOWJlM2M4OWJjYWM5MDQ3MzRhNjYyYzYzMzA0OWI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAup2hj7/A7Q2fQ601eiC5/lpoFvJ6 JGdaVTaUM+xRHFH8ns5YgTu3y1qItBKBF2DZTYZHHVD0iry1TYFbyS8nIdGjPirr lzO4uvLwQouJagi0w+4CQbV8KSNJQ9iLAoOiTKCzV0q6/qHdsWxfWztSU9RQ2EYn aEQMHHgfgYTvX9RLowCBGKrHAiqRC8D2+G7504q01InwLJW2Rrdl+Z0j27l2mGXP cg5KhU1X/mplQqI9cTxIBrsBaG6D5aJCr3cgWSMfmwvvNWnTttvpsJ5+eb4TVNzC wQfboT547ZV7McIx/ER/DouKrmL8OWZqnlYo0JEg6AFsYJSCU0VxXNyHSwIDAQAB o4ICLTCCAikwHQYDVR0OBBYEFDSqxeOAm+PIm8rJBHNKZixjMEm0MB8GA1UdIwQY MBaAFMRNuLCYOs+XoyVRUsLqWSra53NbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYt ZWVkZDk0ZWMxMjhjLzEvTktyRjQ0Q2I0OGlieXNrRWMwcG1MR013U2JRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYtZWVkZDk0ZWMxMjhj LzEveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDXosoAwQE dw3gAwQEeVuwAwQCuWVEAwQB1EYAAwQC1EYEAwQE1EYQMA0GCSqGSIb3DQEBCwUA A4IBAQBkENRXI7BnPS+Ye7Hf5V8yPZDkajtSxRhddGm6i6kfOQyqJPoyh7tUFgUy bItyYGHFiI0m3s3tz5DHe6c313qg2Y7yqjvt3RmxRbaB59sSVHsUW+8Jay8fiCpi cIPlQEtTWYC39XPCQ5MUSwv4GoL8GUcaP/wcUIfVLAxC+aQ7p6muabw2BvnrHwpc Xk3rjD051CmPp+34hQdjR5GmD4HpAGFj7DFZyBqfF33DU4zcfgilWeu+EdwwMyrl RlUdrkNFe8d6tyzeR/6zFPgGOQLVVK+//LNZbcHLYkqHi2+MtefH0Md2WG8zPlbt Oosjod/d4/mYc2M6CsctG78Ejg/B -----END CERTIFICATE-----Generated at Fri Jan 2 09:50:09 2026 by rpki-client