This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/88c9d7-e377-4874-9868-715247c3dcdc/1/Ndo0H8OG8vRSLoifFLdL4WBmDe0.roa File: Ndo0H8OG8vRSLoifFLdL4WBmDe0.roa (raw, json) Hash identifier: 5hp1DShZ+J7PJA9pLGwqVerUNVFFVAfh1QBYpOplNiw= Subject key identifier: 35:DA:34:1F:C3:86:F2:F4:52:2E:88:9F:14:B7:4B:E1:60:66:0D:ED Certificate issuer: /CN=b2d8ad027a9674edc936e78c5d4d1b64964d8440 Certificate serial: 019B7C7EF28CECDCB61D454BB84EBC83C977 Authority key identifier: B2:D8:AD:02:7A:96:74:ED:C9:36:E7:8C:5D:4D:1B:64:96:4D:84:40 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/stitAnqWdO3JNueMXU0bZJZNhEA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/88c9d7-e377-4874-9868-715247c3dcdc/1/Ndo0H8OG8vRSLoifFLdL4WBmDe0.roa Signing time: Fri 02 Jan 2026 02:17:32 +0000 ROA not before: Fri 02 Jan 2026 02:17:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198895 IP address blocks: 45.140.133.0/24 maxlen: 24 46.229.241.0/24 maxlen: 24 46.229.242.0/24 maxlen: 24 188.65.167.0/24 maxlen: 24 193.16.149.0/24 maxlen: 24 2a13:2580::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/88c9d7-e377-4874-9868-715247c3dcdc/1/stitAnqWdO3JNueMXU0bZJZNhEA.crl rsync://rpki.ripe.net/repository/DEFAULT/c1/88c9d7-e377-4874-9868-715247c3dcdc/1/stitAnqWdO3JNueMXU0bZJZNhEA.mft rsync://rpki.ripe.net/repository/DEFAULT/stitAnqWdO3JNueMXU0bZJZNhEA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 12:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7e:f2:8c:ec:dc:b6:1d:45:4b:b8:4e:bc:83:c9:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b2d8ad027a9674edc936e78c5d4d1b64964d8440 Validity Not Before: Jan 2 02:17:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=35da341fc386f2f4522e889f14b74be160660ded Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:f8:29:46:7a:51:44:99:0d:02:ca:4d:ca:a3: 6f:30:e5:5f:79:99:ec:50:ac:b3:05:d8:ef:54:43: b6:57:f7:d8:2b:2f:d1:3b:ad:3f:c5:2b:83:b4:53: 96:36:c3:da:d5:ac:9f:ac:57:ba:69:71:e4:b9:7d: 83:8e:67:02:34:e2:7b:28:33:82:2b:d9:ba:74:a8: d5:e0:e6:9c:fa:d6:e0:5f:dc:13:fc:ad:cc:23:f7: a5:62:50:01:7b:df:0e:86:14:a3:3c:a8:09:c4:32: d8:cf:b8:0f:0a:b5:2d:0b:56:ba:aa:42:3e:80:9e: 97:9c:3a:c2:5b:a8:e7:0a:ef:2b:b8:64:a4:63:79: 2b:5a:78:46:a5:bb:f8:1b:e8:d6:1a:3d:d3:ff:e4: 0e:09:b5:e5:24:da:64:40:06:f9:4f:b3:3e:a8:6f: 1f:4b:ee:db:ba:dd:8e:fa:57:30:02:a5:b2:c4:59: 99:64:8d:28:7b:20:f6:bd:37:25:67:3e:28:01:52: a2:6c:39:55:10:f8:59:e4:ee:2e:e5:40:0d:51:cb: d0:8c:a0:8a:6c:97:f7:b4:72:65:ac:16:03:44:6c: 8b:cb:39:c0:44:53:e1:94:49:52:d4:94:02:c8:af: dd:c7:cc:a4:f3:91:6c:18:79:82:16:bb:ea:6b:e0: 8e:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:DA:34:1F:C3:86:F2:F4:52:2E:88:9F:14:B7:4B:E1:60:66:0D:ED X509v3 Authority Key Identifier: keyid:B2:D8:AD:02:7A:96:74:ED:C9:36:E7:8C:5D:4D:1B:64:96:4D:84:40 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/stitAnqWdO3JNueMXU0bZJZNhEA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/88c9d7-e377-4874-9868-715247c3dcdc/1/Ndo0H8OG8vRSLoifFLdL4WBmDe0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/88c9d7-e377-4874-9868-715247c3dcdc/1/stitAnqWdO3JNueMXU0bZJZNhEA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.140.133.0/24 46.229.241.0-46.229.242.255 188.65.167.0/24 193.16.149.0/24 IPv6: 2a13:2580::/29 Signature Algorithm: sha256WithRSAEncryption 66:e6:a0:23:af:9e:a5:5a:48:5c:d7:14:2a:73:c0:39:77:b6: 97:32:d0:55:a4:47:22:f7:dd:5f:97:48:83:70:8b:69:01:97: 67:14:e8:b4:ef:b6:b4:d6:30:41:25:74:2a:af:9f:c7:9e:25: e5:33:6f:4e:2f:12:08:7b:95:83:3a:5b:cc:d0:9b:71:09:43: 30:f2:2f:04:63:7a:2d:81:ee:25:c0:4f:06:8b:e5:e4:39:98: b8:b9:9a:4a:3a:ee:bc:92:22:92:e8:3a:8a:bc:ce:0b:7f:15: ba:ea:47:f9:7b:69:9a:cf:c8:1d:4a:ac:a6:7d:70:55:2e:51: c3:25:16:41:b3:fe:73:76:7b:3b:78:aa:ea:d3:a0:71:10:e3: 03:de:fa:d4:1f:5a:73:ef:21:64:d4:4a:aa:9f:ba:07:bd:ea: c2:7f:8d:c2:18:a9:e0:9e:32:b0:b2:db:14:57:7f:d7:2a:c6: eb:c8:d8:06:a2:e4:4d:42:7c:ea:a7:cf:9a:fe:e2:d3:cf:c1: 49:82:4d:ea:15:c7:15:18:16:4f:3a:99:4a:a5:7e:60:16:76: 84:05:dd:80:ca:42:aa:2c:7e:8e:80:03:22:20:07:da:a9:c9: e9:b2:4d:9c:f7:de:26:45:55:f3:2e:d5:ad:26:fb:d9:18:cb: c3:90:75:85 -----BEGIN CERTIFICATE----- MIIFJjCCBA6gAwIBAgISAZt8fvKM7Ny2HUVLuE68g8l3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyZDhhZDAyN2E5Njc0ZWRjOTM2ZTc4YzVkNGQxYjY0OTY0 ZDg0NDAwHhcNMjYwMTAyMDIxNzMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNWRhMzQxZmMzODZmMmY0NTIyZTg4OWYxNGI3NGJlMTYwNjYwZGVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/gpRnpRRJkNAspNyqNvMOVfeZns UKyzBdjvVEO2V/fYKy/RO60/xSuDtFOWNsPa1ayfrFe6aXHkuX2DjmcCNOJ7KDOC K9m6dKjV4Oac+tbgX9wT/K3MI/elYlABe98OhhSjPKgJxDLYz7gPCrUtC1a6qkI+ gJ6XnDrCW6jnCu8ruGSkY3krWnhGpbv4G+jWGj3T/+QOCbXlJNpkQAb5T7M+qG8f S+7but2O+lcwAqWyxFmZZI0oeyD2vTclZz4oAVKibDlVEPhZ5O4u5UANUcvQjKCK bJf3tHJlrBYDRGyLyznARFPhlElS1JQCyK/dx8yk85FsGHmCFrvqa+COHwIDAQAB o4ICMjCCAi4wHQYDVR0OBBYEFDXaNB/DhvL0Ui6InxS3S+FgZg3tMB8GA1UdIwQY MBaAFLLYrQJ6lnTtyTbnjF1NG2SWTYRAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc3RpdEFucVdkTzNKTnVlTVhVMGJaSlpOaEVBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84OGM5ZDctZTM3Ny00ODc0LTk4Njgt NzE1MjQ3YzNkY2RjLzEvTmRvMEg4T0c4dlJTTG9pZkZMZEw0V0JtRGUwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMS84OGM5ZDctZTM3Ny00ODc0LTk4NjgtNzE1MjQ3YzNkY2Rj LzEvc3RpdEFucVdkTzNKTnVlTVhVMGJaSlpOaEVBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQALYyFMAwD BAAu5fEDBAAu5fIDBAC8QacDBADBEJUwDQQCAAIwBwMFAyoTJYAwDQYJKoZIhvcN AQELBQADggEBAGbmoCOvnqVaSFzXFCpzwDl3tpcy0FWkRyL33V+XSINwi2kBl2cU 6LTvtrTWMEEldCqvn8eeJeUzb04vEgh7lYM6W8zQm3EJQzDyLwRjei2B7iXATwaL 5eQ5mLi5mko67rySIpLoOoq8zgt/FbrqR/l7aZrPyB1KrKZ9cFUuUcMlFkGz/nN2 ezt4qurToHEQ4wPe+tQfWnPvIWTUSqqfuge96sJ/jcIYqeCeMrCy2xRXf9cqxuvI 2Aai5E1CfOqnz5r+4tPPwUmCTeoVxxUYFk86mUqlfmAWdoQF3YDKQqosfo6AAyIg B9qpyemyTZz33iZFVfMu1a0m+9kYy8OQdYU= -----END CERTIFICATE-----Generated at Fri Jan 2 21:42:16 2026 by rpki-client