This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/mlBIrk8fqOnst9Z2nSLWoMLu7Z4.roa File: mlBIrk8fqOnst9Z2nSLWoMLu7Z4.roa (raw, json) Hash identifier: tSHSWKC1YMasV/pk9IE7hClR2vRmeuXfoFuZm+nRZvM= Subject key identifier: 9A:50:48:AE:4F:1F:A8:E9:EC:B7:D6:76:9D:22:D6:A0:C2:EE:ED:9E Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0 Certificate serial: 019B7B35918EDB75C3BF0CAC96229DAFABA7 Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/mlBIrk8fqOnst9Z2nSLWoMLu7Z4.roa Signing time: Thu 01 Jan 2026 20:17:46 +0000 ROA not before: Thu 01 Jan 2026 20:17:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214512 IP address blocks: 2a14:67c1:10::/44 maxlen: 48 2a14:67c1:2000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.mft rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:91:8e:db:75:c3:bf:0c:ac:96:22:9d:af:ab:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0 Validity Not Before: Jan 1 20:17:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9a5048ae4f1fa8e9ecb7d6769d22d6a0c2eeed9e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:63:73:1e:fb:e6:69:0c:41:f0:c9:30:44:36: 9e:d0:a4:73:44:83:f5:6b:5c:37:cf:00:c2:f8:1b: f8:2e:1f:90:ae:f0:02:e4:3f:56:52:c6:fa:30:84: 13:5a:9a:23:9c:ea:c2:a5:5e:f2:85:da:5e:f4:e0: 4f:0e:a6:e4:6a:66:2c:84:0f:c1:c9:43:c5:97:b5: ef:ee:1b:2e:1d:99:2b:bb:c5:2d:b3:9b:04:ce:fc: 79:b5:a1:52:0c:10:1d:d2:ee:a8:50:6d:39:4e:cf: 4f:7e:bd:0d:5a:80:07:c0:0d:df:69:7a:ff:86:e3: 5e:2b:96:b7:f7:4f:cb:f4:b1:aa:bf:2d:94:36:f4: 79:eb:bd:70:e1:86:85:fd:d6:66:9a:d7:c7:2b:38: 6f:9c:f8:4e:dc:e3:08:bc:c1:82:1f:1a:3d:8d:9e: 33:f0:8c:1e:96:bd:d9:e2:65:3f:2d:26:23:6e:0f: b5:aa:e2:ba:10:84:92:c4:74:b0:69:3f:29:83:7a: 98:89:4b:16:80:fa:ea:1a:ff:a9:0f:ab:e0:04:6d: 43:14:b5:c6:ab:54:e9:1d:75:be:a4:9c:96:70:fc: 41:b6:33:29:59:98:ed:46:17:bf:5a:16:33:8d:5d: f9:44:76:96:4e:22:27:55:51:47:78:c2:55:2a:62: 78:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:50:48:AE:4F:1F:A8:E9:EC:B7:D6:76:9D:22:D6:A0:C2:EE:ED:9E X509v3 Authority Key Identifier: keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/mlBIrk8fqOnst9Z2nSLWoMLu7Z4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:67c1:10::/44 2a14:67c1:2000::/36 Signature Algorithm: sha256WithRSAEncryption bc:f6:2d:4f:1b:c4:34:f4:72:f5:cd:03:b2:59:f1:55:eb:a3: 8b:46:df:da:ba:31:aa:d2:67:06:69:34:72:fc:bc:7b:6e:68: 72:1d:21:4b:80:15:d0:d3:31:40:d8:58:fb:db:c2:bf:99:ef: cc:d1:da:8c:8b:71:ec:a0:cc:30:52:85:50:a6:56:76:f8:ed: cf:e4:de:38:69:ad:69:c6:c4:fa:01:12:07:94:eb:fa:df:ff: f8:2b:a4:71:b3:d9:36:2a:73:4b:9a:40:a3:0d:27:12:0a:19: cd:85:6b:56:d6:23:16:a1:a7:2f:87:40:08:fc:2b:aa:7c:12: 46:fa:34:ad:b9:c0:a0:7c:62:36:01:50:fc:99:91:bc:9b:bd: c6:2f:ee:2e:52:60:fa:d4:97:3f:47:99:e7:e6:2f:d7:48:b8: 96:b4:6a:b9:82:91:78:f3:5b:3e:74:5c:10:02:7c:30:14:45: 90:c9:f7:2d:e1:6c:10:b0:9d:75:88:4b:f8:14:04:2f:d3:3e: d7:8d:a8:17:de:34:80:f3:1b:82:14:76:c0:20:b0:b4:76:a9: 8a:15:69:54:c8:b7:47:29:48:4c:81:15:f7:fa:3b:3b:59:d1: 87:1a:93:3e:d9:00:37:16:8d:a2:88:96:fb:98:56:15:c9:0e: 0b:5a:bf:22 -----BEGIN CERTIFICATE----- MIIFCDCCA/CgAwIBAgISAZt7NZGO23XDvwysliKdr6unMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll NGUwZTAwHhcNMjYwMTAxMjAxNzQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5YTUwNDhhZTRmMWZhOGU5ZWNiN2Q2NzY5ZDIyZDZhMGMyZWVlZDllMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmNzHvvmaQxB8MkwRDae0KRzRIP1 a1w3zwDC+Bv4Lh+QrvAC5D9WUsb6MIQTWpojnOrCpV7yhdpe9OBPDqbkamYshA/B yUPFl7Xv7hsuHZkru8Uts5sEzvx5taFSDBAd0u6oUG05Ts9Pfr0NWoAHwA3faXr/ huNeK5a390/L9LGqvy2UNvR5671w4YaF/dZmmtfHKzhvnPhO3OMIvMGCHxo9jZ4z 8Iwelr3Z4mU/LSYjbg+1quK6EISSxHSwaT8pg3qYiUsWgPrqGv+pD6vgBG1DFLXG q1TpHXW+pJyWcPxBtjMpWZjtRhe/WhYzjV35RHaWTiInVVFHeMJVKmJ4cwIDAQAB o4ICFDCCAhAwHQYDVR0OBBYEFJpQSK5PH6jp7LfWdp0i1qDC7u2eMB8GA1UdIwQY MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt ZjZjYzRlZjBmN2RmLzEvbWxCSXJrOGZxT25zdDlaMm5TTFdvTUx1N1o0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcEKhRnwQAQ AwYEKhRnwSAwDQYJKoZIhvcNAQELBQADggEBALz2LU8bxDT0cvXNA7JZ8VXro4tG 39q6MarSZwZpNHL8vHtuaHIdIUuAFdDTMUDYWPvbwr+Z78zR2oyLceygzDBShVCm Vnb47c/k3jhprWnGxPoBEgeU6/rf//grpHGz2TYqc0uaQKMNJxIKGc2Fa1bWIxah py+HQAj8K6p8Ekb6NK25wKB8YjYBUPyZkbybvcYv7i5SYPrUlz9HmefmL9dIuJa0 armCkXjzWz50XBACfDAURZDJ9y3hbBCwnXWIS/gUBC/TPteNqBfeNIDzG4IUdsAg sLR2qYoVaVTIt0cpSEyBFff6OztZ0Ycakz7ZADcWjaKIlvuYVhXJDgtavyI= -----END CERTIFICATE-----Generated at Sun Jan 25 17:45:03 2026 by rpki-client