This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/M_wYZNoIggWkJnIM6XvfidHolKY.roa File: M_wYZNoIggWkJnIM6XvfidHolKY.roa (raw, json) Hash identifier: EFTDpTat3ODzn/1H+OY3BBqxfsDk+P79i5ALHFGhTpo= Subject key identifier: 33:FC:18:64:DA:08:82:05:A4:26:72:0C:E9:7B:DF:89:D1:E8:94:A6 Certificate issuer: /CN=d81cf1aac21aa5823b019de91aeeec23e3e526db Certificate serial: 019B7B3673992484475D22B0E3C30A1AF1A5 Authority key identifier: D8:1C:F1:AA:C2:1A:A5:82:3B:01:9D:E9:1A:EE:EC:23:E3:E5:26:DB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2BzxqsIapYI7AZ3pGu7sI-PlJts.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/M_wYZNoIggWkJnIM6XvfidHolKY.roa Signing time: Thu 01 Jan 2026 20:18:44 +0000 ROA not before: Thu 01 Jan 2026 20:18:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204027 IP address blocks: 195.43.60.0/22 maxlen: 22 195.43.60.0/24 maxlen: 24 2001:678:f0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/2BzxqsIapYI7AZ3pGu7sI-PlJts.crl rsync://rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/2BzxqsIapYI7AZ3pGu7sI-PlJts.mft rsync://rpki.ripe.net/repository/DEFAULT/2BzxqsIapYI7AZ3pGu7sI-PlJts.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 05:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:73:99:24:84:47:5d:22:b0:e3:c3:0a:1a:f1:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d81cf1aac21aa5823b019de91aeeec23e3e526db Validity Not Before: Jan 1 20:18:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=33fc1864da088205a426720ce97bdf89d1e894a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:33:14:67:51:2b:e1:fa:14:7f:01:86:31:ae: b9:a6:31:82:dd:4d:9f:a2:52:18:36:4c:07:b3:a0: a5:38:ed:a8:0b:d1:7a:d5:e4:a2:72:01:a6:68:4a: 48:d6:f3:96:6a:a9:be:9d:ab:6f:6d:cd:e4:1e:4e: 4b:f4:b8:7b:b0:d5:ff:a7:76:7a:e2:91:89:e4:1e: c3:01:04:26:77:6c:ca:6f:ba:3f:67:48:c0:be:f0: 39:b4:22:1d:99:d5:6c:bd:37:b4:f2:92:6f:56:87: 4e:29:46:15:3f:c0:5f:c9:dd:c0:e1:aa:5b:ed:b1: 9f:82:3b:95:db:8a:7c:94:87:ee:cf:6b:76:6f:03: d4:4e:61:88:5b:ef:09:d4:12:21:c5:ac:65:96:62: aa:42:c4:73:53:dd:79:aa:78:79:19:3c:af:bb:4e: a3:17:36:71:61:e9:c8:0d:51:35:0a:8a:8d:4f:e2: 35:cc:d7:26:2d:96:e1:34:ce:2b:c4:21:14:c9:ce: 57:2e:a9:e1:aa:8b:b7:dc:c1:61:9f:fb:7e:b1:da: b0:cc:ef:6f:29:98:1e:b9:e4:24:00:6d:2a:91:68: 87:87:2c:7c:de:2f:dc:69:7f:cd:f1:7d:69:c3:4d: 47:60:36:83:dc:87:b5:f6:a1:de:28:02:f0:53:bf: 8e:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:FC:18:64:DA:08:82:05:A4:26:72:0C:E9:7B:DF:89:D1:E8:94:A6 X509v3 Authority Key Identifier: keyid:D8:1C:F1:AA:C2:1A:A5:82:3B:01:9D:E9:1A:EE:EC:23:E3:E5:26:DB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BzxqsIapYI7AZ3pGu7sI-PlJts.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/M_wYZNoIggWkJnIM6XvfidHolKY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/2BzxqsIapYI7AZ3pGu7sI-PlJts.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.43.60.0/22 IPv6: 2001:678:f0::/48 Signature Algorithm: sha256WithRSAEncryption b6:11:26:c4:b7:aa:6b:66:30:dc:90:a0:3e:b8:e2:12:1c:1e: 72:d3:07:50:97:f8:b6:a5:c9:2a:df:06:ad:1a:ff:61:6c:8a: a8:a2:ba:df:3f:ef:b7:f6:50:e5:71:e8:36:4f:23:8a:0c:ce: 9c:44:fb:7d:4b:3e:aa:47:b6:be:c5:91:ed:d5:51:ed:cd:5b: 90:5f:dd:56:52:c1:f3:da:4b:91:1d:8e:37:43:7b:c2:90:e1: 95:96:30:c2:6e:ef:b3:1d:ff:5b:69:f2:e1:81:1d:8f:79:2a: 6b:14:39:0d:12:99:f3:b8:7c:50:26:5d:b2:b9:28:ef:0b:cb: 88:20:a2:6b:4c:13:ce:1e:1f:3f:0f:5e:6c:c0:41:20:b3:56: c5:0c:ad:15:af:86:b0:81:a3:ec:3c:03:52:84:fd:46:a4:e5: be:7d:71:ac:88:ce:af:a4:5d:39:ec:81:2b:06:93:0f:33:28: 02:da:e0:9e:d9:eb:f5:2a:5a:d4:a0:b2:0b:69:04:88:5c:76: b6:c7:a8:62:cd:2a:b6:09:97:1e:62:e0:d7:ba:13:74:10:8b: 9b:92:f4:8a:8a:2e:63:6b:7c:cb:cd:8b:68:9d:35:29:a3:b7: 51:4a:38:a3:42:69:14:15:cf:f3:35:ed:a4:32:f5:db:3a:6b: ef:48:bc:97 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt7NnOZJIRHXSKw48MKGvGlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4MWNmMWFhYzIxYWE1ODIzYjAxOWRlOTFhZWVlYzIzZTNl NTI2ZGIwHhcNMjYwMTAxMjAxODQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzM2ZjMTg2NGRhMDg4MjA1YTQyNjcyMGNlOTdiZGY4OWQxZTg5NGE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDMUZ1Er4foUfwGGMa65pjGC3U2f olIYNkwHs6ClOO2oC9F61eSicgGmaEpI1vOWaqm+natvbc3kHk5L9Lh7sNX/p3Z6 4pGJ5B7DAQQmd2zKb7o/Z0jAvvA5tCIdmdVsvTe08pJvVodOKUYVP8Bfyd3A4apb 7bGfgjuV24p8lIfuz2t2bwPUTmGIW+8J1BIhxaxllmKqQsRzU915qnh5GTyvu06j FzZxYenIDVE1CoqNT+I1zNcmLZbhNM4rxCEUyc5XLqnhqou33MFhn/t+sdqwzO9v KZgeueQkAG0qkWiHhyx83i/caX/N8X1pw01HYDaD3Ie19qHeKALwU7+ODQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFDP8GGTaCIIFpCZyDOl734nR6JSmMB8GA1UdIwQY MBaAFNgc8arCGqWCOwGd6Rru7CPj5SbbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkJ6eHFzSWFwWUk3QVozcEd1N3NJLVBsSnRzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9iOGE2YTQtZjdlYS00YWZlLWI2MGYt OWMwZGUzNjUyNzM4LzEvTV93WVpOb0lnZ1drSm5JTTZYdmZpZEhvbEtZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYi9iOGE2YTQtZjdlYS00YWZlLWI2MGYtOWMwZGUzNjUyNzM4 LzEvMkJ6eHFzSWFwWUk3QVozcEd1N3NJLVBsSnRzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwys8MA8E AgACMAkDBwAgAQZ4APAwDQYJKoZIhvcNAQELBQADggEBALYRJsS3qmtmMNyQoD64 4hIcHnLTB1CX+LalySrfBq0a/2Fsiqiiut8/77f2UOVx6DZPI4oMzpxE+31LPqpH tr7Fke3VUe3NW5Bf3VZSwfPaS5EdjjdDe8KQ4ZWWMMJu77Md/1tp8uGBHY95KmsU OQ0SmfO4fFAmXbK5KO8Ly4ggomtME84eHz8PXmzAQSCzVsUMrRWvhrCBo+w8A1KE /Uak5b59cayIzq+kXTnsgSsGkw8zKALa4J7Z6/UqWtSgsgtpBIhcdrbHqGLNKrYJ lx5i4Ne6E3QQi5uS9IqKLmNrfMvNi2idNSmjt1FKOKNCaRQVz/M17aQy9ds6a+9I vJc= -----END CERTIFICATE-----Generated at Mon Jan 26 11:48:38 2026 by rpki-client