This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/mlVDqzsr0onFPunz8cRb0CxctTw.roa File: mlVDqzsr0onFPunz8cRb0CxctTw.roa (raw, json) Hash identifier: FmoWfiTgv6hVPqkJlMC8O0NyKtvBDx0DatsEpxV/8NY= Subject key identifier: 9A:55:43:AB:3B:2B:D2:89:C5:3E:E9:F3:F1:C4:5B:D0:2C:5C:B5:3C Certificate issuer: /CN=a7ee182d9c43a5ce7068dfd9ba7aa8ed90e5e0ba Certificate serial: 019B77C671011CF179075748CFA63B104F19 Authority key identifier: A7:EE:18:2D:9C:43:A5:CE:70:68:DF:D9:BA:7A:A8:ED:90:E5:E0:BA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/mlVDqzsr0onFPunz8cRb0CxctTw.roa Signing time: Thu 01 Jan 2026 04:17:32 +0000 ROA not before: Thu 01 Jan 2026 04:17:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41568 IP address blocks: 217.9.9.0/24 maxlen: 24 217.9.11.0/24 maxlen: 24 2a06:64c0:1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.crl rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.mft rsync://rpki.ripe.net/repository/DEFAULT/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:71:01:1c:f1:79:07:57:48:cf:a6:3b:10:4f:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a7ee182d9c43a5ce7068dfd9ba7aa8ed90e5e0ba Validity Not Before: Jan 1 04:17:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9a5543ab3b2bd289c53ee9f3f1c45bd02c5cb53c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:d3:31:79:f6:6a:34:12:c1:33:83:e3:48:c4: 4a:18:fa:a4:93:69:7e:04:94:38:7d:34:1e:4e:4c: b1:74:b8:e0:89:df:f6:ba:91:9a:d9:5e:3a:d6:f6: 37:5e:a5:6a:a9:ae:34:53:1c:6b:2c:a9:5d:95:d6: 8c:07:5b:85:69:1d:92:6c:e6:c3:3f:3a:11:40:ab: 00:d3:ee:d6:57:b0:96:7a:4e:f4:73:f9:65:e9:28: ba:2b:2a:5f:84:98:85:34:9d:95:cb:07:b0:f0:00: 8a:51:b0:6f:60:40:21:38:7a:ad:74:7c:fd:68:74: b8:65:a9:38:e8:58:21:0e:95:a7:9c:c1:92:7e:73: 0d:9a:f3:84:75:72:02:33:06:46:77:fd:63:c8:3a: 23:08:c3:75:e5:e9:d2:21:04:a5:88:08:e7:0f:d5: 1b:d3:8b:90:20:40:d2:b4:61:c6:36:d2:a4:5b:90: 8c:a1:c2:2e:44:5e:16:32:44:bb:54:2b:55:56:cf: d9:d8:6e:ac:76:00:d1:54:36:e8:6c:3e:ce:19:f6: 5d:1b:58:35:df:fe:13:38:1f:f4:fa:09:d7:d0:94: 5c:47:62:99:94:fa:25:37:86:9f:e5:cf:a8:55:ea: 52:26:3f:6e:46:eb:a7:a6:d7:17:0e:10:11:2f:45: 52:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:55:43:AB:3B:2B:D2:89:C5:3E:E9:F3:F1:C4:5B:D0:2C:5C:B5:3C X509v3 Authority Key Identifier: keyid:A7:EE:18:2D:9C:43:A5:CE:70:68:DF:D9:BA:7A:A8:ED:90:E5:E0:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/mlVDqzsr0onFPunz8cRb0CxctTw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.9.9.0/24 217.9.11.0/24 IPv6: 2a06:64c0:1::/48 Signature Algorithm: sha256WithRSAEncryption e6:aa:41:2f:3a:8b:2e:a5:b4:5a:ac:8d:6f:64:20:b7:0b:44: d2:f0:ab:21:ee:b1:1a:b0:7f:bc:e2:dc:2e:1b:e1:be:8f:36: 9e:0f:4a:cf:90:83:6d:57:4a:13:98:6c:01:db:4a:40:df:08: de:a3:85:f4:fc:9c:ee:78:e9:cf:3d:fe:4e:d1:40:40:42:6d: f2:cc:ca:15:fa:07:58:7d:a0:ec:ff:45:7c:91:db:71:db:28: 2c:42:f6:5e:97:74:75:74:9d:be:73:ba:dc:31:50:e2:f1:63: 27:68:29:49:41:96:35:0c:1b:e8:65:94:d4:85:4f:34:12:26: 1c:05:e3:27:ed:44:f4:ba:26:ab:3e:5b:63:09:04:29:2b:9e: ca:ec:2b:e6:40:d4:31:01:f8:f2:86:67:c1:28:a1:a9:ea:c8: 1a:ab:32:ad:63:fa:a1:84:9b:08:c4:1b:76:cd:63:cd:84:80: 54:2e:f3:60:20:f6:36:68:e4:20:56:c8:6f:16:2d:32:70:3b: 74:04:4d:c7:da:5b:3b:66:9f:46:f5:08:9c:0c:08:a1:2e:83: 91:66:d5:5e:2b:a4:d2:b1:b3:e0:c2:ba:9d:c8:f1:ea:56:50: 8a:31:b6:79:cc:c9:26:1d:0f:40:ea:d2:26:be:08:8b:ea:93: 2f:ea:8d:f3 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt3xnEBHPF5B1dIz6Y7EE8ZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE3ZWUxODJkOWM0M2E1Y2U3MDY4ZGZkOWJhN2FhOGVkOTBl NWUwYmEwHhcNMjYwMTAxMDQxNzMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5YTU1NDNhYjNiMmJkMjg5YzUzZWU5ZjNmMWM0NWJkMDJjNWNiNTNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutMxefZqNBLBM4PjSMRKGPqkk2l+ BJQ4fTQeTkyxdLjgid/2upGa2V461vY3XqVqqa40UxxrLKldldaMB1uFaR2SbObD PzoRQKsA0+7WV7CWek70c/ll6Si6KypfhJiFNJ2Vywew8ACKUbBvYEAhOHqtdHz9 aHS4Zak46FghDpWnnMGSfnMNmvOEdXICMwZGd/1jyDojCMN15enSIQSliAjnD9Ub 04uQIEDStGHGNtKkW5CMocIuRF4WMkS7VCtVVs/Z2G6sdgDRVDbobD7OGfZdG1g1 3/4TOB/0+gnX0JRcR2KZlPolN4af5c+oVepSJj9uRuunptcXDhARL0VSJQIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFJpVQ6s7K9KJxT7p8/HEW9AsXLU8MB8GA1UdIwQY MBaAFKfuGC2cQ6XOcGjf2bp6qO2Q5eC6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcC00WUxaeERwYzV3YU5fWnVucW83WkRsNExvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9kYWI0MjAtMGRlMy00MzIxLTljMDkt NmI1ZjY4NTIyYTdkLzEvbWxWRHF6c3Iwb25GUHVuejhjUmIwQ3hjdFR3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMi9kYWI0MjAtMGRlMy00MzIxLTljMDktNmI1ZjY4NTIyYTdk LzEvcC00WUxaeERwYzV3YU5fWnVucW83WkRsNExvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQA2QkJAwQA 2QkLMA8EAgACMAkDBwAqBmTAAAEwDQYJKoZIhvcNAQELBQADggEBAOaqQS86iy6l tFqsjW9kILcLRNLwqyHusRqwf7zi3C4b4b6PNp4PSs+Qg21XShOYbAHbSkDfCN6j hfT8nO546c89/k7RQEBCbfLMyhX6B1h9oOz/RXyR23HbKCxC9l6XdHV0nb5zutwx UOLxYydoKUlBljUMG+hllNSFTzQSJhwF4yftRPS6Jqs+W2MJBCkrnsrsK+ZA1DEB +PKGZ8EooanqyBqrMq1j+qGEmwjEG3bNY82EgFQu82Ag9jZo5CBWyG8WLTJwO3QE TcfaWztmn0b1CJwMCKEug5Fm1V4rpNKxs+DCup3I8epWUIoxtnnMySYdD0Dq0ia+ CIvqky/qjfM= -----END CERTIFICATE-----Generated at Sun Jan 25 18:07:29 2026 by rpki-client