This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/Md6a-KQcbUfuxvWxKDr3cty5184.roa File: Md6a-KQcbUfuxvWxKDr3cty5184.roa (raw, json) Hash identifier: 0QYUuqR4NLEQ4pSl7SpM+UKRlpQJFGB4BeS1z7xH1dA= Subject key identifier: 31:DE:9A:F8:A4:1C:6D:47:EE:C6:F5:B1:28:3A:F7:72:DC:B9:D7:CE Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd Certificate serial: 019B7BA3AF4DA494BDE257F8FD83553FA3E3 Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/Md6a-KQcbUfuxvWxKDr3cty5184.roa Signing time: Thu 01 Jan 2026 22:18:03 +0000 ROA not before: Thu 01 Jan 2026 22:18:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 136526 IP address blocks: 2.59.152.0/22 maxlen: 22 45.91.224.0/22 maxlen: 22 45.142.152.0/22 maxlen: 22 91.204.224.0/22 maxlen: 22 185.202.100.0/22 maxlen: 22 185.202.103.0/24 maxlen: 24 193.239.150.0/23 maxlen: 23 193.239.154.0/23 maxlen: 23 193.239.154.0/24 maxlen: 24 194.126.215.0/24 maxlen: 24 194.126.219.0/24 maxlen: 24 194.126.227.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.mft rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 04:01:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:af:4d:a4:94:bd:e2:57:f8:fd:83:55:3f:a3:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd Validity Not Before: Jan 1 22:18:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=31de9af8a41c6d47eec6f5b1283af772dcb9d7ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:ab:e0:22:30:5a:dd:da:92:7f:7b:7a:b7:13: b5:1d:62:53:f9:e3:a0:7f:ac:71:4f:bb:8e:41:a0: f6:9e:63:b3:8e:77:ef:19:d8:6d:80:0f:78:08:b5: 03:d0:0e:43:4d:f0:cb:06:74:57:04:d6:06:5a:e3: ac:ce:e3:25:c6:18:54:92:ba:85:0e:8e:38:a0:a6: 82:bf:b3:62:e8:3c:b7:3d:dd:51:10:c9:31:c4:da: 01:67:00:a8:df:20:7f:02:4a:6c:00:60:f4:d2:3b: 49:07:1c:23:86:0a:12:bb:df:ed:1c:60:18:82:e5: 1d:f5:c9:73:b1:99:d3:20:4f:dd:fc:02:4e:b3:cb: 59:69:f0:2c:11:91:1a:e8:0d:49:3f:33:a9:2c:9c: cf:33:60:2a:f9:fa:b0:ba:08:4d:c8:ff:2f:74:6c: cb:ea:3e:e7:7f:37:b4:e6:a1:97:cb:cd:a6:e4:f6: 61:3d:66:7a:40:fa:1b:81:e5:08:ab:ab:24:8e:cc: 66:d4:ac:dc:dd:fd:66:90:6b:96:0d:f9:05:f0:48: ac:19:0a:f9:45:00:2e:f6:03:db:e4:85:4c:71:3e: 9d:ad:bb:03:8d:f2:72:4b:5d:e9:0f:95:ef:4d:31: 53:db:9e:82:bc:80:16:f9:6a:6c:15:e1:2a:8c:b2: dc:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:DE:9A:F8:A4:1C:6D:47:EE:C6:F5:B1:28:3A:F7:72:DC:B9:D7:CE X509v3 Authority Key Identifier: keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/Md6a-KQcbUfuxvWxKDr3cty5184.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.59.152.0/22 45.91.224.0/22 45.142.152.0/22 91.204.224.0/22 185.202.100.0/22 193.239.150.0/23 193.239.154.0/23 194.126.215.0/24 194.126.219.0/24 194.126.227.0/24 Signature Algorithm: sha256WithRSAEncryption 20:43:21:8b:20:6c:2d:39:75:6b:83:bb:06:2b:67:68:e2:5e: 10:d8:a1:ef:e4:b4:2d:84:7b:05:6f:f0:55:15:c8:33:c5:9a: b6:d9:ee:76:65:34:2d:d1:fe:4b:fa:ab:45:7e:26:ac:b7:bf: 40:b3:5c:cb:51:01:7f:9d:4e:df:0e:be:b8:b2:fb:98:2e:6c: e9:5f:17:df:d5:21:12:6e:24:c1:9e:ac:2e:42:c0:b9:50:b6: ed:56:76:87:1a:26:ce:97:0a:72:af:42:0b:8a:46:f5:3d:63: a1:68:c0:54:84:92:94:dd:30:94:4f:b1:0f:4d:53:c0:08:26: 74:ca:b4:11:3f:fb:79:2b:47:41:31:22:4e:1e:78:6f:4d:93: e2:68:85:eb:15:60:f3:9a:7e:ee:61:00:2d:85:13:be:bd:0e: 0e:fc:de:fb:2e:f3:81:e0:a5:78:5e:1a:dc:2d:ee:51:52:72: 37:31:2c:80:2a:a2:d9:73:7f:49:51:5c:ee:92:d4:6e:3d:d5: b9:bc:6f:24:48:dc:02:04:94:b3:e3:7e:b8:1d:41:ea:ac:3f: 69:8c:b0:f1:9e:20:c0:7f:5b:79:36:09:64:ac:4f:3e:5a:ab: ff:cc:be:5a:aa:91:9c:9c:44:da:62:5b:9e:d9:2c:f8:d2:22: b3:8f:5e:06 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgISAZt7o69NpJS94lf4/YNVP6PjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx NjM2Y2QwHhcNMjYwMTAxMjIxODAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMWRlOWFmOGE0MWM2ZDQ3ZWVjNmY1YjEyODNhZjc3MmRjYjlkN2NlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKvgIjBa3dqSf3t6txO1HWJT+eOg f6xxT7uOQaD2nmOzjnfvGdhtgA94CLUD0A5DTfDLBnRXBNYGWuOszuMlxhhUkrqF Do44oKaCv7Ni6Dy3Pd1REMkxxNoBZwCo3yB/AkpsAGD00jtJBxwjhgoSu9/tHGAY guUd9clzsZnTIE/d/AJOs8tZafAsEZEa6A1JPzOpLJzPM2Aq+fqwughNyP8vdGzL 6j7nfze05qGXy82m5PZhPWZ6QPobgeUIq6skjsxm1Kzc3f1mkGuWDfkF8EisGQr5 RQAu9gPb5IVMcT6drbsDjfJyS13pD5XvTTFT256CvIAW+WpsFeEqjLLcPwIDAQAB o4ICPzCCAjswHQYDVR0OBBYEFDHemvikHG1H7sb1sSg693LcudfOMB8GA1UdIwQY MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt YWU1MDI3MzY4MWE3LzEvTWQ2YS1LUWNiVWZ1eHZXeEtEcjNjdHk1MTg0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3 LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCAjuYAwQC LVvgAwQCLY6YAwQCW8zgAwQCucpkAwQBwe+WAwQBwe+aAwQAwn7XAwQAwn7bAwQA wn7jMA0GCSqGSIb3DQEBCwUAA4IBAQAgQyGLIGwtOXVrg7sGK2do4l4Q2KHv5LQt hHsFb/BVFcgzxZq22e52ZTQt0f5L+qtFfiast79As1zLUQF/nU7fDr64svuYLmzp Xxff1SESbiTBnqwuQsC5ULbtVnaHGibOlwpyr0ILikb1PWOhaMBUhJKU3TCUT7EP TVPACCZ0yrQRP/t5K0dBMSJOHnhvTZPiaIXrFWDzmn7uYQAthRO+vQ4O/N77LvOB 4KV4XhrcLe5RUnI3MSyAKqLZc39JUVzuktRuPdW5vG8kSNwCBJSz4364HUHqrD9p jLDxniDAf1t5NglkrE8+Wqv/zL5aqpGcnETaYlue2Sz40iKzj14G -----END CERTIFICATE-----Generated at Sun Jan 25 15:38:14 2026 by rpki-client