This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/MUIHl-Fsh8We6GFXLmx35khoTEY.roa File: MUIHl-Fsh8We6GFXLmx35khoTEY.roa (raw, json) Hash identifier: pEdoUTkjBemyLaurIbfbrfCDQS7dpMcaaEVDwlX8HwM= Subject key identifier: 31:42:07:97:E1:6C:87:C5:9E:E8:61:57:2E:6C:77:E6:48:68:4C:46 Certificate issuer: /CN=352ae33b11b36a319ba81347d852480d8e74c87d Certificate serial: 019B7F842469ED97DE79D50218C9F8A0F2DE Authority key identifier: 35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/MUIHl-Fsh8We6GFXLmx35khoTEY.roa Signing time: Fri 02 Jan 2026 16:22:05 +0000 ROA not before: Fri 02 Jan 2026 16:22:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200555 IP address blocks: 46.24.73.0/24 maxlen: 24 77.228.196.0/24 maxlen: 24 77.228.197.0/24 maxlen: 24 212.145.48.0/24 maxlen: 24 212.145.58.0/24 maxlen: 24 212.145.62.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.crl rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.mft rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:24:69:ed:97:de:79:d5:02:18:c9:f8:a0:f2:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=352ae33b11b36a319ba81347d852480d8e74c87d Validity Not Before: Jan 2 16:22:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=31420797e16c87c59ee861572e6c77e648684c46 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:97:61:74:04:4f:44:d0:65:33:bd:7b:1b:9f: 4c:3d:f8:6f:9c:b4:c5:ca:13:67:0d:a6:b4:55:39: 9d:ad:cd:d4:9a:26:43:c8:e9:32:07:34:fe:1b:ef: b7:c6:78:14:fc:71:d2:69:f5:87:d8:b0:62:b0:24: ee:65:c3:9d:a4:3f:6d:29:31:bb:c1:0d:23:04:e3: 3c:42:07:67:6f:38:6c:f0:e3:04:6d:c2:8b:c4:4a: aa:32:8e:0d:fd:f9:3d:03:64:4a:ec:ce:3d:18:0c: d6:ba:dc:85:06:bd:ba:b2:c5:25:d2:5b:c5:90:9f: fe:a5:1c:26:19:34:67:3f:d1:c2:c7:d9:8e:71:55: cc:f1:46:91:58:f8:cf:9c:d5:28:ea:fe:4b:13:d1: 3c:4e:e1:8c:ce:94:c6:e2:58:53:d0:85:f1:66:d3: 9c:37:58:50:b9:f9:24:3c:64:bc:e4:28:b3:14:58: 99:1a:7f:e7:0f:ea:32:61:2c:fd:d3:bc:fd:eb:f7: 70:3a:b8:f3:67:6f:48:7f:58:6e:78:7e:20:b7:47: 3e:3c:05:1d:29:a1:f4:24:ef:cc:b5:bf:fa:f9:db: df:f7:2f:d6:fc:04:2f:0d:81:d5:db:a3:54:7e:68: c7:31:2e:b1:05:4f:22:83:67:16:af:87:d2:63:2a: 38:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:42:07:97:E1:6C:87:C5:9E:E8:61:57:2E:6C:77:E6:48:68:4C:46 X509v3 Authority Key Identifier: keyid:35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/MUIHl-Fsh8We6GFXLmx35khoTEY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.24.73.0/24 77.228.196.0/23 212.145.48.0/24 212.145.58.0/24 212.145.62.0/24 Signature Algorithm: sha256WithRSAEncryption bd:6b:18:27:3b:51:0b:fa:1e:0b:b1:83:2e:b5:14:54:0d:06: a3:9f:e1:0e:41:c3:48:39:74:36:8f:33:c8:93:38:a6:73:bc: 86:4a:ce:e8:27:69:79:96:ae:d1:ae:2a:31:48:fe:1c:40:d8: b0:3a:6d:60:92:8b:36:ee:f7:74:d3:88:d1:1b:20:ec:19:66: 89:71:2f:94:fa:32:0e:9a:c6:7a:99:0c:cd:72:e9:f2:c3:92: fc:c8:e6:46:c5:72:46:30:ca:00:f8:88:2a:0f:03:fa:8e:41: 4c:bd:cd:27:19:de:70:bd:98:9f:fd:71:60:15:78:1e:80:e3: e7:e8:26:81:75:3f:a0:6d:30:ff:8b:c8:49:a3:81:bf:90:72: 20:e5:32:98:49:11:20:2c:8e:6d:94:74:2d:59:d3:34:df:4b: 8c:4f:b6:b8:55:ed:db:15:b6:4e:4d:28:49:b0:45:4a:fc:32: e5:fe:77:af:93:9b:2e:a0:75:ba:7d:59:29:b7:a0:c5:f4:32: 24:ee:a0:de:7d:8e:b4:41:7e:88:0c:17:c4:5a:db:88:ee:6f: a7:49:29:63:71:f3:34:a7:96:01:d0:32:6f:98:7a:30:d0:e0: 99:b1:75:5e:02:bf:e0:c6:53:8d:3c:4e:5b:98:58:a4:55:60: 74:9a:ff:8a -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt/hCRp7ZfeedUCGMn4oPLeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1MmFlMzNiMTFiMzZhMzE5YmE4MTM0N2Q4NTI0ODBkOGU3 NGM4N2QwHhcNMjYwMTAyMTYyMjA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMTQyMDc5N2UxNmM4N2M1OWVlODYxNTcyZTZjNzdlNjQ4Njg0YzQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypdhdARPRNBlM717G59MPfhvnLTF yhNnDaa0VTmdrc3UmiZDyOkyBzT+G++3xngU/HHSafWH2LBisCTuZcOdpD9tKTG7 wQ0jBOM8Qgdnbzhs8OMEbcKLxEqqMo4N/fk9A2RK7M49GAzWutyFBr26ssUl0lvF kJ/+pRwmGTRnP9HCx9mOcVXM8UaRWPjPnNUo6v5LE9E8TuGMzpTG4lhT0IXxZtOc N1hQufkkPGS85CizFFiZGn/nD+oyYSz907z96/dwOrjzZ29If1hueH4gt0c+PAUd KaH0JO/Mtb/6+dvf9y/W/AQvDYHV26NUfmjHMS6xBU8ig2cWr4fSYyo42wIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFDFCB5fhbIfFnuhhVy5sd+ZIaExGMB8GA1UdIwQY MBaAFDUq4zsRs2oxm6gTR9hSSA2OdMh9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMt MjUwNTBjNTkzYWExLzEvTVVJSGwtRnNoOFdlNkdGWExteDM1a2hvVEVZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMtMjUwNTBjNTkzYWEx LzEvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALhhJAwQB TeTEAwQA1JEwAwQA1JE6AwQA1JE+MA0GCSqGSIb3DQEBCwUAA4IBAQC9axgnO1EL +h4LsYMutRRUDQajn+EOQcNIOXQ2jzPIkzimc7yGSs7oJ2l5lq7RrioxSP4cQNiw Om1gkos27vd004jRGyDsGWaJcS+U+jIOmsZ6mQzNcunyw5L8yOZGxXJGMMoA+Igq DwP6jkFMvc0nGd5wvZif/XFgFXgegOPn6CaBdT+gbTD/i8hJo4G/kHIg5TKYSREg LI5tlHQtWdM030uMT7a4Ve3bFbZOTShJsEVK/DLl/nevk5suoHW6fVkpt6DF9DIk 7qDefY60QX6IDBfEWtuI7m+nSSljcfM0p5YB0DJvmHow0OCZsXVeAr/gxlONPE5b mFikVWB0mv+K -----END CERTIFICATE-----Generated at Mon Jan 26 07:23:24 2026 by rpki-client