This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/mdkFOAwMWkblGp-2mwbEq419z_I.roa File: mdkFOAwMWkblGp-2mwbEq419z_I.roa (raw, json) Hash identifier: CE2MgK18UC9X5aZF3fSj7NZCbOTDD1izqKPMKawtpc4= Subject key identifier: 99:D9:05:38:0C:0C:5A:46:E5:1A:9F:B6:9B:06:C4:AB:8D:7D:CF:F2 Certificate issuer: /CN=b62d4cec783305923e3497ed884f1c445b4e78fb Certificate serial: 019B78A35C987AD306E1D7542216F97E8AA0 Authority key identifier: B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/mdkFOAwMWkblGp-2mwbEq419z_I.roa Signing time: Thu 01 Jan 2026 08:18:50 +0000 ROA not before: Thu 01 Jan 2026 08:18:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 216145 IP address blocks: 46.253.2.0/24 maxlen: 24 46.253.6.0/24 maxlen: 24 46.253.7.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/ti1M7HgzBZI-NJftiE8cRFtOePs.crl rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/ti1M7HgzBZI-NJftiE8cRFtOePs.mft rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 08:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:5c:98:7a:d3:06:e1:d7:54:22:16:f9:7e:8a:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b62d4cec783305923e3497ed884f1c445b4e78fb Validity Not Before: Jan 1 08:18:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=99d905380c0c5a46e51a9fb69b06c4ab8d7dcff2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:58:61:8a:59:49:2c:5f:a5:43:3a:ad:c9:d3: e8:84:a6:a0:af:0a:54:63:1f:1a:1a:25:fe:a2:1e: 13:b4:5f:e6:7d:df:f5:ed:22:8e:a7:4b:d3:26:d7: ac:1e:7d:3e:af:fe:08:26:17:0a:de:12:6b:5d:26: 66:84:5b:0c:86:f9:72:6b:67:45:96:59:d9:93:5d: 40:0a:1e:9e:8e:1a:5c:58:6e:3d:54:39:26:91:43: c0:91:3f:6f:a9:77:ab:5b:21:7d:e1:60:81:85:8c: db:aa:64:33:02:40:f7:31:c7:09:ae:e5:4c:9d:cb: 34:2c:0e:8a:d9:a6:ad:e6:25:2c:09:18:ad:47:72: 9d:a3:fd:00:4e:f1:21:7d:65:48:ca:be:32:27:10: 79:94:d7:3f:1c:b8:d7:be:0c:28:17:3f:3c:49:62: 1c:54:c1:96:14:9c:c2:ee:87:a3:63:cb:da:7c:dc: f5:54:34:1e:9e:b3:bb:c1:1c:68:37:89:59:8f:ca: 4b:e2:32:d7:17:39:f0:6f:f7:3d:b1:f6:9b:20:3a: 56:32:81:8d:12:5d:a8:a7:90:42:f4:e0:a8:b2:3e: 83:26:14:38:53:88:af:4d:7d:56:70:47:e6:62:55: a8:55:8e:01:88:53:a9:bb:4f:2f:7c:ab:70:09:90: 98:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:D9:05:38:0C:0C:5A:46:E5:1A:9F:B6:9B:06:C4:AB:8D:7D:CF:F2 X509v3 Authority Key Identifier: keyid:B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/mdkFOAwMWkblGp-2mwbEq419z_I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/ti1M7HgzBZI-NJftiE8cRFtOePs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.253.2.0/24 46.253.6.0/23 Signature Algorithm: sha256WithRSAEncryption 3c:a7:22:3f:5d:85:d4:1d:74:6c:ab:af:27:fa:8a:62:7f:35: a9:2c:cb:fd:2a:cd:fa:0c:74:e4:0b:10:38:e5:80:3c:81:4f: 30:5f:4c:bb:95:c2:75:4d:7b:35:63:a5:1f:38:d6:f1:9f:8d: da:ad:24:c5:00:cb:d8:92:3a:08:da:04:bd:a9:62:69:63:b6: dc:7c:5c:ce:47:78:fd:cd:16:d9:35:c1:e7:1b:30:30:6b:d3: f5:4a:6a:c4:aa:f7:75:14:91:2c:fb:aa:3c:5b:48:8e:ad:ad: 13:19:d2:30:54:de:a6:f5:a5:95:fc:44:21:88:1c:fe:7f:9e: 61:24:4e:57:91:6e:c0:65:a0:72:e7:d8:a7:55:16:ee:eb:46: e5:bc:f9:99:85:e7:88:30:d1:1f:34:5b:bc:6a:45:63:7e:55: 47:e7:df:86:52:b6:ec:f1:e4:bf:97:c2:0a:11:48:21:a3:8d: d5:97:47:74:34:67:f0:43:a9:49:f3:ed:73:7b:6e:22:4b:48: 97:4f:cd:cc:4f:88:95:89:b4:3c:07:c9:4e:45:c5:eb:49:73: 20:6c:04:4b:4e:b4:34:24:9a:d3:44:07:58:ae:b5:a8:37:60: 4d:d6:4e:ef:78:2a:5d:f8:fb:9c:5f:e9:96:03:ac:96:8b:cc: fc:61:eb:30 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt4o1yYetMG4ddUIhb5foqgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI2MmQ0Y2VjNzgzMzA1OTIzZTM0OTdlZDg4NGYxYzQ0NWI0 ZTc4ZmIwHhcNMjYwMTAxMDgxODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5OWQ5MDUzODBjMGM1YTQ2ZTUxYTlmYjY5YjA2YzRhYjhkN2RjZmYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklhhillJLF+lQzqtydPohKagrwpU Yx8aGiX+oh4TtF/mfd/17SKOp0vTJtesHn0+r/4IJhcK3hJrXSZmhFsMhvlya2dF llnZk11ACh6ejhpcWG49VDkmkUPAkT9vqXerWyF94WCBhYzbqmQzAkD3MccJruVM ncs0LA6K2aat5iUsCRitR3Kdo/0ATvEhfWVIyr4yJxB5lNc/HLjXvgwoFz88SWIc VMGWFJzC7oejY8vafNz1VDQenrO7wRxoN4lZj8pL4jLXFznwb/c9sfabIDpWMoGN El2op5BC9OCosj6DJhQ4U4ivTX1WcEfmYlWoVY4BiFOpu08vfKtwCZCYcQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFJnZBTgMDFpG5RqftpsGxKuNfc/yMB8GA1UdIwQY MBaAFLYtTOx4MwWSPjSX7YhPHERbTnj7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTIt ZDMyZTI3ZmI3ZTU5LzEvbWRrRk9Bd01Xa2JsR3AtMm13YkVxNDE5el9JLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTItZDMyZTI3ZmI3ZTU5 LzEvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALv0CAwQB Lv0GMA0GCSqGSIb3DQEBCwUAA4IBAQA8pyI/XYXUHXRsq68n+opifzWpLMv9Ks36 DHTkCxA45YA8gU8wX0y7lcJ1TXs1Y6UfONbxn43arSTFAMvYkjoI2gS9qWJpY7bc fFzOR3j9zRbZNcHnGzAwa9P1SmrEqvd1FJEs+6o8W0iOra0TGdIwVN6m9aWV/EQh iBz+f55hJE5XkW7AZaBy59inVRbu60blvPmZheeIMNEfNFu8akVjflVH59+GUrbs 8eS/l8IKEUgho43Vl0d0NGfwQ6lJ8+1ze24iS0iXT83MT4iVibQ8B8lORcXrSXMg bARLTrQ0JJrTRAdYrrWoN2BN1k7veCpd+PucX+mWA6yWi8z8Yesw -----END CERTIFICATE-----Generated at Sun Jan 25 18:20:46 2026 by rpki-client