This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/4c9e86-1ad7-4a8f-a55b-92cf01fa7e6c/1/mrJn6nD0GC6PzZPQcJGEwHtlTMs.roa File: mrJn6nD0GC6PzZPQcJGEwHtlTMs.roa (raw, json) Hash identifier: HL+CopIX/Je4zBh55UeuNqaw17GY2N3s/OSsQC+mKKk= Subject key identifier: 9A:B2:67:EA:70:F4:18:2E:8F:CD:93:D0:70:91:84:C0:7B:65:4C:CB Certificate issuer: /CN=fa9832f07a1c65d7e353f48e086fcf25086888ff Certificate serial: 019AA0CA56CC98EF1EBE54F7F5D2DC209A33 Authority key identifier: FA:98:32:F0:7A:1C:65:D7:E3:53:F4:8E:08:6F:CF:25:08:68:88:FF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-pgy8HocZdfjU_SOCG_PJQhoiP8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/4c9e86-1ad7-4a8f-a55b-92cf01fa7e6c/1/mrJn6nD0GC6PzZPQcJGEwHtlTMs.roa Signing time: Thu 20 Nov 2025 10:23:26 +0000 ROA not before: Thu 20 Nov 2025 10:23:26 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 48377 IP address blocks: 91.209.126.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/4c9e86-1ad7-4a8f-a55b-92cf01fa7e6c/1/1-pgy8HocZdfjU_SOCG_PJQhoiP8.crl rsync://rpki.ripe.net/repository/DEFAULT/41/4c9e86-1ad7-4a8f-a55b-92cf01fa7e6c/1/1-pgy8HocZdfjU_SOCG_PJQhoiP8.mft rsync://rpki.ripe.net/repository/DEFAULT/1-pgy8HocZdfjU_SOCG_PJQhoiP8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:a0:ca:56:cc:98:ef:1e:be:54:f7:f5:d2:dc:20:9a:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fa9832f07a1c65d7e353f48e086fcf25086888ff Validity Not Before: Nov 20 10:23:26 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=9ab267ea70f4182e8fcd93d0709184c07b654ccb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:92:3b:95:9b:51:30:73:4c:19:97:49:d5:6a: ee:a2:8a:43:a6:b8:f9:2a:07:cf:49:e7:e0:b2:4c: 72:e4:e8:ff:39:c8:1d:18:80:ec:a9:d6:5f:e8:18: 07:90:20:9a:bb:7b:f1:9c:91:22:d3:b8:71:2f:5b: 30:e5:c8:19:2e:42:3f:99:1b:41:69:19:9b:c7:aa: 4e:9a:6b:99:45:88:08:21:cb:a6:74:6b:a8:cb:30: a2:4d:53:1d:56:e1:bd:2f:4a:42:cc:98:a2:c0:48: ff:dd:da:3d:20:b4:83:a7:7d:d4:12:64:cc:a1:9f: 71:0f:ae:92:40:99:1e:25:c1:dc:f9:55:3f:a9:dc: 06:e5:58:1a:16:16:8a:a9:5b:97:69:81:4e:4d:4d: 1c:74:e5:0c:7b:29:be:4e:a9:88:bd:66:b5:cd:0b: 54:78:a8:90:90:63:d9:21:a2:3d:d9:7c:d1:1c:0e: 93:be:1b:95:61:8b:17:a7:9b:d4:bc:1c:e8:24:d1: 6d:f8:c1:25:82:0e:78:38:69:63:56:dd:8c:3e:8a: dc:ae:59:bc:3c:b8:3b:31:7a:92:ee:3f:aa:99:d6: d2:c5:1e:be:24:b4:15:5e:72:36:83:50:c4:d1:8c: 50:f9:04:e7:62:1b:07:2d:57:48:0d:23:b8:58:c5: d3:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:B2:67:EA:70:F4:18:2E:8F:CD:93:D0:70:91:84:C0:7B:65:4C:CB X509v3 Authority Key Identifier: keyid:FA:98:32:F0:7A:1C:65:D7:E3:53:F4:8E:08:6F:CF:25:08:68:88:FF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-pgy8HocZdfjU_SOCG_PJQhoiP8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/4c9e86-1ad7-4a8f-a55b-92cf01fa7e6c/1/mrJn6nD0GC6PzZPQcJGEwHtlTMs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/41/4c9e86-1ad7-4a8f-a55b-92cf01fa7e6c/1/1-pgy8HocZdfjU_SOCG_PJQhoiP8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.209.126.0/24 Signature Algorithm: sha256WithRSAEncryption 23:ec:ef:e8:44:5d:55:39:cb:67:d4:5f:63:dc:08:35:76:83: e3:75:92:8b:0b:8a:13:b4:dc:1b:1f:a2:24:98:e3:d7:ef:f1: bb:e6:cb:9b:67:3f:4c:cc:9b:80:a5:b8:45:f7:84:5c:8c:2f: 21:6a:88:db:99:7e:80:22:64:7a:95:5c:ed:f5:2d:c3:45:d9: df:e2:98:c6:ad:71:b4:79:16:a1:5d:4d:dc:37:19:e1:e9:41: 2f:e0:17:af:86:b4:9b:42:b6:af:fc:cc:b8:b9:1b:c1:8c:d8: a8:98:b4:b3:cc:ae:78:be:06:2b:a5:e9:af:f2:8a:d9:b3:f6: 4d:a3:c6:f3:c5:84:4c:1b:49:71:ff:1d:cf:6f:bd:db:1b:04: 68:6f:50:b9:34:6e:a4:30:23:12:28:5d:c3:28:7c:60:c1:4d: 73:0c:1b:b7:c8:49:93:c8:02:ad:fe:12:fa:26:09:0c:fa:60: 76:8c:4f:2f:b3:fd:aa:29:eb:c9:5f:97:37:62:67:79:93:3b: c8:cf:2c:b5:05:0a:47:7e:01:a5:4d:b8:1e:d3:26:f9:20:b3: 7b:2d:1b:33:9a:29:8b:34:35:8b:62:12:af:8a:41:b3:5e:28: fe:97:8c:13:ca:0e:bc:f0:83:d3:68:9f:31:16:1c:84:3c:d7: 50:9f:4c:3b -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZqgylbMmO8evlT39dLcIJozMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZhOTgzMmYwN2ExYzY1ZDdlMzUzZjQ4ZTA4NmZjZjI1MDg2 ODg4ZmYwHhcNMjUxMTIwMTAyMzI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5YWIyNjdlYTcwZjQxODJlOGZjZDkzZDA3MDkxODRjMDdiNjU0Y2NiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8JI7lZtRMHNMGZdJ1WruoopDprj5 KgfPSefgskxy5Oj/OcgdGIDsqdZf6BgHkCCau3vxnJEi07hxL1sw5cgZLkI/mRtB aRmbx6pOmmuZRYgIIcumdGuoyzCiTVMdVuG9L0pCzJiiwEj/3do9ILSDp33UEmTM oZ9xD66SQJkeJcHc+VU/qdwG5VgaFhaKqVuXaYFOTU0cdOUMeym+TqmIvWa1zQtU eKiQkGPZIaI92XzRHA6TvhuVYYsXp5vUvBzoJNFt+MElgg54OGljVt2MPorcrlm8 PLg7MXqS7j+qmdbSxR6+JLQVXnI2g1DE0YxQ+QTnYhsHLVdIDSO4WMXT/QIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFJqyZ+pw9Bguj82T0HCRhMB7ZUzLMB8GA1UdIwQY MBaAFPqYMvB6HGXX41P0jghvzyUIaIj/MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS1wZ3k4SG9jWmRmalVfU09DR19QSlFob2lQOC5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEvNGM5ZTg2LTFhZDctNGE4Zi1hNTVi LTkyY2YwMWZhN2U2Yy8xL21ySm42bkQwR0M2UHpaUFFjSkdFd0h0bFRNcy5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvNDEvNGM5ZTg2LTFhZDctNGE4Zi1hNTViLTkyY2YwMWZhN2U2 Yy8xLzEtcGd5OEhvY1pkZmpVX1NPQ0dfUEpRaG9pUDguY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABb0X4w DQYJKoZIhvcNAQELBQADggEBACPs7+hEXVU5y2fUX2PcCDV2g+N1kosLihO03Bsf oiSY49fv8bvmy5tnP0zMm4CluEX3hFyMLyFqiNuZfoAiZHqVXO31LcNF2d/imMat cbR5FqFdTdw3GeHpQS/gF6+GtJtCtq/8zLi5G8GM2KiYtLPMrni+Biul6a/yitmz 9k2jxvPFhEwbSXH/Hc9vvdsbBGhvULk0bqQwIxIoXcMofGDBTXMMG7fISZPIAq3+ EvomCQz6YHaMTy+z/aop68lflzdiZ3mTO8jPLLUFCkd+AaVNuB7TJvkgs3stGzOa KYs0NYtiEq+KQbNeKP6XjBPKDrzwg9NonzEWHIQ811CfTDs= -----END CERTIFICATE-----Generated at Sat Dec 6 11:46:36 2025 by rpki-client