This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/M2d3XxtPV8U4RGwdl2KGyoS3tuE.roa File: M2d3XxtPV8U4RGwdl2KGyoS3tuE.roa (raw, json) Hash identifier: DkLgJR/YV/FTpPRA6z+9XA1zLGuoZB5rGHsCK++smJM= Subject key identifier: 33:67:77:5F:1B:4F:57:C5:38:44:6C:1D:97:62:86:CA:84:B7:B6:E1 Certificate issuer: /CN=f5450c6376655eec1dd2da4bd21d5f104a96d904 Certificate serial: 019B7BA38BB5CFA1754298199995480BCDBE Authority key identifier: F5:45:0C:63:76:65:5E:EC:1D:D2:DA:4B:D2:1D:5F:10:4A:96:D9:04 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9UUMY3ZlXuwd0tpL0h1fEEqW2QQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/M2d3XxtPV8U4RGwdl2KGyoS3tuE.roa Signing time: Thu 01 Jan 2026 22:17:54 +0000 ROA not before: Thu 01 Jan 2026 22:17:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49832 IP address blocks: 167.160.20.0/24 maxlen: 32 185.88.11.0/24 maxlen: 32 2a06:1ec0::/29 maxlen: 128 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/9UUMY3ZlXuwd0tpL0h1fEEqW2QQ.crl rsync://rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/9UUMY3ZlXuwd0tpL0h1fEEqW2QQ.mft rsync://rpki.ripe.net/repository/DEFAULT/9UUMY3ZlXuwd0tpL0h1fEEqW2QQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:8b:b5:cf:a1:75:42:98:19:99:95:48:0b:cd:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f5450c6376655eec1dd2da4bd21d5f104a96d904 Validity Not Before: Jan 1 22:17:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3367775f1b4f57c538446c1d976286ca84b7b6e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:d3:53:e3:8e:17:03:ce:18:82:12:32:0c:c3: 1c:63:aa:db:4d:f7:32:e4:03:d7:0f:f1:67:de:4c: 85:72:63:67:c4:53:d9:a9:1b:af:d0:7e:66:56:3c: 78:ce:d5:dc:d5:50:d7:8b:9f:96:7f:1b:a3:f6:3b: ea:27:49:9d:0e:e3:2a:4d:24:ac:10:f9:d3:3f:f8: 7b:84:89:5a:09:8d:37:52:4a:57:71:27:bb:e5:43: d9:7d:5a:af:e5:78:da:1d:20:d6:39:5f:ec:4e:62: c2:39:b2:1e:0e:54:54:cf:7e:6f:80:10:65:0a:de: a4:91:87:ee:e4:b2:fe:08:75:67:eb:7f:6d:77:f5: 56:9c:9b:2c:c6:ac:da:3a:62:ef:32:54:c9:86:3f: ef:db:2d:0d:98:74:fb:07:77:a9:0c:da:fa:8d:c3: 45:41:81:6f:36:2f:5c:26:03:b7:e6:36:5a:b0:cf: e9:01:3f:91:0e:cd:1c:89:d4:e6:28:49:72:8b:c2: d4:5e:73:98:2d:cf:ac:e8:d0:aa:61:69:51:db:b0: f4:7b:38:b7:72:e5:77:1a:ab:e4:59:eb:cf:4a:a7: 0d:f3:63:18:a3:14:36:fa:7a:8b:82:38:b4:1c:50: 38:64:a6:ba:ef:5c:f5:10:03:ec:a0:8a:1a:a8:3a: 95:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:67:77:5F:1B:4F:57:C5:38:44:6C:1D:97:62:86:CA:84:B7:B6:E1 X509v3 Authority Key Identifier: keyid:F5:45:0C:63:76:65:5E:EC:1D:D2:DA:4B:D2:1D:5F:10:4A:96:D9:04 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9UUMY3ZlXuwd0tpL0h1fEEqW2QQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/M2d3XxtPV8U4RGwdl2KGyoS3tuE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/9UUMY3ZlXuwd0tpL0h1fEEqW2QQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 167.160.20.0/24 185.88.11.0/24 IPv6: 2a06:1ec0::/29 Signature Algorithm: sha256WithRSAEncryption 61:bc:c1:c6:d5:bc:bd:3f:61:d9:63:5b:af:63:ec:ca:c7:83: 04:7c:9a:99:08:31:78:03:03:ea:3c:bf:1f:d7:40:a7:62:16: 31:6c:e2:26:e8:8e:7f:ed:25:7c:df:78:6b:a0:cd:d8:9d:85: 93:c2:cd:fa:3c:15:66:63:a0:10:e8:ee:c1:b2:b4:3f:88:cb: 7c:bb:6a:34:dc:12:a3:ad:dc:41:b0:6f:c6:7e:c1:b3:e5:9b: 16:24:95:4f:47:e5:18:06:d4:ee:24:07:aa:56:1f:a9:dc:c7: d0:8b:4a:86:20:a7:31:f6:0b:85:1a:62:97:ed:c8:2e:df:c7: 7b:8a:60:81:63:3c:19:eb:08:a9:79:10:11:5a:35:5a:6d:6d: 96:50:78:61:9b:0c:3e:48:d0:01:fc:5e:59:df:84:d5:54:5e: ae:fe:e0:09:a8:9f:c1:fa:68:9f:12:08:d8:69:61:94:bb:76: bf:19:82:55:24:a7:7c:e6:46:ad:4e:a4:e0:2a:3b:b0:12:da: 73:4c:fe:c4:ff:41:d4:12:69:d6:da:1f:00:a2:3c:d4:70:f8: 15:9e:cd:36:0a:4e:bf:a7:90:09:98:f7:69:e3:e4:1a:ce:ef: 56:dd:c3:ff:28:df:5d:1f:d7:b1:f2:53:56:e1:80:69:6b:05: 87:01:dd:fb -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt7o4u1z6F1QpgZmZVIC82+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY1NDUwYzYzNzY2NTVlZWMxZGQyZGE0YmQyMWQ1ZjEwNGE5 NmQ5MDQwHhcNMjYwMTAxMjIxNzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMzY3Nzc1ZjFiNGY1N2M1Mzg0NDZjMWQ5NzYyODZjYTg0YjdiNmUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdNT444XA84YghIyDMMcY6rbTfcy 5APXD/Fn3kyFcmNnxFPZqRuv0H5mVjx4ztXc1VDXi5+Wfxuj9jvqJ0mdDuMqTSSs EPnTP/h7hIlaCY03UkpXcSe75UPZfVqv5XjaHSDWOV/sTmLCObIeDlRUz35vgBBl Ct6kkYfu5LL+CHVn639td/VWnJssxqzaOmLvMlTJhj/v2y0NmHT7B3epDNr6jcNF QYFvNi9cJgO35jZasM/pAT+RDs0cidTmKElyi8LUXnOYLc+s6NCqYWlR27D0ezi3 cuV3GqvkWevPSqcN82MYoxQ2+nqLgji0HFA4ZKa671z1EAPsoIoaqDqV6QIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFDNnd18bT1fFOERsHZdihsqEt7bhMB8GA1UdIwQY MBaAFPVFDGN2ZV7sHdLaS9IdXxBKltkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOVVVTVkzWmxYdXdkMHRwTDBoMWZFRXFXMlFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9iMTIyYjAtZDQ2MS00MDlkLWJiZDgt NmQxZjYwNTQzZTljLzEvTTJkM1h4dFBWOFU0Ukd3ZGwyS0d5b1MzdHVFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MS9iMTIyYjAtZDQ2MS00MDlkLWJiZDgtNmQxZjYwNTQzZTlj LzEvOVVVTVkzWmxYdXdkMHRwTDBoMWZFRXFXMlFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAp6AUAwQA uVgLMA0EAgACMAcDBQMqBh7AMA0GCSqGSIb3DQEBCwUAA4IBAQBhvMHG1by9P2HZ Y1uvY+zKx4MEfJqZCDF4AwPqPL8f10CnYhYxbOIm6I5/7SV833hroM3YnYWTws36 PBVmY6AQ6O7BsrQ/iMt8u2o03BKjrdxBsG/GfsGz5ZsWJJVPR+UYBtTuJAeqVh+p 3MfQi0qGIKcx9guFGmKX7cgu38d7imCBYzwZ6wipeRARWjVabW2WUHhhmww+SNAB /F5Z34TVVF6u/uAJqJ/B+mifEgjYaWGUu3a/GYJVJKd85katTqTgKjuwEtpzTP7E /0HUEmnW2h8AojzUcPgVns02Ck6/p5AJmPdp4+Qazu9W3cP/KN9dH9ex8lNW4YBp awWHAd37 -----END CERTIFICATE-----Generated at Mon Jan 26 01:40:00 2026 by rpki-client