This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/mHEmY2pinSwaTCphGCHN22bgq8k.roa File: mHEmY2pinSwaTCphGCHN22bgq8k.roa (raw, json) Hash identifier: 9Vu4Z943d+sudfjz+IrLSW/qi7Go6bC6mcneD6nK7Jc= Subject key identifier: 98:71:26:63:6A:62:9D:2C:1A:4C:2A:61:18:21:CD:DB:66:E0:AB:C9 Certificate issuer: /CN=5a376c8008d6abd962341563dd2a4dccaf153cba Certificate serial: 019B7D5C62F1CD6FBABD8C3A31F2EA25D6D2 Authority key identifier: 5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/mHEmY2pinSwaTCphGCHN22bgq8k.roa Signing time: Fri 02 Jan 2026 06:19:25 +0000 ROA not before: Fri 02 Jan 2026 06:19:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206996 IP address blocks: 31.214.141.0/24 maxlen: 24 31.214.245.0/24 maxlen: 24 95.156.227.0/24 maxlen: 24 109.230.238.0/24 maxlen: 24 134.255.220.0/24 maxlen: 24 134.255.225.0/24 maxlen: 24 134.255.227.0/24 maxlen: 24 134.255.252.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/WjdsgAjWq9liNBVj3SpNzK8VPLo.crl rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/WjdsgAjWq9liNBVj3SpNzK8VPLo.mft rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:62:f1:cd:6f:ba:bd:8c:3a:31:f2:ea:25:d6:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5a376c8008d6abd962341563dd2a4dccaf153cba Validity Not Before: Jan 2 06:19:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=987126636a629d2c1a4c2a611821cddb66e0abc9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:86:2c:47:18:01:e4:36:35:aa:05:48:76:23: e7:da:0c:3f:fd:c0:4c:d7:5b:47:38:42:b6:e1:d4: ec:22:ab:f3:53:02:a3:5c:2c:a1:2d:24:50:a2:b6: 39:d1:7e:2f:e1:6e:75:4a:27:76:0a:28:d3:4e:08: f5:a8:00:ac:57:78:96:92:33:f2:ea:4d:cc:12:39: 0e:c1:1f:72:f1:bf:7e:e1:f3:1b:11:81:fd:e1:26: 79:4a:7c:d8:2b:ad:1b:08:a8:92:d5:2f:49:58:da: 4f:a1:65:0b:3d:87:50:85:09:52:4c:cc:61:72:de: 00:88:17:78:84:79:54:ce:fe:8b:a6:0a:2f:83:e8: 7b:40:91:d5:67:49:93:87:07:ee:ac:52:60:15:fe: 31:50:aa:12:44:41:23:4e:78:17:aa:68:77:c7:9a: b0:59:3d:d4:a7:14:59:7b:e7:35:c0:23:86:68:19: cb:84:be:be:be:3d:c6:c6:8a:b4:f6:7f:f4:7e:11: cb:af:ef:ef:d7:41:f9:1d:e2:12:4d:82:c9:6f:6e: 69:5f:ab:e2:6c:62:25:31:2c:71:2b:78:d7:d7:9a: 22:ad:ea:f0:1d:1f:e6:7f:79:cf:3c:60:99:81:d9: 1b:a6:75:85:ce:99:4c:c2:ba:6f:ff:7f:96:8e:fa: 38:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:71:26:63:6A:62:9D:2C:1A:4C:2A:61:18:21:CD:DB:66:E0:AB:C9 X509v3 Authority Key Identifier: keyid:5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/mHEmY2pinSwaTCphGCHN22bgq8k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/WjdsgAjWq9liNBVj3SpNzK8VPLo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.214.141.0/24 31.214.245.0/24 95.156.227.0/24 109.230.238.0/24 134.255.220.0/24 134.255.225.0/24 134.255.227.0/24 134.255.252.0/24 Signature Algorithm: sha256WithRSAEncryption 17:9a:f2:7f:4f:d9:fe:2a:90:e9:03:b9:b3:5a:5f:68:34:07: 35:2a:43:8d:16:4c:df:5d:79:e6:0e:3c:e6:1e:da:49:11:39: 00:5f:3a:93:98:ab:3b:39:cb:52:8a:cc:db:7c:f3:0c:9c:15: 24:d3:3a:d3:e2:a6:cc:3c:0e:1e:ca:ed:4b:cb:6c:ad:45:4a: fb:94:7e:09:66:7f:81:c5:b8:e9:cd:e6:ea:42:41:9f:80:88: c9:e6:25:75:6a:53:27:3c:13:bb:53:d1:05:8e:0d:45:ab:c0: 5e:f9:7c:c7:b4:77:32:ff:bd:0a:3f:d5:62:59:f7:a3:59:47: e1:d5:9a:94:b1:dd:dc:59:de:6f:20:1f:8a:36:0a:bb:0d:55: 05:62:41:8e:41:e7:c0:c0:8f:c8:98:a8:ed:c4:e8:28:f1:b5: 18:f3:2c:0d:9d:5e:3e:4b:a0:9f:66:56:89:a7:85:3e:44:71: 98:31:77:ed:59:3b:52:7e:24:f5:03:d7:c7:4a:c0:bc:33:e1: da:6c:ae:74:b3:e4:c2:e5:fa:8f:6e:a8:7e:e9:be:c3:df:d2: 13:ef:64:42:12:d5:6c:a4:7d:3c:94:0c:1f:13:68:72:0e:4c: 08:63:ba:3f:44:48:ac:76:fd:b6:40:0e:e1:6d:34:f4:ce:de: 4d:52:3a:17 -----BEGIN CERTIFICATE----- MIIFJzCCBA+gAwIBAgISAZt9XGLxzW+6vYw6MfLqJdbSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVhMzc2YzgwMDhkNmFiZDk2MjM0MTU2M2RkMmE0ZGNjYWYx NTNjYmEwHhcNMjYwMTAyMDYxOTI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ODcxMjY2MzZhNjI5ZDJjMWE0YzJhNjExODIxY2RkYjY2ZTBhYmM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4YsRxgB5DY1qgVIdiPn2gw//cBM 11tHOEK24dTsIqvzUwKjXCyhLSRQorY50X4v4W51Sid2CijTTgj1qACsV3iWkjPy 6k3MEjkOwR9y8b9+4fMbEYH94SZ5SnzYK60bCKiS1S9JWNpPoWULPYdQhQlSTMxh ct4AiBd4hHlUzv6Lpgovg+h7QJHVZ0mThwfurFJgFf4xUKoSREEjTngXqmh3x5qw WT3UpxRZe+c1wCOGaBnLhL6+vj3Gxoq09n/0fhHLr+/v10H5HeISTYLJb25pX6vi bGIlMSxxK3jX15oirerwHR/mf3nPPGCZgdkbpnWFzplMwrpv/3+Wjvo4XwIDAQAB o4ICMzCCAi8wHQYDVR0OBBYEFJhxJmNqYp0sGkwqYRghzdtm4KvJMB8GA1UdIwQY MBaAFFo3bIAI1qvZYjQVY90qTcyvFTy6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEt NjViZTU1MDMxNjVkLzEvbUhFbVkycGluU3dhVENwaEdDSE4yMmJncThrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEtNjViZTU1MDMxNjVk LzEvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAH9aNAwQA H9b1AwQAX5zjAwQAbebuAwQAhv/cAwQAhv/hAwQAhv/jAwQAhv/8MA0GCSqGSIb3 DQEBCwUAA4IBAQAXmvJ/T9n+KpDpA7mzWl9oNAc1KkONFkzfXXnmDjzmHtpJETkA XzqTmKs7OctSiszbfPMMnBUk0zrT4qbMPA4eyu1Ly2ytRUr7lH4JZn+Bxbjpzebq QkGfgIjJ5iV1alMnPBO7U9EFjg1Fq8Be+XzHtHcy/70KP9ViWfejWUfh1ZqUsd3c Wd5vIB+KNgq7DVUFYkGOQefAwI/ImKjtxOgo8bUY8ywNnV4+S6CfZlaJp4U+RHGY MXftWTtSfiT1A9fHSsC8M+HabK50s+TC5fqPbqh+6b7D39IT72RCEtVspH08lAwf E2hyDkwIY7o/REisdv22QA7hbTT0zt5NUjoX -----END CERTIFICATE-----Generated at Sun Jan 25 10:20:20 2026 by rpki-client