This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/MDJT-FAiPn_9DLYknk3j3rwfX9Y.roa File: MDJT-FAiPn_9DLYknk3j3rwfX9Y.roa (raw, json) Hash identifier: t+GUu3cNGl4VMAwSsB6UVCGA1fy1PDPTWxWQhD0/oiI= Subject key identifier: 30:32:53:F8:50:22:3E:7F:FD:0C:B6:24:9E:4D:E3:DE:BC:1F:5F:D6 Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c Certificate serial: 019B7E38DF2BFCFD1711C04925B57F04FDBC Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/MDJT-FAiPn_9DLYknk3j3rwfX9Y.roa Signing time: Fri 02 Jan 2026 10:20:14 +0000 ROA not before: Fri 02 Jan 2026 10:20:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 397234 IP address blocks: 37.209.192.0/24 maxlen: 24 37.209.194.0/24 maxlen: 24 37.209.196.0/24 maxlen: 24 37.209.198.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:df:2b:fc:fd:17:11:c0:49:25:b5:7f:04:fd:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c Validity Not Before: Jan 2 10:20:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=303253f850223e7ffd0cb6249e4de3debc1f5fd6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:89:7a:a6:28:0c:57:1d:44:f8:d6:1f:d8:a0: ce:13:55:d8:c4:e1:07:60:d8:25:05:e0:f0:92:e5: 6b:e6:b2:23:2d:48:9e:11:67:2a:80:a1:5e:17:b9: c5:07:d0:40:37:71:e7:a2:7c:92:e3:70:bd:55:22: 49:76:79:be:21:87:cb:97:dc:85:66:77:df:c0:2e: 0f:41:ac:86:3c:e1:a3:bc:be:5e:27:6f:74:1e:a3: ce:d0:e7:1f:8f:f8:fd:c9:b0:a3:b3:27:ff:9b:41: 47:64:7d:02:20:0a:a2:1f:2a:30:e9:43:16:05:74: cd:5b:84:cb:89:38:46:6e:26:2b:ae:b8:72:b3:41: 93:37:48:57:bf:7e:3c:e9:a4:7f:16:18:a8:8e:c3: b6:44:c6:9a:fc:1c:bc:fe:b3:3a:a8:3e:ac:fd:38: 2d:4b:e7:d9:93:b3:2a:ec:c2:85:0f:64:74:39:07: 96:56:9e:2d:04:74:17:3b:d7:27:67:73:aa:7d:bb: 1a:ed:67:4d:52:06:0f:e6:55:64:84:19:7e:f6:c8: a0:19:f0:51:25:b7:68:45:1f:0a:e8:56:0a:b5:53: f1:42:21:08:57:40:50:3f:f9:b4:fe:54:32:80:81: a0:68:8d:62:3f:1a:04:4b:48:02:67:e7:1e:59:7c: b7:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:32:53:F8:50:22:3E:7F:FD:0C:B6:24:9E:4D:E3:DE:BC:1F:5F:D6 X509v3 Authority Key Identifier: keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/MDJT-FAiPn_9DLYknk3j3rwfX9Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.209.192.0/24 37.209.194.0/24 37.209.196.0/24 37.209.198.0/24 Signature Algorithm: sha256WithRSAEncryption 3b:53:82:94:1d:0d:ff:9c:a0:4d:60:ab:56:6f:5c:10:ba:24: 76:5b:e6:f6:35:0e:41:57:c4:95:49:3e:e5:f0:5d:51:1a:c6: 65:13:b7:93:ff:0a:72:3e:53:4c:f8:50:e6:67:89:b2:b0:50: 01:8d:88:84:e9:7f:6d:c5:f8:4b:ba:60:5f:11:a4:0f:88:ba: a7:2c:76:f3:69:72:cc:77:b1:e2:38:34:12:e4:c8:be:f3:bb: 73:8f:d8:19:d0:14:be:3b:03:8e:57:2d:69:57:5f:d8:6c:5a: 0f:d5:9d:dc:61:42:fa:84:42:c8:d4:df:c4:49:29:10:47:e0: 88:6f:a3:9e:ca:92:81:c0:8b:be:58:60:e0:09:89:9a:02:99: ef:79:a1:9a:d1:46:19:94:2f:fe:e7:d9:ea:0e:c2:20:87:5e: a7:38:84:b5:a6:48:6b:64:c1:8b:1a:68:b6:5e:00:e5:60:a5: c3:81:74:92:51:09:85:89:df:a2:75:2a:7e:47:4d:75:fc:61: 3c:59:2d:b0:6d:4d:8a:77:19:54:cd:74:09:e2:21:28:4f:e4: a4:3e:e7:d9:4b:9e:4c:64:ee:97:a4:37:60:2f:69:18:1b:16: 09:4c:32:4c:45:0a:7a:20:86:cf:fe:17:13:68:62:42:2d:f0: ae:cf:57:61 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt+ON8r/P0XEcBJJbV/BP28MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj OGJmMmMwHhcNMjYwMTAyMTAyMDE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMDMyNTNmODUwMjIzZTdmZmQwY2I2MjQ5ZTRkZTNkZWJjMWY1ZmQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ol6pigMVx1E+NYf2KDOE1XYxOEH YNglBeDwkuVr5rIjLUieEWcqgKFeF7nFB9BAN3HnonyS43C9VSJJdnm+IYfLl9yF ZnffwC4PQayGPOGjvL5eJ290HqPO0Ocfj/j9ybCjsyf/m0FHZH0CIAqiHyow6UMW BXTNW4TLiThGbiYrrrhys0GTN0hXv3486aR/FhiojsO2RMaa/By8/rM6qD6s/Tgt S+fZk7Mq7MKFD2R0OQeWVp4tBHQXO9cnZ3Oqfbsa7WdNUgYP5lVkhBl+9sigGfBR JbdoRR8K6FYKtVPxQiEIV0BQP/m0/lQygIGgaI1iPxoES0gCZ+ceWXy3LwIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFDAyU/hQIj5//Qy2JJ5N4968H1/WMB8GA1UdIwQY MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt NDE2Zjg1ZWUyMzdiLzEvTURKVC1GQWlQbl85RExZa25rM2ozcndmWDlZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQA7U4KUHQ3/nKBNYKtW b1wQuiR2W+b2NQ5BV8SVST7l8F1RGsZlE7eT/wpyPlNM+FDmZ4mysFABjYiE6X9t xfhLumBfEaQPiLqnLHbzaXLMd7HiODQS5Mi+87tzj9gZ0BS+OwOOVy1pV1/YbFoP 1Z3cYUL6hELI1N/ESSkQR+CIb6OeypKBwIu+WGDgCYmaApnveaGa0UYZlC/+59nq DsIgh16nOIS1pkhrZMGLGmi2XgDlYKXDgXSSUQmFid+idSp+R011/GE8WS2wbU2K dxlUzXQJ4iEoT+SkPufZS55MZO6XpDdgL2kYGxYJTDJMRQp6IIbP/hcTaGJCLfCu z1dh -----END CERTIFICATE-----Generated at Sun Jan 25 13:32:50 2026 by rpki-client