This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/1d2788-da40-431a-97d0-fbd46d9ca372/1/Mw_jlWOX47w8ZEpuvWB3HZ4VYvQ.roa File: Mw_jlWOX47w8ZEpuvWB3HZ4VYvQ.roa (raw, json) Hash identifier: sfhBIh2mCq2mgYz96ptYyTEOfSgYQ6EGFDmjhxXGLyI= Subject key identifier: 33:0F:E3:95:63:97:E3:BC:3C:64:4A:6E:BD:60:77:1D:9E:15:62:F4 Certificate issuer: /CN=4dbe31b6bedc51f2aa2ec0a6453f2e435e808fb5 Certificate serial: 019B7B364AAADC5DE4EBB43AF4A1B5AB708A Authority key identifier: 4D:BE:31:B6:BE:DC:51:F2:AA:2E:C0:A6:45:3F:2E:43:5E:80:8F:B5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tb4xtr7cUfKqLsCmRT8uQ16Aj7U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/1d2788-da40-431a-97d0-fbd46d9ca372/1/Mw_jlWOX47w8ZEpuvWB3HZ4VYvQ.roa Signing time: Thu 01 Jan 2026 20:18:34 +0000 ROA not before: Thu 01 Jan 2026 20:18:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3303 IP address blocks: 193.8.128.0/23 maxlen: 24 193.134.32.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/1d2788-da40-431a-97d0-fbd46d9ca372/1/Tb4xtr7cUfKqLsCmRT8uQ16Aj7U.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/1d2788-da40-431a-97d0-fbd46d9ca372/1/Tb4xtr7cUfKqLsCmRT8uQ16Aj7U.mft rsync://rpki.ripe.net/repository/DEFAULT/Tb4xtr7cUfKqLsCmRT8uQ16Aj7U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:4a:aa:dc:5d:e4:eb:b4:3a:f4:a1:b5:ab:70:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4dbe31b6bedc51f2aa2ec0a6453f2e435e808fb5 Validity Not Before: Jan 1 20:18:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=330fe3956397e3bc3c644a6ebd60771d9e1562f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:86:17:32:06:cf:20:f3:64:2f:be:0e:43:58: d7:8d:01:66:85:5f:3d:85:52:15:41:75:e0:59:37: d8:c9:1d:77:c8:4a:a6:03:8c:49:22:90:32:8e:7d: 49:4f:eb:47:57:6d:94:39:34:68:41:fc:3a:5b:7f: f1:a3:57:b0:e7:93:f4:49:25:f6:d5:a6:36:21:15: 3a:28:c3:6f:cc:b0:c2:7f:72:9b:37:d9:dc:2b:cc: bd:e0:81:10:ae:85:44:78:90:07:be:f1:bc:17:e5: f9:a8:84:9d:ed:af:b7:27:00:f3:14:bd:45:7c:52: 01:74:75:e6:d8:0d:3a:b2:6a:40:e9:37:c5:d8:57: 7c:9b:47:78:fc:b2:c7:62:bc:4b:73:f0:8e:b8:10: 03:87:97:d9:fd:9f:30:b2:5c:f3:10:7b:29:d3:6f: 4b:7c:4a:55:02:8e:ba:3c:ea:8c:54:3e:c6:c2:d1: de:60:e9:19:ea:13:b2:d5:de:a0:81:b0:92:73:b9: b8:a8:69:a1:9c:82:04:c5:bc:0d:e5:80:de:4f:3e: 13:cb:e6:6a:4d:53:64:f6:66:41:6c:53:a2:c8:4e: 3e:3e:7a:2b:99:35:02:19:f7:95:81:31:ad:1c:2a: 32:17:44:54:1b:f6:c3:f3:31:ae:d3:92:e0:1a:17: 3f:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:0F:E3:95:63:97:E3:BC:3C:64:4A:6E:BD:60:77:1D:9E:15:62:F4 X509v3 Authority Key Identifier: keyid:4D:BE:31:B6:BE:DC:51:F2:AA:2E:C0:A6:45:3F:2E:43:5E:80:8F:B5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tb4xtr7cUfKqLsCmRT8uQ16Aj7U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/1d2788-da40-431a-97d0-fbd46d9ca372/1/Mw_jlWOX47w8ZEpuvWB3HZ4VYvQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/1d2788-da40-431a-97d0-fbd46d9ca372/1/Tb4xtr7cUfKqLsCmRT8uQ16Aj7U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.8.128.0/23 193.134.32.0/22 Signature Algorithm: sha256WithRSAEncryption 31:7a:75:59:dd:63:3e:c3:86:2a:cf:9b:3d:73:56:51:0a:84: 3b:ca:52:b4:6f:0f:0a:2e:de:bf:34:44:a9:22:c5:dc:8a:43: f5:4c:1b:2f:d5:d5:29:b5:d4:7c:01:c9:7f:6a:9f:45:14:ce: 34:2c:28:93:0d:87:7f:c5:9f:78:8b:09:d2:b2:16:00:16:c4: 1f:75:18:d9:24:54:c5:e6:e5:f9:16:b2:f0:e9:56:8c:61:c2: 7e:66:26:71:98:09:43:06:6b:0a:99:cd:f5:21:50:0c:40:55: 63:d5:c3:8e:f1:1f:98:a7:8e:70:bf:8a:f3:6f:e2:2e:a8:01: a9:75:80:e3:cb:db:b4:41:2d:07:3e:02:d5:31:b0:31:f2:84: 06:5d:53:fa:83:13:c8:8e:d1:b5:bd:04:e6:3c:26:bb:a3:58: 7a:86:33:b4:f5:b1:bd:33:63:54:c3:4d:ed:ba:97:0c:00:ec: 08:15:ac:e3:4e:f8:f9:fb:16:5e:60:14:62:27:50:5a:d2:28: 98:36:5c:e7:1e:cf:95:d6:31:df:d4:d6:7a:76:eb:3f:76:58: e7:c4:5e:02:10:a5:e3:45:4d:45:9a:e3:6f:34:13:93:cf:62: 3b:e6:b6:60:f0:4f:63:e3:af:c0:5c:49:bf:dc:7a:0c:01:f5: 0f:b9:38:47 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt7Nkqq3F3k67Q69KG1q3CKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRkYmUzMWI2YmVkYzUxZjJhYTJlYzBhNjQ1M2YyZTQzNWU4 MDhmYjUwHhcNMjYwMTAxMjAxODM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMzBmZTM5NTYzOTdlM2JjM2M2NDRhNmViZDYwNzcxZDllMTU2MmY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4YXMgbPIPNkL74OQ1jXjQFmhV89 hVIVQXXgWTfYyR13yEqmA4xJIpAyjn1JT+tHV22UOTRoQfw6W3/xo1ew55P0SSX2 1aY2IRU6KMNvzLDCf3KbN9ncK8y94IEQroVEeJAHvvG8F+X5qISd7a+3JwDzFL1F fFIBdHXm2A06smpA6TfF2Fd8m0d4/LLHYrxLc/COuBADh5fZ/Z8wslzzEHsp029L fEpVAo66POqMVD7GwtHeYOkZ6hOy1d6ggbCSc7m4qGmhnIIExbwN5YDeTz4Ty+Zq TVNk9mZBbFOiyE4+PnormTUCGfeVgTGtHCoyF0RUG/bD8zGu05LgGhc/EwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFDMP45Vjl+O8PGRKbr1gdx2eFWL0MB8GA1UdIwQY MBaAFE2+Mba+3FHyqi7ApkU/LkNegI+1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVGI0eHRyN2NVZktxTHNDbVJUOHVRMTZBajdVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8xZDI3ODgtZGE0MC00MzFhLTk3ZDAt ZmJkNDZkOWNhMzcyLzEvTXdfamxXT1g0N3c4WkVwdXZXQjNIWjRWWXZRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS8xZDI3ODgtZGE0MC00MzFhLTk3ZDAtZmJkNDZkOWNhMzcy LzEvVGI0eHRyN2NVZktxTHNDbVJUOHVRMTZBajdVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwQiAAwQC wYYgMA0GCSqGSIb3DQEBCwUAA4IBAQAxenVZ3WM+w4Yqz5s9c1ZRCoQ7ylK0bw8K Lt6/NESpIsXcikP1TBsv1dUptdR8Acl/ap9FFM40LCiTDYd/xZ94iwnSshYAFsQf dRjZJFTF5uX5FrLw6VaMYcJ+ZiZxmAlDBmsKmc31IVAMQFVj1cOO8R+Yp45wv4rz b+IuqAGpdYDjy9u0QS0HPgLVMbAx8oQGXVP6gxPIjtG1vQTmPCa7o1h6hjO09bG9 M2NUw03tupcMAOwIFazjTvj5+xZeYBRiJ1Ba0iiYNlznHs+V1jHf1NZ6dus/dljn xF4CEKXjRU1FmuNvNBOTz2I75rZg8E9j46/AXEm/3HoMAfUPuThH -----END CERTIFICATE-----Generated at Sun Jan 25 17:22:10 2026 by rpki-client