This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/MZj_YrNpHHNyxm4tBIi3oXc2Vqc.roa File: MZj_YrNpHHNyxm4tBIi3oXc2Vqc.roa (raw, json) Hash identifier: J42B6M8uvbvqBHYzoglUfGMoE5jRgrE3TAObhro1N94= Subject key identifier: 31:98:FF:62:B3:69:1C:73:72:C6:6E:2D:04:88:B7:A1:77:36:56:A7 Certificate issuer: /CN=b7733e9de9485b44671c8e511da221e4153c711b Certificate serial: 019B7F821CC03F6340D523569BCCBCA4D6D6 Authority key identifier: B7:73:3E:9D:E9:48:5B:44:67:1C:8E:51:1D:A2:21:E4:15:3C:71:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t3M-nelIW0RnHI5RHaIh5BU8cRs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/MZj_YrNpHHNyxm4tBIi3oXc2Vqc.roa Signing time: Fri 02 Jan 2026 16:19:52 +0000 ROA not before: Fri 02 Jan 2026 16:19:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209828 IP address blocks: 91.241.48.0/24 maxlen: 32 91.241.49.0/24 maxlen: 32 91.241.50.0/24 maxlen: 32 91.241.51.0/24 maxlen: 32 194.5.236.0/24 maxlen: 32 194.5.237.0/24 maxlen: 32 2a00:7544::/32 maxlen: 32 2a00:7545::/32 maxlen: 32 2a0c:8dc0::/32 maxlen: 32 2a0c:8dc1::/32 maxlen: 32 2a0c:8dc2::/32 maxlen: 32 2a0c:8dc3::/32 maxlen: 32 2a0c:8dc4::/32 maxlen: 32 2a0c:8dc5::/32 maxlen: 32 2a0c:8dc6::/32 maxlen: 32 2a0c:8dc7::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/t3M-nelIW0RnHI5RHaIh5BU8cRs.crl rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/t3M-nelIW0RnHI5RHaIh5BU8cRs.mft rsync://rpki.ripe.net/repository/DEFAULT/t3M-nelIW0RnHI5RHaIh5BU8cRs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:82:1c:c0:3f:63:40:d5:23:56:9b:cc:bc:a4:d6:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b7733e9de9485b44671c8e511da221e4153c711b Validity Not Before: Jan 2 16:19:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3198ff62b3691c7372c66e2d0488b7a1773656a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:a9:4c:34:15:e6:0b:28:fc:b4:af:6c:27:7f: 50:76:2a:cf:1b:5e:95:57:c6:79:15:02:4b:95:c2: 74:a0:98:59:af:b3:f0:36:3d:0c:32:f6:87:af:23: 5a:1c:bd:90:c6:fe:c6:e3:13:ca:c4:99:08:ae:17: 01:e1:78:6c:8a:55:f1:4a:a6:6e:ae:53:e6:b3:85: 10:c8:22:26:d3:b6:22:6e:cb:7b:8c:c4:78:86:c7: e3:52:83:34:b6:53:a8:c2:39:b5:46:09:9f:89:f7: 8a:a3:1a:d1:05:c1:f3:c2:ed:7b:65:52:8b:c9:42: 4a:fd:98:bd:5d:8d:69:e0:16:bd:36:6f:f0:07:68: 95:bd:65:18:bf:96:3c:c1:3f:58:a0:0c:cf:24:80: 2c:3a:3b:5b:02:cd:8b:c9:5b:0b:d0:e8:84:f6:bc: 64:a2:41:e4:6e:fa:73:f1:5b:8f:36:35:e5:9a:25: f5:cc:bc:cc:15:e2:c4:5d:05:98:07:f7:1d:2a:3a: 2d:58:96:c5:8b:e0:3a:00:a7:b5:4d:36:7d:d4:8d: 86:bf:ac:75:3a:12:9b:8f:df:b5:7e:fb:7f:c9:be: e8:58:04:47:cf:5e:8e:ae:1f:6a:8d:86:ef:ad:33: d3:f5:6b:98:7a:3e:fc:19:f3:b1:99:be:1f:c6:fa: 52:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:98:FF:62:B3:69:1C:73:72:C6:6E:2D:04:88:B7:A1:77:36:56:A7 X509v3 Authority Key Identifier: keyid:B7:73:3E:9D:E9:48:5B:44:67:1C:8E:51:1D:A2:21:E4:15:3C:71:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t3M-nelIW0RnHI5RHaIh5BU8cRs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/MZj_YrNpHHNyxm4tBIi3oXc2Vqc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/t3M-nelIW0RnHI5RHaIh5BU8cRs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.241.48.0/22 194.5.236.0/23 IPv6: 2a00:7544::/31 2a0c:8dc0::/29 Signature Algorithm: sha256WithRSAEncryption 6c:5c:d7:ae:de:8a:8a:02:23:f4:1b:4d:99:32:1b:62:e7:ef: 5a:15:54:35:26:87:5b:b7:7d:4e:62:5b:f9:f3:b9:08:06:a1: 7c:6c:a4:24:e3:26:85:87:0d:76:b0:e8:8f:37:9b:db:b8:04: 36:93:0b:94:0e:22:88:29:bc:a9:08:b5:f7:59:a8:ce:a8:c9: 82:f0:cd:c0:60:76:38:9d:d1:c7:c5:35:b1:d5:33:6c:1f:4e: 96:bb:fb:fd:d8:eb:74:6a:3e:72:85:f8:e4:f7:b4:8d:3c:f9: 35:15:7b:32:27:29:df:3f:01:84:c2:6c:70:97:cc:0e:7e:2d: 3f:3b:32:cc:2b:b1:d9:30:80:7c:10:74:74:de:b4:92:a7:fb: 94:72:de:84:cf:7f:41:bf:bc:d1:dd:15:57:62:34:3d:6c:db: a3:1a:df:33:e1:8d:cc:cf:cf:5e:3a:e9:6a:0f:0e:6c:c1:c7: 3d:3e:93:ec:b1:41:11:0a:76:8a:7d:78:d1:41:e7:4c:09:27: 64:fd:8d:56:47:63:88:d7:a0:72:a2:84:96:0d:88:cb:43:f1: b5:87:24:84:ec:fc:e5:78:26:c3:59:7b:48:b2:e3:96:68:4f: a9:ac:8c:46:1f:56:3d:3c:27:d4:74:df:3b:77:1b:9d:f4:85: 23:9b:24:99 -----BEGIN CERTIFICATE----- MIIFGTCCBAGgAwIBAgISAZt/ghzAP2NA1SNWm8y8pNbWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI3NzMzZTlkZTk0ODViNDQ2NzFjOGU1MTFkYTIyMWU0MTUz YzcxMWIwHhcNMjYwMTAyMTYxOTUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMTk4ZmY2MmIzNjkxYzczNzJjNjZlMmQwNDg4YjdhMTc3MzY1NmE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6lMNBXmCyj8tK9sJ39QdirPG16V V8Z5FQJLlcJ0oJhZr7PwNj0MMvaHryNaHL2Qxv7G4xPKxJkIrhcB4XhsilXxSqZu rlPms4UQyCIm07Yibst7jMR4hsfjUoM0tlOowjm1RgmfifeKoxrRBcHzwu17ZVKL yUJK/Zi9XY1p4Ba9Nm/wB2iVvWUYv5Y8wT9YoAzPJIAsOjtbAs2LyVsL0OiE9rxk okHkbvpz8VuPNjXlmiX1zLzMFeLEXQWYB/cdKjotWJbFi+A6AKe1TTZ91I2Gv6x1 OhKbj9+1fvt/yb7oWARHz16Orh9qjYbvrTPT9WuYej78GfOxmb4fxvpSpQIDAQAB o4ICJTCCAiEwHQYDVR0OBBYEFDGY/2KzaRxzcsZuLQSIt6F3NlanMB8GA1UdIwQY MBaAFLdzPp3pSFtEZxyOUR2iIeQVPHEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdDNNLW5lbElXMFJuSEk1UkhhSWg1QlU4Y1JzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8xN2U0NTAtODgxOC00YTI3LTlmMzUt NTE4Y2QxNDcxM2ViLzEvTVpqX1lyTnBISE55eG00dEJJaTNvWGMyVnFjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MS8xN2U0NTAtODgxOC00YTI3LTlmMzUtNTE4Y2QxNDcxM2Vi LzEvdDNNLW5lbElXMFJuSEk1UkhhSWg1QlU4Y1JzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCW/EwAwQB wgXsMBQEAgACMA4DBQEqAHVEAwUDKgyNwDANBgkqhkiG9w0BAQsFAAOCAQEAbFzX rt6KigIj9BtNmTIbYufvWhVUNSaHW7d9TmJb+fO5CAahfGykJOMmhYcNdrDojzeb 27gENpMLlA4iiCm8qQi191mozqjJgvDNwGB2OJ3Rx8U1sdUzbB9Olrv7/djrdGo+ coX45Pe0jTz5NRV7Micp3z8BhMJscJfMDn4tPzsyzCux2TCAfBB0dN60kqf7lHLe hM9/Qb+80d0VV2I0PWzboxrfM+GNzM/PXjrpag8ObMHHPT6T7LFBEQp2in140UHn TAknZP2NVkdjiNegcqKElg2Iy0PxtYckhOz85Xgmw1l7SLLjlmhPqayMRh9WPTwn 1HTfO3cbnfSFI5skmQ== -----END CERTIFICATE-----Generated at Mon Jan 26 00:16:30 2026 by rpki-client