This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/d6dc9d-eb33-4ca4-aa82-4d19a8de0aba/1/MAirATMkm_jSRjxp9j7Z40-VKMs.roa File: MAirATMkm_jSRjxp9j7Z40-VKMs.roa (raw, json) Hash identifier: /u+Oro6kRKO2TwnukQ7TlHOXZWANvODIogmazhvXP0Q= Subject key identifier: 30:08:AB:01:33:24:9B:F8:D2:46:3C:69:F6:3E:D9:E3:4F:95:28:CB Certificate issuer: /CN=032b9d2de53710b3158e42f22889109e2c40f43b Certificate serial: 019BC12189005DBA24F68CD618F4231AB475 Authority key identifier: 03:2B:9D:2D:E5:37:10:B3:15:8E:42:F2:28:89:10:9E:2C:40:F4:3B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AyudLeU3ELMVjkLyKIkQnixA9Ds.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/d6dc9d-eb33-4ca4-aa82-4d19a8de0aba/1/MAirATMkm_jSRjxp9j7Z40-VKMs.roa Signing time: Thu 15 Jan 2026 10:09:19 +0000 ROA not before: Thu 15 Jan 2026 10:09:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210022 IP address blocks: 185.158.20.0/24 maxlen: 24 185.158.21.0/24 maxlen: 24 185.158.22.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/d6dc9d-eb33-4ca4-aa82-4d19a8de0aba/1/AyudLeU3ELMVjkLyKIkQnixA9Ds.crl rsync://rpki.ripe.net/repository/DEFAULT/66/d6dc9d-eb33-4ca4-aa82-4d19a8de0aba/1/AyudLeU3ELMVjkLyKIkQnixA9Ds.mft rsync://rpki.ripe.net/repository/DEFAULT/AyudLeU3ELMVjkLyKIkQnixA9Ds.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 04:01:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:c1:21:89:00:5d:ba:24:f6:8c:d6:18:f4:23:1a:b4:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=032b9d2de53710b3158e42f22889109e2c40f43b Validity Not Before: Jan 15 10:09:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3008ab0133249bf8d2463c69f63ed9e34f9528cb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:d2:9a:0e:0f:05:35:ac:91:10:65:4b:58:61: 0d:b8:2d:55:8f:8e:b9:69:cb:de:fc:20:58:53:d0: ea:44:f1:48:2f:f1:b7:94:d0:bf:75:cb:ec:00:03: 8b:39:52:b8:56:63:6c:f5:21:90:b1:23:8f:32:5f: 06:2e:fa:fb:9a:df:99:0f:1e:d6:a6:72:72:00:d6: 89:17:ab:75:68:c6:ac:c3:25:ad:b6:c9:e3:eb:67: e6:c7:bf:7e:17:3d:83:ac:7c:2e:51:d3:1b:f6:d5: c5:2d:24:2c:af:09:b0:c9:6b:65:f6:a2:b7:f7:f4: a6:da:69:75:b6:d1:1a:3c:ac:80:2a:b4:36:a8:e4: 81:39:2d:0b:7e:81:51:dc:44:d3:56:53:28:57:62: a6:f6:5e:17:81:ca:8f:ee:75:5c:ac:1b:a2:1a:0a: 06:15:dd:56:49:55:8d:4f:8d:23:36:08:0b:06:e2: c0:bf:f7:67:43:42:a0:3f:85:14:81:4c:90:ee:f2: b2:05:4f:ff:e6:fa:f9:be:ab:7d:51:d0:11:61:66: 35:a9:07:49:be:1d:ab:d5:34:00:88:c6:7a:ac:1d: 68:f0:65:2a:43:b9:bb:15:f6:95:00:cb:67:bb:5c: b6:f6:2b:19:15:4f:6c:ba:70:45:49:2c:8d:7d:8e: 8d:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:08:AB:01:33:24:9B:F8:D2:46:3C:69:F6:3E:D9:E3:4F:95:28:CB X509v3 Authority Key Identifier: keyid:03:2B:9D:2D:E5:37:10:B3:15:8E:42:F2:28:89:10:9E:2C:40:F4:3B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AyudLeU3ELMVjkLyKIkQnixA9Ds.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/d6dc9d-eb33-4ca4-aa82-4d19a8de0aba/1/MAirATMkm_jSRjxp9j7Z40-VKMs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/d6dc9d-eb33-4ca4-aa82-4d19a8de0aba/1/AyudLeU3ELMVjkLyKIkQnixA9Ds.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.158.20.0-185.158.22.255 Signature Algorithm: sha256WithRSAEncryption 4a:63:61:46:b8:86:0e:75:67:b6:0d:63:2d:5a:cd:a8:98:0d: 54:1a:04:a0:af:81:4d:0c:9c:18:7d:3b:d8:7a:4d:eb:2e:aa: 76:19:96:b3:d3:2f:5f:46:8e:74:b8:54:6d:44:24:00:03:18: 81:59:8c:b4:25:b7:6d:48:6a:b7:41:a5:04:f1:0e:99:1a:86: 1e:f2:11:bd:90:e6:ab:25:a7:a4:9b:33:69:bf:82:53:a4:da: 8d:61:7d:e9:07:79:5a:49:79:0e:ee:c8:0f:a1:6c:59:2c:71: 51:27:59:e9:68:d4:6f:b1:aa:de:83:11:0d:c9:bc:70:01:54: 7d:17:6d:02:18:7c:e7:12:49:10:46:77:8f:d7:fe:0d:f7:5e: d2:72:73:a2:86:eb:44:78:e2:22:7b:1f:bb:4a:50:6e:0c:bc: 94:7b:5a:f0:78:f2:64:30:fe:00:ee:ae:56:bf:4c:36:7b:93: aa:b4:3a:ca:e7:62:72:82:ca:a0:4c:a7:90:7f:3f:08:82:26: eb:72:37:fb:5e:85:f2:a6:19:fb:cf:dc:75:ca:d4:5d:70:14: 74:72:c5:5c:e2:a0:28:88:1f:7b:95:84:9a:52:6e:d8:31:8d: 72:45:c8:da:12:e0:c2:b6:3e:ed:46:bd:7a:44:75:f9:d2:cc: 2d:cc:ad:50 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZvBIYkAXbok9ozWGPQjGrR1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAzMmI5ZDJkZTUzNzEwYjMxNThlNDJmMjI4ODkxMDllMmM0 MGY0M2IwHhcNMjYwMTE1MTAwOTE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMDA4YWIwMTMzMjQ5YmY4ZDI0NjNjNjlmNjNlZDllMzRmOTUyOGNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7tKaDg8FNayREGVLWGENuC1Vj465 acve/CBYU9DqRPFIL/G3lNC/dcvsAAOLOVK4VmNs9SGQsSOPMl8GLvr7mt+ZDx7W pnJyANaJF6t1aMaswyWttsnj62fmx79+Fz2DrHwuUdMb9tXFLSQsrwmwyWtl9qK3 9/Sm2ml1ttEaPKyAKrQ2qOSBOS0LfoFR3ETTVlMoV2Km9l4XgcqP7nVcrBuiGgoG Fd1WSVWNT40jNggLBuLAv/dnQ0KgP4UUgUyQ7vKyBU//5vr5vqt9UdARYWY1qQdJ vh2r1TQAiMZ6rB1o8GUqQ7m7FfaVAMtnu1y29isZFU9sunBFSSyNfY6NqQIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFDAIqwEzJJv40kY8afY+2eNPlSjLMB8GA1UdIwQY MBaAFAMrnS3lNxCzFY5C8iiJEJ4sQPQ7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQXl1ZExlVTNFTE1WamtMeUtJa1FuaXhBOURzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9kNmRjOWQtZWIzMy00Y2E0LWFhODIt NGQxOWE4ZGUwYWJhLzEvTUFpckFUTWttX2pTUmp4cDlqN1o0MC1WS01zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni9kNmRjOWQtZWIzMy00Y2E0LWFhODItNGQxOWE4ZGUwYWJh LzEvQXl1ZExlVTNFTE1WamtMeUtJa1FuaXhBOURzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK5nhQD BAC5nhYwDQYJKoZIhvcNAQELBQADggEBAEpjYUa4hg51Z7YNYy1azaiYDVQaBKCv gU0MnBh9O9h6TesuqnYZlrPTL19GjnS4VG1EJAADGIFZjLQlt21IardBpQTxDpka hh7yEb2Q5qslp6SbM2m/glOk2o1hfekHeVpJeQ7uyA+hbFkscVEnWelo1G+xqt6D EQ3JvHABVH0XbQIYfOcSSRBGd4/X/g33XtJyc6KG60R44iJ7H7tKUG4MvJR7WvB4 8mQw/gDurla/TDZ7k6q0OsrnYnKCyqBMp5B/PwiCJutyN/tehfKmGfvP3HXK1F1w FHRyxVzioCiIH3uVhJpSbtgxjXJFyNoS4MK2Pu1GvXpEdfnSzC3MrVA= -----END CERTIFICATE-----Generated at Sun Jan 25 16:09:44 2026 by rpki-client