This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/Mdk2rGO_DVEGin1GNTSly2AoZK4.roa File: Mdk2rGO_DVEGin1GNTSly2AoZK4.roa (raw, json) Hash identifier: iLFOQXgOcjprFdT2TgsrTO7NFGOS4V7YveXSXGEQwjc= Subject key identifier: 31:D9:36:AC:63:BF:0D:51:06:8A:7D:46:35:34:A5:CB:60:28:64:AE Certificate issuer: /CN=2f3136ed10998580a517d9598abca33d9ba66599 Certificate serial: 019B7E38F961318B8B9812B41CB18A214B76 Authority key identifier: 2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/Mdk2rGO_DVEGin1GNTSly2AoZK4.roa Signing time: Fri 02 Jan 2026 10:20:21 +0000 ROA not before: Fri 02 Jan 2026 10:20:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14340 IP address blocks: 85.222.128.0/19 maxlen: 24 151.106.128.0/20 maxlen: 24 151.106.144.0/20 maxlen: 24 151.106.216.0/22 maxlen: 24 151.106.220.0/22 maxlen: 24 159.92.0.0/16 maxlen: 24 160.8.0.0/16 maxlen: 24 161.71.0.0/17 maxlen: 24 161.71.128.0/17 maxlen: 24 163.76.128.0/17 maxlen: 24 163.79.128.0/17 maxlen: 24 185.79.140.0/22 maxlen: 24 194.145.0.0/20 maxlen: 24 194.145.16.0/21 maxlen: 24 2a03:5d60::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.crl rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.mft rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:f9:61:31:8b:8b:98:12:b4:1c:b1:8a:21:4b:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2f3136ed10998580a517d9598abca33d9ba66599 Validity Not Before: Jan 2 10:20:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=31d936ac63bf0d51068a7d463534a5cb602864ae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:5e:37:42:97:25:8f:c2:a7:d4:c2:40:71:b8: 36:5e:b6:55:5f:61:35:dc:ac:77:9c:28:2b:a2:62: 34:19:97:c9:c2:11:8b:14:71:a2:85:a4:37:99:b6: da:13:b2:f4:04:ef:67:32:65:b3:59:06:ab:cf:d6: 34:bf:63:d5:e2:66:8f:37:0f:e4:b1:01:d1:ac:5a: f7:cb:20:36:68:7a:eb:ba:0f:b2:e9:51:49:fa:07: 67:72:24:a7:20:11:f7:6d:2f:71:85:07:d6:ae:64: 45:7b:84:34:5d:b6:59:3e:1d:8f:02:2f:91:12:06: 77:a0:10:5b:d7:a4:9f:0f:cb:d5:19:4a:35:a8:18: 4f:aa:6c:3e:22:ba:b2:6e:ae:45:b7:61:2a:16:c5: d0:45:ad:76:f3:68:49:b4:a4:03:99:c7:e1:2d:1c: c7:35:79:2c:11:5d:e4:0c:8d:d4:d2:d5:39:0f:ce: e4:2e:41:ea:db:d4:c7:ca:18:81:cc:66:4c:f8:ca: 00:6d:85:67:52:29:d7:ef:31:97:9c:d7:fb:b8:b2: a6:7b:98:ab:03:88:b6:56:05:63:35:7c:9a:75:1a: 6d:42:25:7c:1c:ec:b7:0c:d2:e5:7d:7f:be:2e:96: fa:c9:36:76:98:fb:f6:ae:1c:6b:85:a2:dd:b5:09: a9:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:D9:36:AC:63:BF:0D:51:06:8A:7D:46:35:34:A5:CB:60:28:64:AE X509v3 Authority Key Identifier: keyid:2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/Mdk2rGO_DVEGin1GNTSly2AoZK4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.222.128.0/19 151.106.128.0/19 151.106.216.0/21 159.92.0.0/16 160.8.0.0/16 161.71.0.0/16 163.76.128.0/17 163.79.128.0/17 185.79.140.0/22 194.145.0.0-194.145.23.255 IPv6: 2a03:5d60::/32 Signature Algorithm: sha256WithRSAEncryption 70:8f:b1:da:a2:d8:f0:54:2f:27:43:98:c1:b2:3d:96:a7:02: 55:de:89:13:fc:91:30:11:83:6f:8d:a4:69:58:cb:cd:48:e0: 10:4f:5a:4b:25:b3:40:af:ae:b0:64:3f:79:69:82:d6:f1:83: 23:85:ae:6a:50:28:d5:60:05:45:50:eb:3a:0d:21:bb:08:23: 82:92:04:dd:9b:bd:e9:91:40:97:8e:f6:75:83:64:c8:8d:3a: 41:47:9e:f2:e9:09:cc:5f:2e:86:d5:66:7f:0a:4b:fa:97:43: d2:41:22:d9:f2:b2:3c:4b:03:21:aa:c7:70:f4:18:dd:38:22: ab:09:29:71:b1:68:60:c0:61:49:dc:87:ef:d3:58:b2:5c:0c: d7:ab:8e:34:94:3d:ad:ae:cd:3c:01:b2:a7:0c:d5:3b:00:38: 09:b3:20:2e:8e:d2:07:bc:c2:13:88:9b:2c:03:d7:e2:c3:6c: 56:47:5f:07:45:ba:b3:c5:35:fd:f7:fe:c4:85:44:3d:28:72: bc:21:2f:ac:aa:76:24:33:bd:5e:e4:a2:b7:97:41:95:2f:31: 60:50:99:f3:3e:e9:e4:7f:86:f1:60:ca:b7:93:fd:c1:71:35: 48:82:57:d5:d8:05:45:e2:66:fe:10:b9:09:1d:f2:79:49:57: 1c:3d:d2:43 -----BEGIN CERTIFICATE----- MIIFRjCCBC6gAwIBAgISAZt+OPlhMYuLmBK0HLGKIUt2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJmMzEzNmVkMTA5OTg1ODBhNTE3ZDk1OThhYmNhMzNkOWJh NjY1OTkwHhcNMjYwMTAyMTAyMDIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMWQ5MzZhYzYzYmYwZDUxMDY4YTdkNDYzNTM0YTVjYjYwMjg2NGFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlV43Qpclj8Kn1MJAcbg2XrZVX2E1 3Kx3nCgromI0GZfJwhGLFHGihaQ3mbbaE7L0BO9nMmWzWQarz9Y0v2PV4maPNw/k sQHRrFr3yyA2aHrrug+y6VFJ+gdnciSnIBH3bS9xhQfWrmRFe4Q0XbZZPh2PAi+R EgZ3oBBb16SfD8vVGUo1qBhPqmw+Irqybq5Ft2EqFsXQRa1282hJtKQDmcfhLRzH NXksEV3kDI3U0tU5D87kLkHq29THyhiBzGZM+MoAbYVnUinX7zGXnNf7uLKme5ir A4i2VgVjNXyadRptQiV8HOy3DNLlfX++Lpb6yTZ2mPv2rhxrhaLdtQmpDwIDAQAB o4ICUjCCAk4wHQYDVR0OBBYEFDHZNqxjvw1RBop9RjU0pctgKGSuMB8GA1UdIwQY MBaAFC8xNu0QmYWApRfZWYq8oz2bpmWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTHpFMjdSQ1poWUNsRjlsWmlyeWpQWnVtWlprLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mOTBkODMtMDJiZS00ZTVmLWJkMGYt OTI5ZjEwNjYzMGYxLzEvTWRrMnJHT19EVkVHaW4xR05UU2x5MkFvWks0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82ZC9mOTBkODMtMDJiZS00ZTVmLWJkMGYtOTI5ZjEwNjYzMGYx LzEvTHpFMjdSQ1poWUNsRjlsWmlyeWpQWnVtWlprLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBGBAIAATBAAwQFVd6AAwQF l2qAAwQDl2rYAwMAn1wDAwCgCAMDAKFHAwQHo0yAAwQHo0+AAwQCuU+MMAsDAwDC kQMEA8KREDANBAIAAjAHAwUAKgNdYDANBgkqhkiG9w0BAQsFAAOCAQEAcI+x2qLY 8FQvJ0OYwbI9lqcCVd6JE/yRMBGDb42kaVjLzUjgEE9aSyWzQK+usGQ/eWmC1vGD I4WualAo1WAFRVDrOg0huwgjgpIE3Zu96ZFAl472dYNkyI06QUee8ukJzF8uhtVm fwpL+pdD0kEi2fKyPEsDIarHcPQY3TgiqwkpcbFoYMBhSdyH79NYslwM16uONJQ9 ra7NPAGypwzVOwA4CbMgLo7SB7zCE4ibLAPX4sNsVkdfB0W6s8U1/ff+xIVEPShy vCEvrKp2JDO9XuSit5dBlS8xYFCZ8z7p5H+G8WDKt5P9wXE1SIJX1dgFReJm/hC5 CR3yeUlXHD3SQw== -----END CERTIFICATE-----Generated at Sun Jan 25 13:31:14 2026 by rpki-client