This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7cba62-77d0-4118-a4c5-a1076d127ec6/1/1-MrxZrcPXM7BvaVdVabElQiwAhg.roa File: 1-MrxZrcPXM7BvaVdVabElQiwAhg.roa (raw, json) Hash identifier: 5Yrq+V+8IPQZLxO9mgzwmCCXtczV+ZsgweXRxHjq37Q= Subject key identifier: F8:CA:F1:66:B7:0F:5C:CE:C1:BD:A5:5D:55:A6:C4:95:08:B0:02:18 Certificate issuer: /CN=d2c17db099bd419eba552a37704deeed3b2e303b Certificate serial: 019B7E391CDF0FD1DD5107E9029BF2D047E8 Authority key identifier: D2:C1:7D:B0:99:BD:41:9E:BA:55:2A:37:70:4D:EE:ED:3B:2E:30:3B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0sF9sJm9QZ66VSo3cE3u7TsuMDs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7cba62-77d0-4118-a4c5-a1076d127ec6/1/1-MrxZrcPXM7BvaVdVabElQiwAhg.roa Signing time: Fri 02 Jan 2026 10:20:30 +0000 ROA not before: Fri 02 Jan 2026 10:20:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202719 IP address blocks: 185.156.120.0/22 maxlen: 22 2a03:61a0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/7cba62-77d0-4118-a4c5-a1076d127ec6/1/0sF9sJm9QZ66VSo3cE3u7TsuMDs.crl rsync://rpki.ripe.net/repository/DEFAULT/72/7cba62-77d0-4118-a4c5-a1076d127ec6/1/0sF9sJm9QZ66VSo3cE3u7TsuMDs.mft rsync://rpki.ripe.net/repository/DEFAULT/0sF9sJm9QZ66VSo3cE3u7TsuMDs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:1c:df:0f:d1:dd:51:07:e9:02:9b:f2:d0:47:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d2c17db099bd419eba552a37704deeed3b2e303b Validity Not Before: Jan 2 10:20:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f8caf166b70f5ccec1bda55d55a6c49508b00218 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:2e:59:a7:e0:8f:2d:66:85:ff:c2:b2:4d:54: 2e:38:2c:7f:12:02:b6:b5:bb:0f:32:35:71:38:20: 6b:43:ea:97:d9:f3:59:35:d7:1b:57:c5:47:55:e0: e6:39:db:39:8a:8b:40:cd:12:d0:92:cf:9a:7a:ff: 13:36:d1:d7:51:63:0d:ee:0a:76:ae:88:9f:57:3a: a6:c7:6e:a7:26:50:45:32:91:c8:34:fa:b5:1e:17: 2d:6b:a6:6f:e1:51:08:ec:de:5b:ff:d2:4c:f7:9d: ae:ac:d9:9c:08:eb:b3:e3:48:5d:34:a0:db:e6:fd: a1:d0:98:51:36:17:2a:0c:10:c2:fd:fc:15:21:71: 9e:0f:b5:9c:11:c2:45:25:58:71:68:37:f3:32:85: 66:c2:57:be:8c:cd:5d:86:fe:fe:81:32:07:44:fd: 78:8a:9d:e9:89:9e:7c:b3:9d:dd:a1:3c:b5:90:90: d8:14:cf:5c:72:6d:04:ec:91:49:0a:91:bd:03:1a: 56:2b:d3:56:df:b6:4e:d7:5e:66:50:d9:8b:0d:7a: 3f:6f:56:4c:d7:33:32:0c:14:fc:c2:b8:61:23:22: 49:27:3a:6b:62:ea:6a:2a:79:81:b7:c8:9a:e2:29: 88:47:ec:0d:55:16:02:6c:7b:c8:7e:d7:be:b4:96: 03:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:CA:F1:66:B7:0F:5C:CE:C1:BD:A5:5D:55:A6:C4:95:08:B0:02:18 X509v3 Authority Key Identifier: keyid:D2:C1:7D:B0:99:BD:41:9E:BA:55:2A:37:70:4D:EE:ED:3B:2E:30:3B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sF9sJm9QZ66VSo3cE3u7TsuMDs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7cba62-77d0-4118-a4c5-a1076d127ec6/1/1-MrxZrcPXM7BvaVdVabElQiwAhg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7cba62-77d0-4118-a4c5-a1076d127ec6/1/0sF9sJm9QZ66VSo3cE3u7TsuMDs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.156.120.0/22 IPv6: 2a03:61a0::/32 Signature Algorithm: sha256WithRSAEncryption 78:f6:86:c1:61:46:26:09:fa:ed:de:2e:91:00:eb:23:ab:a6: 99:c6:ec:6d:7c:d2:40:a2:72:d1:fe:8d:3a:f6:0f:8c:bc:da: 1c:f2:d7:47:41:e9:be:aa:9a:a6:96:2a:d0:02:51:37:0a:b5: 06:a6:9e:ed:cc:f8:00:be:96:57:5a:69:93:fa:3a:57:7b:06: 8d:27:fd:c9:d1:4b:4a:84:73:6d:54:ab:b3:7d:38:df:65:ad: b4:61:16:7a:13:c1:d5:93:17:6b:39:ab:5d:78:58:c1:9c:e1: e0:75:20:63:7a:f6:43:8a:c0:47:db:24:f2:fe:2a:de:99:8e: 6f:7d:c5:c6:81:e7:33:f5:c3:ae:27:0e:20:34:96:70:be:4a: 3e:fe:e9:92:92:56:82:da:5f:e2:d1:50:93:5b:d2:bc:d6:97: af:22:1e:45:69:26:cd:0b:f3:73:fa:c6:af:50:81:ce:61:2e: 2b:59:47:11:35:69:e9:37:5b:5f:82:3f:4e:98:78:47:b3:70: d3:9b:71:65:c2:d5:e5:85:db:c8:c7:8a:ef:4f:eb:bc:0d:3f: 06:7c:ae:61:21:c8:c8:53:97:a0:30:25:4c:34:2e:2b:b9:2c: 33:50:17:f1:44:2e:c4:65:4f:32:f1:79:36:4d:2a:5c:4c:56: 27:04:c5:37 -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgISAZt+ORzfD9HdUQfpApvy0EfoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyYzE3ZGIwOTliZDQxOWViYTU1MmEzNzcwNGRlZWVkM2Iy ZTMwM2IwHhcNMjYwMTAyMTAyMDMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmOGNhZjE2NmI3MGY1Y2NlYzFiZGE1NWQ1NWE2YzQ5NTA4YjAwMjE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqS5Zp+CPLWaF/8KyTVQuOCx/EgK2 tbsPMjVxOCBrQ+qX2fNZNdcbV8VHVeDmOds5iotAzRLQks+aev8TNtHXUWMN7gp2 roifVzqmx26nJlBFMpHINPq1Hhcta6Zv4VEI7N5b/9JM952urNmcCOuz40hdNKDb 5v2h0JhRNhcqDBDC/fwVIXGeD7WcEcJFJVhxaDfzMoVmwle+jM1dhv7+gTIHRP14 ip3piZ58s53doTy1kJDYFM9ccm0E7JFJCpG9AxpWK9NW37ZO115mUNmLDXo/b1ZM 1zMyDBT8wrhhIyJJJzprYupqKnmBt8ia4imIR+wNVRYCbHvIfte+tJYDtwIDAQAB o4ICGTCCAhUwHQYDVR0OBBYEFPjK8Wa3D1zOwb2lXVWmxJUIsAIYMB8GA1UdIwQY MBaAFNLBfbCZvUGeulUqN3BN7u07LjA7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMHNGOXNKbTlRWjY2VlNvM2NFM3U3VHN1TURzLmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83Y2JhNjItNzdkMC00MTE4LWE0YzUt YTEwNzZkMTI3ZWM2LzEvMS1NcnhacmNQWE03QnZhVmRWYWJFbFFpd0FoZy5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvNzIvN2NiYTYyLTc3ZDAtNDExOC1hNGM1LWExMDc2ZDEyN2Vj Ni8xLzBzRjlzSm05UVo2NlZTbzNjRTN1N1RzdU1Ecy5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmceDAN BAIAAjAHAwUAKgNhoDANBgkqhkiG9w0BAQsFAAOCAQEAePaGwWFGJgn67d4ukQDr I6ummcbsbXzSQKJy0f6NOvYPjLzaHPLXR0HpvqqappYq0AJRNwq1Bqae7cz4AL6W V1ppk/o6V3sGjSf9ydFLSoRzbVSrs30432WttGEWehPB1ZMXazmrXXhYwZzh4HUg Y3r2Q4rAR9sk8v4q3pmOb33FxoHnM/XDricOIDSWcL5KPv7pkpJWgtpf4tFQk1vS vNaXryIeRWkmzQvzc/rGr1CBzmEuK1lHETVp6TdbX4I/Tph4R7Nw05txZcLV5YXb yMeK70/rvA0/BnyuYSHIyFOXoDAlTDQuK7ksM1AX8UQuxGVPMvF5Nk0qXExWJwTF Nw== -----END CERTIFICATE-----Generated at Mon Jan 26 05:32:48 2026 by rpki-client