This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/796f8c-bdb7-441f-bdbb-03541d231574/1/MPB9CkoghVUPFrXOQKAmKQU_wx8.roa File: MPB9CkoghVUPFrXOQKAmKQU_wx8.roa (raw, json) Hash identifier: SBYmHn0Lh08hIxRKwJZvwv+ggtONWPJMq80oRcsft2g= Subject key identifier: 30:F0:7D:0A:4A:20:85:55:0F:16:B5:CE:40:A0:26:29:05:3F:C3:1F Certificate issuer: /CN=680e20ccfb2d5898c2162900d1468070a7024956 Certificate serial: 019B77591D86D3FE27CBC89B62429765AA05 Authority key identifier: 68:0E:20:CC:FB:2D:58:98:C2:16:29:00:D1:46:80:70:A7:02:49:56 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aA4gzPstWJjCFikA0UaAcKcCSVY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/796f8c-bdb7-441f-bdbb-03541d231574/1/MPB9CkoghVUPFrXOQKAmKQU_wx8.roa Signing time: Thu 01 Jan 2026 02:18:07 +0000 ROA not before: Thu 01 Jan 2026 02:18:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25459 IP address blocks: 185.95.44.0/22 maxlen: 22 2a01:4520::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/796f8c-bdb7-441f-bdbb-03541d231574/1/aA4gzPstWJjCFikA0UaAcKcCSVY.crl rsync://rpki.ripe.net/repository/DEFAULT/77/796f8c-bdb7-441f-bdbb-03541d231574/1/aA4gzPstWJjCFikA0UaAcKcCSVY.mft rsync://rpki.ripe.net/repository/DEFAULT/aA4gzPstWJjCFikA0UaAcKcCSVY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:1d:86:d3:fe:27:cb:c8:9b:62:42:97:65:aa:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=680e20ccfb2d5898c2162900d1468070a7024956 Validity Not Before: Jan 1 02:18:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=30f07d0a4a2085550f16b5ce40a02629053fc31f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:da:12:c3:a9:cb:6f:08:d0:f0:2e:5d:47:9a: be:e5:3e:09:14:0a:a6:a3:6a:a0:3c:88:3b:ef:0f: c0:53:89:f3:79:e7:10:08:9c:ff:d8:79:3e:f0:5f: b0:9e:b8:9f:e5:75:f4:6b:17:fa:c6:36:67:a7:60: 07:95:51:7d:8c:5b:0a:fa:4c:c3:af:7b:68:b1:c5: bd:55:ba:b6:b3:e5:63:67:13:c6:bd:c6:51:3a:38: d2:39:51:19:11:03:d2:78:1b:5b:ec:d7:5e:04:ae: f7:4a:77:8c:56:96:e7:5e:fa:e4:4a:ec:ac:75:02: 07:d7:fb:0d:fb:75:37:35:c4:ce:87:7a:6f:eb:ce: b9:ae:0b:b0:12:10:3b:74:e5:e9:c0:4e:46:6b:43: 79:ed:b3:ac:52:71:32:56:93:62:0d:f7:36:67:41: 4d:d6:f6:54:cd:f5:61:2b:f9:2c:27:08:e3:6a:c2: 28:7b:3c:ed:fc:52:0e:f7:5c:6a:25:d8:cd:a0:34: 47:10:b3:8f:60:c2:0a:f5:a9:7e:7a:ab:20:93:2b: 26:d6:94:b0:57:55:9f:bf:d0:48:60:ef:58:16:a5: b7:7a:65:29:8c:69:c1:77:86:35:85:3b:5b:61:54: de:d5:e0:c1:f7:ed:07:44:4d:05:4b:94:0d:6f:9d: 28:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:F0:7D:0A:4A:20:85:55:0F:16:B5:CE:40:A0:26:29:05:3F:C3:1F X509v3 Authority Key Identifier: keyid:68:0E:20:CC:FB:2D:58:98:C2:16:29:00:D1:46:80:70:A7:02:49:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aA4gzPstWJjCFikA0UaAcKcCSVY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/796f8c-bdb7-441f-bdbb-03541d231574/1/MPB9CkoghVUPFrXOQKAmKQU_wx8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/77/796f8c-bdb7-441f-bdbb-03541d231574/1/aA4gzPstWJjCFikA0UaAcKcCSVY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.95.44.0/22 IPv6: 2a01:4520::/32 Signature Algorithm: sha256WithRSAEncryption ae:30:77:57:36:6f:e6:46:95:c0:da:a7:0f:53:76:49:e2:ed: a0:b7:f3:57:8a:5c:8b:4e:fb:9a:ac:94:c0:ee:57:6c:ed:f6: 9d:3a:3a:7f:a9:2d:2e:dc:62:67:50:6f:e3:41:2d:b6:31:e6: 7f:55:8d:5e:03:cc:16:e4:ad:06:33:79:b9:99:db:b8:9e:b8: b2:cb:d4:be:a5:e9:14:b9:d6:56:62:86:31:08:78:4c:18:0f: 96:50:e1:0a:59:fc:6b:8b:20:96:42:a3:78:3e:1c:be:7d:d3: ae:31:33:1e:00:17:37:c5:3d:c8:0b:4b:30:1f:b7:0c:d1:99: a3:d9:c7:c3:2b:9f:74:71:83:b8:4b:4b:e7:77:1e:9d:b4:1e: 6b:9d:36:db:8d:40:5e:9a:76:cd:68:c6:29:cd:f4:93:7f:18: 9e:03:c1:80:41:4b:f7:35:51:c5:af:34:39:e8:e8:3c:09:02: 81:f3:83:bc:0e:c7:a2:7d:7e:26:4b:bb:71:00:10:c9:66:1d: a5:77:59:55:ef:9c:4a:d1:03:65:d2:d6:b4:2e:35:94:ac:79: 3c:fe:27:a8:20:85:6c:01:cf:b1:29:fc:c5:d2:99:54:8a:29: 1d:3e:c7:ab:c1:4f:6e:09:6b:c0:19:eb:da:14:7b:b2:40:42: 98:02:a3:31 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt3WR2G0/4ny8ibYkKXZaoFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4MGUyMGNjZmIyZDU4OThjMjE2MjkwMGQxNDY4MDcwYTcw MjQ5NTYwHhcNMjYwMTAxMDIxODA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMGYwN2QwYTRhMjA4NTU1MGYxNmI1Y2U0MGEwMjYyOTA1M2ZjMzFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptoSw6nLbwjQ8C5dR5q+5T4JFAqm o2qgPIg77w/AU4nzeecQCJz/2Hk+8F+wnrif5XX0axf6xjZnp2AHlVF9jFsK+kzD r3toscW9Vbq2s+VjZxPGvcZROjjSOVEZEQPSeBtb7NdeBK73SneMVpbnXvrkSuys dQIH1/sN+3U3NcTOh3pv6865rguwEhA7dOXpwE5Ga0N57bOsUnEyVpNiDfc2Z0FN 1vZUzfVhK/ksJwjjasIoezzt/FIO91xqJdjNoDRHELOPYMIK9al+eqsgkysm1pSw V1Wfv9BIYO9YFqW3emUpjGnBd4Y1hTtbYVTe1eDB9+0HRE0FS5QNb50o4wIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFDDwfQpKIIVVDxa1zkCgJikFP8MfMB8GA1UdIwQY MBaAFGgOIMz7LViYwhYpANFGgHCnAklWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUE0Z3pQc3RXSmpDRmlrQTBVYUFjS2NDU1ZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny83OTZmOGMtYmRiNy00NDFmLWJkYmIt MDM1NDFkMjMxNTc0LzEvTVBCOUNrb2doVlVQRnJYT1FLQW1LUVVfd3g4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Ny83OTZmOGMtYmRiNy00NDFmLWJkYmItMDM1NDFkMjMxNTc0 LzEvYUE0Z3pQc3RXSmpDRmlrQTBVYUFjS2NDU1ZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuV8sMA0E AgACMAcDBQAqAUUgMA0GCSqGSIb3DQEBCwUAA4IBAQCuMHdXNm/mRpXA2qcPU3ZJ 4u2gt/NXilyLTvuarJTA7lds7fadOjp/qS0u3GJnUG/jQS22MeZ/VY1eA8wW5K0G M3m5mdu4nriyy9S+pekUudZWYoYxCHhMGA+WUOEKWfxriyCWQqN4Phy+fdOuMTMe ABc3xT3IC0swH7cM0Zmj2cfDK590cYO4S0vndx6dtB5rnTbbjUBemnbNaMYpzfST fxieA8GAQUv3NVHFrzQ56Og8CQKB84O8DseifX4mS7txABDJZh2ld1lV75xK0QNl 0ta0LjWUrHk8/ieoIIVsAc+xKfzF0plUiikdPserwU9uCWvAGevaFHuyQEKYAqMx -----END CERTIFICATE-----Generated at Mon Jan 26 09:23:39 2026 by rpki-client