This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/M_VtU7f5fPlDKkVKH-oBTR-MfOc.roa File: M_VtU7f5fPlDKkVKH-oBTR-MfOc.roa (raw, json) Hash identifier: INw4W70ov+0DIQom+PoiFmtJQ/A7yUcxsfN1Ujem6fA= Subject key identifier: 33:F5:6D:53:B7:F9:7C:F9:43:2A:45:4A:1F:EA:01:4D:1F:8C:7C:E7 Certificate issuer: /CN=a52fc60d36e28bb8df145c84acab19cfa53b025a Certificate serial: 019B797E13EAC1F3BFED09EA5E75AE57CDC1 Authority key identifier: A5:2F:C6:0D:36:E2:8B:B8:DF:14:5C:84:AC:AB:19:CF:A5:3B:02:5A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pS_GDTbii7jfFFyErKsZz6U7Alo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/M_VtU7f5fPlDKkVKH-oBTR-MfOc.roa Signing time: Thu 01 Jan 2026 12:17:44 +0000 ROA not before: Thu 01 Jan 2026 12:17:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 1921 IP address blocks: 176.97.158.0/24 maxlen: 24 192.174.68.0/24 maxlen: 24 2001:67c:10b8::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/pS_GDTbii7jfFFyErKsZz6U7Alo.crl rsync://rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/pS_GDTbii7jfFFyErKsZz6U7Alo.mft rsync://rpki.ripe.net/repository/DEFAULT/pS_GDTbii7jfFFyErKsZz6U7Alo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:39:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:13:ea:c1:f3:bf:ed:09:ea:5e:75:ae:57:cd:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a52fc60d36e28bb8df145c84acab19cfa53b025a Validity Not Before: Jan 1 12:17:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=33f56d53b7f97cf9432a454a1fea014d1f8c7ce7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:25:04:11:9f:6b:56:3f:fb:d5:eb:23:72:89: db:6d:85:82:66:6e:c7:a5:d4:73:48:2f:69:75:fc: 2a:ac:1d:d3:a2:06:bd:d1:56:5a:de:f7:cc:f0:c0: af:a5:bb:6a:e5:2e:f7:28:f4:90:af:8e:a9:31:33: b9:8c:a1:cc:f5:ee:9c:66:0d:d5:a7:17:e4:37:53: 0a:a7:8c:b9:7c:94:8e:0c:d7:6b:e6:5a:4d:28:d8: 4a:7b:09:18:e8:00:fd:a7:48:45:13:61:28:0c:4d: c8:bf:39:d8:0c:dd:64:0a:50:36:e2:43:46:40:19: 46:85:11:29:12:c0:b6:59:03:a8:89:8c:a3:db:2f: e9:fb:7e:38:89:ad:eb:16:d2:d8:62:bd:37:87:69: dc:9d:5e:b8:20:40:f4:fc:f6:13:63:a0:c0:f3:41: 25:b6:34:c2:76:4a:59:8b:90:09:e1:e6:2d:8a:63: 18:f7:80:5b:32:5b:6f:25:4b:04:a2:22:bc:b0:93: e2:7a:67:e7:28:fe:44:fa:b8:9a:24:07:e0:27:9c: 15:a5:40:34:10:df:4f:0c:da:ab:09:06:d6:ce:f7: a9:0c:6d:37:32:be:f1:c5:8d:53:8a:c4:87:22:8a: f9:7f:49:07:46:ff:05:08:99:1c:66:1c:f3:f9:53: e4:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:F5:6D:53:B7:F9:7C:F9:43:2A:45:4A:1F:EA:01:4D:1F:8C:7C:E7 X509v3 Authority Key Identifier: keyid:A5:2F:C6:0D:36:E2:8B:B8:DF:14:5C:84:AC:AB:19:CF:A5:3B:02:5A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pS_GDTbii7jfFFyErKsZz6U7Alo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/M_VtU7f5fPlDKkVKH-oBTR-MfOc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/pS_GDTbii7jfFFyErKsZz6U7Alo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.97.158.0/24 192.174.68.0/24 IPv6: 2001:67c:10b8::/48 Signature Algorithm: sha256WithRSAEncryption 0b:4d:4b:e1:a6:77:d3:81:8f:69:45:ca:9d:b2:4c:55:bd:0c: 45:36:e3:b9:d6:91:84:d8:19:ad:42:97:02:b2:20:0f:aa:0c: 88:3d:47:ab:69:a3:1f:16:29:49:78:84:77:a2:55:07:c7:fe: 47:f1:3e:ee:f0:88:a3:84:09:d3:c3:c3:ac:af:62:1e:0b:0e: 42:69:4c:0b:7f:5a:57:f3:e6:63:33:fa:90:32:fd:ac:87:e0: b4:19:ca:56:5e:5e:80:5b:be:aa:95:0b:da:b0:21:16:40:7e: 35:fe:fe:ad:d9:03:12:79:86:ce:fc:b2:ac:bd:f6:e2:98:bb: 62:23:f2:50:35:bf:54:32:45:27:71:c0:f2:9f:34:4c:92:3f: e8:ac:60:00:8f:cc:2f:c3:a7:15:49:06:ec:e7:64:b5:fd:ec: db:83:24:46:4f:5d:27:7b:c8:7c:57:b8:e3:d2:6d:57:3a:cd: 67:bd:2d:53:74:51:60:4e:f6:5f:d2:6c:ca:6a:f3:66:df:bd: b6:05:4d:e1:90:d6:c5:77:60:c7:90:7f:36:ee:55:88:d5:c3: 88:34:74:2d:8b:f7:6a:34:32:a8:42:1d:39:2b:04:99:41:9a: c8:21:3b:0a:5c:87:bf:ec:13:cb:0e:26:dc:40:6c:ef:d5:ef: 1d:fd:cd:3d -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt5fhPqwfO/7QnqXnWuV83BMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1MmZjNjBkMzZlMjhiYjhkZjE0NWM4NGFjYWIxOWNmYTUz YjAyNWEwHhcNMjYwMTAxMTIxNzQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzM2Y1NmQ1M2I3Zjk3Y2Y5NDMyYTQ1NGExZmVhMDE0ZDFmOGM3Y2U3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyUEEZ9rVj/71esjconbbYWCZm7H pdRzSC9pdfwqrB3Toga90VZa3vfM8MCvpbtq5S73KPSQr46pMTO5jKHM9e6cZg3V pxfkN1MKp4y5fJSODNdr5lpNKNhKewkY6AD9p0hFE2EoDE3IvznYDN1kClA24kNG QBlGhREpEsC2WQOoiYyj2y/p+344ia3rFtLYYr03h2ncnV64IED0/PYTY6DA80El tjTCdkpZi5AJ4eYtimMY94BbMltvJUsEoiK8sJPiemfnKP5E+riaJAfgJ5wVpUA0 EN9PDNqrCQbWzvepDG03Mr7xxY1TisSHIor5f0kHRv8FCJkcZhzz+VPkVwIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFDP1bVO3+Xz5QypFSh/qAU0fjHznMB8GA1UdIwQY MBaAFKUvxg024ou43xRchKyrGc+lOwJaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcFNfR0RUYmlpN2pmRkZ5RXJLc1p6NlU3QWxvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9mMGI5NjAtODZkOC00MDYyLWE1OTct OWI0YTJkNWYzYTc2LzEvTV9WdFU3ZjVmUGxES2tWS0gtb0JUUi1NZk9jLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ni9mMGI5NjAtODZkOC00MDYyLWE1OTctOWI0YTJkNWYzYTc2 LzEvcFNfR0RUYmlpN2pmRkZ5RXJLc1p6NlU3QWxvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAsGGeAwQA wK5EMA8EAgACMAkDBwAgAQZ8ELgwDQYJKoZIhvcNAQELBQADggEBAAtNS+Gmd9OB j2lFyp2yTFW9DEU247nWkYTYGa1ClwKyIA+qDIg9R6tpox8WKUl4hHeiVQfH/kfx Pu7wiKOECdPDw6yvYh4LDkJpTAt/Wlfz5mMz+pAy/ayH4LQZylZeXoBbvqqVC9qw IRZAfjX+/q3ZAxJ5hs78sqy99uKYu2Ij8lA1v1QyRSdxwPKfNEySP+isYACPzC/D pxVJBuznZLX97NuDJEZPXSd7yHxXuOPSbVc6zWe9LVN0UWBO9l/SbMpq82bfvbYF TeGQ1sV3YMeQfzbuVYjVw4g0dC2L92o0MqhCHTkrBJlBmsghOwpch7/sE8sOJtxA bO/V7x39zT0= -----END CERTIFICATE-----Generated at Tue Jan 27 02:08:23 2026 by rpki-client