This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/MPfZa80zx8JD19B0YvKo1B-KyMs.roa File: MPfZa80zx8JD19B0YvKo1B-KyMs.roa (raw, json) Hash identifier: hWxzkpQob8nqa1qn5tGNwr5NCD7Lovv8X8P0foxw+GY= Subject key identifier: 30:F7:D9:6B:CD:33:C7:C2:43:D7:D0:74:62:F2:A8:D4:1F:8A:C8:CB Certificate issuer: /CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1 Certificate serial: 019B797EA48C9DF14AD32C0B94BC2C6426BC Authority key identifier: 0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/MPfZa80zx8JD19B0YvKo1B-KyMs.roa Signing time: Thu 01 Jan 2026 12:18:21 +0000 ROA not before: Thu 01 Jan 2026 12:18:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209677 IP address blocks: 159.151.64.0/18 maxlen: 18 192.109.145.0/24 maxlen: 24 2a07:8142::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.mft rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:a4:8c:9d:f1:4a:d3:2c:0b:94:bc:2c:64:26:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1 Validity Not Before: Jan 1 12:18:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=30f7d96bcd33c7c243d7d07462f2a8d41f8ac8cb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:48:05:82:10:fe:f7:74:16:c4:26:dc:a0:51: 41:5f:e7:bd:33:56:e1:14:e5:86:31:54:41:e2:d1: d6:d1:16:ba:a9:f3:3a:d8:17:7f:78:66:0b:bd:b1: be:00:6f:23:4a:a1:db:c3:d7:66:8f:c1:23:28:67: 1d:83:5c:cb:3f:c4:90:e6:b2:9c:67:34:13:33:1f: 71:39:48:06:e1:93:1e:70:76:41:ad:35:0f:dc:74: cd:e8:17:95:f4:a2:f4:ad:30:2b:20:72:98:c0:0c: e1:71:93:02:90:d9:c6:9c:fa:21:cd:86:e9:69:57: 6d:cc:5b:0f:0b:f1:ce:d1:04:3f:c0:bb:4f:e9:8a: 39:e3:5b:6d:ca:58:52:7e:a4:0a:83:a1:18:38:9b: 2c:f6:61:31:f8:24:32:96:44:63:bd:00:37:0b:22: 75:51:3d:b7:ea:ea:74:97:06:7c:20:0c:2a:08:8d: c9:d8:3f:16:01:89:d6:06:b7:b7:f2:01:a6:6c:0c: 54:67:8f:be:3a:f0:79:df:6e:9c:37:1f:d1:52:21: f1:a8:d2:18:50:ea:3e:28:17:fa:fd:62:fe:d2:c1: cf:fd:78:5f:d4:0d:f2:da:d2:67:8f:eb:97:8f:6f: 87:04:c9:4b:80:f2:1a:d2:a6:b0:c4:18:6d:cc:02: 20:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:F7:D9:6B:CD:33:C7:C2:43:D7:D0:74:62:F2:A8:D4:1F:8A:C8:CB X509v3 Authority Key Identifier: keyid:0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/MPfZa80zx8JD19B0YvKo1B-KyMs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.151.64.0/18 192.109.145.0/24 IPv6: 2a07:8142::/36 Signature Algorithm: sha256WithRSAEncryption 01:b4:95:92:e4:23:e7:52:86:fa:3c:4c:93:d8:b3:73:95:bb: 34:5d:49:78:e8:44:23:eb:17:51:03:bf:e5:85:00:62:fe:7f: 08:af:a8:06:ce:0e:25:ca:ec:47:73:65:8a:d6:fd:78:25:25: b5:ec:75:07:e4:9c:ba:4b:5d:42:61:da:b2:fd:a0:cf:78:f9: 52:1c:c2:f8:10:e4:97:80:d1:1b:80:ba:b7:3f:3e:ea:c6:48: be:82:65:df:3d:a0:bc:0a:90:ce:06:f7:c9:ae:8f:78:cc:a0: 3b:de:04:0a:71:02:7b:20:84:a5:18:03:c9:9c:7f:4d:b5:c8: 9b:ff:9f:25:79:79:4c:5f:68:4e:03:21:8d:ac:9f:0d:a0:67: fe:38:2b:51:69:3f:af:d4:f7:4a:1b:5e:3d:09:e8:d5:08:53: e6:1b:c9:0d:33:b9:cf:50:e0:23:ed:d2:af:71:21:50:f0:3c: 09:cf:d2:97:8d:5c:b9:e4:9f:d5:12:e3:8a:66:0b:96:cd:51: 25:8f:50:c9:2e:69:7a:c1:eb:e8:9b:e4:04:ee:7e:53:a7:eb: aa:7c:e5:24:34:c1:96:d7:da:67:23:b1:39:a1:b3:42:e2:aa: fa:7b:72:f7:68:9b:19:e3:e7:65:84:0b:89:d3:cf:e1:bb:76: 40:72:92:f3 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgISAZt5fqSMnfFK0ywLlLwsZCa8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBhMzdkODA3ZDRmN2NkZDNlMGFmZTRhYmM4ZWU1YTg4MGM2 MDkwZjEwHhcNMjYwMTAxMTIxODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMGY3ZDk2YmNkMzNjN2MyNDNkN2QwNzQ2MmYyYThkNDFmOGFjOGNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10gFghD+93QWxCbcoFFBX+e9M1bh FOWGMVRB4tHW0Ra6qfM62Bd/eGYLvbG+AG8jSqHbw9dmj8EjKGcdg1zLP8SQ5rKc ZzQTMx9xOUgG4ZMecHZBrTUP3HTN6BeV9KL0rTArIHKYwAzhcZMCkNnGnPohzYbp aVdtzFsPC/HO0QQ/wLtP6Yo541ttylhSfqQKg6EYOJss9mEx+CQylkRjvQA3CyJ1 UT236up0lwZ8IAwqCI3J2D8WAYnWBre38gGmbAxUZ4++OvB5326cNx/RUiHxqNIY UOo+KBf6/WL+0sHP/Xhf1A3y2tJnj+uXj2+HBMlLgPIa0qawxBhtzAIgUQIDAQAB o4ICHzCCAhswHQYDVR0OBBYEFDD32WvNM8fCQ9fQdGLyqNQfisjLMB8GA1UdIwQY MBaAFAo32AfU983T4K/kq8juWogMYJDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjkt ODAwZWRhMmNmYjM2LzEvTVBmWmE4MHp4OEpEMTlCMFl2S28xQi1LeU1zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjktODAwZWRhMmNmYjM2 LzEvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQGn5dAAwQA wG2RMA4EAgACMAgDBgQqB4FCADANBgkqhkiG9w0BAQsFAAOCAQEAAbSVkuQj51KG +jxMk9izc5W7NF1JeOhEI+sXUQO/5YUAYv5/CK+oBs4OJcrsR3Nlitb9eCUltex1 B+ScuktdQmHasv2gz3j5UhzC+BDkl4DRG4C6tz8+6sZIvoJl3z2gvAqQzgb3ya6P eMygO94ECnECeyCEpRgDyZx/TbXIm/+fJXl5TF9oTgMhjayfDaBn/jgrUWk/r9T3 ShtePQno1QhT5hvJDTO5z1DgI+3Sr3EhUPA8Cc/Sl41cueSf1RLjimYLls1RJY9Q yS5pesHr6JvkBO5+U6frqnzlJDTBltfaZyOxOaGzQuKq+nty92ibGePnZYQLidPP 4bt2QHKS8w== -----END CERTIFICATE-----Generated at Sun Jan 25 23:31:53 2026 by rpki-client