This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/MS5a5yrl71cjPjVIOI6KG4-kfzA.roa File: MS5a5yrl71cjPjVIOI6KG4-kfzA.roa (raw, json) Hash identifier: pvaiBoNQsLg2xqN0jbdM5cKtNP9HhbFvDon/Otd7kjU= Subject key identifier: 31:2E:5A:E7:2A:E5:EF:57:23:3E:35:48:38:8E:8A:1B:8F:A4:7F:30 Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0 Certificate serial: 019B7DCB5C3F363E3C67BC6E82DF06BCD35A Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/MS5a5yrl71cjPjVIOI6KG4-kfzA.roa Signing time: Fri 02 Jan 2026 08:20:37 +0000 ROA not before: Fri 02 Jan 2026 08:20:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 154049 IP address blocks: 151.243.35.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 21:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:5c:3f:36:3e:3c:67:bc:6e:82:df:06:bc:d3:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0 Validity Not Before: Jan 2 08:20:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=312e5ae72ae5ef57233e3548388e8a1b8fa47f30 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:49:ed:54:ec:38:5f:1f:8c:17:51:47:73:b8: 31:2f:5f:c6:7b:24:96:ef:f0:ea:41:3f:41:78:42: 58:ba:0d:64:5b:47:0e:31:b9:11:c5:3c:8d:54:4a: 30:2c:52:96:de:10:80:d2:85:17:fa:0b:e7:09:71: b0:72:a1:24:f1:b9:f9:1f:35:e7:26:97:82:e0:45: bd:97:51:6c:c4:64:b4:8c:d7:91:a9:0a:a4:df:89: 0e:4f:a4:af:8f:64:89:d0:2c:f8:fb:14:74:fa:2b: e5:94:2c:b0:45:72:36:e4:54:1c:98:ff:e8:64:ba: 77:61:80:e2:7a:86:ea:a7:ee:3c:a2:68:c3:78:58: 63:75:d2:5d:9f:dd:12:eb:3a:4b:3f:ac:b9:47:ac: e9:7f:6b:36:6e:be:6b:f6:14:76:30:ed:06:8a:b9: 13:4c:07:55:11:a5:aa:57:53:2a:cf:30:08:c6:00: a7:86:31:10:e9:61:ed:dc:d9:c9:f6:e8:89:68:56: 07:3d:a8:ca:3e:6e:c7:82:32:5a:72:46:bf:02:8b: 16:d7:db:2c:bf:90:77:58:73:58:89:d3:69:39:b5: cf:15:17:67:e5:60:ec:5e:ba:37:da:a9:39:82:40: 8f:7b:98:f1:89:cd:4c:42:3c:bd:95:67:08:f8:44: ca:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:2E:5A:E7:2A:E5:EF:57:23:3E:35:48:38:8E:8A:1B:8F:A4:7F:30 X509v3 Authority Key Identifier: keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/MS5a5yrl71cjPjVIOI6KG4-kfzA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 151.243.35.0/24 Signature Algorithm: sha256WithRSAEncryption 8d:1b:f2:a6:7d:c8:b2:4a:c9:e8:01:6e:19:ba:3b:a1:bf:66: cd:fa:54:4c:47:19:ee:eb:48:4a:4f:22:3c:bf:d8:38:ae:b3: 1d:38:b8:cf:59:51:98:ca:8c:11:12:a7:f9:c6:b0:89:c9:20: 68:b5:d2:9b:59:1c:60:c3:a1:74:d1:e8:6c:9d:45:2b:6a:ce: 6b:0c:57:26:d1:8d:55:99:ca:30:c9:d3:49:60:77:ad:92:e7: 9d:b1:e5:f9:6a:02:d3:b0:b9:85:71:dc:cb:48:67:c1:5c:28: c2:1a:f8:36:d2:60:0c:e8:ce:8b:1c:fc:e1:cd:da:a0:58:81: 1b:b6:cd:3f:bd:7e:79:33:6a:78:ce:1d:42:27:f0:02:90:48: 7b:9c:c1:1d:60:e8:8d:a2:08:8c:34:36:f9:8b:2b:77:46:68: 1d:11:64:44:2e:88:73:14:b8:77:ac:24:f7:81:c7:2f:82:d4: 2e:48:94:3a:db:4e:ed:c9:29:67:39:44:91:22:01:73:58:e9: a3:5b:0a:d7:6e:f8:e7:b8:bc:1c:21:a3:03:92:cb:e6:8b:22: 36:3a:c6:a0:cf:c1:60:dc:d2:7c:bb:41:1a:dc:41:9f:45:9b: 58:66:55:6b:6f:78:16:71:09:4e:a4:3f:d2:3f:7a:f8:1b:7b: 05:49:c0:c4 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9y1w/Nj48Z7xugt8GvNNaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh NWE0YzAwHhcNMjYwMTAyMDgyMDM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMTJlNWFlNzJhZTVlZjU3MjMzZTM1NDgzODhlOGExYjhmYTQ3ZjMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUntVOw4Xx+MF1FHc7gxL1/GeySW 7/DqQT9BeEJYug1kW0cOMbkRxTyNVEowLFKW3hCA0oUX+gvnCXGwcqEk8bn5HzXn JpeC4EW9l1FsxGS0jNeRqQqk34kOT6Svj2SJ0Cz4+xR0+ivllCywRXI25FQcmP/o ZLp3YYDieobqp+48omjDeFhjddJdn90S6zpLP6y5R6zpf2s2br5r9hR2MO0GirkT TAdVEaWqV1MqzzAIxgCnhjEQ6WHt3NnJ9uiJaFYHPajKPm7HgjJacka/AosW19ss v5B3WHNYidNpObXPFRdn5WDsXro32qk5gkCPe5jxic1MQjy9lWcI+ETKAwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFDEuWucq5e9XIz41SDiOihuPpH8wMB8GA1UdIwQY MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt MTdiOWRlMTQxMjUyLzEvTVM1YTV5cmw3MWNqUGpWSU9JNktHNC1rZnpBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/MjMA0G CSqGSIb3DQEBCwUAA4IBAQCNG/KmfciySsnoAW4Zujuhv2bN+lRMRxnu60hKTyI8 v9g4rrMdOLjPWVGYyowREqf5xrCJySBotdKbWRxgw6F00ehsnUUras5rDFcm0Y1V mcowydNJYHetkuedseX5agLTsLmFcdzLSGfBXCjCGvg20mAM6M6LHPzhzdqgWIEb ts0/vX55M2p4zh1CJ/ACkEh7nMEdYOiNogiMNDb5iyt3RmgdEWRELohzFLh3rCT3 gccvgtQuSJQ6207tySlnOUSRIgFzWOmjWwrXbvjnuLwcIaMDksvmiyI2Osagz8Fg 3NJ8u0Ea3EGfRZtYZlVrb3gWcQlOpD/SP3r4G3sFScDE -----END CERTIFICATE-----Generated at Sun Jan 25 08:49:36 2026 by rpki-client