This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/66e51a-fe82-4b5d-9884-b533f4941afe/1/McH8mGnLHCM6mOT2jSygPPhIpnQ.roa File: McH8mGnLHCM6mOT2jSygPPhIpnQ.roa (raw, json) Hash identifier: +Pr4bFJHvbceI7BsmKDsD/oUAFUjqj+Qb2TSJ5/To2A= Subject key identifier: 31:C1:FC:98:69:CB:1C:23:3A:98:E4:F6:8D:2C:A0:3C:F8:48:A6:74 Certificate issuer: /CN=76e05e9ee59477e0155fc1edc0a1830729766e88 Certificate serial: 019B985BE909A49CF6ABED5AE2E98478F2DD Authority key identifier: 76:E0:5E:9E:E5:94:77:E0:15:5F:C1:ED:C0:A1:83:07:29:76:6E:88 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/duBenuWUd-AVX8HtwKGDByl2bog.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/66e51a-fe82-4b5d-9884-b533f4941afe/1/McH8mGnLHCM6mOT2jSygPPhIpnQ.roa Signing time: Wed 07 Jan 2026 12:08:38 +0000 ROA not before: Wed 07 Jan 2026 12:08:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12978 IP address blocks: 212.31.0.0/19 maxlen: 19 212.31.0.0/22 maxlen: 22 212.31.0.0/24 maxlen: 24 212.31.1.0/24 maxlen: 24 212.31.2.0/24 maxlen: 24 212.31.3.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/66e51a-fe82-4b5d-9884-b533f4941afe/1/duBenuWUd-AVX8HtwKGDByl2bog.crl rsync://rpki.ripe.net/repository/DEFAULT/99/66e51a-fe82-4b5d-9884-b533f4941afe/1/duBenuWUd-AVX8HtwKGDByl2bog.mft rsync://rpki.ripe.net/repository/DEFAULT/duBenuWUd-AVX8HtwKGDByl2bog.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 21:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:98:5b:e9:09:a4:9c:f6:ab:ed:5a:e2:e9:84:78:f2:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=76e05e9ee59477e0155fc1edc0a1830729766e88 Validity Not Before: Jan 7 12:08:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=31c1fc9869cb1c233a98e4f68d2ca03cf848a674 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:5a:77:b5:a8:45:d4:2d:2a:38:5d:11:83:81: 53:f8:28:b3:e6:7b:52:39:90:db:59:d9:f2:ef:70: 14:89:2f:7a:24:79:32:de:08:5b:e9:a0:aa:cf:a8: 72:17:ae:8a:da:d1:37:d7:a4:b6:90:e1:ec:d0:57: e5:bb:5a:79:bc:81:05:be:e7:5d:31:b3:60:90:d5: a2:16:55:15:80:e3:8e:ff:e4:e6:a2:d2:d1:b6:68: b5:54:00:67:52:43:39:5a:62:72:78:c9:bc:e9:87: 08:81:a6:06:77:8d:c6:02:d9:a1:4a:dd:21:a7:85: cd:18:ed:ed:39:14:8f:2c:9a:a1:40:38:59:84:a4: fe:ec:fa:35:55:be:92:c5:4c:a9:df:ef:86:9d:d9: 44:c7:95:54:96:ad:8f:9d:29:32:86:b1:2e:48:01: 31:7d:76:f4:de:c4:09:69:46:48:37:2b:14:cf:d7: d1:a9:10:1d:bd:10:ce:5d:7d:01:40:78:4d:45:66: 7c:81:27:b9:ad:73:5f:97:a8:78:ef:c1:c9:c1:36: 8c:45:8a:07:bc:27:c1:0f:a3:a0:c3:c4:48:f5:fc: 09:00:0c:8e:4b:28:0c:7d:87:de:41:d0:c7:2b:f4: 28:24:f5:1e:30:58:ed:a8:49:dd:c6:3c:13:c3:4f: 54:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:C1:FC:98:69:CB:1C:23:3A:98:E4:F6:8D:2C:A0:3C:F8:48:A6:74 X509v3 Authority Key Identifier: keyid:76:E0:5E:9E:E5:94:77:E0:15:5F:C1:ED:C0:A1:83:07:29:76:6E:88 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/duBenuWUd-AVX8HtwKGDByl2bog.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/66e51a-fe82-4b5d-9884-b533f4941afe/1/McH8mGnLHCM6mOT2jSygPPhIpnQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/99/66e51a-fe82-4b5d-9884-b533f4941afe/1/duBenuWUd-AVX8HtwKGDByl2bog.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 212.31.0.0/19 Signature Algorithm: sha256WithRSAEncryption 7d:88:33:43:ad:3b:72:6d:2d:56:72:90:e3:ae:aa:a1:d3:d4: d5:53:33:80:07:f9:f6:0c:69:3d:62:e5:87:4b:85:47:9b:35: 7a:51:b1:cb:21:85:08:03:6b:24:37:32:b2:78:5b:f5:c6:32: ac:37:e5:a9:55:bf:b9:18:6d:eb:90:dd:5a:92:f8:5d:99:f2: 4d:b0:71:b8:1e:85:90:0b:8b:e3:51:e2:87:e6:16:0b:cc:7e: 5a:c5:f8:ca:29:a6:c2:2c:e0:55:f9:10:ea:8c:80:aa:62:6d: 6f:d6:fd:0b:29:5d:7c:ac:ff:15:32:77:a0:3a:e7:dd:59:9b: 8a:d6:9b:f3:d8:2d:42:4e:80:c0:fe:63:70:88:e2:e9:9f:b6: cd:4a:28:91:a8:a6:b8:a9:f1:a7:b4:56:00:ef:7e:4b:73:1e: 0f:d4:d1:b5:ac:a6:f7:05:1e:a9:9f:be:e3:7b:eb:60:f0:4f: d0:41:9c:1b:00:ec:a8:8b:43:df:aa:8e:4d:7c:49:e8:b0:4e: 51:31:aa:29:4f:80:5e:42:1e:b5:12:55:ec:02:58:ed:f5:5e: d1:ec:e1:1b:a1:41:6b:3e:e7:2b:52:ab:29:b9:a6:52:3c:3d: 89:1c:d0:f8:9b:cb:79:ce:55:b3:8d:56:e1:f1:df:ad:ae:51: 88:f8:9d:0e -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZuYW+kJpJz2q+1a4umEePLdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc2ZTA1ZTllZTU5NDc3ZTAxNTVmYzFlZGMwYTE4MzA3Mjk3 NjZlODgwHhcNMjYwMTA3MTIwODM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMWMxZmM5ODY5Y2IxYzIzM2E5OGU0ZjY4ZDJjYTAzY2Y4NDhhNjc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlp3tahF1C0qOF0Rg4FT+Ciz5ntS OZDbWdny73AUiS96JHky3ghb6aCqz6hyF66K2tE316S2kOHs0Fflu1p5vIEFvudd MbNgkNWiFlUVgOOO/+TmotLRtmi1VABnUkM5WmJyeMm86YcIgaYGd43GAtmhSt0h p4XNGO3tORSPLJqhQDhZhKT+7Po1Vb6SxUyp3++GndlEx5VUlq2PnSkyhrEuSAEx fXb03sQJaUZINysUz9fRqRAdvRDOXX0BQHhNRWZ8gSe5rXNfl6h478HJwTaMRYoH vCfBD6Ogw8RI9fwJAAyOSygMfYfeQdDHK/QoJPUeMFjtqEndxjwTw09UAQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFDHB/JhpyxwjOpjk9o0soDz4SKZ0MB8GA1UdIwQY MBaAFHbgXp7llHfgFV/B7cChgwcpdm6IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZHVCZW51V1VkLUFWWDhIdHdLR0RCeWwyYm9nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS82NmU1MWEtZmU4Mi00YjVkLTk4ODQt YjUzM2Y0OTQxYWZlLzEvTWNIOG1HbkxIQ002bU9UMmpTeWdQUGhJcG5RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OS82NmU1MWEtZmU4Mi00YjVkLTk4ODQtYjUzM2Y0OTQxYWZl LzEvZHVCZW51V1VkLUFWWDhIdHdLR0RCeWwyYm9nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1B8AMA0G CSqGSIb3DQEBCwUAA4IBAQB9iDNDrTtybS1WcpDjrqqh09TVUzOAB/n2DGk9YuWH S4VHmzV6UbHLIYUIA2skNzKyeFv1xjKsN+WpVb+5GG3rkN1akvhdmfJNsHG4HoWQ C4vjUeKH5hYLzH5axfjKKabCLOBV+RDqjICqYm1v1v0LKV18rP8VMnegOufdWZuK 1pvz2C1CToDA/mNwiOLpn7bNSiiRqKa4qfGntFYA735Lcx4P1NG1rKb3BR6pn77j e+tg8E/QQZwbAOyoi0Pfqo5NfEnosE5RMaopT4BeQh61ElXsAljt9V7R7OEboUFr PucrUqspuaZSPD2JHND4m8t5zlWzjVbh8d+trlGI+J0O -----END CERTIFICATE-----Generated at Mon Jan 26 04:19:50 2026 by rpki-client