This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/cdbfbd-ed67-44b7-9e1f-b29107b98acc/1/MH507cRFXNNeqadxQdKywhHkylA.roa File: MH507cRFXNNeqadxQdKywhHkylA.roa (raw, json) Hash identifier: SJpj63kNuERbqmJKNAG4loDyhiVzSuV9bopPuk1oXO0= Subject key identifier: 30:7E:74:ED:C4:45:5C:D3:5E:A9:A7:71:41:D2:B2:C2:11:E4:CA:50 Certificate issuer: /CN=27f958c3b759b2c7896f5ed663e807781f3ff5a2 Certificate serial: 019B7DCB27C3E4C0B59B0958ADE02A1F8B93 Authority key identifier: 27:F9:58:C3:B7:59:B2:C7:89:6F:5E:D6:63:E8:07:78:1F:3F:F5:A2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J_lYw7dZsseJb17WY-gHeB8_9aI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/cdbfbd-ed67-44b7-9e1f-b29107b98acc/1/MH507cRFXNNeqadxQdKywhHkylA.roa Signing time: Fri 02 Jan 2026 08:20:24 +0000 ROA not before: Fri 02 Jan 2026 08:20:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210168 IP address blocks: 5.1.127.0/24 maxlen: 24 2a02:e747::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/cdbfbd-ed67-44b7-9e1f-b29107b98acc/1/J_lYw7dZsseJb17WY-gHeB8_9aI.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/cdbfbd-ed67-44b7-9e1f-b29107b98acc/1/J_lYw7dZsseJb17WY-gHeB8_9aI.mft rsync://rpki.ripe.net/repository/DEFAULT/J_lYw7dZsseJb17WY-gHeB8_9aI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:27:c3:e4:c0:b5:9b:09:58:ad:e0:2a:1f:8b:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=27f958c3b759b2c7896f5ed663e807781f3ff5a2 Validity Not Before: Jan 2 08:20:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=307e74edc4455cd35ea9a77141d2b2c211e4ca50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:9d:19:58:cb:8e:2b:1b:8f:38:1c:9c:96:81: ac:a0:d0:c0:f4:79:eb:f1:14:e5:4d:77:51:03:3b: 5c:cc:10:73:83:47:46:55:2d:7a:2f:b5:d5:2d:df: da:22:2d:c3:a7:cd:06:9f:d4:5a:6c:04:89:66:15: 2d:11:2c:25:07:76:56:66:c7:75:d3:72:f0:5a:f7: 53:74:60:d2:e9:d4:33:92:c0:fe:86:bb:60:f6:6e: f8:18:6b:e9:1e:d6:66:6b:52:ac:f7:49:4b:0a:92: 95:50:c4:50:46:59:5b:f1:e4:c3:b3:94:8f:6e:f4: 2c:a2:72:a7:6e:ea:cf:7f:10:ca:db:72:3c:b1:7a: fc:88:51:dc:cd:9b:88:eb:6f:b8:05:c4:5d:2c:95: 87:f8:1d:fc:91:57:30:57:d2:36:69:8f:25:35:26: 8f:92:0f:fe:fd:70:0c:89:ae:a6:0c:4a:d8:43:53: 0f:c2:90:90:a3:33:23:6c:ac:bc:01:2f:87:f6:50: 23:d6:d6:52:1f:93:5e:f5:8c:f9:b4:ca:31:25:3a: d2:a4:d8:b8:48:66:c1:d3:9d:7b:b3:91:4c:6b:82: e7:15:28:5f:13:cd:e2:1f:9a:99:c3:5f:c8:63:6e: 59:d6:be:69:08:2f:e2:9a:c3:e1:24:27:49:da:f5: 10:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:7E:74:ED:C4:45:5C:D3:5E:A9:A7:71:41:D2:B2:C2:11:E4:CA:50 X509v3 Authority Key Identifier: keyid:27:F9:58:C3:B7:59:B2:C7:89:6F:5E:D6:63:E8:07:78:1F:3F:F5:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J_lYw7dZsseJb17WY-gHeB8_9aI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/cdbfbd-ed67-44b7-9e1f-b29107b98acc/1/MH507cRFXNNeqadxQdKywhHkylA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/cdbfbd-ed67-44b7-9e1f-b29107b98acc/1/J_lYw7dZsseJb17WY-gHeB8_9aI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.1.127.0/24 IPv6: 2a02:e747::/48 Signature Algorithm: sha256WithRSAEncryption 0f:3e:85:06:6c:21:f1:89:bc:90:b9:8a:39:34:83:a7:be:9b: 08:d1:c2:8a:74:f7:a1:ec:79:35:bc:59:ab:8b:9d:9c:40:ab: 82:c5:33:16:cd:20:09:e5:6c:79:5b:83:f7:3d:7e:00:38:f1: 63:c6:28:5b:62:cc:d9:2f:05:d1:06:1b:18:a1:31:f7:d4:5e: b9:39:bf:08:03:3e:e3:77:9c:22:9b:76:14:eb:74:dc:bc:d7: 90:cb:ba:de:95:e4:db:06:9c:d9:89:c0:50:f6:d6:d7:c9:15: ee:7e:78:aa:5c:04:30:1f:ae:cd:03:5b:29:53:27:a9:51:11: 42:c6:88:ce:4f:6a:75:76:5a:22:d5:d5:f9:bf:af:bc:7d:f3: 60:0e:b9:ae:ea:48:13:c7:88:7d:2b:d2:bd:e3:cf:08:b8:9f: 76:73:6a:33:68:80:ff:cd:07:3e:bd:6f:25:1e:84:19:30:9a: b8:e2:d1:8f:d5:e0:a4:d9:11:16:d3:61:55:15:cc:f4:6b:cb: 07:bf:03:58:e5:cd:80:c3:cd:dd:21:35:eb:02:58:e0:77:ef: d5:9f:9c:e3:d9:c6:92:fe:f4:ca:0c:e6:05:8b:80:54:7a:f7: cb:1f:4c:48:e2:0c:53:71:54:25:f3:2b:cc:70:2a:f2:05:c1: 1d:ec:bf:a2 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt9yyfD5MC1mwlYreAqH4uTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI3Zjk1OGMzYjc1OWIyYzc4OTZmNWVkNjYzZTgwNzc4MWYz ZmY1YTIwHhcNMjYwMTAyMDgyMDI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMDdlNzRlZGM0NDU1Y2QzNWVhOWE3NzE0MWQyYjJjMjExZTRjYTUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu50ZWMuOKxuPOBycloGsoNDA9Hnr 8RTlTXdRAztczBBzg0dGVS16L7XVLd/aIi3Dp80Gn9RabASJZhUtESwlB3ZWZsd1 03LwWvdTdGDS6dQzksD+hrtg9m74GGvpHtZma1Ks90lLCpKVUMRQRllb8eTDs5SP bvQsonKnburPfxDK23I8sXr8iFHczZuI62+4BcRdLJWH+B38kVcwV9I2aY8lNSaP kg/+/XAMia6mDErYQ1MPwpCQozMjbKy8AS+H9lAj1tZSH5Ne9Yz5tMoxJTrSpNi4 SGbB0517s5FMa4LnFShfE83iH5qZw1/IY25Z1r5pCC/imsPhJCdJ2vUQQwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFDB+dO3ERVzTXqmncUHSssIR5MpQMB8GA1UdIwQY MBaAFCf5WMO3WbLHiW9e1mPoB3gfP/WiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSl9sWXc3ZFpzc2VKYjE3V1ktZ0hlQjhfOWFJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9jZGJmYmQtZWQ2Ny00NGI3LTllMWYt YjI5MTA3Yjk4YWNjLzEvTUg1MDdjUkZYTk5lcWFkeFFkS3l3aEhreWxBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy9jZGJmYmQtZWQ2Ny00NGI3LTllMWYtYjI5MTA3Yjk4YWNj LzEvSl9sWXc3ZFpzc2VKYjE3V1ktZ0hlQjhfOWFJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQABQF/MA8E AgACMAkDBwAqAudHAAAwDQYJKoZIhvcNAQELBQADggEBAA8+hQZsIfGJvJC5ijk0 g6e+mwjRwop096HseTW8WauLnZxAq4LFMxbNIAnlbHlbg/c9fgA48WPGKFtizNkv BdEGGxihMffUXrk5vwgDPuN3nCKbdhTrdNy815DLut6V5NsGnNmJwFD21tfJFe5+ eKpcBDAfrs0DWylTJ6lREULGiM5PanV2WiLV1fm/r7x982AOua7qSBPHiH0r0r3j zwi4n3ZzajNogP/NBz69byUehBkwmrji0Y/V4KTZERbTYVUVzPRrywe/A1jlzYDD zd0hNesCWOB379WfnOPZxpL+9MoM5gWLgFR698sfTEjiDFNxVCXzK8xwKvIFwR3s v6I= -----END CERTIFICATE-----Generated at Sun Jan 25 22:41:49 2026 by rpki-client