This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/mscT-yjpefQxwhiAkQBK5LU9YNI.roa File: mscT-yjpefQxwhiAkQBK5LU9YNI.roa (raw, json) Hash identifier: AFKqRZpefBn2UqJLZfz5iAvOxe4M4XZCr9/bNjwQOC4= Subject key identifier: 9A:C7:13:FB:28:E9:79:F4:31:C2:18:80:91:00:4A:E4:B5:3D:60:D2 Certificate issuer: /CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2 Certificate serial: 019B7BA36ECB7FB299721297C49C96A68598 Authority key identifier: 29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/mscT-yjpefQxwhiAkQBK5LU9YNI.roa Signing time: Thu 01 Jan 2026 22:17:46 +0000 ROA not before: Thu 01 Jan 2026 22:17:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211891 IP address blocks: 2a01:e901:103::/48 maxlen: 48 2a01:e901:113::/48 maxlen: 48 2a01:e901:123::/48 maxlen: 48 2a01:e901:133::/48 maxlen: 48 2a01:e901:143::/48 maxlen: 48 2a01:e901:153::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.mft rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:6e:cb:7f:b2:99:72:12:97:c4:9c:96:a6:85:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2 Validity Not Before: Jan 1 22:17:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9ac713fb28e979f431c2188091004ae4b53d60d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:c1:30:5f:02:9c:10:8a:f1:17:dc:d8:f0:74: 71:55:2c:12:14:01:ee:31:1a:a9:2f:3b:33:ac:73: 4e:77:53:f2:b6:db:f8:29:b2:f8:0b:0b:91:9f:ff: 70:fc:aa:7a:d7:40:c9:d9:9c:22:f1:87:0f:5c:8d: f7:69:32:3c:2f:68:e5:5c:75:f3:2b:7d:0f:61:1c: 3b:09:d9:2e:87:29:97:0d:60:28:4c:58:e7:b6:a4: 00:c6:7b:42:36:cd:b9:7b:4d:51:07:c5:5c:f7:91: e3:cc:bd:64:d8:99:da:02:c8:f9:a2:8d:4d:19:5d: 07:64:bf:92:ab:16:f3:28:2c:68:83:07:89:49:1e: 3c:f1:73:b3:f1:4a:4f:f8:05:5d:90:73:f9:b5:cd: 30:72:15:2f:1a:28:0b:d0:3a:ae:7b:2c:07:69:db: 09:93:8b:1d:67:89:18:a6:b8:e6:68:15:c4:4f:19: 61:86:cb:0c:e2:54:83:4a:c8:26:d8:f0:02:bf:e3: 75:8b:38:25:ff:3f:8b:68:8a:ce:4e:12:9e:b1:cb: 7f:f9:1f:4c:c0:3f:ce:ec:6d:e8:0b:1b:d5:db:b4: d4:6e:23:c4:e2:66:1a:79:03:89:39:7b:43:ca:d5: ac:54:24:5a:61:b4:e3:f3:15:64:c7:4b:7d:6d:90: 11:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:C7:13:FB:28:E9:79:F4:31:C2:18:80:91:00:4A:E4:B5:3D:60:D2 X509v3 Authority Key Identifier: keyid:29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/mscT-yjpefQxwhiAkQBK5LU9YNI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:e901:103::/48 2a01:e901:113::/48 2a01:e901:123::/48 2a01:e901:133::/48 2a01:e901:143::/48 2a01:e901:153::/48 Signature Algorithm: sha256WithRSAEncryption 30:eb:11:6c:a0:77:b9:11:f6:89:06:6c:2e:a8:3f:d0:b7:93: c3:85:d1:f8:c9:19:c2:a8:65:dc:04:bb:fd:95:d5:cc:e8:87: d4:14:85:3f:d0:28:f7:31:0f:7f:48:d3:5c:c1:76:0b:0f:6d: 79:f0:88:05:f1:87:34:56:34:a4:93:e1:7f:f2:ea:2c:5a:53: 6c:90:d8:20:52:3b:d5:12:b1:58:f1:21:53:c6:20:f5:cb:0e: 1e:16:b2:07:25:ad:97:21:31:3a:8b:76:93:94:6e:26:aa:a5: 08:cd:fe:7b:b9:3b:88:d2:72:ff:a9:1a:bd:70:7d:1c:31:b0: c3:c5:36:84:66:75:8f:78:91:4e:ff:32:8b:2d:b1:38:23:f4: bd:aa:bd:b8:2d:0e:ab:40:bc:4b:ac:3e:a6:f0:50:b7:eb:ae: c5:e6:81:84:ba:c8:78:99:66:59:f4:85:3d:1d:78:c2:0b:73: 81:91:cb:c4:e5:7d:76:9c:54:d2:11:3a:1c:7e:c4:45:32:24: a6:95:15:9d:39:8c:8e:99:e2:88:9d:e1:c4:e2:28:a8:3a:72: 96:59:9b:c8:1d:44:c6:8c:50:d3:b2:77:d3:cf:e9:71:5a:2b: b0:fb:df:af:1a:5e:4c:89:e2:b5:15:6f:dd:20:9f:d2:2d:76: c7:99:72:d0 -----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgISAZt7o27Lf7KZchKXxJyWpoWYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5NjhiNGUwZWY4MTA2ZjBlMTJhYjhlNTAxZDJhYTRlMzZi NzgzYzIwHhcNMjYwMTAxMjIxNzQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5YWM3MTNmYjI4ZTk3OWY0MzFjMjE4ODA5MTAwNGFlNGI1M2Q2MGQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cEwXwKcEIrxF9zY8HRxVSwSFAHu MRqpLzszrHNOd1Pyttv4KbL4CwuRn/9w/Kp610DJ2Zwi8YcPXI33aTI8L2jlXHXz K30PYRw7CdkuhymXDWAoTFjntqQAxntCNs25e01RB8Vc95HjzL1k2JnaAsj5oo1N GV0HZL+SqxbzKCxogweJSR488XOz8UpP+AVdkHP5tc0wchUvGigL0DqueywHadsJ k4sdZ4kYprjmaBXETxlhhssM4lSDSsgm2PACv+N1izgl/z+LaIrOThKesct/+R9M wD/O7G3oCxvV27TUbiPE4mYaeQOJOXtDytWsVCRaYbTj8xVkx0t9bZAR+QIDAQAB o4ICOTCCAjUwHQYDVR0OBBYEFJrHE/so6Xn0McIYgJEASuS1PWDSMB8GA1UdIwQY MBaAFClotODvgQbw4Sq45QHSqk42t4PCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQt NDRmOGVkNWQ2MWQ3LzEvbXNjVC15anBlZlF4d2hpQWtRQks1TFU5WU5JLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQtNDRmOGVkNWQ2MWQ3 LzEvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKgHpAQED AwcAKgHpAQETAwcAKgHpAQEjAwcAKgHpAQEzAwcAKgHpAQFDAwcAKgHpAQFTMA0G CSqGSIb3DQEBCwUAA4IBAQAw6xFsoHe5EfaJBmwuqD/Qt5PDhdH4yRnCqGXcBLv9 ldXM6IfUFIU/0Cj3MQ9/SNNcwXYLD2158IgF8Yc0VjSkk+F/8uosWlNskNggUjvV ErFY8SFTxiD1yw4eFrIHJa2XITE6i3aTlG4mqqUIzf57uTuI0nL/qRq9cH0cMbDD xTaEZnWPeJFO/zKLLbE4I/S9qr24LQ6rQLxLrD6m8FC3667F5oGEush4mWZZ9IU9 HXjCC3OBkcvE5X12nFTSETocfsRFMiSmlRWdOYyOmeKIneHE4iioOnKWWZvIHUTG jFDTsnfTz+lxWiuw+9+vGl5MieK1FW/dIJ/SLXbHmXLQ -----END CERTIFICATE-----Generated at Sun Jan 25 17:19:44 2026 by rpki-client