This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/MZ3-_phVg1JFlbxR5OJP-KpStoE.roa File: MZ3-_phVg1JFlbxR5OJP-KpStoE.roa (raw, json) Hash identifier: GHqHuGXUotJGH2X0xBNvkiEuBK4TdiZ8BJK/Jxpgz1s= Subject key identifier: 31:9D:FE:FE:98:55:83:52:45:95:BC:51:E4:E2:4F:F8:AA:52:B6:81 Certificate issuer: /CN=0c5140282591f9912f9639ee1412b6d1dcff0861 Certificate serial: 019B7F1372058CE8CB6F51F1026D80A8AF27 Authority key identifier: 0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/MZ3-_phVg1JFlbxR5OJP-KpStoE.roa Signing time: Fri 02 Jan 2026 14:18:59 +0000 ROA not before: Fri 02 Jan 2026 14:18:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201089 IP address blocks: 188.72.40.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.mft rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:13:72:05:8c:e8:cb:6f:51:f1:02:6d:80:a8:af:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0c5140282591f9912f9639ee1412b6d1dcff0861 Validity Not Before: Jan 2 14:18:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=319dfefe985583524595bc51e4e24ff8aa52b681 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:a2:92:75:db:1e:dc:ca:4f:64:aa:2f:7b:cc: 1e:65:85:20:67:17:2a:2c:ff:70:c7:13:e8:01:6d: 15:df:c7:30:27:77:d0:bc:8d:c1:c4:71:a5:df:18: d3:45:39:ba:8c:70:bd:82:bf:4b:3b:21:40:87:44: c7:5f:4b:a9:2e:aa:15:37:aa:be:d8:b5:eb:e7:d5: cb:d3:d6:11:fc:01:53:a6:de:0a:33:fb:11:c2:5c: 4c:33:e7:f9:10:08:35:be:71:f0:e5:4a:fa:9f:86: 91:fd:63:bc:b9:69:23:83:ec:b0:5d:e9:ef:19:2b: cf:5d:16:23:18:ec:5d:ee:6f:c7:af:77:79:b5:81: 1c:7a:01:11:0b:8f:cc:56:0e:cf:07:ca:d6:29:d1: dd:dd:1e:d0:96:03:9a:00:57:47:95:f8:75:dc:76: 64:af:fa:52:26:8d:69:a5:64:1b:f9:36:de:4b:7c: 35:3c:fa:4a:ce:63:e4:83:4e:a8:ec:6a:9b:7e:d3: 8b:63:b6:03:84:39:38:96:b1:7b:eb:a8:83:5c:e3: 15:4f:b0:3e:28:59:1a:17:7c:73:59:c2:f0:44:38: 8f:d3:6d:16:df:09:d4:a4:d2:43:a1:54:7a:52:c6: 4e:03:ea:59:28:5e:f6:bc:ab:fc:68:b4:5b:c9:29: db:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:9D:FE:FE:98:55:83:52:45:95:BC:51:E4:E2:4F:F8:AA:52:B6:81 X509v3 Authority Key Identifier: keyid:0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/MZ3-_phVg1JFlbxR5OJP-KpStoE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 188.72.40.0/24 Signature Algorithm: sha256WithRSAEncryption 29:b5:34:2a:7e:56:26:3b:f2:da:81:9c:91:c0:46:cb:0c:33: c8:8a:f3:26:07:97:a0:fc:41:cc:e5:21:47:02:81:09:88:f2: 97:b5:b5:e4:1c:f5:ef:17:eb:e4:53:3c:f7:24:25:78:a0:e1: d9:ce:29:7a:6a:5f:38:3d:72:83:b1:71:3b:03:76:4c:90:7b: b5:ed:86:cb:0c:99:0e:91:17:3c:7c:26:d8:2c:54:17:ca:dd: ad:34:9e:19:ee:de:4e:61:6f:b3:a3:fd:1a:b4:19:9d:48:57: 18:5c:15:09:21:fc:d4:85:40:f6:34:2e:49:f6:19:1a:c6:34: bd:79:25:5f:0c:ff:76:b9:93:49:1d:89:cb:af:0f:4f:70:e9: 8c:72:c5:75:fb:43:92:6c:d5:ef:6c:7c:8c:be:1c:c1:a2:a4: 7a:6a:0a:3e:32:8f:7f:34:71:ca:d6:fc:78:71:ba:06:b9:a1: b8:36:43:35:e0:77:45:ed:5b:b3:3b:34:70:e3:8d:05:5b:3d: cf:3d:bc:75:2f:43:8e:9d:68:b8:f2:1d:13:48:96:59:0f:b6: 80:4f:26:2c:0f:00:a5:fd:26:52:22:48:46:d0:ea:d4:0e:c3: 97:77:b3:6b:f3:79:3a:84:54:75:4b:af:a2:e4:58:0f:bd:d6: 9a:fc:f6:d6 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/E3IFjOjLb1HxAm2AqK8nMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBjNTE0MDI4MjU5MWY5OTEyZjk2MzllZTE0MTJiNmQxZGNm ZjA4NjEwHhcNMjYwMTAyMTQxODU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMTlkZmVmZTk4NTU4MzUyNDU5NWJjNTFlNGUyNGZmOGFhNTJiNjgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqKSddse3MpPZKove8weZYUgZxcq LP9wxxPoAW0V38cwJ3fQvI3BxHGl3xjTRTm6jHC9gr9LOyFAh0THX0upLqoVN6q+ 2LXr59XL09YR/AFTpt4KM/sRwlxMM+f5EAg1vnHw5Ur6n4aR/WO8uWkjg+ywXenv GSvPXRYjGOxd7m/Hr3d5tYEcegERC4/MVg7PB8rWKdHd3R7QlgOaAFdHlfh13HZk r/pSJo1ppWQb+TbeS3w1PPpKzmPkg06o7GqbftOLY7YDhDk4lrF766iDXOMVT7A+ KFkaF3xzWcLwRDiP020W3wnUpNJDoVR6UsZOA+pZKF72vKv8aLRbySnbdQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFDGd/v6YVYNSRZW8UeTiT/iqUraBMB8GA1UdIwQY MBaAFAxRQCglkfmRL5Y57hQSttHc/whhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUt ZGU5MTQ2OWQzNzcyLzEvTVozLV9waFZnMUpGbGJ4UjVPSlAtS3BTdG9FLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUtZGU5MTQ2OWQzNzcy LzEvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvEgoMA0G CSqGSIb3DQEBCwUAA4IBAQAptTQqflYmO/LagZyRwEbLDDPIivMmB5eg/EHM5SFH AoEJiPKXtbXkHPXvF+vkUzz3JCV4oOHZzil6al84PXKDsXE7A3ZMkHu17YbLDJkO kRc8fCbYLFQXyt2tNJ4Z7t5OYW+zo/0atBmdSFcYXBUJIfzUhUD2NC5J9hkaxjS9 eSVfDP92uZNJHYnLrw9PcOmMcsV1+0OSbNXvbHyMvhzBoqR6ago+Mo9/NHHK1vx4 cboGuaG4NkM14HdF7VuzOzRw440FWz3PPbx1L0OOnWi48h0TSJZZD7aATyYsDwCl /SZSIkhG0OrUDsOXd7Nr83k6hFR1S6+i5FgPvdaa/PbW -----END CERTIFICATE-----Generated at Sun Jan 25 07:16:20 2026 by rpki-client