This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/MKtsGpw9I5wxTawe6A7-A7ITeNY.roa File: MKtsGpw9I5wxTawe6A7-A7ITeNY.roa (raw, json) Hash identifier: 0aJH4cqWlsKLMUdXJdPBt/YU/hEwfMbx7ASjTktn928= Subject key identifier: 30:AB:6C:1A:9C:3D:23:9C:31:4D:AC:1E:E8:0E:FE:03:B2:13:78:D6 Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b Certificate serial: 019B78344018D3D554A3B8AE4A5DECB15AE8 Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/MKtsGpw9I5wxTawe6A7-A7ITeNY.roa Signing time: Thu 01 Jan 2026 06:17:28 +0000 ROA not before: Thu 01 Jan 2026 06:17:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3301 IP address blocks: 192.36.96.0/24 maxlen: 24 192.121.40.0/24 maxlen: 24 192.121.50.0/23 maxlen: 23 192.121.52.0/24 maxlen: 24 192.121.115.0/24 maxlen: 24 192.121.229.0/24 maxlen: 24 192.165.8.0/24 maxlen: 24 192.165.12.0/24 maxlen: 24 192.165.31.0/24 maxlen: 24 192.165.95.0/24 maxlen: 24 192.165.173.0/24 maxlen: 24 192.165.180.0/24 maxlen: 24 192.165.229.0/24 maxlen: 24 192.176.124.0/24 maxlen: 24 193.180.7.0/24 maxlen: 24 193.180.175.0/24 maxlen: 24 193.180.176.0/24 maxlen: 24 193.181.72.0/24 maxlen: 24 193.181.73.0/24 maxlen: 24 193.181.74.0/24 maxlen: 24 193.182.107.0/24 maxlen: 24 193.182.126.0/24 maxlen: 24 193.182.152.0/23 maxlen: 23 193.182.152.0/24 maxlen: 24 193.182.153.0/24 maxlen: 24 193.182.190.0/24 maxlen: 24 193.183.228.0/23 maxlen: 23 193.183.230.0/23 maxlen: 23 193.183.236.0/23 maxlen: 23 193.234.184.0/24 maxlen: 24 193.234.185.0/24 maxlen: 24 193.235.48.0/24 maxlen: 24 193.235.152.0/24 maxlen: 24 194.14.154.0/24 maxlen: 24 194.14.155.0/24 maxlen: 24 194.14.156.0/24 maxlen: 24 194.14.245.0/24 maxlen: 24 194.68.72.0/22 maxlen: 22 194.68.76.0/23 maxlen: 23 194.68.79.0/24 maxlen: 24 194.68.127.0/24 maxlen: 24 194.103.240.0/20 maxlen: 20 194.103.240.0/21 maxlen: 21 194.103.249.0/24 maxlen: 24 194.103.250.0/23 maxlen: 23 194.103.252.0/22 maxlen: 22 194.132.95.0/24 maxlen: 24 194.132.188.0/23 maxlen: 23 194.132.190.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:40:18:d3:d5:54:a3:b8:ae:4a:5d:ec:b1:5a:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b Validity Not Before: Jan 1 06:17:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=30ab6c1a9c3d239c314dac1ee80efe03b21378d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:0c:c7:b4:a1:1d:25:f1:78:0b:a1:3a:4a:a5: 83:2e:c6:2d:5a:36:32:28:b8:a6:a4:cb:e8:d6:3e: fd:06:19:29:77:87:7d:4d:76:9c:b0:a4:8a:f2:80: 99:16:94:db:91:fd:b3:b3:f4:6b:bc:59:15:d7:f1: b5:f4:8e:62:d0:99:e0:f1:b6:33:7b:da:16:32:a6: 45:1e:f3:14:f3:be:e7:16:e6:ee:6e:ff:58:e7:28: c7:6a:ac:30:13:bd:cc:2a:d1:5c:fe:e2:59:60:bf: 5f:25:7f:50:68:99:32:b6:0e:4b:c5:3b:25:e1:db: cd:16:f6:a0:b6:5d:71:fc:dc:ab:b4:01:4b:ab:f0: ad:dd:12:64:0c:b8:d0:09:d2:de:45:60:28:c5:56: cf:c2:fc:e7:14:16:83:31:d5:08:ee:9a:b3:16:c7: 13:4c:71:dc:4d:e8:3f:88:38:6f:77:8e:a2:70:f7: 26:bd:c0:3f:63:2c:11:5f:bc:ca:3a:78:e0:57:26: d2:81:a0:fa:3a:20:06:43:91:a8:2c:0b:bd:99:e6: 2b:df:04:c4:94:6e:52:7b:ca:19:e7:f4:8d:5b:38: f6:ec:19:a2:fd:d5:00:42:f8:fa:e6:77:e9:2c:db: 41:15:75:95:0f:e2:a4:c7:7e:c5:7f:af:01:9a:ff: 7e:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:AB:6C:1A:9C:3D:23:9C:31:4D:AC:1E:E8:0E:FE:03:B2:13:78:D6 X509v3 Authority Key Identifier: keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/MKtsGpw9I5wxTawe6A7-A7ITeNY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.36.96.0/24 192.121.40.0/24 192.121.50.0-192.121.52.255 192.121.115.0/24 192.121.229.0/24 192.165.8.0/24 192.165.12.0/24 192.165.31.0/24 192.165.95.0/24 192.165.173.0/24 192.165.180.0/24 192.165.229.0/24 192.176.124.0/24 193.180.7.0/24 193.180.175.0-193.180.176.255 193.181.72.0-193.181.74.255 193.182.107.0/24 193.182.126.0/24 193.182.152.0/23 193.182.190.0/24 193.183.228.0/22 193.183.236.0/23 193.234.184.0/23 193.235.48.0/24 193.235.152.0/24 194.14.154.0-194.14.156.255 194.14.245.0/24 194.68.72.0-194.68.77.255 194.68.79.0/24 194.68.127.0/24 194.103.240.0/20 194.132.95.0/24 194.132.188.0/22 Signature Algorithm: sha256WithRSAEncryption ac:6f:f5:93:5e:22:b7:ce:7c:ef:10:b2:2a:55:48:36:ac:4e: 4d:f0:db:fc:64:0d:4f:1a:7f:e3:47:9b:c4:45:6d:8b:f1:6d: ce:03:d7:30:c7:7a:4c:b7:cc:e2:ee:4d:33:f6:6d:f5:fd:33: ca:e8:b2:70:10:91:66:64:aa:2f:8a:2a:52:a8:2b:b9:32:1f: 10:0f:dc:63:ce:da:6a:bd:c5:71:00:0b:77:4e:07:e6:ab:08: 28:10:54:1c:7f:f2:e1:4a:34:b5:1b:63:d2:44:01:0d:fe:c7: 33:31:a0:a6:0f:b4:e4:18:27:68:0f:c5:84:a5:b1:fe:d6:12: f6:c2:05:6d:f0:74:74:95:5c:8a:8f:3a:06:67:06:65:aa:71: 0a:2e:59:38:ea:4b:86:b3:e5:e2:14:ed:f7:a8:35:ac:e6:e3: 8d:a1:f3:d5:55:56:1d:fe:e7:7b:b0:5f:a0:f9:0a:74:38:7a: bd:87:0a:c5:45:bb:b6:48:ff:15:e6:c1:0a:cc:00:c1:0a:97: ec:f5:70:49:33:7f:bd:f4:7a:6e:c8:48:b3:33:89:e4:48:ff: 0a:f8:b8:b3:c6:30:db:7c:8d:e2:05:be:5d:07:f5:d3:5b:dc: 36:28:13:00:a0:25:79:54:a4:a4:c1:f3:2c:de:fd:97:10:24: ff:13:45:75 -----BEGIN CERTIFICATE----- MIIF6zCCBNOgAwIBAgISAZt4NEAY09VUo7iuSl3ssVroMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh ZGFmMWIwHhcNMjYwMTAxMDYxNzI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMGFiNmMxYTljM2QyMzljMzE0ZGFjMWVlODBlZmUwM2IyMTM3OGQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwzHtKEdJfF4C6E6SqWDLsYtWjYy KLimpMvo1j79Bhkpd4d9TXacsKSK8oCZFpTbkf2zs/RrvFkV1/G19I5i0Jng8bYz e9oWMqZFHvMU877nFububv9Y5yjHaqwwE73MKtFc/uJZYL9fJX9QaJkytg5LxTsl 4dvNFvagtl1x/NyrtAFLq/Ct3RJkDLjQCdLeRWAoxVbPwvznFBaDMdUI7pqzFscT THHcTeg/iDhvd46icPcmvcA/YywRX7zKOnjgVybSgaD6OiAGQ5GoLAu9meYr3wTE lG5Se8oZ5/SNWzj27Bmi/dUAQvj65nfpLNtBFXWVD+Kkx37Ff68Bmv9+aQIDAQAB o4IC9zCCAvMwHQYDVR0OBBYEFDCrbBqcPSOcMU2sHugO/gOyE3jWMB8GA1UdIwQY MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt OTQzZDAzMzIxMzI2LzEvTUt0c0dwdzlJNXd4VGF3ZTZBNy1BN0lUZU5ZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2 LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIBCwYIKwYBBQUHAQcBAf8EgfswgfgwgfUEAgABMIHuAwQA wCRgAwQAwHkoMAwDBAHAeTIDBADAeTQDBADAeXMDBADAeeUDBADApQgDBADApQwD BADApR8DBADApV8DBADApa0DBADApbQDBADApeUDBADAsHwDBADBtAcwDAMEAMG0 rwMEAMG0sDAMAwQDwbVIAwQAwbVKAwQAwbZrAwQAwbZ+AwQBwbaYAwQAwba+AwQC wbfkAwQBwbfsAwQBweq4AwQAweswAwQAweuYMAwDBAHCDpoDBADCDpwDBADCDvUw DAMEA8JESAMEAcJETAMEAMJETwMEAMJEfwMEBMJn8AMEAMKEXwMEAsKEvDANBgkq hkiG9w0BAQsFAAOCAQEArG/1k14it8587xCyKlVINqxOTfDb/GQNTxp/40ebxEVt i/FtzgPXMMd6TLfM4u5NM/Zt9f0zyuiycBCRZmSqL4oqUqgruTIfEA/cY87aar3F cQALd04H5qsIKBBUHH/y4Uo0tRtj0kQBDf7HMzGgpg+05BgnaA/FhKWx/tYS9sIF bfB0dJVcio86BmcGZapxCi5ZOOpLhrPl4hTt96g1rObjjaHz1VVWHf7ne7BfoPkK dDh6vYcKxUW7tkj/FebBCswAwQqX7PVwSTN/vfR6bshIszOJ5Ej/Cvi4s8Yw23yN 4gW+XQf101vcNigTAKAleVSkpMHzLN79lxAk/xNFdQ== -----END CERTIFICATE-----Generated at Sun Jan 25 11:02:00 2026 by rpki-client