This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/mxim8hiMW6KSmM1j_q23upqnj0k.roa File: mxim8hiMW6KSmM1j_q23upqnj0k.roa (raw, json) Hash identifier: hg33XIuLOCBoWLYKxDMan6DF9gxch5zAkStGQyi0GIM= Subject key identifier: 9B:18:A6:F2:18:8C:5B:A2:92:98:CD:63:FE:AD:B7:BA:9A:A7:8F:49 Certificate issuer: /CN=30a34f9d1dbd20aa87fb0f62bd2b6c5e30c614a2 Certificate serial: 019BB34EA5BDEAF4ACFD60B8D35F54AD2E44 Authority key identifier: 30:A3:4F:9D:1D:BD:20:AA:87:FB:0F:62:BD:2B:6C:5E:30:C6:14:A2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MKNPnR29IKqH-w9ivStsXjDGFKI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/mxim8hiMW6KSmM1j_q23upqnj0k.roa Signing time: Mon 12 Jan 2026 17:43:54 +0000 ROA not before: Mon 12 Jan 2026 17:43:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 54538 IP address blocks: 193.110.180.0/23 maxlen: 24 195.88.212.0/24 maxlen: 24 2a14:dc00::/48 maxlen: 48 2a14:dc00:1::/48 maxlen: 48 2a14:dc00:2::/48 maxlen: 48 2a14:dc00:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/MKNPnR29IKqH-w9ivStsXjDGFKI.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/MKNPnR29IKqH-w9ivStsXjDGFKI.mft rsync://rpki.ripe.net/repository/DEFAULT/MKNPnR29IKqH-w9ivStsXjDGFKI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b3:4e:a5:bd:ea:f4:ac:fd:60:b8:d3:5f:54:ad:2e:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=30a34f9d1dbd20aa87fb0f62bd2b6c5e30c614a2 Validity Not Before: Jan 12 17:43:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9b18a6f2188c5ba29298cd63feadb7ba9aa78f49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:99:00:b5:a7:15:24:b0:d8:80:70:a3:be:0d: bb:35:a2:94:f5:24:3f:16:85:03:ec:96:e1:08:3c: ed:dc:90:84:94:89:ac:d4:d6:16:7b:82:a9:ec:9d: 06:10:84:c3:b5:3e:d5:aa:79:b3:79:05:03:9c:52: c0:d0:40:0b:b5:ff:5b:0a:38:60:07:10:05:69:c2: 5f:02:e5:4b:72:ba:05:f6:8a:a0:84:03:da:f0:52: 11:42:1a:87:21:85:88:e5:0e:5b:a3:c1:2c:56:1a: e0:5e:55:c7:f3:ba:73:81:70:57:ed:71:86:7f:cc: a5:da:d1:4d:92:4b:60:49:97:c7:c9:69:db:d0:29: 5c:4b:3f:ef:e5:1b:c3:3f:30:c9:b4:e4:b8:ad:54: 0c:21:77:f1:ad:b8:88:a7:52:c2:84:29:47:2e:51: 78:0d:f2:33:fc:c1:6a:7c:e1:a3:3c:e4:54:61:1d: 2f:20:3d:53:39:c0:b7:b4:2a:11:50:26:f8:a5:04: 0b:54:b8:d7:9b:00:24:5e:1f:0f:06:8b:01:d2:84: 50:83:cb:35:d2:d8:bd:97:f9:49:c1:44:fe:73:6f: 98:f9:2b:71:92:f8:74:4f:f1:23:66:37:37:3f:13: d8:8b:5c:ce:5a:ae:18:f6:ad:96:ca:59:41:a8:5f: 5c:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:18:A6:F2:18:8C:5B:A2:92:98:CD:63:FE:AD:B7:BA:9A:A7:8F:49 X509v3 Authority Key Identifier: keyid:30:A3:4F:9D:1D:BD:20:AA:87:FB:0F:62:BD:2B:6C:5E:30:C6:14:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MKNPnR29IKqH-w9ivStsXjDGFKI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/mxim8hiMW6KSmM1j_q23upqnj0k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/MKNPnR29IKqH-w9ivStsXjDGFKI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.110.180.0/23 195.88.212.0/24 IPv6: 2a14:dc00::/46 Signature Algorithm: sha256WithRSAEncryption 99:3b:7e:0e:35:a5:4a:71:df:01:90:a0:42:12:92:26:b6:0c: f6:54:00:5c:e7:51:75:cf:45:71:ac:73:5d:79:97:6a:c4:31: 26:32:7e:a9:ed:a5:10:34:95:aa:e3:32:b5:0f:a9:03:87:e7: d8:86:43:eb:20:41:a3:d5:e7:f5:e7:f4:67:8f:7f:68:c7:c8: ac:98:cb:78:00:56:25:16:81:5a:4f:a7:4f:16:96:e1:30:3c: 75:ee:96:ff:8e:3a:91:a1:bc:5a:11:ea:b8:d1:5d:d1:5b:0e: b3:0b:bd:1c:0a:86:c6:ae:84:bd:45:7b:9d:7c:60:c6:9b:e4: 2a:1b:41:60:d9:ef:bc:3a:d4:38:99:c3:75:f0:ba:21:d9:eb: 24:78:24:89:51:8b:4d:bf:dd:e6:19:a7:db:ec:cd:b1:c4:d4: f2:fc:7d:f9:fa:d5:3f:ba:31:00:15:7c:7e:0c:ca:06:d5:2e: ef:c3:27:97:2c:2e:1c:c8:28:06:c6:31:67:54:20:bc:fd:e2: 36:d5:a0:69:fc:d3:6d:7c:43:a9:05:a3:f0:99:f2:fe:56:c0: 9f:9e:f6:92:d2:4a:3d:a2:95:1a:65:b3:55:7c:43:89:09:1c: b4:7b:85:f3:4c:b3:3f:19:c3:ca:a6:8f:38:61:c2:f3:6f:bb: 20:76:25:d0 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZuzTqW96vSs/WC4019UrS5EMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMwYTM0ZjlkMWRiZDIwYWE4N2ZiMGY2MmJkMmI2YzVlMzBj NjE0YTIwHhcNMjYwMTEyMTc0MzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5YjE4YTZmMjE4OGM1YmEyOTI5OGNkNjNmZWFkYjdiYTlhYTc4ZjQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJkAtacVJLDYgHCjvg27NaKU9SQ/ FoUD7JbhCDzt3JCElIms1NYWe4Kp7J0GEITDtT7VqnmzeQUDnFLA0EALtf9bCjhg BxAFacJfAuVLcroF9oqghAPa8FIRQhqHIYWI5Q5bo8EsVhrgXlXH87pzgXBX7XGG f8yl2tFNkktgSZfHyWnb0ClcSz/v5RvDPzDJtOS4rVQMIXfxrbiIp1LChClHLlF4 DfIz/MFqfOGjPORUYR0vID1TOcC3tCoRUCb4pQQLVLjXmwAkXh8PBosB0oRQg8s1 0ti9l/lJwUT+c2+Y+Stxkvh0T/EjZjc3PxPYi1zOWq4Y9q2WyllBqF9cjwIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFJsYpvIYjFuikpjNY/6tt7qap49JMB8GA1UdIwQY MBaAFDCjT50dvSCqh/sPYr0rbF4wxhSiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTUtOUG5SMjlJS3FILXc5aXZTdHNYakRHRktJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9lZTQ3MzItYzNiYS00MDg4LWE1ZmEt ZWI2NTNkMzYyMmJiLzEvbXhpbThoaU1XNktTbU0xal9xMjN1cHFuajBrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy9lZTQ3MzItYzNiYS00MDg4LWE1ZmEtZWI2NTNkMzYyMmJi LzEvTUtOUG5SMjlJS3FILXc5aXZTdHNYakRHRktJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBwW60AwQA w1jUMA8EAgACMAkDBwIqFNwAAAAwDQYJKoZIhvcNAQELBQADggEBAJk7fg41pUpx 3wGQoEISkia2DPZUAFznUXXPRXGsc115l2rEMSYyfqntpRA0larjMrUPqQOH59iG Q+sgQaPV5/Xn9GePf2jHyKyYy3gAViUWgVpPp08WluEwPHXulv+OOpGhvFoR6rjR XdFbDrMLvRwKhsauhL1Fe518YMab5CobQWDZ77w61DiZw3XwuiHZ6yR4JIlRi02/ 3eYZp9vszbHE1PL8ffn61T+6MQAVfH4MygbVLu/DJ5csLhzIKAbGMWdUILz94jbV oGn80218Q6kFo/CZ8v5WwJ+e9pLSSj2ilRpls1V8Q4kJHLR7hfNMsz8Zw8qmjzhh wvNvuyB2JdA= -----END CERTIFICATE-----Generated at Sun Jan 25 17:22:24 2026 by rpki-client