This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/f92cd7-646c-441b-ae46-9b282c643256/1/M-CNQ4sKZCkmxmSMpP77FW0ZRzE.roa File: M-CNQ4sKZCkmxmSMpP77FW0ZRzE.roa (raw, json) Hash identifier: UdJnYqAMGHmI8rbxklRX18DI3O/ycqsbsTsYHZeAV1g= Subject key identifier: 33:E0:8D:43:8B:0A:64:29:26:C6:64:8C:A4:FE:FB:15:6D:19:47:31 Certificate issuer: /CN=7e1167886da81524431bbf2efb0572914b686ebc Certificate serial: 019B7DCAD3B44E3C05E75AF7A1366D785906 Authority key identifier: 7E:11:67:88:6D:A8:15:24:43:1B:BF:2E:FB:05:72:91:4B:68:6E:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fhFniG2oFSRDG78u-wVykUtobrw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/f92cd7-646c-441b-ae46-9b282c643256/1/M-CNQ4sKZCkmxmSMpP77FW0ZRzE.roa Signing time: Fri 02 Jan 2026 08:20:03 +0000 ROA not before: Fri 02 Jan 2026 08:20:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3360 IP address blocks: 195.160.148.0/24 maxlen: 24 195.160.149.0/24 maxlen: 24 212.39.229.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/f92cd7-646c-441b-ae46-9b282c643256/1/fhFniG2oFSRDG78u-wVykUtobrw.crl rsync://rpki.ripe.net/repository/DEFAULT/e2/f92cd7-646c-441b-ae46-9b282c643256/1/fhFniG2oFSRDG78u-wVykUtobrw.mft rsync://rpki.ripe.net/repository/DEFAULT/fhFniG2oFSRDG78u-wVykUtobrw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 05:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:d3:b4:4e:3c:05:e7:5a:f7:a1:36:6d:78:59:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7e1167886da81524431bbf2efb0572914b686ebc Validity Not Before: Jan 2 08:20:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=33e08d438b0a642926c6648ca4fefb156d194731 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:a8:a2:46:a1:f3:20:29:af:7b:73:ce:8c:36: ca:c7:bf:42:3b:a6:52:50:6b:81:38:84:b4:39:aa: e7:88:91:0c:e3:a4:3e:95:59:3e:9f:44:28:8c:59: 9d:84:d2:00:ec:8b:fd:61:ea:dc:b5:7c:6d:27:77: 3c:34:50:bb:32:0b:2e:1f:f8:59:9e:eb:7d:d8:ee: 82:87:ac:a5:a5:d3:28:22:9a:be:8c:8b:cd:e8:79: 6b:6d:e9:c8:38:07:99:9c:87:dc:c2:2f:8f:c6:50: 59:89:64:ec:01:40:67:4c:47:3b:c0:63:27:65:8f: 21:0b:d6:58:21:0e:dd:23:70:fc:54:d2:1f:3d:50: 04:e0:f3:5b:93:0f:df:72:c6:9d:7f:b7:04:92:a1: 3d:5c:2f:41:7b:f3:45:78:2c:b6:e4:61:2a:51:9b: a5:44:79:3b:b9:86:b7:de:bb:4a:5e:d4:f1:a7:fa: 90:74:b6:9d:cd:65:89:32:b4:ac:43:27:0d:49:5c: 4b:21:b8:4f:1b:30:9e:a1:e1:a0:e8:05:45:6f:e2: 3d:58:62:81:7e:fd:c5:66:62:46:da:1b:bc:b1:81: 83:d5:29:91:7d:af:d0:26:89:13:9d:8e:05:47:05: a3:e7:7e:37:ac:cb:31:85:91:ed:94:5f:33:90:1f: 7c:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:E0:8D:43:8B:0A:64:29:26:C6:64:8C:A4:FE:FB:15:6D:19:47:31 X509v3 Authority Key Identifier: keyid:7E:11:67:88:6D:A8:15:24:43:1B:BF:2E:FB:05:72:91:4B:68:6E:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fhFniG2oFSRDG78u-wVykUtobrw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f92cd7-646c-441b-ae46-9b282c643256/1/M-CNQ4sKZCkmxmSMpP77FW0ZRzE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f92cd7-646c-441b-ae46-9b282c643256/1/fhFniG2oFSRDG78u-wVykUtobrw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.160.148.0/23 212.39.229.0/24 Signature Algorithm: sha256WithRSAEncryption 63:91:c6:da:e7:a5:07:6d:d7:fa:fc:ac:df:2f:b5:a4:4e:2e: d5:b0:11:71:00:9e:44:02:b0:ea:b6:ba:98:28:9c:68:01:db: 1c:bc:e7:a1:b0:f6:be:95:61:89:f8:c2:93:19:81:c9:55:60: a6:15:db:79:eb:9b:8c:c6:39:a2:75:b5:f5:37:f1:c8:47:c5: 31:15:d9:6e:e0:1f:8c:3b:fa:24:2a:8f:00:05:48:f7:66:56: 98:b0:e8:27:b0:fa:64:95:d7:4c:1c:05:c3:bb:28:c7:ea:b1: 40:1e:52:d1:43:df:02:32:b3:e3:77:49:02:c4:82:70:88:e0: aa:f2:50:6d:c0:4a:56:f1:4e:45:29:b8:0b:91:24:f6:19:0b: 80:a3:04:75:09:f1:09:19:0a:d3:4f:25:8d:fa:27:e9:99:1c: dd:a2:70:ec:95:0e:94:00:7e:ee:78:3e:9d:83:c0:ec:0d:d5: 25:2e:d5:c5:24:dd:84:c9:44:55:8c:8d:2d:76:9a:6c:c9:f5: 04:75:2b:9c:73:b5:a6:f6:c2:2e:e6:7b:c1:10:b1:37:e1:d7: e4:81:2d:74:4b:77:b0:a0:b8:7f:d5:97:a9:61:24:a4:b5:36: 57:dc:44:26:15:8a:3b:2a:70:5b:7e:e6:9a:57:05:d0:e5:ff: 72:50:7b:f2 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9ytO0TjwF51r3oTZteFkGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdlMTE2Nzg4NmRhODE1MjQ0MzFiYmYyZWZiMDU3MjkxNGI2 ODZlYmMwHhcNMjYwMTAyMDgyMDAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzM2UwOGQ0MzhiMGE2NDI5MjZjNjY0OGNhNGZlZmIxNTZkMTk0NzMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqiiRqHzICmve3POjDbKx79CO6ZS UGuBOIS0OarniJEM46Q+lVk+n0QojFmdhNIA7Iv9YerctXxtJ3c8NFC7MgsuH/hZ nut92O6Ch6ylpdMoIpq+jIvN6HlrbenIOAeZnIfcwi+PxlBZiWTsAUBnTEc7wGMn ZY8hC9ZYIQ7dI3D8VNIfPVAE4PNbkw/fcsadf7cEkqE9XC9Be/NFeCy25GEqUZul RHk7uYa33rtKXtTxp/qQdLadzWWJMrSsQycNSVxLIbhPGzCeoeGg6AVFb+I9WGKB fv3FZmJG2hu8sYGD1SmRfa/QJokTnY4FRwWj5343rMsxhZHtlF8zkB98bwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFDPgjUOLCmQpJsZkjKT++xVtGUcxMB8GA1UdIwQY MBaAFH4RZ4htqBUkQxu/LvsFcpFLaG68MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZmhGbmlHMm9GU1JERzc4dS13VnlrVXRvYnJ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9mOTJjZDctNjQ2Yy00NDFiLWFlNDYt OWIyODJjNjQzMjU2LzEvTS1DTlE0c0taQ2tteG1TTXBQNzdGVzBaUnpFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMi9mOTJjZDctNjQ2Yy00NDFiLWFlNDYtOWIyODJjNjQzMjU2 LzEvZmhGbmlHMm9GU1JERzc4dS13VnlrVXRvYnJ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBw6CUAwQA 1CflMA0GCSqGSIb3DQEBCwUAA4IBAQBjkcba56UHbdf6/KzfL7WkTi7VsBFxAJ5E ArDqtrqYKJxoAdscvOehsPa+lWGJ+MKTGYHJVWCmFdt565uMxjmidbX1N/HIR8Ux Fdlu4B+MO/okKo8ABUj3ZlaYsOgnsPpklddMHAXDuyjH6rFAHlLRQ98CMrPjd0kC xIJwiOCq8lBtwEpW8U5FKbgLkST2GQuAowR1CfEJGQrTTyWN+ifpmRzdonDslQ6U AH7ueD6dg8DsDdUlLtXFJN2EyURVjI0tdppsyfUEdSucc7Wm9sIu5nvBELE34dfk gS10S3ewoLh/1ZepYSSktTZX3EQmFYo7KnBbfuaaVwXQ5f9yUHvy -----END CERTIFICATE-----Generated at Sun Jan 25 13:03:42 2026 by rpki-client