This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/ff0e61-1c92-418c-9267-d3a487295491/1/MxTmbVkJmB_lTh2o1kTnP_BFeDY.roa File: MxTmbVkJmB_lTh2o1kTnP_BFeDY.roa (raw, json) Hash identifier: ttGF8f4pFYCjKqu0HAUvABDoHst3U1ecGF8sI6MFc/8= Subject key identifier: 33:14:E6:6D:59:09:98:1F:E5:4E:1D:A8:D6:44:E7:3F:F0:45:78:36 Certificate issuer: /CN=8251e7fb6b960d406b2236d25e4e20e245359db2 Certificate serial: 019B79EC74CCF1BBA2CAC3CA231F23806DDB Authority key identifier: 82:51:E7:FB:6B:96:0D:40:6B:22:36:D2:5E:4E:20:E2:45:35:9D:B2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/glHn-2uWDUBrIjbSXk4g4kU1nbI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/ff0e61-1c92-418c-9267-d3a487295491/1/MxTmbVkJmB_lTh2o1kTnP_BFeDY.roa Signing time: Thu 01 Jan 2026 14:18:18 +0000 ROA not before: Thu 01 Jan 2026 14:18:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208804 IP address blocks: 45.13.152.0/24 maxlen: 24 45.13.153.0/24 maxlen: 24 45.13.154.0/24 maxlen: 24 45.13.155.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/ff0e61-1c92-418c-9267-d3a487295491/1/glHn-2uWDUBrIjbSXk4g4kU1nbI.crl rsync://rpki.ripe.net/repository/DEFAULT/f4/ff0e61-1c92-418c-9267-d3a487295491/1/glHn-2uWDUBrIjbSXk4g4kU1nbI.mft rsync://rpki.ripe.net/repository/DEFAULT/glHn-2uWDUBrIjbSXk4g4kU1nbI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:74:cc:f1:bb:a2:ca:c3:ca:23:1f:23:80:6d:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8251e7fb6b960d406b2236d25e4e20e245359db2 Validity Not Before: Jan 1 14:18:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3314e66d5909981fe54e1da8d644e73ff0457836 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:ec:8c:dd:e1:96:44:de:b3:e0:0e:cc:9a:b0: e3:a6:8e:45:95:66:73:16:1d:19:98:22:17:8a:07: 67:80:9e:10:44:36:68:9d:e8:c0:98:79:ab:18:7f: fc:f2:d2:c3:a3:ef:36:2a:f9:95:10:75:a1:3f:a6: 51:0a:0a:1d:c4:9c:3f:04:4a:a6:a3:7b:c3:c4:5e: cb:d4:e5:40:f6:38:73:8b:e2:b1:87:39:0a:b2:22: e6:70:da:02:58:80:7a:7f:e3:40:87:fd:c7:3d:5a: 47:4d:d4:d6:1a:91:90:2a:cd:33:f4:8f:fc:ac:3b: de:47:d1:78:52:23:d4:28:d8:b3:ae:a1:1e:e4:83: 72:52:ab:0f:cb:13:2f:e8:a8:4c:a0:58:17:ea:c1: 9f:67:c1:c6:e5:63:e6:40:3b:d2:1a:41:b7:2f:72: 39:50:de:63:40:74:df:9a:2c:69:56:66:b9:12:82: cb:67:6c:7b:98:d1:42:f5:0c:aa:c3:6c:bb:02:48: ce:9a:3e:48:b0:f6:69:82:c1:65:67:0c:b3:36:b1: d6:1e:46:f9:d0:ce:4d:78:a4:90:b4:f1:af:1a:88: 90:56:36:02:6f:3a:60:c0:9f:b7:cd:e9:bb:7f:15: c7:2c:13:22:13:7f:2d:60:2a:b7:43:a0:4d:8b:a7: 97:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:14:E6:6D:59:09:98:1F:E5:4E:1D:A8:D6:44:E7:3F:F0:45:78:36 X509v3 Authority Key Identifier: keyid:82:51:E7:FB:6B:96:0D:40:6B:22:36:D2:5E:4E:20:E2:45:35:9D:B2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/glHn-2uWDUBrIjbSXk4g4kU1nbI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/ff0e61-1c92-418c-9267-d3a487295491/1/MxTmbVkJmB_lTh2o1kTnP_BFeDY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/ff0e61-1c92-418c-9267-d3a487295491/1/glHn-2uWDUBrIjbSXk4g4kU1nbI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.13.152.0/22 Signature Algorithm: sha256WithRSAEncryption 7d:6d:9c:34:5e:06:54:9b:b6:14:4c:59:e8:bd:da:42:65:9c: 1d:60:80:31:c2:4e:49:96:e9:67:07:60:b4:16:eb:46:92:9a: e7:6b:a3:a0:76:83:2e:87:8f:a9:ff:a5:e3:07:3f:54:0c:1b: 8f:dc:10:1e:14:a0:78:70:79:5d:89:55:46:59:19:27:2e:3c: 88:12:9b:61:4b:e3:bd:d1:a7:5b:3d:c7:6b:22:ee:37:e7:f5: f9:05:9f:83:f4:48:d2:11:d0:7e:3c:49:7f:21:1c:95:49:31: 64:1a:8d:f0:c8:42:ff:dd:16:2e:9f:90:a6:69:ba:fe:00:84: 71:c9:d8:6c:12:c5:b5:7a:cd:52:44:90:e9:27:cb:e7:10:3e: 29:39:f9:af:d9:5f:50:1f:d4:c9:e9:1a:8c:07:25:94:2d:44: 07:69:bf:e7:b5:53:c6:47:58:d9:4e:2f:eb:19:f7:7a:f7:66: 56:39:00:5e:7a:69:64:99:21:80:05:72:91:99:99:32:9e:1a: f7:28:44:68:bd:07:eb:fe:f6:27:9c:ce:17:2a:22:b3:b8:71: 53:cc:23:6e:c0:09:53:b4:e3:68:94:14:45:07:42:8f:3c:63: 98:88:a8:37:5e:ce:0a:71:59:dd:12:82:41:4f:a5:ca:c3:2f: a0:06:71:be -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt57HTM8buiysPKIx8jgG3bMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgyNTFlN2ZiNmI5NjBkNDA2YjIyMzZkMjVlNGUyMGUyNDUz NTlkYjIwHhcNMjYwMTAxMTQxODE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMzE0ZTY2ZDU5MDk5ODFmZTU0ZTFkYThkNjQ0ZTczZmYwNDU3ODM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuyM3eGWRN6z4A7MmrDjpo5FlWZz Fh0ZmCIXigdngJ4QRDZonejAmHmrGH/88tLDo+82KvmVEHWhP6ZRCgodxJw/BEqm o3vDxF7L1OVA9jhzi+KxhzkKsiLmcNoCWIB6f+NAh/3HPVpHTdTWGpGQKs0z9I/8 rDveR9F4UiPUKNizrqEe5INyUqsPyxMv6KhMoFgX6sGfZ8HG5WPmQDvSGkG3L3I5 UN5jQHTfmixpVma5EoLLZ2x7mNFC9Qyqw2y7AkjOmj5IsPZpgsFlZwyzNrHWHkb5 0M5NeKSQtPGvGoiQVjYCbzpgwJ+3zem7fxXHLBMiE38tYCq3Q6BNi6eXQQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFDMU5m1ZCZgf5U4dqNZE5z/wRXg2MB8GA1UdIwQY MBaAFIJR5/trlg1AayI20l5OIOJFNZ2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ2xIbi0ydVdEVUJySWpiU1hrNGc0a1UxbmJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9mZjBlNjEtMWM5Mi00MThjLTkyNjct ZDNhNDg3Mjk1NDkxLzEvTXhUbWJWa0ptQl9sVGgybzFrVG5QX0JGZURZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNC9mZjBlNjEtMWM5Mi00MThjLTkyNjctZDNhNDg3Mjk1NDkx LzEvZ2xIbi0ydVdEVUJySWpiU1hrNGc0a1UxbmJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQ2YMA0G CSqGSIb3DQEBCwUAA4IBAQB9bZw0XgZUm7YUTFnovdpCZZwdYIAxwk5JlulnB2C0 FutGkprna6OgdoMuh4+p/6XjBz9UDBuP3BAeFKB4cHldiVVGWRknLjyIEpthS+O9 0adbPcdrIu435/X5BZ+D9EjSEdB+PEl/IRyVSTFkGo3wyEL/3RYun5Cmabr+AIRx ydhsEsW1es1SRJDpJ8vnED4pOfmv2V9QH9TJ6RqMByWULUQHab/ntVPGR1jZTi/r Gfd692ZWOQBeemlkmSGABXKRmZkynhr3KERovQfr/vYnnM4XKiKzuHFTzCNuwAlT tONolBRFB0KPPGOYiKg3Xs4KcVndEoJBT6XKwy+gBnG+ -----END CERTIFICATE-----Generated at Sun Jan 25 22:14:46 2026 by rpki-client