This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/MhQOqJ6yO4vtkdZaJ529XcXplng.roa File: MhQOqJ6yO4vtkdZaJ529XcXplng.roa (raw, json) Hash identifier: yV3s2AyGwCS79L9utxt/xv+dOsJ83DLEVBUZQJXDxnI= Subject key identifier: 32:14:0E:A8:9E:B2:3B:8B:ED:91:D6:5A:27:9D:BD:5D:C5:E9:96:78 Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b Certificate serial: 019A9C09C6E7D6A14D9D7D2B135491A0BBCD Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/MhQOqJ6yO4vtkdZaJ529XcXplng.roa Signing time: Wed 19 Nov 2025 12:14:37 +0000 ROA not before: Wed 19 Nov 2025 12:14:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 29119 IP address blocks: 62.43.252.0/23 maxlen: 24 81.172.112.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.mft rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:9c:09:c6:e7:d6:a1:4d:9d:7d:2b:13:54:91:a0:bb:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b Validity Not Before: Nov 19 12:14:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=32140ea89eb23b8bed91d65a279dbd5dc5e99678 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:8d:1e:0f:ba:19:37:de:f3:ed:49:c9:bf:48: ac:e3:f9:15:ef:fd:b2:49:81:93:85:04:fe:ce:83: 2e:79:73:e5:e7:3d:9e:4c:87:40:3f:c1:bd:c7:5d: 57:89:fc:d7:50:af:ac:52:8a:34:84:ab:0c:84:a4: b8:f3:d4:76:ba:20:6d:3a:78:8b:46:c3:69:56:ea: a4:1e:b0:d4:88:9f:dc:c1:cd:09:5c:29:ff:fa:07: 56:1b:66:17:84:af:76:29:a0:11:ef:d8:a7:87:72: 0c:4b:b5:92:90:7d:a1:31:83:d1:51:98:29:d1:42: 05:f5:61:86:2d:fe:2f:02:de:36:32:97:19:4d:55: 9f:7f:44:df:c7:46:cc:a3:1c:14:76:4b:59:21:6f: df:9a:9b:96:55:ce:d2:07:32:d4:54:8a:d4:91:3f: 69:c1:b6:6e:42:a0:e5:39:f0:3f:1b:fe:53:d7:85: f4:8f:bf:ec:be:84:eb:b5:4f:e4:fd:93:a0:c1:9a: d2:16:7b:93:49:50:99:85:a2:3c:43:f0:93:b2:43: 53:7f:08:62:69:90:2b:5e:8e:5f:c3:e6:5b:b1:fb: f2:fb:87:1d:62:62:e3:1b:d4:f7:a7:ed:ea:e1:04: 89:5a:1b:ba:93:79:12:33:7e:07:81:b8:f1:c7:d2: 86:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:14:0E:A8:9E:B2:3B:8B:ED:91:D6:5A:27:9D:BD:5D:C5:E9:96:78 X509v3 Authority Key Identifier: keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/MhQOqJ6yO4vtkdZaJ529XcXplng.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 62.43.252.0/23 81.172.112.0/22 Signature Algorithm: sha256WithRSAEncryption 3c:a6:e9:46:4c:76:fd:da:49:f0:bd:f0:be:b2:7c:ed:29:d3: b3:8c:6e:73:7b:47:4b:66:0c:29:f4:ad:b1:e9:75:02:b2:21: 1f:1a:8b:e6:51:72:1f:c2:09:40:5d:c6:75:5f:b3:5b:97:74: d4:81:6b:f3:89:e6:d5:c7:11:ba:c8:90:9f:e9:36:33:8e:7d: 30:68:77:e6:72:44:ff:f8:69:66:9a:a0:7f:a2:9d:53:88:99: ed:3d:ff:9a:e3:60:4b:e9:2c:54:e4:c7:ac:87:4b:53:90:fa: e6:cb:1b:cd:d1:55:52:97:18:8f:e7:b4:34:c6:7d:1b:4c:52: 78:6e:ce:23:b9:6e:79:30:1f:e7:36:74:9a:be:24:bd:2e:18: 79:19:f1:56:fb:89:19:6b:da:9c:ce:64:8f:bd:26:6f:92:9d: b7:94:ea:53:6a:a9:7a:7c:00:4e:22:f1:49:3e:da:5d:67:e6: 86:e3:8f:ab:00:ba:46:a9:12:44:34:3a:c2:cf:e0:b2:d1:bd: d9:99:b6:93:a2:3c:4c:8c:91:8f:f0:a3:9c:55:e2:d1:9c:3a: 79:d9:60:c8:0c:2e:19:f9:12:29:c5:56:c8:9e:5e:23:82:db: 15:cd:e6:d0:09:d8:77:2e:6a:c8:7f:aa:88:45:5c:73:7b:a2: 59:fb:7d:e8 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZqcCcbn1qFNnX0rE1SRoLvNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw ZDdiNmIwHhcNMjUxMTE5MTIxNDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMjE0MGVhODllYjIzYjhiZWQ5MWQ2NWEyNzlkYmQ1ZGM1ZTk5Njc4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApo0eD7oZN97z7UnJv0is4/kV7/2y SYGThQT+zoMueXPl5z2eTIdAP8G9x11XifzXUK+sUoo0hKsMhKS489R2uiBtOniL RsNpVuqkHrDUiJ/cwc0JXCn/+gdWG2YXhK92KaAR79inh3IMS7WSkH2hMYPRUZgp 0UIF9WGGLf4vAt42MpcZTVWff0Tfx0bMoxwUdktZIW/fmpuWVc7SBzLUVIrUkT9p wbZuQqDlOfA/G/5T14X0j7/svoTrtU/k/ZOgwZrSFnuTSVCZhaI8Q/CTskNTfwhi aZArXo5fw+Zbsfvy+4cdYmLjG9T3p+3q4QSJWhu6k3kSM34Hgbjxx9KGHwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFDIUDqiesjuL7ZHWWiedvV3F6ZZ4MB8GA1UdIwQY MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut NTcxMmQ5NWFlNjM4LzEvTWhRT3FKNnlPNHZ0a2RaYUo1MjlYY1hwbG5nLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4 LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBPiv8AwQC UaxwMA0GCSqGSIb3DQEBCwUAA4IBAQA8pulGTHb92knwvfC+snztKdOzjG5ze0dL Zgwp9K2x6XUCsiEfGovmUXIfwglAXcZ1X7Nbl3TUgWvziebVxxG6yJCf6TYzjn0w aHfmckT/+GlmmqB/op1TiJntPf+a42BL6SxU5Mesh0tTkPrmyxvN0VVSlxiP57Q0 xn0bTFJ4bs4juW55MB/nNnSaviS9Lhh5GfFW+4kZa9qczmSPvSZvkp23lOpTaql6 fABOIvFJPtpdZ+aG44+rALpGqRJENDrCz+Cy0b3ZmbaTojxMjJGP8KOcVeLRnDp5 2WDIDC4Z+RIpxVbInl4jgtsVzebQCdh3LmrIf6qIRVxze6JZ+33o -----END CERTIFICATE-----Generated at Sat Dec 6 09:45:44 2025 by rpki-client