This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/4M2FZJ_malg21FggGlSZSd1W8P0.roa File: 4M2FZJ_malg21FggGlSZSd1W8P0.roa (raw, json) Hash identifier: F8TuWYRz6uOK+UBaBz3FW9/6TCuZtRQDI5xUdN8xfwk= Subject key identifier: E0:CD:85:64:9F:E6:6A:58:36:D4:58:20:1A:54:99:49:DD:56:F0:FD Certificate issuer: /CN=77eda8f726a69b504de994943b0a5f2308c2a96b Certificate serial: 019B7F1454515B1DCFDB7C87BA9BC9588B93 Authority key identifier: 77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/4M2FZJ_malg21FggGlSZSd1W8P0.roa Signing time: Fri 02 Jan 2026 14:19:57 +0000 ROA not before: Fri 02 Jan 2026 14:19:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3257 IP address blocks: 185.84.217.0/24 maxlen: 24 185.84.219.0/24 maxlen: 24 2a05:a882:de10::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/d-2o9yamm1BN6ZSUOwpfIwjCqWs.crl rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/d-2o9yamm1BN6ZSUOwpfIwjCqWs.mft rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 17 Jan 2026 18:00:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:54:51:5b:1d:cf:db:7c:87:ba:9b:c9:58:8b:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=77eda8f726a69b504de994943b0a5f2308c2a96b Validity Not Before: Jan 2 14:19:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e0cd85649fe66a5836d458201a549949dd56f0fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:30:ea:0c:4a:f7:10:72:8e:74:c2:e8:d5:93: 80:32:76:ee:81:0e:9f:e0:39:ff:12:4e:1d:5d:4b: 07:38:d2:d9:74:0b:c4:9c:32:d2:73:17:16:12:da: 75:13:70:58:26:30:8b:08:9d:8c:0e:28:ef:52:88: 6e:ef:da:17:08:80:21:70:19:a8:13:06:9f:1f:9f: d1:cb:af:f2:ba:6e:80:b0:75:54:4e:74:f1:23:b2: 77:a7:78:a9:98:61:0c:82:b3:93:87:9a:29:73:cd: fc:07:19:f5:4f:c6:45:ea:89:04:be:ee:15:29:a4: fd:d9:e3:f3:70:f8:5b:d3:4f:d7:48:8d:34:e1:ee: 02:77:f6:df:c2:05:31:8c:7a:9d:11:95:87:f1:1b: b6:c7:08:8e:e9:51:15:c5:5d:87:01:b4:98:b8:5e: 80:50:27:10:06:53:db:fb:90:64:72:fe:ff:fd:8c: 64:c1:cb:e4:8f:15:0a:37:9f:c6:d9:f5:36:86:23: bc:91:1a:2b:ab:b7:0a:9b:0f:d2:2b:30:48:5c:34: 5d:5e:bb:10:ac:8f:cc:6e:0e:7e:25:ea:4d:0f:51: eb:60:1f:a9:3f:44:7d:28:3d:5e:40:6f:00:bc:40: 04:f9:39:86:6e:61:7a:cf:66:56:97:3e:0a:4e:fa: 98:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:CD:85:64:9F:E6:6A:58:36:D4:58:20:1A:54:99:49:DD:56:F0:FD X509v3 Authority Key Identifier: keyid:77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/4M2FZJ_malg21FggGlSZSd1W8P0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/d-2o9yamm1BN6ZSUOwpfIwjCqWs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.84.217.0/24 185.84.219.0/24 IPv6: 2a05:a882:de10::/48 Signature Algorithm: sha256WithRSAEncryption 9c:1d:53:34:32:e6:ad:0d:63:ea:05:2e:ff:df:bd:9c:ad:be: f9:fc:4a:98:31:cf:52:19:9d:fa:db:91:a2:00:7b:5a:06:16: 8b:b5:63:26:95:36:82:53:f1:9a:f1:7e:e8:af:90:28:88:2d: 55:0f:4a:25:f3:d3:fc:f9:0d:fb:18:65:c8:ac:ce:09:94:c5: ac:c6:91:f4:d1:6f:38:9a:60:b6:2f:b9:05:b7:b0:ed:ea:27: 02:f4:d8:0d:9a:71:71:36:97:68:02:c7:7f:53:93:db:51:b1: b4:cf:6a:03:2d:a2:18:c1:60:51:50:ea:e8:b0:da:02:9c:77: f6:cf:04:94:5c:27:f1:18:fc:93:e9:66:47:0f:34:75:b0:23: c3:e4:ce:df:51:a1:37:d0:1a:15:bc:68:73:23:e6:40:9e:80: 40:19:d9:0e:dd:3e:05:37:e8:a1:3c:80:32:0c:17:62:db:84: e0:07:56:3e:2f:c7:91:cd:4d:c6:50:79:a6:ab:38:6b:c1:c4: 5c:63:62:02:1e:9e:ee:9c:73:79:85:26:ad:7f:9b:61:68:c7: a6:11:98:8f:59:a3:82:2d:a1:93:c7:03:3d:9b:2f:b6:0c:72: a3:30:ea:40:3e:f6:19:1f:56:51:3e:4a:f5:42:6a:2f:7f:d7: 7f:e5:1a:4d -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt/FFRRWx3P23yHupvJWIuTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc3ZWRhOGY3MjZhNjliNTA0ZGU5OTQ5NDNiMGE1ZjIzMDhj MmE5NmIwHhcNMjYwMTAyMTQxOTU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMGNkODU2NDlmZTY2YTU4MzZkNDU4MjAxYTU0OTk0OWRkNTZmMGZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTDqDEr3EHKOdMLo1ZOAMnbugQ6f 4Dn/Ek4dXUsHONLZdAvEnDLScxcWEtp1E3BYJjCLCJ2MDijvUohu79oXCIAhcBmo EwafH5/Ry6/yum6AsHVUTnTxI7J3p3ipmGEMgrOTh5opc838Bxn1T8ZF6okEvu4V KaT92ePzcPhb00/XSI004e4Cd/bfwgUxjHqdEZWH8Ru2xwiO6VEVxV2HAbSYuF6A UCcQBlPb+5Bkcv7//YxkwcvkjxUKN5/G2fU2hiO8kRorq7cKmw/SKzBIXDRdXrsQ rI/Mbg5+JepND1HrYB+pP0R9KD1eQG8AvEAE+TmGbmF6z2ZWlz4KTvqYNwIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFODNhWSf5mpYNtRYIBpUmUndVvD9MB8GA1UdIwQY MBaAFHftqPcmpptQTemUlDsKXyMIwqlrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTkt NjA4NGNmYzZlNGM0LzEvNE0yRlpKX21hbGcyMUZnZ0dsU1pTZDFXOFAwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTktNjA4NGNmYzZlNGM0 LzEvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuVTZAwQA uVTbMA8EAgACMAkDBwAqBaiC3hAwDQYJKoZIhvcNAQELBQADggEBAJwdUzQy5q0N Y+oFLv/fvZytvvn8Spgxz1IZnfrbkaIAe1oGFou1YyaVNoJT8ZrxfuivkCiILVUP SiXz0/z5DfsYZciszgmUxazGkfTRbziaYLYvuQW3sO3qJwL02A2acXE2l2gCx39T k9tRsbTPagMtohjBYFFQ6uiw2gKcd/bPBJRcJ/EY/JPpZkcPNHWwI8Pkzt9RoTfQ GhW8aHMj5kCegEAZ2Q7dPgU36KE8gDIMF2LbhOAHVj4vx5HNTcZQeaarOGvBxFxj YgIenu6cc3mFJq1/m2Fox6YRmI9Zo4ItoZPHAz2bL7YMcqMw6kA+9hkfVlE+SvVC ai9/13/lGk0= -----END CERTIFICATE-----Generated at Sat Jan 17 02:49:38 2026 by rpki-client