This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/MXg1tPcwD8vd6hGP-DmQwVHABDE.roa File: MXg1tPcwD8vd6hGP-DmQwVHABDE.roa (raw, json) Hash identifier: Mz7oxjlr/sXGTRHHjBwrCGFNPHjZFHzWbzfjTgLpT0o= Subject key identifier: 31:78:35:B4:F7:30:0F:CB:DD:EA:11:8F:F8:39:90:C1:51:C0:04:31 Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933 Certificate serial: 019B7D5CFA2B96B481E865BCC45960CEB5FD Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/MXg1tPcwD8vd6hGP-DmQwVHABDE.roa Signing time: Fri 02 Jan 2026 06:20:03 +0000 ROA not before: Fri 02 Jan 2026 06:20:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3356 IP address blocks: 157.25.130.0/23 maxlen: 23 157.25.174.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.mft rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 24 Jan 2026 06:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:fa:2b:96:b4:81:e8:65:bc:c4:59:60:ce:b5:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933 Validity Not Before: Jan 2 06:20:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=317835b4f7300fcbddea118ff83990c151c00431 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:2d:74:90:e4:48:c0:95:5e:ea:ea:7b:ea:88: 23:d6:fb:a1:31:75:14:6e:cf:15:e2:f8:27:0b:5f: e0:53:db:a0:b4:04:1c:1a:78:79:23:84:0f:7f:3a: d5:77:01:93:f4:cf:54:42:16:b5:db:85:5a:12:c4: d2:de:4a:4e:4e:9b:b1:09:99:f7:6b:09:15:1d:60: 90:6b:30:74:d9:ea:a2:ca:0e:f9:95:28:61:d8:ac: ce:7f:28:7f:af:14:4b:3f:2f:8c:b3:f4:01:14:52: 36:34:32:c0:85:6d:9e:fe:59:c7:73:4f:ca:3d:79: 3c:81:35:7a:5a:4b:db:76:e9:98:7c:44:32:64:ce: 04:6d:66:ef:f9:f0:6a:3c:1e:c8:0d:5f:54:98:83: 7f:ce:b7:09:fc:bd:31:11:e8:aa:7e:46:81:1f:ec: 59:51:f5:1d:40:71:aa:a8:f8:40:84:f4:ed:e5:ee: 18:bf:3b:eb:dc:43:d0:39:01:81:f3:32:7b:7a:6e: 83:75:cb:12:77:b8:96:a7:16:62:82:7b:7a:b8:b8: d4:d1:cb:28:08:69:79:1f:47:4d:59:4d:8d:e3:6b: 82:fb:92:2b:ee:3d:8a:1d:d0:71:88:45:25:88:0b: f4:74:0c:51:f9:3c:8c:85:65:d1:52:ba:b8:99:b8: 99:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:78:35:B4:F7:30:0F:CB:DD:EA:11:8F:F8:39:90:C1:51:C0:04:31 X509v3 Authority Key Identifier: keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/MXg1tPcwD8vd6hGP-DmQwVHABDE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.25.130.0/23 157.25.174.0/23 Signature Algorithm: sha256WithRSAEncryption 33:65:80:e6:08:c6:ee:34:f8:e3:5e:8f:17:a0:01:73:6e:0e: b3:c4:44:6c:9c:e3:8c:4b:01:bc:19:a2:3d:7b:8e:3c:e4:94: dd:40:0e:5d:89:b2:21:98:8a:c2:45:a6:cf:6d:20:0c:33:1d: f0:e0:d4:02:6a:da:93:9a:f0:c2:72:09:7d:d3:d4:53:c4:fc: 00:02:eb:16:78:09:23:57:1f:0d:c8:7b:11:28:fc:5b:1b:36: e1:5b:4b:d5:a4:7b:f8:df:f8:e3:8e:ab:01:ea:1c:40:84:27: bc:e6:df:12:00:6b:35:f1:0d:ae:d6:7e:e7:9c:00:6e:35:76: fe:84:e2:7e:8f:f2:b3:ce:a9:fd:90:83:ad:e7:c1:2a:ef:e4: 4b:66:e5:ee:75:47:49:56:a3:ae:21:82:be:a1:71:4d:6c:9e: 09:38:07:e3:2b:ef:f7:d2:ee:39:d9:87:3d:fb:b3:1e:8f:af: fb:b6:07:98:c1:38:d1:e6:89:b9:24:2c:5f:ba:f7:45:f3:e5: 91:40:34:6f:cb:ec:4f:a7:fb:83:99:9d:67:63:1c:0c:2e:c3: 84:80:1c:27:32:ac:85:2f:5f:13:13:6f:bd:f7:ed:dc:b1:be: f7:5c:00:5c:bf:d2:be:05:6c:99:67:e2:ec:1a:ab:73:cd:18: 88:bf:cf:27 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9XPorlrSB6GW8xFlgzrX9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj ZWY5MzMwHhcNMjYwMTAyMDYyMDAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMTc4MzViNGY3MzAwZmNiZGRlYTExOGZmODM5OTBjMTUxYzAwNDMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArC10kORIwJVe6up76ogj1vuhMXUU bs8V4vgnC1/gU9ugtAQcGnh5I4QPfzrVdwGT9M9UQha124VaEsTS3kpOTpuxCZn3 awkVHWCQazB02eqiyg75lShh2KzOfyh/rxRLPy+Ms/QBFFI2NDLAhW2e/lnHc0/K PXk8gTV6WkvbdumYfEQyZM4EbWbv+fBqPB7IDV9UmIN/zrcJ/L0xEeiqfkaBH+xZ UfUdQHGqqPhAhPTt5e4Yvzvr3EPQOQGB8zJ7em6DdcsSd7iWpxZignt6uLjU0cso CGl5H0dNWU2N42uC+5Ir7j2KHdBxiEUliAv0dAxR+TyMhWXRUrq4mbiZpQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFDF4NbT3MA/L3eoRj/g5kMFRwAQxMB8GA1UdIwQY MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt OTFlMzE4NGJiMGFiLzEvTVhnMXRQY3dEOHZkNmhHUC1EbVF3VkhBQkRFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBnRmCAwQB nRmuMA0GCSqGSIb3DQEBCwUAA4IBAQAzZYDmCMbuNPjjXo8XoAFzbg6zxERsnOOM SwG8GaI9e4485JTdQA5dibIhmIrCRabPbSAMMx3w4NQCatqTmvDCcgl909RTxPwA AusWeAkjVx8NyHsRKPxbGzbhW0vVpHv43/jjjqsB6hxAhCe85t8SAGs18Q2u1n7n nABuNXb+hOJ+j/Kzzqn9kIOt58Eq7+RLZuXudUdJVqOuIYK+oXFNbJ4JOAfjK+/3 0u452Yc9+7Mej6/7tgeYwTjR5om5JCxfuvdF8+WRQDRvy+xPp/uDmZ1nYxwMLsOE gBwnMqyFL18TE2+99+3csb73XABcv9K+BWyZZ+LsGqtzzRiIv88n -----END CERTIFICATE-----Generated at Fri Jan 23 16:04:51 2026 by rpki-client