This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/027036-82b3-4128-b954-d012ca9ec197/1/MaDSTN6Q7CFLTp6SIW6KUIRqSLY.roa File: MaDSTN6Q7CFLTp6SIW6KUIRqSLY.roa (raw, json) Hash identifier: qjTXYKs6k3XUTzqlyyhuKa9TKSebMAZ83ecmNwpA4d4= Subject key identifier: 31:A0:D2:4C:DE:90:EC:21:4B:4E:9E:92:21:6E:8A:50:84:6A:48:B6 Certificate issuer: /CN=cc72e633df5635a9f98d2f68a6d2adcb44155cdc Certificate serial: 019B7F1553F0F6990B35EA07F27B3F5D9872 Authority key identifier: CC:72:E6:33:DF:56:35:A9:F9:8D:2F:68:A6:D2:AD:CB:44:15:5C:DC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zHLmM99WNan5jS9optKty0QVXNw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/027036-82b3-4128-b954-d012ca9ec197/1/MaDSTN6Q7CFLTp6SIW6KUIRqSLY.roa Signing time: Fri 02 Jan 2026 14:21:02 +0000 ROA not before: Fri 02 Jan 2026 14:21:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59773 IP address blocks: 185.71.204.0/24 maxlen: 24 185.71.206.0/24 maxlen: 24 185.71.207.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/027036-82b3-4128-b954-d012ca9ec197/1/zHLmM99WNan5jS9optKty0QVXNw.crl rsync://rpki.ripe.net/repository/DEFAULT/01/027036-82b3-4128-b954-d012ca9ec197/1/zHLmM99WNan5jS9optKty0QVXNw.mft rsync://rpki.ripe.net/repository/DEFAULT/zHLmM99WNan5jS9optKty0QVXNw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:53:f0:f6:99:0b:35:ea:07:f2:7b:3f:5d:98:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cc72e633df5635a9f98d2f68a6d2adcb44155cdc Validity Not Before: Jan 2 14:21:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=31a0d24cde90ec214b4e9e92216e8a50846a48b6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:68:d8:40:ab:09:fb:80:c9:5f:54:01:fb:82: 45:96:db:f3:33:f3:b8:25:80:df:86:f2:3a:1b:49: 9d:4a:f4:55:ce:b6:9f:75:c8:9c:0e:c7:b8:17:98: cc:64:12:69:f3:fe:69:af:24:d3:65:b7:59:8e:3b: bb:0d:5c:e0:53:4b:47:e2:2f:49:7b:bf:eb:4e:5a: 8e:b1:04:7a:7f:5e:09:90:95:a9:d2:b5:35:30:0e: d8:be:c9:70:87:2c:18:09:40:4f:10:dd:24:4d:48: 50:61:12:95:21:dd:d6:4c:e6:79:24:f5:4e:6c:95: 8c:0f:6b:3d:d8:86:39:f1:71:c2:da:24:d2:ef:c8: 24:df:67:19:47:dd:5e:0d:8e:ff:6b:ca:ce:5c:9d: 71:fa:12:32:8e:aa:08:a0:33:68:5c:d5:5b:20:a3: b4:19:84:63:f2:0a:3c:d1:56:df:9f:dd:f2:69:44: 97:d5:d1:76:28:92:60:57:5d:19:3b:c4:bf:52:5c: 69:c0:75:18:81:ea:06:8e:c7:92:77:db:39:98:20: 10:77:f0:a6:64:aa:8e:fb:95:75:f6:91:1f:52:da: 48:76:f1:da:13:37:d9:b1:06:2d:86:bc:ef:62:32: d9:bd:2b:9a:81:97:70:f3:ae:f4:e2:34:31:15:8a: cf:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:A0:D2:4C:DE:90:EC:21:4B:4E:9E:92:21:6E:8A:50:84:6A:48:B6 X509v3 Authority Key Identifier: keyid:CC:72:E6:33:DF:56:35:A9:F9:8D:2F:68:A6:D2:AD:CB:44:15:5C:DC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zHLmM99WNan5jS9optKty0QVXNw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/027036-82b3-4128-b954-d012ca9ec197/1/MaDSTN6Q7CFLTp6SIW6KUIRqSLY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/027036-82b3-4128-b954-d012ca9ec197/1/zHLmM99WNan5jS9optKty0QVXNw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.71.204.0/24 185.71.206.0/23 Signature Algorithm: sha256WithRSAEncryption 1a:56:da:48:89:0f:20:30:98:6a:e5:e0:7c:58:71:0b:3a:01: 17:99:f7:3e:56:02:aa:45:aa:99:76:fb:36:c9:55:f8:d3:7a: 13:17:28:78:72:45:c2:fd:a0:db:34:fe:0f:8c:0f:be:e4:18: 6a:cc:01:10:27:37:12:a5:73:db:c0:75:bd:6f:37:6a:38:e9: 47:08:48:29:7b:ec:53:78:ee:08:80:7a:92:67:e7:09:35:5b: a6:38:4d:88:e4:8d:f2:22:26:98:10:29:1e:a4:5b:41:30:db: cd:84:1d:f4:07:13:14:94:6b:e2:ca:c2:4e:1e:43:66:8c:a2: 2d:aa:c2:7f:cc:82:1d:db:6e:58:d4:b1:02:16:9f:07:f1:32: 36:6e:bd:78:5c:1d:dc:53:0e:98:dd:04:8b:b9:28:64:e4:fd: be:06:b9:44:c1:78:9d:03:4e:b6:3c:35:42:cc:db:27:01:d3: 87:42:e6:b8:40:a5:16:a7:75:39:a1:77:15:c0:d4:90:cd:71: 90:7b:0c:4e:ea:f0:6c:39:be:e8:e4:3c:ea:22:9e:24:4e:cf: f7:88:7e:24:9c:a0:6f:52:15:3c:98:7b:4d:c1:73:cc:2c:c7: f5:42:67:3c:79:dc:08:fc:08:b7:3f:11:12:7e:29:92:b2:c0: 6a:61:05:35 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/FVPw9pkLNeoH8ns/XZhyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNjNzJlNjMzZGY1NjM1YTlmOThkMmY2OGE2ZDJhZGNiNDQx NTVjZGMwHhcNMjYwMTAyMTQyMTAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMWEwZDI0Y2RlOTBlYzIxNGI0ZTllOTIyMTZlOGE1MDg0NmE0OGI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomjYQKsJ+4DJX1QB+4JFltvzM/O4 JYDfhvI6G0mdSvRVzrafdcicDse4F5jMZBJp8/5pryTTZbdZjju7DVzgU0tH4i9J e7/rTlqOsQR6f14JkJWp0rU1MA7YvslwhywYCUBPEN0kTUhQYRKVId3WTOZ5JPVO bJWMD2s92IY58XHC2iTS78gk32cZR91eDY7/a8rOXJ1x+hIyjqoIoDNoXNVbIKO0 GYRj8go80Vbfn93yaUSX1dF2KJJgV10ZO8S/UlxpwHUYgeoGjseSd9s5mCAQd/Cm ZKqO+5V19pEfUtpIdvHaEzfZsQYthrzvYjLZvSuagZdw86704jQxFYrP0wIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFDGg0kzekOwhS06ekiFuilCEaki2MB8GA1UdIwQY MBaAFMxy5jPfVjWp+Y0vaKbSrctEFVzcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvekhMbU05OVdOYW41alM5b3B0S3R5MFFWWE53LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wMjcwMzYtODJiMy00MTI4LWI5NTQt ZDAxMmNhOWVjMTk3LzEvTWFEU1RONlE3Q0ZMVHA2U0lXNktVSVJxU0xZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS8wMjcwMzYtODJiMy00MTI4LWI5NTQtZDAxMmNhOWVjMTk3 LzEvekhMbU05OVdOYW41alM5b3B0S3R5MFFWWE53LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuUfMAwQB uUfOMA0GCSqGSIb3DQEBCwUAA4IBAQAaVtpIiQ8gMJhq5eB8WHELOgEXmfc+VgKq RaqZdvs2yVX403oTFyh4ckXC/aDbNP4PjA++5BhqzAEQJzcSpXPbwHW9bzdqOOlH CEgpe+xTeO4IgHqSZ+cJNVumOE2I5I3yIiaYECkepFtBMNvNhB30BxMUlGviysJO HkNmjKItqsJ/zIId225Y1LECFp8H8TI2br14XB3cUw6Y3QSLuShk5P2+BrlEwXid A062PDVCzNsnAdOHQua4QKUWp3U5oXcVwNSQzXGQewxO6vBsOb7o5DzqIp4kTs/3 iH4knKBvUhU8mHtNwXPMLMf1Qmc8edwI/Ai3PxESfimSssBqYQU1 -----END CERTIFICATE-----Generated at Mon Feb 9 22:36:31 2026 by rpki-client