This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MaCOXJ_Z-wh-Z3n2a_mEdTZLVAE.roa File: MaCOXJ_Z-wh-Z3n2a_mEdTZLVAE.roa (raw, json) Hash identifier: CUYKy2W7IbqywE2uSo5W70iWOnl3l+eA8I0LeS7JjIo= Subject key identifier: 31:A0:8E:5C:9F:D9:FB:08:7E:67:79:F6:6B:F9:84:75:36:4B:54:01 Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d Certificate serial: 019B78A2FBEB0BE430905693309BF7C06A37 Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MaCOXJ_Z-wh-Z3n2a_mEdTZLVAE.roa Signing time: Thu 01 Jan 2026 08:18:25 +0000 ROA not before: Thu 01 Jan 2026 08:18:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44017 IP address blocks: 87.120.91.0/24 maxlen: 24 91.92.233.0/24 maxlen: 24 91.92.234.0/24 maxlen: 24 91.92.235.0/24 maxlen: 24 94.156.146.0/24 maxlen: 24 94.156.147.0/24 maxlen: 24 2a00:1728:1c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 02:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:fb:eb:0b:e4:30:90:56:93:30:9b:f7:c0:6a:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d Validity Not Before: Jan 1 08:18:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=31a08e5c9fd9fb087e6779f66bf98475364b5401 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:0a:cd:74:fb:6c:d7:06:e7:e0:6a:ff:87:60: 72:b4:44:da:89:a1:57:61:21:67:64:30:35:4c:99: 25:5b:ed:8e:95:c5:51:99:05:3c:91:88:de:89:c9: bb:31:8c:bc:7b:09:d3:55:6e:58:de:4c:18:c9:d6: 8a:aa:5b:c0:4c:e0:ce:63:94:84:03:08:3c:21:50: fd:9b:30:d5:1d:7c:7f:e7:38:ab:42:e7:9e:50:25: fb:fe:a8:5f:7f:63:48:c4:a9:5b:52:9c:6e:0a:66: df:d2:f4:c2:91:6b:78:f4:e7:36:07:f7:27:fd:5f: 7c:b4:41:8d:0b:0d:83:53:62:2a:95:f6:f5:45:31: fc:f4:78:17:38:c5:bc:c1:5b:f4:5f:98:1d:6a:89: 32:4d:ef:d4:e7:43:5e:78:83:12:a5:63:3e:48:39: c0:8c:5f:01:e8:e2:57:4d:e1:eb:49:6b:37:72:75: 7f:7f:3f:0b:02:f5:74:7a:b0:68:a4:18:74:07:f8: b9:fb:71:82:8f:8b:42:d7:f5:11:4e:b0:7c:e6:7b: 95:cd:82:89:e7:3a:b2:29:3c:80:87:8e:15:62:23: a3:7e:d6:15:6c:c6:f9:ea:99:20:53:86:ed:41:9f: 86:d3:65:4a:59:98:1f:19:ea:51:1a:60:97:de:60: 26:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:A0:8E:5C:9F:D9:FB:08:7E:67:79:F6:6B:F9:84:75:36:4B:54:01 X509v3 Authority Key Identifier: keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MaCOXJ_Z-wh-Z3n2a_mEdTZLVAE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 87.120.91.0/24 91.92.233.0-91.92.235.255 94.156.146.0/23 IPv6: 2a00:1728:1c::/48 Signature Algorithm: sha256WithRSAEncryption 99:c8:50:36:ac:39:68:bf:79:11:63:e4:f8:28:85:18:b5:4a: 8b:84:46:b8:bc:1b:e1:46:f5:8d:fc:6c:a4:58:70:2b:9e:83: ea:f7:a9:43:2f:2a:3e:c3:4b:4e:7c:b6:3a:11:b9:d0:de:22: b8:38:55:49:36:59:d6:73:2c:b4:12:cc:62:b2:04:1e:d3:b4: b7:6b:68:76:e2:ef:24:b1:d0:84:ab:53:3f:ea:3d:87:b9:1a: 35:e7:9b:4c:79:c3:c8:43:dd:47:b6:41:6f:3f:42:1a:c2:2d: 50:21:2f:eb:08:3b:05:49:91:33:82:91:09:d2:84:7b:07:8b: 9b:51:88:60:fd:eb:be:84:0c:bd:34:d4:e6:44:3f:60:31:27: 52:87:19:de:85:aa:43:4c:e1:6e:3f:1e:ca:55:ca:e6:55:df: 2c:1a:cf:08:0a:fc:4d:0d:e0:90:6d:93:7e:ac:3e:94:d2:7d: 47:41:7c:81:d2:bf:51:14:c3:73:db:55:0d:19:02:58:9f:a7: 36:d4:a2:af:dc:bd:1d:f6:37:31:5c:b1:f0:00:e4:18:ee:32: 40:f5:95:9f:42:66:29:bb:3c:d2:0e:6b:b6:dc:e2:93:9e:9a: 0b:95:94:0c:fa:d3:fb:11:ce:45:09:2e:1b:fe:0f:32:29:24: 33:87:cd:9b -----BEGIN CERTIFICATE----- MIIFIjCCBAqgAwIBAgISAZt4ovvrC+QwkFaTMJv3wGo3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3 NzVlOWQwHhcNMjYwMTAxMDgxODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMWEwOGU1YzlmZDlmYjA4N2U2Nzc5ZjY2YmY5ODQ3NTM2NGI1NDAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQrNdPts1wbn4Gr/h2BytETaiaFX YSFnZDA1TJklW+2OlcVRmQU8kYjeicm7MYy8ewnTVW5Y3kwYydaKqlvATODOY5SE Awg8IVD9mzDVHXx/5zirQueeUCX7/qhff2NIxKlbUpxuCmbf0vTCkWt49Oc2B/cn /V98tEGNCw2DU2Iqlfb1RTH89HgXOMW8wVv0X5gdaokyTe/U50NeeIMSpWM+SDnA jF8B6OJXTeHrSWs3cnV/fz8LAvV0erBopBh0B/i5+3GCj4tC1/URTrB85nuVzYKJ 5zqyKTyAh44VYiOjftYVbMb56pkgU4btQZ+G02VKWZgfGepRGmCX3mAmewIDAQAB o4ICLjCCAiowHQYDVR0OBBYEFDGgjlyf2fsIfmd59mv5hHU2S1QBMB8GA1UdIwQY MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct Y2QzY2E1OTc1NzEyLzEvTWFDT1hKX1otd2gtWjNuMmFfbUVkVFpMVkFFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaAwQAV3hbMAwD BABbXOkDBAJbXOgDBAFenJIwDwQCAAIwCQMHACoAFygAHDANBgkqhkiG9w0BAQsF AAOCAQEAmchQNqw5aL95EWPk+CiFGLVKi4RGuLwb4Ub1jfxspFhwK56D6vepQy8q PsNLTny2OhG50N4iuDhVSTZZ1nMstBLMYrIEHtO0t2toduLvJLHQhKtTP+o9h7ka NeebTHnDyEPdR7ZBbz9CGsItUCEv6wg7BUmRM4KRCdKEeweLm1GIYP3rvoQMvTTU 5kQ/YDEnUocZ3oWqQ0zhbj8eylXK5lXfLBrPCAr8TQ3gkG2Tfqw+lNJ9R0F8gdK/ URTDc9tVDRkCWJ+nNtSir9y9HfY3MVyx8ADkGO4yQPWVn0JmKbs80g5rttzik56a C5WUDPrT+xHORQkuG/4PMikkM4fNmw== -----END CERTIFICATE-----Generated at Fri Jan 2 12:07:21 2026 by rpki-client