This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/kMPviltRtqxAKO4xs3FL286WfMI.roa File: kMPviltRtqxAKO4xs3FL286WfMI.roa (raw, json) Hash identifier: b2KX7/1WNd0ZVOSNk+xrifaPOCqz2zXGvf6d4rAcmDs= Subject key identifier: 90:C3:EF:8A:5B:51:B6:AC:40:28:EE:31:B3:71:4B:DB:CE:96:7C:C2 Certificate issuer: /CN=94f519c4ecf15f5fc1e06eaa6e03f9cb03956caa Certificate serial: 019B7EA564178C7AEEC5EF55550EBDFECC46 Authority key identifier: 94:F5:19:C4:EC:F1:5F:5F:C1:E0:6E:AA:6E:03:F9:CB:03:95:6C:AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lPUZxOzxX1_B4G6qbgP5ywOVbKo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/kMPviltRtqxAKO4xs3FL286WfMI.roa Signing time: Fri 02 Jan 2026 12:18:46 +0000 ROA not before: Fri 02 Jan 2026 12:18:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29152 IP address blocks: 195.80.152.0/24 maxlen: 24 195.80.153.0/24 maxlen: 24 195.80.154.0/24 maxlen: 24 195.80.155.0/24 maxlen: 24 195.80.156.0/24 maxlen: 24 195.80.157.0/24 maxlen: 24 195.80.159.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/lPUZxOzxX1_B4G6qbgP5ywOVbKo.crl rsync://rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/lPUZxOzxX1_B4G6qbgP5ywOVbKo.mft rsync://rpki.ripe.net/repository/DEFAULT/lPUZxOzxX1_B4G6qbgP5ywOVbKo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a5:64:17:8c:7a:ee:c5:ef:55:55:0e:bd:fe:cc:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94f519c4ecf15f5fc1e06eaa6e03f9cb03956caa Validity Not Before: Jan 2 12:18:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=90c3ef8a5b51b6ac4028ee31b3714bdbce967cc2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:41:04:b4:93:80:56:51:ff:8a:c4:53:a3:75: 9c:3a:90:3a:48:23:53:ad:4f:2e:e2:3a:3b:1d:39: eb:8a:fe:31:78:aa:34:3b:dc:aa:fc:87:09:e2:b8: 15:b4:c4:ef:07:7e:e6:59:2c:19:2b:8d:06:1e:7e: 87:76:43:41:c3:c9:7c:b6:06:66:eb:71:a2:6b:87: c3:91:ca:a6:0f:27:e0:20:41:fb:e3:10:19:9e:16: be:bb:fd:5d:2f:e9:a2:bd:73:77:10:63:34:1c:34: d7:53:77:08:9d:d3:48:a7:33:7d:28:a6:c8:e7:c3: 58:84:00:28:3b:67:e7:73:ba:72:a1:e1:c0:94:62: 13:fc:33:48:f7:51:f4:69:36:54:c7:69:8b:a0:39: 79:5f:09:89:ee:60:fa:54:aa:95:05:26:9a:c7:55: 94:0e:f7:b3:53:87:a9:14:69:62:4b:72:b4:14:6f: cf:ae:05:f0:11:c9:c4:49:94:e3:16:90:aa:d5:3e: b2:6c:5c:e5:23:c1:40:c6:59:94:72:32:35:b9:9e: 91:8e:0a:9f:68:ad:36:c8:49:97:6f:dc:2f:51:be: 01:6c:93:6c:ff:7e:98:72:44:5e:08:4a:9c:93:e6: dd:77:ce:6c:20:c4:ee:9b:df:b1:5c:aa:5e:c3:1b: 78:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:C3:EF:8A:5B:51:B6:AC:40:28:EE:31:B3:71:4B:DB:CE:96:7C:C2 X509v3 Authority Key Identifier: keyid:94:F5:19:C4:EC:F1:5F:5F:C1:E0:6E:AA:6E:03:F9:CB:03:95:6C:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPUZxOzxX1_B4G6qbgP5ywOVbKo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/kMPviltRtqxAKO4xs3FL286WfMI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/lPUZxOzxX1_B4G6qbgP5ywOVbKo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.80.152.0-195.80.157.255 195.80.159.0/24 Signature Algorithm: sha256WithRSAEncryption 6f:cd:9f:c3:1f:05:b8:18:7f:e7:fc:28:a4:08:ac:19:a4:38: 1e:92:22:c9:fd:c3:36:2f:ea:72:9c:1e:db:3e:48:02:1e:c1: d7:9d:f0:33:55:0b:f8:78:40:3e:f5:ae:fc:34:bf:fd:59:91: 00:2d:97:e6:eb:1c:d3:98:51:4f:e6:73:6b:93:8a:d9:56:95: 55:40:34:a2:a7:bf:c6:6b:25:72:c8:09:b1:71:36:86:62:f4: 4e:59:0c:ad:b7:09:8e:91:02:1a:fc:46:06:f5:22:9f:d3:07: d5:c8:c5:25:3d:6a:c4:11:65:78:47:28:4f:58:c0:d9:33:81: 36:bc:38:e4:ce:17:e1:f7:78:d3:b3:41:f8:9e:2d:ee:97:3d: 98:02:21:0b:8f:35:91:31:b4:51:0f:47:0f:a9:b5:52:43:07: 55:3e:52:34:f1:fd:0f:3f:cf:82:50:d9:14:5c:57:97:92:3d: fa:2c:4b:e6:fd:f1:b7:0f:0b:7f:b0:81:b9:41:6a:c5:32:a5: 7a:34:bb:5f:35:f7:a7:87:c7:02:56:17:b4:f9:a4:00:0a:b3: 5f:61:f6:9d:5f:57:44:9f:7e:c5:87:60:4c:51:b4:7c:95:2f: e3:33:ca:9d:47:ef:79:d5:40:cf:fd:ad:9c:22:3c:7d:63:98: ee:da:21:0c -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt+pWQXjHruxe9VVQ69/sxGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0ZjUxOWM0ZWNmMTVmNWZjMWUwNmVhYTZlMDNmOWNiMDM5 NTZjYWEwHhcNMjYwMTAyMTIxODQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MGMzZWY4YTViNTFiNmFjNDAyOGVlMzFiMzcxNGJkYmNlOTY3Y2MyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkEEtJOAVlH/isRTo3WcOpA6SCNT rU8u4jo7HTnriv4xeKo0O9yq/IcJ4rgVtMTvB37mWSwZK40GHn6HdkNBw8l8tgZm 63Gia4fDkcqmDyfgIEH74xAZnha+u/1dL+mivXN3EGM0HDTXU3cIndNIpzN9KKbI 58NYhAAoO2fnc7pyoeHAlGIT/DNI91H0aTZUx2mLoDl5XwmJ7mD6VKqVBSaax1WU DvezU4epFGliS3K0FG/PrgXwEcnESZTjFpCq1T6ybFzlI8FAxlmUcjI1uZ6Rjgqf aK02yEmXb9wvUb4BbJNs/36YckReCEqck+bdd85sIMTum9+xXKpewxt4+QIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFJDD74pbUbasQCjuMbNxS9vOlnzCMB8GA1UdIwQY MBaAFJT1GcTs8V9fweBuqm4D+csDlWyqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbFBVWnhPenhYMV9CNEc2cWJnUDV5d09WYktvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8xMDg5NjctNjg2YS00MzIyLTg1YjMt NTE2ZWFjNDY5MDUzLzEva01QdmlsdFJ0cXhBS080eHMzRkwyODZXZk1JLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS8xMDg5NjctNjg2YS00MzIyLTg1YjMtNTE2ZWFjNDY5MDUz LzEvbFBVWnhPenhYMV9CNEc2cWJnUDV5d09WYktvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAPDUJgD BAHDUJwDBADDUJ8wDQYJKoZIhvcNAQELBQADggEBAG/Nn8MfBbgYf+f8KKQIrBmk OB6SIsn9wzYv6nKcHts+SAIewded8DNVC/h4QD71rvw0v/1ZkQAtl+brHNOYUU/m c2uTitlWlVVANKKnv8ZrJXLICbFxNoZi9E5ZDK23CY6RAhr8Rgb1Ip/TB9XIxSU9 asQRZXhHKE9YwNkzgTa8OOTOF+H3eNOzQfieLe6XPZgCIQuPNZExtFEPRw+ptVJD B1U+UjTx/Q8/z4JQ2RRcV5eSPfosS+b98bcPC3+wgblBasUypXo0u18196eHxwJW F7T5pAAKs19h9p1fV0SffsWHYExRtHyVL+Mzyp1H73nVQM/9rZwiPH1jmO7aIQw= -----END CERTIFICATE-----Generated at Mon Feb 9 20:03:32 2026 by rpki-client