This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/aef530-0c91-4c28-85ae-27cb1b026113/1/MK5B2h9Q0ERwN9XCDOgzBibuA-8.roa File: MK5B2h9Q0ERwN9XCDOgzBibuA-8.roa (raw, json) Hash identifier: N47GLmPQEQK3T6K6K5QwCYgIvSWVtPfThL2ceHkYyic= Subject key identifier: 30:AE:41:DA:1F:50:D0:44:70:37:D5:C2:0C:E8:33:06:26:EE:03:EF Certificate issuer: /CN=66dfb43158d9ddb2f5b9f2923753bed3fb1173ca Certificate serial: 019B7C7F51BAB30A5FBADA9B058E7DDA48EC Authority key identifier: 66:DF:B4:31:58:D9:DD:B2:F5:B9:F2:92:37:53:BE:D3:FB:11:73:CA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt-0MVjZ3bL1ufKSN1O-0_sRc8o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/aef530-0c91-4c28-85ae-27cb1b026113/1/MK5B2h9Q0ERwN9XCDOgzBibuA-8.roa Signing time: Fri 02 Jan 2026 02:17:57 +0000 ROA not before: Fri 02 Jan 2026 02:17:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15721 IP address blocks: 217.21.160.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/aef530-0c91-4c28-85ae-27cb1b026113/1/Zt-0MVjZ3bL1ufKSN1O-0_sRc8o.crl rsync://rpki.ripe.net/repository/DEFAULT/1e/aef530-0c91-4c28-85ae-27cb1b026113/1/Zt-0MVjZ3bL1ufKSN1O-0_sRc8o.mft rsync://rpki.ripe.net/repository/DEFAULT/Zt-0MVjZ3bL1ufKSN1O-0_sRc8o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:51:ba:b3:0a:5f:ba:da:9b:05:8e:7d:da:48:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=66dfb43158d9ddb2f5b9f2923753bed3fb1173ca Validity Not Before: Jan 2 02:17:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=30ae41da1f50d0447037d5c20ce8330626ee03ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:7b:c5:0c:f8:c3:85:4c:d3:17:21:99:28:10: 3d:d4:8a:5c:1c:a6:9c:40:60:d0:06:fb:63:cb:4f: 66:44:e5:82:5b:fe:49:01:72:81:ee:5b:02:d5:ad: 6e:07:97:35:14:31:e0:4c:84:ab:8d:cd:8d:21:8d: d2:8a:fa:0b:23:00:d9:d5:1c:ec:45:18:89:e5:06: 95:13:50:75:62:e6:6b:f8:2d:ac:e5:95:33:ca:73: e9:cf:1e:a1:1d:20:f9:72:1d:4b:30:81:a2:62:d0: 30:b8:3b:e6:67:e7:d9:71:fb:f4:14:a9:34:dc:f2: e4:38:58:e7:28:2b:f3:53:4b:45:7c:e9:54:e7:46: 11:b4:f5:56:21:fc:ea:b0:ab:04:09:1d:d2:17:9c: 7d:74:de:d7:8e:14:9f:5b:af:f9:1b:36:10:c1:8d: e7:22:e8:66:42:5d:05:3f:12:85:9c:39:83:6a:83: fe:84:71:c5:9b:8e:1b:53:96:e7:1a:95:5e:9c:d6: b3:b9:c1:e2:19:ac:ae:17:0f:d4:02:1a:30:45:5d: a9:2a:46:5e:43:32:62:c3:7b:f2:ae:6c:d3:ec:c3: fa:41:4b:0e:22:28:b3:e0:da:1f:52:74:cf:e8:c7: 01:74:15:10:90:2c:4e:20:f0:0f:71:56:06:8e:01: 7d:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:AE:41:DA:1F:50:D0:44:70:37:D5:C2:0C:E8:33:06:26:EE:03:EF X509v3 Authority Key Identifier: keyid:66:DF:B4:31:58:D9:DD:B2:F5:B9:F2:92:37:53:BE:D3:FB:11:73:CA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt-0MVjZ3bL1ufKSN1O-0_sRc8o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/aef530-0c91-4c28-85ae-27cb1b026113/1/MK5B2h9Q0ERwN9XCDOgzBibuA-8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/aef530-0c91-4c28-85ae-27cb1b026113/1/Zt-0MVjZ3bL1ufKSN1O-0_sRc8o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.21.160.0/20 Signature Algorithm: sha256WithRSAEncryption 60:5d:64:9a:48:4b:ee:04:fc:89:6b:03:34:f2:ef:80:fd:b1: 21:7f:27:33:48:73:38:d4:d2:ad:a8:c3:37:a6:e1:6e:10:49: af:2c:44:3c:d6:74:27:9f:c9:00:3a:77:f2:df:79:0d:60:fc: 13:85:a5:be:1b:bd:66:a3:6b:eb:bd:87:6c:db:ed:a5:c1:9b: ce:85:b3:b6:90:51:1a:80:b3:3b:28:56:68:46:3f:3c:99:17: ae:ee:c0:bc:42:60:94:66:9b:ad:1d:72:97:05:b7:e1:51:60: bc:dd:14:f9:8d:5e:f2:1f:af:16:78:90:39:f1:a7:47:a9:04: 3a:3f:fa:a5:2f:b7:bc:af:9b:e1:72:6d:2f:79:c2:06:c8:fa: 4d:47:98:5b:3a:ce:13:ff:3a:71:09:fb:8e:b0:b9:07:35:4e: 03:d6:57:5e:f4:bf:02:a2:8f:9b:de:de:7d:f6:eb:46:5e:37: 3a:53:2e:3a:0d:d5:8d:89:4a:94:a8:77:a7:3a:bc:cc:9b:7a: b0:b2:ff:00:fa:3b:6b:34:44:fe:8f:c8:2d:7f:b9:3c:c8:fd: 7b:2e:79:db:9a:14:d3:db:88:63:17:3e:52:71:bf:8e:4a:46: c6:e8:84:ea:ff:df:6b:75:86:94:15:6b:c4:66:6a:19:f5:7e: 3b:df:22:32 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt8f1G6swpfutqbBY592kjsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY2ZGZiNDMxNThkOWRkYjJmNWI5ZjI5MjM3NTNiZWQzZmIx MTczY2EwHhcNMjYwMTAyMDIxNzU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMGFlNDFkYTFmNTBkMDQ0NzAzN2Q1YzIwY2U4MzMwNjI2ZWUwM2VmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnvFDPjDhUzTFyGZKBA91IpcHKac QGDQBvtjy09mROWCW/5JAXKB7lsC1a1uB5c1FDHgTISrjc2NIY3SivoLIwDZ1Rzs RRiJ5QaVE1B1YuZr+C2s5ZUzynPpzx6hHSD5ch1LMIGiYtAwuDvmZ+fZcfv0FKk0 3PLkOFjnKCvzU0tFfOlU50YRtPVWIfzqsKsECR3SF5x9dN7XjhSfW6/5GzYQwY3n IuhmQl0FPxKFnDmDaoP+hHHFm44bU5bnGpVenNazucHiGayuFw/UAhowRV2pKkZe QzJiw3vyrmzT7MP6QUsOIiiz4NofUnTP6McBdBUQkCxOIPAPcVYGjgF9WQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFDCuQdofUNBEcDfVwgzoMwYm7gPvMB8GA1UdIwQY MBaAFGbftDFY2d2y9bnykjdTvtP7EXPKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWnQtME1WalozYkwxdWZLU04xTy0wX3NSYzhvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9hZWY1MzAtMGM5MS00YzI4LTg1YWUt MjdjYjFiMDI2MTEzLzEvTUs1QjJoOVEwRVJ3TjlYQ0RPZ3pCaWJ1QS04LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZS9hZWY1MzAtMGM5MS00YzI4LTg1YWUtMjdjYjFiMDI2MTEz LzEvWnQtME1WalozYkwxdWZLU04xTy0wX3NSYzhvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2RWgMA0G CSqGSIb3DQEBCwUAA4IBAQBgXWSaSEvuBPyJawM08u+A/bEhfyczSHM41NKtqMM3 puFuEEmvLEQ81nQnn8kAOnfy33kNYPwThaW+G71mo2vrvYds2+2lwZvOhbO2kFEa gLM7KFZoRj88mReu7sC8QmCUZputHXKXBbfhUWC83RT5jV7yH68WeJA58adHqQQ6 P/qlL7e8r5vhcm0vecIGyPpNR5hbOs4T/zpxCfuOsLkHNU4D1lde9L8Coo+b3t59 9utGXjc6Uy46DdWNiUqUqHenOrzMm3qwsv8A+jtrNET+j8gtf7k8yP17LnnbmhTT 24hjFz5Scb+OSkbG6ITq/99rdYaUFWvEZmoZ9X473yIy -----END CERTIFICATE-----Generated at Tue Feb 10 04:16:41 2026 by rpki-client