This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/MhVJs-dWDJmrXlKqcMfoLN_84JY.roa File: MhVJs-dWDJmrXlKqcMfoLN_84JY.roa (raw, json) Hash identifier: 2g0t0h8Fxp46vhAobXXA0I4CYe8p0TLn16sQB8keFq4= Subject key identifier: 32:15:49:B3:E7:56:0C:99:AB:5E:52:AA:70:C7:E8:2C:DF:FC:E0:96 Certificate issuer: /CN=2aa3e30497620868e17acb478682ce7a0bd13534 Certificate serial: 019B790FF8CE433FAF038194C0BEEA80948B Authority key identifier: 2A:A3:E3:04:97:62:08:68:E1:7A:CB:47:86:82:CE:7A:0B:D1:35:34 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/MhVJs-dWDJmrXlKqcMfoLN_84JY.roa Signing time: Thu 01 Jan 2026 10:17:28 +0000 ROA not before: Thu 01 Jan 2026 10:17:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202042 IP address blocks: 185.6.76.0/22 maxlen: 24 2a03:e40::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.crl rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:0f:f8:ce:43:3f:af:03:81:94:c0:be:ea:80:94:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2aa3e30497620868e17acb478682ce7a0bd13534 Validity Not Before: Jan 1 10:17:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=321549b3e7560c99ab5e52aa70c7e82cdffce096 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:d4:41:15:cd:b7:86:5d:5c:4c:e8:ff:b1:3e: 90:89:da:99:08:54:c1:2f:43:99:6f:91:c1:df:ca: ae:6e:d0:d2:0e:91:ff:f1:86:48:3a:3c:b1:02:8a: ab:40:0b:74:3d:2f:b9:ec:5e:0e:7d:a1:1f:02:6a: 54:75:71:e3:f4:a8:c2:a1:81:af:88:a7:1e:0d:df: 74:72:a9:e5:5c:84:25:57:4c:f3:ea:97:a3:b1:8e: f6:9c:a2:2e:e0:f5:24:9f:16:d6:a3:da:c8:6c:21: 6a:b2:2e:67:c3:c4:bf:56:3c:4b:06:f7:23:bc:8f: 0c:8f:62:95:2a:c3:7d:dd:c2:31:73:b1:6e:e1:1f: 87:ad:19:6c:ac:c3:5e:d7:af:02:3d:74:45:24:0b: d0:32:26:ba:45:5f:99:0a:a9:89:e6:09:5b:a2:3c: ef:58:42:82:53:f5:3a:6a:79:9d:a8:eb:4c:23:3f: 06:69:0a:5c:51:f7:bb:65:05:fd:79:e1:64:db:52: 83:db:c2:48:f5:fe:c1:98:25:32:ca:dd:1a:0a:19: 66:06:4d:ae:87:02:e5:98:56:37:c3:7e:f4:23:27: 11:4b:0f:3e:0a:52:31:be:d1:57:2c:93:3d:63:d0: f7:e1:3a:3e:40:bd:80:37:08:a7:28:f7:ac:b0:fb: 1c:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:15:49:B3:E7:56:0C:99:AB:5E:52:AA:70:C7:E8:2C:DF:FC:E0:96 X509v3 Authority Key Identifier: keyid:2A:A3:E3:04:97:62:08:68:E1:7A:CB:47:86:82:CE:7A:0B:D1:35:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/MhVJs-dWDJmrXlKqcMfoLN_84JY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.6.76.0/22 IPv6: 2a03:e40::/32 Signature Algorithm: sha256WithRSAEncryption 9c:2b:44:d8:a4:c6:84:72:b2:a2:d4:5e:22:ac:bb:6c:08:04: 74:cf:6b:0f:30:d7:74:6d:4d:10:2e:cd:6e:d5:50:70:07:d7: 4b:6f:45:39:45:42:37:b1:6a:2b:47:3d:33:55:90:77:30:9e: 8b:fc:a1:15:6f:24:5d:dc:6c:94:91:97:84:94:c2:db:4b:3e: 05:a7:9c:44:74:1c:e0:e5:53:77:cd:b0:81:dc:54:ef:b3:c0: 7c:17:7b:19:ae:d6:b9:a3:c1:cf:6d:43:a0:64:66:30:bf:cd: 2a:f6:8a:4d:ad:51:9b:2e:74:79:01:7d:4e:cc:46:09:50:73: 7f:d7:6c:d9:e7:c8:1a:32:83:82:3f:64:67:a3:c9:ed:0c:d3: 5a:de:8b:f6:a5:4e:67:bb:4a:ee:6f:ee:7b:9f:e0:5c:6f:0b: d9:49:60:f4:6e:fd:5f:95:3c:00:ca:97:ba:5f:db:65:40:e6: 8e:08:d0:d3:f3:5d:43:4e:c2:d0:ac:45:56:f0:f8:9f:c6:a4: a9:e1:1f:25:a9:78:8b:4d:32:d7:52:9a:d6:60:39:7f:50:07: e7:1f:d6:e8:60:56:11:95:5b:37:cf:ea:41:bc:f3:38:24:26: 72:1c:ad:d8:66:ff:f9:e9:38:90:13:02:ea:24:8f:71:c5:86: 05:50:13:71 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt5D/jOQz+vA4GUwL7qgJSLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhYTNlMzA0OTc2MjA4NjhlMTdhY2I0Nzg2ODJjZTdhMGJk MTM1MzQwHhcNMjYwMTAxMTAxNzI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMjE1NDliM2U3NTYwYzk5YWI1ZTUyYWE3MGM3ZTgyY2RmZmNlMDk2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytRBFc23hl1cTOj/sT6QidqZCFTB L0OZb5HB38qubtDSDpH/8YZIOjyxAoqrQAt0PS+57F4OfaEfAmpUdXHj9KjCoYGv iKceDd90cqnlXIQlV0zz6pejsY72nKIu4PUknxbWo9rIbCFqsi5nw8S/VjxLBvcj vI8Mj2KVKsN93cIxc7Fu4R+HrRlsrMNe168CPXRFJAvQMia6RV+ZCqmJ5glbojzv WEKCU/U6anmdqOtMIz8GaQpcUfe7ZQX9eeFk21KD28JI9f7BmCUyyt0aChlmBk2u hwLlmFY3w370IycRSw8+ClIxvtFXLJM9Y9D34To+QL2ANwinKPessPsc2wIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFDIVSbPnVgyZq15SqnDH6Czf/OCWMB8GA1UdIwQY MBaAFCqj4wSXYgho4XrLR4aCznoL0TU0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85ODdiM2MtZjM0NS00MTEyLTkyNDAt YTRjMGFiYTliYmViLzEvTWhWSnMtZFdESm1yWGxLcWNNZm9MTl84NEpZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS85ODdiM2MtZjM0NS00MTEyLTkyNDAtYTRjMGFiYTliYmVi LzEvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQZMMA0E AgACMAcDBQAqAw5AMA0GCSqGSIb3DQEBCwUAA4IBAQCcK0TYpMaEcrKi1F4irLts CAR0z2sPMNd0bU0QLs1u1VBwB9dLb0U5RUI3sWorRz0zVZB3MJ6L/KEVbyRd3GyU kZeElMLbSz4Fp5xEdBzg5VN3zbCB3FTvs8B8F3sZrta5o8HPbUOgZGYwv80q9opN rVGbLnR5AX1OzEYJUHN/12zZ58gaMoOCP2Rno8ntDNNa3ov2pU5nu0rub+57n+Bc bwvZSWD0bv1flTwAype6X9tlQOaOCNDT811DTsLQrEVW8PifxqSp4R8lqXiLTTLX UprWYDl/UAfnH9boYFYRlVs3z+pBvPM4JCZyHK3YZv/56TiQEwLqJI9xxYYFUBNx -----END CERTIFICATE-----Generated at Mon Feb 9 21:01:33 2026 by rpki-client