This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/Mkm00kmOtbyp8v2pUXV3V6vE1tE.roa File: Mkm00kmOtbyp8v2pUXV3V6vE1tE.roa (raw, json) Hash identifier: GKx1bFwxEz7qdfbQuVuQsrofytJyEfD186Dd/Qd5sc8= Subject key identifier: 32:49:B4:D2:49:8E:B5:BC:A9:F2:FD:A9:51:75:77:57:AB:C4:D6:D1 Certificate issuer: /CN=55b296d6b534fe3a32cc1c3a4e81358f216c93c7 Certificate serial: 019B77C7078E642EEF0D8482C63AFA4E8EE1 Authority key identifier: 55:B2:96:D6:B5:34:FE:3A:32:CC:1C:3A:4E:81:35:8F:21:6C:93:C7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VbKW1rU0_joyzBw6ToE1jyFsk8c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/Mkm00kmOtbyp8v2pUXV3V6vE1tE.roa Signing time: Thu 01 Jan 2026 04:18:10 +0000 ROA not before: Thu 01 Jan 2026 04:18:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8763 IP address blocks: 81.91.160.0/20 maxlen: 20 81.91.170.0/24 maxlen: 24 81.91.172.0/24 maxlen: 24 81.91.173.0/24 maxlen: 24 185.151.140.0/24 maxlen: 24 2a02:568::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/VbKW1rU0_joyzBw6ToE1jyFsk8c.crl rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/VbKW1rU0_joyzBw6ToE1jyFsk8c.mft rsync://rpki.ripe.net/repository/DEFAULT/VbKW1rU0_joyzBw6ToE1jyFsk8c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 19:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:07:8e:64:2e:ef:0d:84:82:c6:3a:fa:4e:8e:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=55b296d6b534fe3a32cc1c3a4e81358f216c93c7 Validity Not Before: Jan 1 04:18:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3249b4d2498eb5bca9f2fda951757757abc4d6d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:9d:c0:63:fd:bc:94:69:ed:67:f7:d9:f9:cf: ff:0e:45:13:08:18:dd:72:e2:45:ce:54:cb:02:db: 26:0d:62:55:6f:98:4f:94:7f:a5:7e:2b:77:fe:53: 5c:40:29:de:4a:90:07:68:4f:59:65:97:33:70:6d: 2f:ae:ff:32:4f:0e:b3:8d:ad:6d:fd:1f:91:81:a5: 78:3f:7a:e3:85:20:02:cc:d6:f8:cd:81:ad:1f:74: f6:94:20:9d:0e:5f:eb:be:1c:19:d8:cb:d0:03:50: 08:c0:93:29:0d:db:de:c9:d3:12:1b:b3:68:49:e0: 4b:5a:81:5c:27:62:86:6c:21:11:61:ff:63:51:8a: f2:2c:69:34:9c:65:c4:01:3e:6a:d0:28:dc:ba:c5: 00:1a:18:d5:4e:12:eb:6f:76:58:86:2e:9b:42:95: bf:65:3b:da:e6:2e:cf:d2:b7:c1:96:92:9b:a6:10: dc:7b:a3:77:9b:89:47:02:22:c4:78:8e:cf:8c:a5: f2:38:ce:3e:90:ed:01:9e:9d:11:dd:78:95:45:b6: 2c:b1:c1:d2:6d:a9:c5:e7:81:15:d3:58:3c:fe:ff: 64:93:f2:d7:0a:9b:99:3e:16:29:3b:41:10:60:53: 8d:c4:99:df:5c:4c:80:bf:1e:59:bc:06:38:a0:93: b2:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:49:B4:D2:49:8E:B5:BC:A9:F2:FD:A9:51:75:77:57:AB:C4:D6:D1 X509v3 Authority Key Identifier: keyid:55:B2:96:D6:B5:34:FE:3A:32:CC:1C:3A:4E:81:35:8F:21:6C:93:C7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VbKW1rU0_joyzBw6ToE1jyFsk8c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/Mkm00kmOtbyp8v2pUXV3V6vE1tE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/VbKW1rU0_joyzBw6ToE1jyFsk8c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.91.160.0/20 185.151.140.0/24 IPv6: 2a02:568::/32 Signature Algorithm: sha256WithRSAEncryption 3f:df:55:a3:95:67:b5:3b:b4:08:ca:7a:bd:dc:93:60:b1:29: 57:5d:30:1b:88:54:f7:76:83:a6:5d:f7:84:71:f1:34:19:84: 5f:4f:a8:12:ba:da:ae:54:f4:46:8b:25:73:bf:30:33:58:35: dc:d0:04:11:e8:3a:8b:ae:bb:f4:d2:0e:ef:bd:37:57:13:ee: c2:9e:82:a9:dc:0d:8a:1e:2e:4c:94:fa:8a:33:38:3d:b8:c5: 64:d6:fb:03:0b:1a:7b:a4:69:0f:38:61:af:49:90:54:82:b5: 8d:1e:34:2e:45:3d:aa:89:2d:af:5f:91:73:4e:de:9f:34:b4: 83:c5:1f:42:49:86:8d:c0:eb:8b:a4:e7:c8:7b:35:97:d8:5b: bc:c9:39:ab:01:15:6d:d9:f8:23:05:2d:21:e5:d5:6e:8f:f4: ee:8b:fa:0c:39:13:94:4a:1a:4b:84:a8:dc:d2:3f:0b:f8:58: eb:01:63:5d:68:86:eb:6b:fe:b1:ed:cf:95:af:89:3c:79:e8: d4:96:53:dd:65:de:8a:86:bd:21:b6:61:2c:d4:6d:11:1b:cf: 53:77:74:07:31:43:2a:63:6d:79:de:39:60:24:66:d7:45:4c: 27:af:c5:62:34:e2:24:b1:1c:f2:51:53:7e:da:b3:86:1e:95: d3:f1:6c:34 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt3xweOZC7vDYSCxjr6To7hMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU1YjI5NmQ2YjUzNGZlM2EzMmNjMWMzYTRlODEzNThmMjE2 YzkzYzcwHhcNMjYwMTAxMDQxODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMjQ5YjRkMjQ5OGViNWJjYTlmMmZkYTk1MTc1Nzc1N2FiYzRkNmQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJ3AY/28lGntZ/fZ+c//DkUTCBjd cuJFzlTLAtsmDWJVb5hPlH+lfit3/lNcQCneSpAHaE9ZZZczcG0vrv8yTw6zja1t /R+RgaV4P3rjhSACzNb4zYGtH3T2lCCdDl/rvhwZ2MvQA1AIwJMpDdveydMSG7No SeBLWoFcJ2KGbCERYf9jUYryLGk0nGXEAT5q0CjcusUAGhjVThLrb3ZYhi6bQpW/ ZTva5i7P0rfBlpKbphDce6N3m4lHAiLEeI7PjKXyOM4+kO0Bnp0R3XiVRbYsscHS banF54EV01g8/v9kk/LXCpuZPhYpO0EQYFONxJnfXEyAvx5ZvAY4oJOyfwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFDJJtNJJjrW8qfL9qVF1d1erxNbRMB8GA1UdIwQY MBaAFFWylta1NP46MswcOk6BNY8hbJPHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVmJLVzFyVTBfam95ekJ3NlRvRTFqeUZzazhjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9kN2FiMGMtM2MyMi00YzYxLWEyMDEt ZGQ2Y2M5N2M5YmRkLzEvTWttMDBrbU90YnlwOHYycFVYVjNWNnZFMXRFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMi9kN2FiMGMtM2MyMi00YzYxLWEyMDEtZGQ2Y2M5N2M5YmRk LzEvVmJLVzFyVTBfam95ekJ3NlRvRTFqeUZzazhjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUVugAwQA uZeMMA0EAgACMAcDBQAqAgVoMA0GCSqGSIb3DQEBCwUAA4IBAQA/31WjlWe1O7QI ynq93JNgsSlXXTAbiFT3doOmXfeEcfE0GYRfT6gSutquVPRGiyVzvzAzWDXc0AQR 6DqLrrv00g7vvTdXE+7CnoKp3A2KHi5MlPqKMzg9uMVk1vsDCxp7pGkPOGGvSZBU grWNHjQuRT2qiS2vX5FzTt6fNLSDxR9CSYaNwOuLpOfIezWX2Fu8yTmrARVt2fgj BS0h5dVuj/Tui/oMOROUShpLhKjc0j8L+FjrAWNdaIbra/6x7c+Vr4k8eejUllPd Zd6Khr0htmEs1G0RG89Td3QHMUMqY2153jlgJGbXRUwnr8ViNOIksRzyUVN+2rOG HpXT8Ww0 -----END CERTIFICATE-----Generated at Sat Jan 10 04:31:58 2026 by rpki-client