This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/1182cb-5f95-4cd4-b72f-46b46fc0e496/1/mh-GYVdTRd_42s-4vmsQOV1tY40.roa File: mh-GYVdTRd_42s-4vmsQOV1tY40.roa (raw, json) Hash identifier: pgFeIkHEDR3yEGlYLLu69s0r5w/mu9jqvo+vTtixs6s= Subject key identifier: 9A:1F:86:61:57:53:45:DF:F8:DA:CF:B8:BE:6B:10:39:5D:6D:63:8D Certificate issuer: /CN=b2ed1d6066f4e4654ef5f3cc70a5d905a9af8290 Certificate serial: 019B797E57DB508DDB6C22C984D34B43A17D Authority key identifier: B2:ED:1D:60:66:F4:E4:65:4E:F5:F3:CC:70:A5:D9:05:A9:AF:82:90 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/su0dYGb05GVO9fPMcKXZBamvgpA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/1182cb-5f95-4cd4-b72f-46b46fc0e496/1/mh-GYVdTRd_42s-4vmsQOV1tY40.roa Signing time: Thu 01 Jan 2026 12:18:01 +0000 ROA not before: Thu 01 Jan 2026 12:18:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 19905 IP address blocks: 217.145.160.0/20 maxlen: 24 217.145.162.0/24 maxlen: 24 217.145.164.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/1182cb-5f95-4cd4-b72f-46b46fc0e496/1/su0dYGb05GVO9fPMcKXZBamvgpA.crl rsync://rpki.ripe.net/repository/DEFAULT/35/1182cb-5f95-4cd4-b72f-46b46fc0e496/1/su0dYGb05GVO9fPMcKXZBamvgpA.mft rsync://rpki.ripe.net/repository/DEFAULT/su0dYGb05GVO9fPMcKXZBamvgpA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:57:db:50:8d:db:6c:22:c9:84:d3:4b:43:a1:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b2ed1d6066f4e4654ef5f3cc70a5d905a9af8290 Validity Not Before: Jan 1 12:18:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9a1f8661575345dff8dacfb8be6b10395d6d638d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:d6:e6:34:a3:48:3e:eb:3e:0c:cf:20:06:1f: 90:1a:31:a7:6b:78:5c:f6:e3:f4:ac:c1:33:ef:a7: a5:af:fd:7c:bf:cf:c3:5f:8a:12:b6:06:68:bc:30: 2c:06:e5:f5:52:4f:86:f7:9b:55:a5:50:58:ef:91: 82:61:0e:93:4d:ff:e1:ef:ca:d6:19:50:65:f9:72: 6a:cc:8f:6a:6b:4a:f2:32:09:e4:00:b8:c1:8b:d7: 43:5d:c7:ec:82:01:a1:72:4a:09:11:36:f7:09:b8: 0a:07:e3:09:83:5b:ff:72:3e:ec:02:d9:f1:5f:04: 31:33:5e:4b:de:4e:cd:65:24:28:2c:59:67:0c:ea: e4:87:98:c0:d8:bd:8a:77:f2:8e:0a:5b:79:96:1d: 1d:5d:de:37:9a:e5:93:eb:af:6a:30:65:52:b4:d9: a6:6b:2e:1c:c3:41:58:f9:ac:3e:13:18:c3:0f:18: 10:42:69:2f:0a:ff:93:35:3f:9a:9f:0a:78:e6:7f: f7:b9:c7:2e:9f:1c:1f:f8:39:e3:f7:13:ba:1a:52: 98:dc:5f:0d:a6:20:61:50:12:30:ac:bf:4e:c2:f4: f6:14:d1:ff:e5:05:31:0b:77:da:8f:08:5a:5d:f9: 1a:80:ef:2b:3a:15:00:ff:92:f0:9a:e9:d3:9a:57: 4d:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:1F:86:61:57:53:45:DF:F8:DA:CF:B8:BE:6B:10:39:5D:6D:63:8D X509v3 Authority Key Identifier: keyid:B2:ED:1D:60:66:F4:E4:65:4E:F5:F3:CC:70:A5:D9:05:A9:AF:82:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/su0dYGb05GVO9fPMcKXZBamvgpA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/1182cb-5f95-4cd4-b72f-46b46fc0e496/1/mh-GYVdTRd_42s-4vmsQOV1tY40.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/1182cb-5f95-4cd4-b72f-46b46fc0e496/1/su0dYGb05GVO9fPMcKXZBamvgpA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.145.160.0/20 Signature Algorithm: sha256WithRSAEncryption 22:ee:4d:7b:11:4f:97:c3:3b:1f:1d:23:78:48:3d:bf:21:4a: 40:4e:aa:40:ef:44:7a:fd:9a:fe:ba:ac:ea:2e:b2:66:24:66: ea:47:42:dd:da:9d:ed:f7:08:fa:3c:71:aa:b0:88:a2:41:0e: cf:46:5f:ca:f5:3e:79:3f:bf:7c:07:ae:17:88:20:21:b7:2a: 2f:b4:90:6d:94:c1:47:b6:2a:d0:85:61:bf:ff:53:b4:5a:52: cd:b2:72:01:7d:80:d7:ca:ca:25:9f:e5:ff:b1:71:4e:bb:3f: 9e:d5:9a:3f:98:f2:d0:6c:37:1a:60:f1:b3:d5:c5:32:b7:41: 1f:b8:53:40:4c:53:e7:1d:6b:ea:71:39:26:b8:94:e6:71:dd: 16:6f:85:8e:95:4b:cd:49:c2:dd:4f:ef:12:99:70:14:b8:19: c2:3e:f7:20:75:0b:fa:37:61:e5:d4:39:05:8b:4c:fa:72:f5: d0:70:31:28:36:c6:47:b0:0b:1a:c6:f5:50:44:d2:3d:fe:85: 7d:1d:03:dd:4c:5c:ed:5e:bc:63:32:d5:66:3c:47:8d:59:5c: 5a:d2:6a:50:3b:3a:bc:40:db:48:ab:06:fc:8f:1f:bf:13:7a: 50:51:ec:70:88:6b:16:87:e7:13:75:41:e2:d3:66:09:b4:ca: 6e:70:55:d9 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt5flfbUI3bbCLJhNNLQ6F9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyZWQxZDYwNjZmNGU0NjU0ZWY1ZjNjYzcwYTVkOTA1YTlh ZjgyOTAwHhcNMjYwMTAxMTIxODAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5YTFmODY2MTU3NTM0NWRmZjhkYWNmYjhiZTZiMTAzOTVkNmQ2MzhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdbmNKNIPus+DM8gBh+QGjGna3hc 9uP0rMEz76elr/18v8/DX4oStgZovDAsBuX1Uk+G95tVpVBY75GCYQ6TTf/h78rW GVBl+XJqzI9qa0ryMgnkALjBi9dDXcfsggGhckoJETb3CbgKB+MJg1v/cj7sAtnx XwQxM15L3k7NZSQoLFlnDOrkh5jA2L2Kd/KOClt5lh0dXd43muWT669qMGVStNmm ay4cw0FY+aw+ExjDDxgQQmkvCv+TNT+anwp45n/3uccunxwf+Dnj9xO6GlKY3F8N piBhUBIwrL9OwvT2FNH/5QUxC3fajwhaXfkagO8rOhUA/5LwmunTmldN7wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJofhmFXU0Xf+NrPuL5rEDldbWONMB8GA1UdIwQY MBaAFLLtHWBm9ORlTvXzzHCl2QWpr4KQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc3UwZFlHYjA1R1ZPOWZQTWNLWFpCYW12Z3BBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8xMTgyY2ItNWY5NS00Y2Q0LWI3MmYt NDZiNDZmYzBlNDk2LzEvbWgtR1lWZFRSZF80MnMtNHZtc1FPVjF0WTQwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS8xMTgyY2ItNWY5NS00Y2Q0LWI3MmYtNDZiNDZmYzBlNDk2 LzEvc3UwZFlHYjA1R1ZPOWZQTWNLWFpCYW12Z3BBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2ZGgMA0G CSqGSIb3DQEBCwUAA4IBAQAi7k17EU+XwzsfHSN4SD2/IUpATqpA70R6/Zr+uqzq LrJmJGbqR0Ld2p3t9wj6PHGqsIiiQQ7PRl/K9T55P798B64XiCAhtyovtJBtlMFH tirQhWG//1O0WlLNsnIBfYDXysoln+X/sXFOuz+e1Zo/mPLQbDcaYPGz1cUyt0Ef uFNATFPnHWvqcTkmuJTmcd0Wb4WOlUvNScLdT+8SmXAUuBnCPvcgdQv6N2Hl1DkF i0z6cvXQcDEoNsZHsAsaxvVQRNI9/oV9HQPdTFztXrxjMtVmPEeNWVxa0mpQOzq8 QNtIqwb8jx+/E3pQUexwiGsWh+cTdUHi02YJtMpucFXZ -----END CERTIFICATE-----Generated at Tue Jan 20 01:20:47 2026 by rpki-client