This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/Mcn8ffph0vFbf5y77sp8qX9cvuQ.roa File: Mcn8ffph0vFbf5y77sp8qX9cvuQ.roa (raw, json) Hash identifier: oh6B2oDiINNmRv7LyEyRUP7+GJCatnxM+IyU6VV9yRs= Subject key identifier: 31:C9:FC:7D:FA:61:D2:F1:5B:7F:9C:BB:EE:CA:7C:A9:7F:5C:BE:E4 Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13 Certificate serial: 019B7DC9846434FDF92762B4312792BAFEBF Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/Mcn8ffph0vFbf5y77sp8qX9cvuQ.roa Signing time: Fri 02 Jan 2026 08:18:37 +0000 ROA not before: Fri 02 Jan 2026 08:18:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209372 IP address blocks: 158.46.128.0/18 maxlen: 24 158.46.148.0/24 maxlen: 24 158.46.149.0/24 maxlen: 24 158.46.160.0/23 maxlen: 23 158.46.162.0/23 maxlen: 23 158.46.162.0/24 maxlen: 24 158.46.176.0/24 maxlen: 24 158.46.177.0/24 maxlen: 24 158.46.181.0/24 maxlen: 24 158.46.188.0/22 maxlen: 24 158.46.192.0/19 maxlen: 24 158.46.192.0/22 maxlen: 22 158.46.196.0/22 maxlen: 24 158.46.200.0/21 maxlen: 24 158.46.205.0/24 maxlen: 24 158.46.207.0/24 maxlen: 24 158.46.250.0/23 maxlen: 24 158.46.250.0/24 maxlen: 24 158.46.251.0/24 maxlen: 24 178.171.0.0/17 maxlen: 24 178.171.0.0/20 maxlen: 24 178.171.20.0/22 maxlen: 24 178.171.32.0/22 maxlen: 22 178.171.36.0/24 maxlen: 24 178.171.37.0/24 maxlen: 24 178.171.48.0/23 maxlen: 24 178.171.50.0/23 maxlen: 24 178.171.60.0/23 maxlen: 24 178.171.62.0/23 maxlen: 24 178.171.69.0/24 maxlen: 24 178.171.70.0/24 maxlen: 24 178.171.84.0/22 maxlen: 24 178.171.86.0/24 maxlen: 24 178.171.88.0/23 maxlen: 23 178.171.94.0/24 maxlen: 24 178.171.100.0/24 maxlen: 24 178.171.101.0/24 maxlen: 24 178.171.102.0/24 maxlen: 24 178.171.104.0/24 maxlen: 24 178.171.106.0/23 maxlen: 23 178.171.110.0/23 maxlen: 24 178.171.119.0/24 maxlen: 24 178.171.123.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.mft rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c9:84:64:34:fd:f9:27:62:b4:31:27:92:ba:fe:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13 Validity Not Before: Jan 2 08:18:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=31c9fc7dfa61d2f15b7f9cbbeeca7ca97f5cbee4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fc:89:2a:52:b1:d0:45:7b:fa:14:c7:29:ad:82: 88:4d:96:7f:a0:1d:4d:e2:24:db:01:e7:29:0b:32: 03:3e:41:7e:1a:76:47:68:20:63:9c:80:44:cf:1a: bd:d9:fe:f5:44:bb:08:0c:95:bb:76:ad:68:54:2f: 14:19:4b:4c:31:85:8f:a0:86:38:33:bf:4f:2f:ce: f4:cd:88:a6:12:cf:63:6e:14:8c:ae:34:55:05:dd: e5:06:db:5f:ad:76:31:0b:c0:db:a3:63:56:3c:ad: 57:df:69:60:3e:6f:b7:3b:ae:70:81:bc:28:8c:ba: cd:1e:87:76:6b:2c:1b:61:9d:4a:c8:3c:a9:b9:e2: be:1c:bd:34:30:a8:e8:df:d4:d6:f5:b0:d7:ef:43: 34:a4:c2:10:c8:db:0a:33:3a:40:2c:30:99:22:77: 32:f7:3c:9d:4b:14:6f:fb:c0:d4:78:68:a9:92:71: 02:e7:3d:24:66:1f:eb:7c:aa:1a:fb:a3:9b:d3:6b: 80:f2:2d:c0:3d:9c:5a:8a:56:8c:5a:be:cc:c9:e2: 46:36:32:f1:ab:5b:9f:13:a7:7e:08:a4:12:e2:f0: 6f:ca:37:93:0d:4c:50:e9:86:a1:85:be:c7:0e:a9: bc:99:75:cc:fa:3c:70:33:b9:2c:22:11:1a:7f:cb: 66:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:C9:FC:7D:FA:61:D2:F1:5B:7F:9C:BB:EE:CA:7C:A9:7F:5C:BE:E4 X509v3 Authority Key Identifier: keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/Mcn8ffph0vFbf5y77sp8qX9cvuQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.46.128.0-158.46.223.255 158.46.250.0/23 178.171.0.0/17 Signature Algorithm: sha256WithRSAEncryption 2e:2a:10:d6:03:76:b8:24:68:0b:fe:d9:a7:97:cf:04:00:49: ee:9a:12:09:2b:c4:d6:f7:30:dd:64:b1:29:a5:52:62:c9:53: 72:34:c8:51:35:c4:fd:fa:b5:77:8f:8c:b3:49:d3:5a:da:01: 27:01:eb:c1:f6:86:82:7c:4a:1f:67:70:92:89:44:f6:70:e8: 00:5c:7e:92:b6:c9:b3:7b:f9:e4:90:f2:e5:17:78:6e:2e:3a: c2:8b:71:92:dc:94:60:8d:cd:74:87:0e:e9:a7:ab:45:8c:4c: 63:85:c9:b1:48:b5:35:12:1d:5f:56:e8:64:73:d0:83:41:f3: 35:c0:32:8d:1c:2f:96:65:36:49:ba:f7:f3:77:e7:dc:c7:30: a4:a8:2d:8d:25:7b:d4:93:68:cd:ea:25:ea:0c:d2:94:92:42: a3:4c:fd:ad:b2:3e:98:8e:0f:f8:d4:db:80:2e:29:a9:4e:81: 65:1e:ac:68:ca:af:2a:b8:0d:57:a2:95:ec:5f:ae:fb:c6:29: f2:3d:eb:0d:d1:31:7a:2e:46:2a:37:ff:ca:79:fc:45:02:16: 8a:fd:47:0e:0c:6b:29:32:e4:1f:ff:db:be:2d:6b:52:4c:cc: 22:8c:5e:5b:09:50:e3:48:2e:29:f2:66:f5:ba:ec:93:96:78: 81:c7:0a:08 -----BEGIN CERTIFICATE----- MIIFETCCA/mgAwIBAgISAZt9yYRkNP35J2K0MSeSuv6/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl NjNjMTMwHhcNMjYwMTAyMDgxODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMWM5ZmM3ZGZhNjFkMmYxNWI3ZjljYmJlZWNhN2NhOTdmNWNiZWU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/IkqUrHQRXv6FMcprYKITZZ/oB1N 4iTbAecpCzIDPkF+GnZHaCBjnIBEzxq92f71RLsIDJW7dq1oVC8UGUtMMYWPoIY4 M79PL870zYimEs9jbhSMrjRVBd3lBttfrXYxC8Dbo2NWPK1X32lgPm+3O65wgbwo jLrNHod2aywbYZ1KyDypueK+HL00MKjo39TW9bDX70M0pMIQyNsKMzpALDCZIncy 9zydSxRv+8DUeGipknEC5z0kZh/rfKoa+6Ob02uA8i3APZxailaMWr7MyeJGNjLx q1ufE6d+CKQS4vBvyjeTDUxQ6Yahhb7HDqm8mXXM+jxwM7ksIhEaf8tmUwIDAQAB o4ICHTCCAhkwHQYDVR0OBBYEFDHJ/H36YdLxW3+cu+7KfKl/XL7kMB8GA1UdIwQY MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt YmE3NzFmZmQyNjljLzEvTWNuOGZmcGgwdkZiZjV5NzdzcDhxWDljdnVRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAeeLoAD BAWeLsADBAGeLvoDBAeyqwAwDQYJKoZIhvcNAQELBQADggEBAC4qENYDdrgkaAv+ 2aeXzwQASe6aEgkrxNb3MN1ksSmlUmLJU3I0yFE1xP36tXePjLNJ01raAScB68H2 hoJ8Sh9ncJKJRPZw6ABcfpK2ybN7+eSQ8uUXeG4uOsKLcZLclGCNzXSHDumnq0WM TGOFybFItTUSHV9W6GRz0INB8zXAMo0cL5ZlNkm69/N359zHMKSoLY0le9STaM3q JeoM0pSSQqNM/a2yPpiOD/jU24AuKalOgWUerGjKryq4DVeilexfrvvGKfI96w3R MXouRio3/8p5/EUCFor9Rw4Mayky5B//274ta1JMzCKMXlsJUONILinyZvW67JOW eIHHCgg= -----END CERTIFICATE-----Generated at Tue Jan 20 03:37:12 2026 by rpki-client