This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/00816a-eedf-4190-bc33-3a02a242f444/1/CA-MzpWp9Dx3CrADIEvJQZw4E7E.roa File: CA-MzpWp9Dx3CrADIEvJQZw4E7E.roa (raw, json) Hash identifier: cFLJlMvt+zbdg7Xdn6mpst0pNhdveJ/oPmHZEhv3T5Y= Subject key identifier: 08:0F:8C:CE:95:A9:F4:3C:77:0A:B0:03:20:4B:C9:41:9C:38:13:B1 Certificate issuer: /CN=382528ab1cd1b6dc73c0b09b67d3e7e3584f363d Certificate serial: 019B7C807D2A8A744BA6F0D8035FC683EC8E Authority key identifier: 38:25:28:AB:1C:D1:B6:DC:73:C0:B0:9B:67:D3:E7:E3:58:4F:36:3D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCUoqxzRttxzwLCbZ9Pn41hPNj0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/00816a-eedf-4190-bc33-3a02a242f444/1/CA-MzpWp9Dx3CrADIEvJQZw4E7E.roa Signing time: Fri 02 Jan 2026 02:19:14 +0000 ROA not before: Fri 02 Jan 2026 02:19:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208484 IP address blocks: 5.145.184.0/21 maxlen: 21 185.116.248.0/22 maxlen: 22 2a04:64c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/00816a-eedf-4190-bc33-3a02a242f444/1/OCUoqxzRttxzwLCbZ9Pn41hPNj0.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/00816a-eedf-4190-bc33-3a02a242f444/1/OCUoqxzRttxzwLCbZ9Pn41hPNj0.mft rsync://rpki.ripe.net/repository/DEFAULT/OCUoqxzRttxzwLCbZ9Pn41hPNj0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:7d:2a:8a:74:4b:a6:f0:d8:03:5f:c6:83:ec:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=382528ab1cd1b6dc73c0b09b67d3e7e3584f363d Validity Not Before: Jan 2 02:19:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=080f8cce95a9f43c770ab003204bc9419c3813b1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:d8:14:58:ff:4a:d6:e4:0f:c0:fe:2d:28:f8: b5:23:8e:95:40:3a:22:94:94:05:d4:7d:c8:41:9b: d4:96:fa:0e:3e:54:48:cf:d1:4a:98:76:a5:1a:9b: d8:a9:b3:f5:f9:7c:3f:f6:7e:20:50:19:7e:ab:c6: d2:33:fb:ec:ee:96:54:2b:2b:a3:8d:db:2b:b5:1e: 17:42:ca:e8:cd:68:57:03:d2:47:bd:54:71:1d:ea: 4f:b1:74:a0:13:87:25:af:5b:9a:61:de:d0:7c:b1: 82:25:5d:0f:b0:1e:8f:61:03:1d:45:be:9c:9c:70: 59:74:1d:37:fa:d0:5d:c0:9e:15:06:ff:49:ec:da: 7e:a9:7c:ea:dd:ce:22:b7:af:6f:a0:b8:71:ef:9a: 25:1c:60:a4:31:4a:ff:22:ef:c1:0f:6e:9b:2e:ac: 41:9e:8e:1d:72:a9:d8:04:01:6d:85:38:52:b7:38: 08:17:a4:44:99:72:3c:20:4d:ff:2c:b8:b4:c8:32: 16:91:81:27:9f:bb:96:7b:ea:ce:6f:bc:1e:c4:8d: 24:c7:17:dc:84:27:5a:8e:17:26:88:3a:95:7f:2d: cb:ed:4a:dc:e4:6b:70:0b:93:bf:bd:e3:5d:77:a5: b0:d1:9d:bb:aa:dd:64:bc:72:99:65:09:d0:15:6f: 60:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:0F:8C:CE:95:A9:F4:3C:77:0A:B0:03:20:4B:C9:41:9C:38:13:B1 X509v3 Authority Key Identifier: keyid:38:25:28:AB:1C:D1:B6:DC:73:C0:B0:9B:67:D3:E7:E3:58:4F:36:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCUoqxzRttxzwLCbZ9Pn41hPNj0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/00816a-eedf-4190-bc33-3a02a242f444/1/CA-MzpWp9Dx3CrADIEvJQZw4E7E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/00816a-eedf-4190-bc33-3a02a242f444/1/OCUoqxzRttxzwLCbZ9Pn41hPNj0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.145.184.0/21 185.116.248.0/22 IPv6: 2a04:64c0::/29 Signature Algorithm: sha256WithRSAEncryption 25:2c:cc:0a:00:9e:1a:f1:51:1c:10:58:f6:19:a3:f9:f9:99: 63:13:16:38:25:85:41:59:c4:8f:8d:1a:17:a0:9f:c6:fe:ff: 11:e8:f7:81:43:6f:2d:8a:d6:46:f0:42:d6:94:5d:9e:ee:78: 38:87:45:66:62:5e:39:37:7c:18:c3:97:bf:68:d3:cd:ba:e8: 6d:fa:20:b6:df:26:e7:23:40:6a:79:e2:cb:a6:f2:b1:48:49: 86:48:b6:1f:bf:3d:17:15:ab:72:2d:26:8a:f9:86:58:b7:78: 64:62:55:40:fe:b2:6a:d2:24:41:8a:5f:ea:ce:13:d6:fa:3f: f2:99:cc:ba:17:34:22:a8:16:ca:f2:af:13:2c:c4:d3:f0:11: 77:90:d6:31:a9:68:26:66:7c:ae:a3:26:24:ea:24:ab:fb:e8: 7f:3e:4f:c3:da:3c:0d:83:59:9f:81:78:b5:83:f0:98:d7:34: dd:ba:48:d5:d9:12:a8:b0:5a:3c:6c:19:da:64:20:03:cb:a7: 1c:7c:74:52:67:2b:24:3e:0b:3b:56:01:49:56:5e:4e:cd:0c: 8e:8c:c2:f4:c1:1a:6c:fe:fb:ff:94:62:d8:7e:bf:24:19:5a: 35:c7:a0:02:94:1d:05:b8:ef:b1:cd:52:a4:d6:d2:25:5c:49: e2:51:32:09 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt8gH0qinRLpvDYA1/Gg+yOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4MjUyOGFiMWNkMWI2ZGM3M2MwYjA5YjY3ZDNlN2UzNTg0 ZjM2M2QwHhcNMjYwMTAyMDIxOTE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwODBmOGNjZTk1YTlmNDNjNzcwYWIwMDMyMDRiYzk0MTljMzgxM2IxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9gUWP9K1uQPwP4tKPi1I46VQDoi lJQF1H3IQZvUlvoOPlRIz9FKmHalGpvYqbP1+Xw/9n4gUBl+q8bSM/vs7pZUKyuj jdsrtR4XQsrozWhXA9JHvVRxHepPsXSgE4clr1uaYd7QfLGCJV0PsB6PYQMdRb6c nHBZdB03+tBdwJ4VBv9J7Np+qXzq3c4it69voLhx75olHGCkMUr/Iu/BD26bLqxB no4dcqnYBAFthThStzgIF6REmXI8IE3/LLi0yDIWkYEnn7uWe+rOb7wexI0kxxfc hCdajhcmiDqVfy3L7Urc5GtwC5O/veNdd6Ww0Z27qt1kvHKZZQnQFW9gcQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFAgPjM6VqfQ8dwqwAyBLyUGcOBOxMB8GA1UdIwQY MBaAFDglKKsc0bbcc8Cwm2fT5+NYTzY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0NVb3F4elJ0dHh6d0xDYlo5UG40MWhQTmowLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8wMDgxNmEtZWVkZi00MTkwLWJjMzMt M2EwMmEyNDJmNDQ0LzEvQ0EtTXpwV3A5RHgzQ3JBRElFdkpRWnc0RTdFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS8wMDgxNmEtZWVkZi00MTkwLWJjMzMtM2EwMmEyNDJmNDQ0 LzEvT0NVb3F4elJ0dHh6d0xDYlo5UG40MWhQTmowLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBZG4AwQC uXT4MA0EAgACMAcDBQMqBGTAMA0GCSqGSIb3DQEBCwUAA4IBAQAlLMwKAJ4a8VEc EFj2GaP5+ZljExY4JYVBWcSPjRoXoJ/G/v8R6PeBQ28titZG8ELWlF2e7ng4h0Vm Yl45N3wYw5e/aNPNuuht+iC23ybnI0BqeeLLpvKxSEmGSLYfvz0XFatyLSaK+YZY t3hkYlVA/rJq0iRBil/qzhPW+j/ymcy6FzQiqBbK8q8TLMTT8BF3kNYxqWgmZnyu oyYk6iSr++h/Pk/D2jwNg1mfgXi1g/CY1zTdukjV2RKosFo8bBnaZCADy6ccfHRS ZyskPgs7VgFJVl5OzQyOjML0wRps/vv/lGLYfr8kGVo1x6AClB0FuO+xzVKk1tIl XEniUTIJ -----END CERTIFICATE-----Generated at Mon Feb 9 19:40:24 2026 by rpki-client