This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/mWZu0c3ccvwxHHlT9SVTQ6oiDK0.roa File: mWZu0c3ccvwxHHlT9SVTQ6oiDK0.roa (raw, json) Hash identifier: brqoqJsgc5iiFOBbdYvb+I1IyHssIw8FjziyxDUxro8= Subject key identifier: 99:66:6E:D1:CD:DC:72:FC:31:1C:79:53:F5:25:53:43:AA:22:0C:AD Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954 Certificate serial: 019B7E392694B36C1F111FBFD046D08D8868 Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/mWZu0c3ccvwxHHlT9SVTQ6oiDK0.roa Signing time: Fri 02 Jan 2026 10:20:33 +0000 ROA not before: Fri 02 Jan 2026 10:20:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62874 IP address blocks: 72.63.12.0/22 maxlen: 22 72.63.68.0/22 maxlen: 22 72.63.72.0/22 maxlen: 22 72.63.80.0/22 maxlen: 22 72.63.100.0/22 maxlen: 22 72.63.104.0/22 maxlen: 22 72.63.112.0/22 maxlen: 22 72.63.116.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 07:52:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:26:94:b3:6c:1f:11:1f:bf:d0:46:d0:8d:88:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954 Validity Not Before: Jan 2 10:20:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=99666ed1cddc72fc311c7953f5255343aa220cad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:93:43:81:5a:93:34:43:bd:3d:db:06:35:6e: a9:24:0f:32:a0:6b:80:5b:1c:35:ac:fb:21:3f:2a: 9f:a7:4d:d8:6c:99:34:ae:4f:ea:9e:76:d4:90:7c: e8:60:b8:d8:d7:58:ec:53:48:47:e4:37:8b:bc:d3: 32:6e:d0:cb:e3:ed:c7:14:b9:40:1d:3b:89:e7:c6: b7:75:9d:e5:d2:5b:ea:59:46:70:98:52:3a:d5:4b: be:a2:14:87:5f:e1:8f:a1:d2:46:e8:6d:a7:6e:96: 27:ca:ec:bd:69:33:b5:f2:1d:fd:ea:ca:4c:89:00: 28:9e:3b:d5:e4:ee:e1:b2:e0:f7:0c:dc:b5:af:56: 28:7d:63:34:44:77:9f:2f:e9:68:07:2f:b3:40:eb: c7:0d:97:5e:39:3e:1d:7c:99:8b:0a:b4:ea:c6:35: ab:ae:1f:58:c7:14:b8:17:c9:de:66:df:52:09:9a: f0:ea:da:1a:10:c1:1a:6e:88:5a:e7:63:ef:d9:95: d3:a1:c0:51:11:b8:f0:ad:15:15:80:8b:56:19:05: dc:b1:13:2b:b7:95:69:00:14:77:47:a8:74:3f:72: 1d:0f:27:62:7a:ec:5c:43:30:c1:e5:f9:f3:5f:8c: f9:f4:55:dc:80:33:13:23:d0:0a:86:66:4a:28:b8: 06:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:66:6E:D1:CD:DC:72:FC:31:1C:79:53:F5:25:53:43:AA:22:0C:AD X509v3 Authority Key Identifier: keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/mWZu0c3ccvwxHHlT9SVTQ6oiDK0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 72.63.12.0/22 72.63.68.0-72.63.75.255 72.63.80.0/22 72.63.100.0-72.63.107.255 72.63.112.0/21 Signature Algorithm: sha256WithRSAEncryption 32:fb:65:65:7d:a9:99:21:70:74:72:0c:8c:50:57:d1:c0:35: db:45:2c:a4:d6:45:50:65:50:5e:82:0e:d1:41:5b:0c:56:d2: f9:66:d3:6c:b5:a0:28:07:90:7a:94:cb:e4:bd:f7:d9:2e:1e: 53:db:34:b7:d1:3c:04:a0:62:9e:43:75:8b:aa:8d:11:7f:82: a2:bf:58:a7:82:e0:81:44:d0:71:dc:1f:4f:b4:7c:f8:05:62: 68:f2:b2:09:72:06:58:dd:90:e8:9b:0e:cc:08:cc:76:31:7d: ad:29:d4:55:b5:7b:81:43:4b:e4:e1:de:b2:38:91:69:a7:22: 80:10:75:c6:33:7c:b5:41:a5:43:e1:8e:b2:bf:43:10:30:25: b2:93:66:59:25:da:9d:ca:11:64:83:9d:8d:90:3e:eb:d0:55: 12:db:f1:db:93:d1:bc:a5:e1:90:9b:ad:37:9b:23:15:00:0e: 66:cb:58:91:32:c2:9b:b9:81:89:c8:4d:9e:a7:5a:1f:43:48: d5:32:bc:18:dd:46:a0:a6:ee:96:a0:ca:22:9f:01:9b:e2:ac: 68:6b:fc:f8:c9:4e:0e:9c:bd:a0:87:d9:81:38:e1:12:13:e2: ce:e2:c0:93:4d:dc:1c:e9:f6:09:43:13:db:2d:50:6d:95:dd: b1:90:5d:2e -----BEGIN CERTIFICATE----- MIIFJTCCBA2gAwIBAgISAZt+OSaUs2wfER+/0EbQjYhoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw Njc5NTQwHhcNMjYwMTAyMTAyMDMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5OTY2NmVkMWNkZGM3MmZjMzExYzc5NTNmNTI1NTM0M2FhMjIwY2FkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopNDgVqTNEO9PdsGNW6pJA8yoGuA Wxw1rPshPyqfp03YbJk0rk/qnnbUkHzoYLjY11jsU0hH5DeLvNMybtDL4+3HFLlA HTuJ58a3dZ3l0lvqWUZwmFI61Uu+ohSHX+GPodJG6G2nbpYnyuy9aTO18h396spM iQAonjvV5O7hsuD3DNy1r1YofWM0RHefL+loBy+zQOvHDZdeOT4dfJmLCrTqxjWr rh9YxxS4F8neZt9SCZrw6toaEMEaboha52Pv2ZXTocBREbjwrRUVgItWGQXcsRMr t5VpABR3R6h0P3IdDydieuxcQzDB5fnzX4z59FXcgDMTI9AKhmZKKLgGDQIDAQAB o4ICMTCCAi0wHQYDVR0OBBYEFJlmbtHN3HL8MRx5U/UlU0OqIgytMB8GA1UdIwQY MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt NmVhYzYyZTYwZGY3LzEvbVdadTBjM2Njdnd4SEhsVDlTVlRRNm9pREswLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3 LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQCSD8MMAwD BAJIP0QDBAJIP0gDBAJIP1AwDAMEAkg/ZAMEAkg/aAMEA0g/cDANBgkqhkiG9w0B AQsFAAOCAQEAMvtlZX2pmSFwdHIMjFBX0cA120UspNZFUGVQXoIO0UFbDFbS+WbT bLWgKAeQepTL5L332S4eU9s0t9E8BKBinkN1i6qNEX+Cor9Yp4LggUTQcdwfT7R8 +AViaPKyCXIGWN2Q6JsOzAjMdjF9rSnUVbV7gUNL5OHesjiRaacigBB1xjN8tUGl Q+GOsr9DEDAlspNmWSXancoRZIOdjZA+69BVEtvx25PRvKXhkJutN5sjFQAOZstY kTLCm7mBichNnqdaH0NI1TK8GN1GoKbulqDKIp8Bm+KsaGv8+MlODpy9oIfZgTjh EhPizuLAk03cHOn2CUMT2y1QbZXdsZBdLg== -----END CERTIFICATE-----Generated at Sun Jan 11 12:58:30 2026 by rpki-client