This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/a0c9ac-3a47-4d6c-aa15-a42ec8776fbb/1/MpwIY7Ebi8bx833CV_5moln-CB0.roa File: MpwIY7Ebi8bx833CV_5moln-CB0.roa (raw, json) Hash identifier: IcPeEwSEZRPBHIQ02cGM6FjSpHotFVeRsIkfWF3fy2s= Subject key identifier: 32:9C:08:63:B1:1B:8B:C6:F1:F3:7D:C2:57:FE:66:A2:59:FE:08:1D Certificate issuer: /CN=7f3e0b27b8e4d798f92b9de157f1da5a43cd49e5 Certificate serial: 019B7A5B55630BDF96A8A0E8DD2D703E173E Authority key identifier: 7F:3E:0B:27:B8:E4:D7:98:F9:2B:9D:E1:57:F1:DA:5A:43:CD:49:E5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fz4LJ7jk15j5K53hV_HaWkPNSeU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/a0c9ac-3a47-4d6c-aa15-a42ec8776fbb/1/MpwIY7Ebi8bx833CV_5moln-CB0.roa Signing time: Thu 01 Jan 2026 16:19:24 +0000 ROA not before: Thu 01 Jan 2026 16:19:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208316 IP address blocks: 193.168.212.0/24 maxlen: 24 193.168.213.0/24 maxlen: 24 193.168.214.0/24 maxlen: 24 193.168.215.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/a0c9ac-3a47-4d6c-aa15-a42ec8776fbb/1/fz4LJ7jk15j5K53hV_HaWkPNSeU.crl rsync://rpki.ripe.net/repository/DEFAULT/5f/a0c9ac-3a47-4d6c-aa15-a42ec8776fbb/1/fz4LJ7jk15j5K53hV_HaWkPNSeU.mft rsync://rpki.ripe.net/repository/DEFAULT/fz4LJ7jk15j5K53hV_HaWkPNSeU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 11 Jan 2026 06:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:55:63:0b:df:96:a8:a0:e8:dd:2d:70:3e:17:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7f3e0b27b8e4d798f92b9de157f1da5a43cd49e5 Validity Not Before: Jan 1 16:19:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=329c0863b11b8bc6f1f37dc257fe66a259fe081d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:65:d5:77:45:0f:07:cb:41:d4:dc:cb:3a:e5: 8f:c5:bd:09:6b:52:af:7e:24:e8:72:29:49:ee:90: 4c:12:71:0f:53:cb:2c:2d:39:34:31:8a:06:72:a3: 73:50:c0:e0:da:00:ad:71:cb:d0:61:fe:e6:6e:79: 15:c6:58:39:e1:02:c7:e2:83:5e:8e:61:14:62:c2: 0b:bb:94:73:98:8b:29:2d:73:8e:92:de:37:a5:75: bc:e0:48:2e:3a:a1:5b:9d:42:77:a0:6e:15:54:ac: f7:e7:85:97:b4:54:74:47:a1:bf:5c:ab:07:6d:7a: 55:50:28:26:c8:26:3d:9f:91:26:85:3f:b4:98:a2: fe:1a:09:a3:d9:8c:ad:19:b4:f4:0e:59:11:92:00: b5:12:68:67:6f:55:14:29:fa:59:67:5e:6c:5b:12: f8:18:73:d1:6a:54:44:7d:1a:ee:a9:20:5d:b1:00: af:20:dd:cb:46:fd:24:1c:b2:9d:52:9c:b9:1c:69: 8f:84:15:36:71:a0:fe:34:75:fb:46:37:4b:57:ee: 85:b4:dc:a4:15:c8:11:0c:c3:bd:b9:2e:e4:e4:bc: b7:d4:ba:8a:3f:9e:0e:0e:b3:30:be:40:d3:9e:c0: 2d:72:90:44:01:2f:67:a4:9d:ce:9d:60:bb:9e:2e: 72:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:9C:08:63:B1:1B:8B:C6:F1:F3:7D:C2:57:FE:66:A2:59:FE:08:1D X509v3 Authority Key Identifier: keyid:7F:3E:0B:27:B8:E4:D7:98:F9:2B:9D:E1:57:F1:DA:5A:43:CD:49:E5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fz4LJ7jk15j5K53hV_HaWkPNSeU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a0c9ac-3a47-4d6c-aa15-a42ec8776fbb/1/MpwIY7Ebi8bx833CV_5moln-CB0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a0c9ac-3a47-4d6c-aa15-a42ec8776fbb/1/fz4LJ7jk15j5K53hV_HaWkPNSeU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.168.212.0/22 Signature Algorithm: sha256WithRSAEncryption 8a:bc:a6:3d:17:29:bf:19:ac:56:12:7a:c4:c2:b7:c6:eb:49: 8c:35:a6:2c:75:06:a4:5d:ca:41:d4:2a:9d:f0:21:da:06:ce: cf:d5:e1:84:c6:53:45:a6:86:ce:fc:db:5e:62:b7:db:35:58: ae:ce:2d:9c:e1:a4:85:89:bb:e3:ae:66:28:33:f6:b9:68:45: e3:c6:88:25:5f:80:05:8a:a6:ef:c7:10:f3:e5:78:42:aa:f6: 12:15:52:cd:27:fa:7f:41:d5:a1:cc:68:1f:dc:ee:09:c0:21: 9e:0e:ab:d0:41:35:4b:3f:92:9d:86:2b:98:cf:1e:fd:a2:45: 84:1a:51:7d:9e:36:0c:82:01:0d:48:41:0b:d2:2f:71:fa:21: 4d:95:7c:a6:c3:19:7a:ec:d1:c0:4e:60:1b:ad:59:62:79:1f: 9b:7f:ec:b3:59:7c:57:79:c9:d5:27:c8:e6:59:ac:a9:3f:c2: ab:18:94:5e:10:e1:42:c5:e6:db:1d:98:71:a8:bb:c4:7b:6e: d4:4b:74:a3:98:40:03:14:a4:e6:9f:84:5a:b6:f2:c3:76:c2: c3:6c:b5:74:9a:f7:b5:c7:ce:71:c7:3e:14:d5:aa:db:4c:1e: 2d:e6:65:a2:84:f6:c3:d9:26:f1:99:8a:59:73:3b:f9:e2:68: 83:80:2c:ad -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6W1VjC9+WqKDo3S1wPhc+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdmM2UwYjI3YjhlNGQ3OThmOTJiOWRlMTU3ZjFkYTVhNDNj ZDQ5ZTUwHhcNMjYwMTAxMTYxOTI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMjljMDg2M2IxMWI4YmM2ZjFmMzdkYzI1N2ZlNjZhMjU5ZmUwODFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6GXVd0UPB8tB1NzLOuWPxb0Ja1Kv fiTocilJ7pBMEnEPU8ssLTk0MYoGcqNzUMDg2gCtccvQYf7mbnkVxlg54QLH4oNe jmEUYsILu5RzmIspLXOOkt43pXW84EguOqFbnUJ3oG4VVKz354WXtFR0R6G/XKsH bXpVUCgmyCY9n5EmhT+0mKL+Ggmj2YytGbT0DlkRkgC1Emhnb1UUKfpZZ15sWxL4 GHPRalREfRruqSBdsQCvIN3LRv0kHLKdUpy5HGmPhBU2caD+NHX7RjdLV+6FtNyk FcgRDMO9uS7k5Ly31LqKP54ODrMwvkDTnsAtcpBEAS9npJ3OnWC7ni5y1QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFDKcCGOxG4vG8fN9wlf+ZqJZ/ggdMB8GA1UdIwQY MBaAFH8+Cye45NeY+Sud4Vfx2lpDzUnlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZno0TEo3amsxNWo1SzUzaFZfSGFXa1BOU2VVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hMGM5YWMtM2E0Ny00ZDZjLWFhMTUt YTQyZWM4Nzc2ZmJiLzEvTXB3SVk3RWJpOGJ4ODMzQ1ZfNW1vbG4tQ0IwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Zi9hMGM5YWMtM2E0Ny00ZDZjLWFhMTUtYTQyZWM4Nzc2ZmJi LzEvZno0TEo3amsxNWo1SzUzaFZfSGFXa1BOU2VVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwajUMA0G CSqGSIb3DQEBCwUAA4IBAQCKvKY9Fym/GaxWEnrEwrfG60mMNaYsdQakXcpB1Cqd 8CHaBs7P1eGExlNFpobO/NteYrfbNViuzi2c4aSFibvjrmYoM/a5aEXjxoglX4AF iqbvxxDz5XhCqvYSFVLNJ/p/QdWhzGgf3O4JwCGeDqvQQTVLP5KdhiuYzx79okWE GlF9njYMggENSEEL0i9x+iFNlXymwxl67NHATmAbrVlieR+bf+yzWXxXecnVJ8jm WaypP8KrGJReEOFCxebbHZhxqLvEe27US3SjmEADFKTmn4RatvLDdsLDbLV0mve1 x85xxz4U1arbTB4t5mWihPbD2SbxmYpZczv54miDgCyt -----END CERTIFICATE-----Generated at Sat Jan 10 14:04:18 2026 by rpki-client