This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/MQkaYy80rlcF2zpg2yFpUgSAhhE.roa File: MQkaYy80rlcF2zpg2yFpUgSAhhE.roa (raw, json) Hash identifier: S21YGrGdqaF7674FFZMPM/sVGaBX3VNwBzrWaUE2Lqg= Subject key identifier: 31:09:1A:63:2F:34:AE:57:05:DB:3A:60:DB:21:69:52:04:80:86:11 Certificate issuer: /CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a Certificate serial: 019B78A352A7CBD24DBEE561B54FA0AED740 Authority key identifier: 3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/MQkaYy80rlcF2zpg2yFpUgSAhhE.roa Signing time: Thu 01 Jan 2026 08:18:47 +0000 ROA not before: Thu 01 Jan 2026 08:18:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211783 IP address blocks: 185.197.136.0/22 maxlen: 22 185.197.136.0/24 maxlen: 24 185.197.137.0/24 maxlen: 24 185.197.138.0/24 maxlen: 24 185.197.139.0/24 maxlen: 24 2a0a:7a40::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.crl rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:52:a7:cb:d2:4d:be:e5:61:b5:4f:a0:ae:d7:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a Validity Not Before: Jan 1 08:18:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=31091a632f34ae5705db3a60db21695204808611 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:b8:e2:69:d1:2a:a1:06:02:be:8a:e2:7d:d4: 1b:c7:ca:23:af:31:dc:e4:24:74:f5:1e:41:05:dc: a6:13:12:31:9e:34:3f:16:b7:ec:9a:22:62:bc:04: 62:5a:85:bd:a0:18:66:06:81:b8:bd:9a:5c:f3:65: 0c:a7:b5:4d:57:8b:56:ca:0c:f4:10:f1:f1:a4:14: 7d:46:44:2d:0d:e8:e0:07:6e:69:bb:ca:8e:a8:2b: 5d:21:9f:d6:a5:17:c6:57:2e:9d:6a:ed:04:c9:64: 6a:d1:a4:85:3c:62:98:bb:e8:de:06:77:9b:fa:cf: 46:c4:97:16:c2:17:35:ed:e3:49:0d:4c:a6:05:1a: 1b:9d:5d:5e:e5:e0:73:ee:91:31:9e:85:cc:d6:71: 0a:66:96:0d:a0:96:f7:00:81:85:5f:30:7e:4c:7c: 66:17:6f:7f:8b:22:83:36:c5:6d:88:09:4c:a3:58: 82:c5:93:6e:e9:41:3f:44:db:50:b5:6e:71:eb:57: 81:a5:24:68:a0:df:37:57:b6:85:f8:a8:07:8d:b4: c0:00:b0:e7:72:b0:25:0a:1c:52:a0:fc:c5:8a:a3: 30:8f:72:92:ae:0e:e6:69:db:7f:14:14:c1:c7:f7: b7:c1:ba:e0:04:c2:8f:4f:ab:bc:ac:90:bc:08:c4: 8c:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:09:1A:63:2F:34:AE:57:05:DB:3A:60:DB:21:69:52:04:80:86:11 X509v3 Authority Key Identifier: keyid:3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/MQkaYy80rlcF2zpg2yFpUgSAhhE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.197.136.0/22 IPv6: 2a0a:7a40::/29 Signature Algorithm: sha256WithRSAEncryption 0f:c3:21:a0:ee:a3:e1:38:84:d2:5e:d6:21:a8:db:59:50:98: 53:da:b7:12:8f:f1:ff:65:52:d0:23:f0:4f:ba:8e:bb:30:9c: 53:32:83:6d:c4:a7:ef:a9:03:fe:3a:92:d4:15:e7:51:41:3d: ed:02:3c:e0:bf:6e:1f:10:6b:96:8f:7d:d8:a1:de:3a:d8:f4: 0a:b5:aa:43:60:89:1e:8d:46:f0:fe:15:33:91:4b:26:53:a0: cf:ea:21:d8:46:4d:af:1e:7e:5d:f1:fe:39:91:4a:a8:9d:0a: c6:05:6f:78:0e:e2:13:9e:50:ee:60:50:21:44:68:2e:b9:3a: 1a:de:36:3e:16:ee:66:6e:d2:12:e5:c4:0e:65:d1:a4:7e:2e: a9:17:89:e2:df:17:89:c8:a3:a1:46:38:54:1b:94:f8:a3:af: 74:aa:20:2c:87:6b:3f:f6:84:3e:20:08:f5:1f:76:56:19:ff: 0e:f3:aa:20:8e:65:8a:b6:1e:96:7a:cf:e6:3b:9d:e9:73:f5: 76:fd:78:a7:d5:0a:23:28:e9:b1:2d:2c:df:f8:b3:c5:7a:b7: 5c:e6:44:9a:0c:9e:1d:5c:17:f4:c6:20:b7:8c:4d:e3:9d:82: 78:64:73:28:32:fc:08:41:52:c2:c6:8f:65:66:b7:59:6f:87: cd:97:15:b5 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt4o1Kny9JNvuVhtU+grtdAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhNDFiMTU1YWFiNmQxMjI5ZmQzNDhlYWEwM2QwZjc5MDNm MTI2N2EwHhcNMjYwMTAxMDgxODQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMTA5MWE2MzJmMzRhZTU3MDVkYjNhNjBkYjIxNjk1MjA0ODA4NjExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorjiadEqoQYCvorifdQbx8ojrzHc 5CR09R5BBdymExIxnjQ/FrfsmiJivARiWoW9oBhmBoG4vZpc82UMp7VNV4tWygz0 EPHxpBR9RkQtDejgB25pu8qOqCtdIZ/WpRfGVy6dau0EyWRq0aSFPGKYu+jeBneb +s9GxJcWwhc17eNJDUymBRobnV1e5eBz7pExnoXM1nEKZpYNoJb3AIGFXzB+THxm F29/iyKDNsVtiAlMo1iCxZNu6UE/RNtQtW5x61eBpSRooN83V7aF+KgHjbTAALDn crAlChxSoPzFiqMwj3KSrg7madt/FBTBx/e3wbrgBMKPT6u8rJC8CMSMTwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFDEJGmMvNK5XBds6YNshaVIEgIYRMB8GA1UdIwQY MBaAFDpBsVWqttEin9NI6qA9D3kD8SZ6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUt MmIzYjRjNzgwNDE5LzEvTVFrYVl5ODBybGNGMnpwZzJ5RnBVZ1NBaGhFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUtMmIzYjRjNzgwNDE5 LzEvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucWIMA0E AgACMAcDBQMqCnpAMA0GCSqGSIb3DQEBCwUAA4IBAQAPwyGg7qPhOITSXtYhqNtZ UJhT2rcSj/H/ZVLQI/BPuo67MJxTMoNtxKfvqQP+OpLUFedRQT3tAjzgv24fEGuW j33Yod462PQKtapDYIkejUbw/hUzkUsmU6DP6iHYRk2vHn5d8f45kUqonQrGBW94 DuITnlDuYFAhRGguuToa3jY+Fu5mbtIS5cQOZdGkfi6pF4ni3xeJyKOhRjhUG5T4 o690qiAsh2s/9oQ+IAj1H3ZWGf8O86ogjmWKth6Wes/mO53pc/V2/Xin1QojKOmx LSzf+LPFerdc5kSaDJ4dXBf0xiC3jE3jnYJ4ZHMoMvwIQVLCxo9lZrdZb4fNlxW1 -----END CERTIFICATE-----Generated at Mon Feb 9 20:10:16 2026 by rpki-client