This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/f1af29-7f09-4f9c-acd6-694d78b32d20/1/msFdZet1jGf9Pxj7w6VmCeW1jMQ.roa File: msFdZet1jGf9Pxj7w6VmCeW1jMQ.roa (raw, json) Hash identifier: fyqpHHLV2QyOw8iBPdNynqjL383PMJfcyHqqNVPJBtE= Subject key identifier: 9A:C1:5D:65:EB:75:8C:67:FD:3F:18:FB:C3:A5:66:09:E5:B5:8C:C4 Certificate issuer: /CN=b1f713cf20552d6c5c23f09e7b37669846f9ca50 Certificate serial: 019B7F843705EB5AA9229A60512E816102DD Authority key identifier: B1:F7:13:CF:20:55:2D:6C:5C:23:F0:9E:7B:37:66:98:46:F9:CA:50 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sfcTzyBVLWxcI_CeezdmmEb5ylA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/f1af29-7f09-4f9c-acd6-694d78b32d20/1/msFdZet1jGf9Pxj7w6VmCeW1jMQ.roa Signing time: Fri 02 Jan 2026 16:22:09 +0000 ROA not before: Fri 02 Jan 2026 16:22:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199095 IP address blocks: 31.31.128.0/19 maxlen: 24 80.91.144.0/20 maxlen: 24 185.195.28.0/22 maxlen: 24 217.64.240.0/20 maxlen: 24 2a11:bfc0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/f1af29-7f09-4f9c-acd6-694d78b32d20/1/sfcTzyBVLWxcI_CeezdmmEb5ylA.crl rsync://rpki.ripe.net/repository/DEFAULT/7c/f1af29-7f09-4f9c-acd6-694d78b32d20/1/sfcTzyBVLWxcI_CeezdmmEb5ylA.mft rsync://rpki.ripe.net/repository/DEFAULT/sfcTzyBVLWxcI_CeezdmmEb5ylA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:37:05:eb:5a:a9:22:9a:60:51:2e:81:61:02:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b1f713cf20552d6c5c23f09e7b37669846f9ca50 Validity Not Before: Jan 2 16:22:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9ac15d65eb758c67fd3f18fbc3a56609e5b58cc4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:42:b5:c7:5d:4c:4f:5f:c2:cd:9c:a4:7e:08: 7a:d7:d7:fb:d3:d7:3d:b3:f8:9a:7e:e5:06:b5:7a: 79:90:81:e2:15:83:ed:42:9a:74:f6:c5:ac:e8:7a: 7c:0f:d4:f3:75:73:26:f1:69:7d:85:1f:ea:70:b3: 89:bd:02:7d:d9:0f:88:76:48:e5:19:d1:8d:b7:a1: bc:9e:5c:b4:b9:85:0a:cf:78:fb:85:4c:88:4c:fc: 8e:f9:ba:37:d9:9b:30:31:38:17:98:ab:9b:58:14: f5:09:96:44:c0:03:2c:3a:1f:11:42:36:89:88:80: 41:df:39:28:05:1a:f2:f0:1a:10:0e:20:61:d6:d5: 4a:20:98:dd:d4:be:bc:a5:2a:59:35:57:bb:d7:20: e3:6f:9b:21:0e:79:82:b2:5a:bd:a7:72:94:fb:45: 9b:8c:a8:7e:fb:c2:a6:ce:3b:9f:d5:d3:c4:22:e6: 5d:c9:21:bb:dd:28:b2:c8:dd:e9:8b:cf:36:66:4e: eb:4c:97:e4:13:28:45:02:7e:7a:82:bb:99:56:45: b8:e8:68:62:ba:7a:89:68:b2:9b:04:ae:0b:0d:41: c2:b8:94:ae:15:4b:74:9f:9d:86:8a:a3:11:1e:3d: 3c:50:70:fc:f1:d6:b1:5b:8b:a2:7e:2a:a2:f5:6b: dc:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:C1:5D:65:EB:75:8C:67:FD:3F:18:FB:C3:A5:66:09:E5:B5:8C:C4 X509v3 Authority Key Identifier: keyid:B1:F7:13:CF:20:55:2D:6C:5C:23:F0:9E:7B:37:66:98:46:F9:CA:50 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sfcTzyBVLWxcI_CeezdmmEb5ylA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f1af29-7f09-4f9c-acd6-694d78b32d20/1/msFdZet1jGf9Pxj7w6VmCeW1jMQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f1af29-7f09-4f9c-acd6-694d78b32d20/1/sfcTzyBVLWxcI_CeezdmmEb5ylA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.31.128.0/19 80.91.144.0/20 185.195.28.0/22 217.64.240.0/20 IPv6: 2a11:bfc0::/29 Signature Algorithm: sha256WithRSAEncryption 8c:4a:97:aa:03:d0:52:5b:a6:35:6e:50:e7:e5:f9:8b:2d:a0: 10:14:fd:18:6e:77:66:36:64:d9:e8:42:cb:ce:f3:46:18:c8: 3e:92:fc:a7:87:83:f2:c6:b6:bd:9b:87:81:a4:20:dd:a1:19: b6:26:c5:cb:be:0a:10:b5:9a:e5:07:5c:f4:68:c1:c8:35:a4: a6:b8:07:f2:e9:e0:3c:29:0c:33:4f:dc:ca:45:21:e0:4e:1b: 64:6b:19:d2:23:6a:d2:a8:74:fa:58:7b:af:00:6b:19:ec:03: 9c:03:88:33:b4:06:b2:8e:79:e1:b2:31:f6:f2:6b:d7:80:ea: 06:35:b6:62:94:c7:e5:c4:af:09:ae:37:45:6a:d6:34:b2:97: 08:e8:58:e5:2a:78:3c:07:db:29:d0:fa:78:40:fc:5c:71:88: 16:38:83:96:a5:f9:b0:c9:77:c8:f5:ef:74:ea:18:77:a5:48: fb:0b:6b:2f:01:92:73:6c:ef:d6:cc:f3:34:6f:66:5b:03:e6: d9:f8:da:0d:8b:0c:f0:0b:07:f4:fe:9e:0f:33:af:f4:2a:1a: 0a:d9:57:1a:73:fe:33:a5:db:ed:4a:55:b4:18:d8:a2:09:f9: 38:ab:e4:61:17:38:4e:02:33:33:6a:23:f1:67:26:af:68:58: 1d:1c:e3:bc -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt/hDcF61qpIppgUS6BYQLdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxZjcxM2NmMjA1NTJkNmM1YzIzZjA5ZTdiMzc2Njk4NDZm OWNhNTAwHhcNMjYwMTAyMTYyMjA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5YWMxNWQ2NWViNzU4YzY3ZmQzZjE4ZmJjM2E1NjYwOWU1YjU4Y2M0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEK1x11MT1/CzZykfgh619f709c9 s/iafuUGtXp5kIHiFYPtQpp09sWs6Hp8D9TzdXMm8Wl9hR/qcLOJvQJ92Q+Idkjl GdGNt6G8nly0uYUKz3j7hUyITPyO+bo32ZswMTgXmKubWBT1CZZEwAMsOh8RQjaJ iIBB3zkoBRry8BoQDiBh1tVKIJjd1L68pSpZNVe71yDjb5shDnmCslq9p3KU+0Wb jKh++8Kmzjuf1dPEIuZdySG73SiyyN3pi882Zk7rTJfkEyhFAn56gruZVkW46Ghi unqJaLKbBK4LDUHCuJSuFUt0n52GiqMRHj08UHD88daxW4uifiqi9WvctQIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFJrBXWXrdYxn/T8Y+8OlZgnltYzEMB8GA1UdIwQY MBaAFLH3E88gVS1sXCPwnns3ZphG+cpQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2ZjVHp5QlZMV3hjSV9DZWV6ZG1tRWI1eWxBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9mMWFmMjktN2YwOS00ZjljLWFjZDYt Njk0ZDc4YjMyZDIwLzEvbXNGZFpldDFqR2Y5UHhqN3c2Vm1DZVcxak1RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Yy9mMWFmMjktN2YwOS00ZjljLWFjZDYtNjk0ZDc4YjMyZDIw LzEvc2ZjVHp5QlZMV3hjSV9DZWV6ZG1tRWI1eWxBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFHx+AAwQE UFuQAwQCucMcAwQE2UDwMA0EAgACMAcDBQMqEb/AMA0GCSqGSIb3DQEBCwUAA4IB AQCMSpeqA9BSW6Y1blDn5fmLLaAQFP0YbndmNmTZ6ELLzvNGGMg+kvynh4Pyxra9 m4eBpCDdoRm2JsXLvgoQtZrlB1z0aMHINaSmuAfy6eA8KQwzT9zKRSHgThtkaxnS I2rSqHT6WHuvAGsZ7AOcA4gztAayjnnhsjH28mvXgOoGNbZilMflxK8JrjdFatY0 spcI6FjlKng8B9sp0Pp4QPxccYgWOIOWpfmwyXfI9e906hh3pUj7C2svAZJzbO/W zPM0b2ZbA+bZ+NoNiwzwCwf0/p4PM6/0KhoK2Vcac/4zpdvtSlW0GNiiCfk4q+Rh FzhOAjMzaiPxZyavaFgdHOO8 -----END CERTIFICATE-----Generated at Mon Jan 26 19:41:58 2026 by rpki-client