This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/Mkf2rSH1diXPBk3rHVELAYHG5WY.roa File: Mkf2rSH1diXPBk3rHVELAYHG5WY.roa (raw, json) Hash identifier: MaQFgIVqOzWA8r0BwrRIT5DFkrNw3PNjyZXELUAOTuU= Subject key identifier: 32:47:F6:AD:21:F5:76:25:CF:06:4D:EB:1D:51:0B:01:81:C6:E5:66 Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029 Certificate serial: 019B78A23A27FCA93FD55002171E21E46C81 Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/Mkf2rSH1diXPBk3rHVELAYHG5WY.roa Signing time: Thu 01 Jan 2026 08:17:36 +0000 ROA not before: Thu 01 Jan 2026 08:17:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3257 IP address blocks: 85.189.72.0/21 maxlen: 24 86.53.152.0/21 maxlen: 24 95.177.63.0/24 maxlen: 24 95.177.67.0/24 maxlen: 24 95.177.74.0/24 maxlen: 24 95.177.85.0/24 maxlen: 24 194.6.104.0/21 maxlen: 24 195.40.22.0/23 maxlen: 23 195.40.24.0/23 maxlen: 23 195.72.176.0/21 maxlen: 24 212.134.20.0/24 maxlen: 24 212.134.27.0/24 maxlen: 24 212.135.6.0/23 maxlen: 23 213.177.226.0/23 maxlen: 24 213.177.230.0/23 maxlen: 24 213.177.234.0/23 maxlen: 24 213.177.238.0/23 maxlen: 24 213.177.242.0/23 maxlen: 24 213.177.246.0/23 maxlen: 24 213.177.250.0/23 maxlen: 24 213.177.252.0/24 maxlen: 24 213.177.253.0/24 maxlen: 24 213.177.254.0/24 maxlen: 24 213.177.255.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 11:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:3a:27:fc:a9:3f:d5:50:02:17:1e:21:e4:6c:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7e20b034e2c497b1884488def106972704765029 Validity Not Before: Jan 1 08:17:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3247f6ad21f57625cf064deb1d510b0181c6e566 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:9d:09:82:f3:d8:f0:f2:66:32:3c:fb:47:47: 28:cc:45:95:c7:22:ff:ae:40:62:e6:46:a0:19:69: 24:3c:03:4c:d1:0e:a3:d3:86:73:41:ad:2d:b4:b4: fe:34:11:e2:7d:5a:8f:7f:5f:96:7a:f0:ca:1f:bb: 13:c0:64:ed:72:c4:b5:26:c5:dd:19:bb:33:fd:60: fe:e0:c9:45:5e:5b:ac:33:0e:34:12:a8:e1:8f:46: 14:39:14:13:22:3a:a7:71:60:e8:5a:54:ee:19:58: 8a:6c:87:64:16:28:33:52:e7:db:3a:38:52:e7:80: f3:76:2b:7b:ee:3b:b3:f0:c8:93:c0:d0:63:db:25: 08:75:90:ef:f9:7f:6f:2c:86:aa:10:58:49:26:ea: b5:5a:af:cb:65:66:85:16:25:64:5c:aa:3e:cd:4c: bd:28:6c:76:57:1d:67:af:04:98:43:10:96:0e:48: e8:7d:72:ef:90:69:9a:2b:bd:29:af:9e:30:d6:09: c6:c3:97:3f:11:bb:5b:01:0a:8a:f3:c9:92:a7:44: a2:0d:e0:c2:54:c5:7d:ad:89:16:76:3d:92:aa:24: 16:31:2a:cd:0c:9a:8b:f2:52:21:b5:df:fe:bf:aa: 80:3c:ea:18:01:27:42:05:4a:08:f4:41:13:1f:77: f5:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:47:F6:AD:21:F5:76:25:CF:06:4D:EB:1D:51:0B:01:81:C6:E5:66 X509v3 Authority Key Identifier: keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/Mkf2rSH1diXPBk3rHVELAYHG5WY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.189.72.0/21 86.53.152.0/21 95.177.63.0/24 95.177.67.0/24 95.177.74.0/24 95.177.85.0/24 194.6.104.0/21 195.40.22.0-195.40.25.255 195.72.176.0/21 212.134.20.0/24 212.134.27.0/24 212.135.6.0/23 213.177.226.0/23 213.177.230.0/23 213.177.234.0/23 213.177.238.0/23 213.177.242.0/23 213.177.246.0/23 213.177.250.0-213.177.255.255 Signature Algorithm: sha256WithRSAEncryption d4:62:a2:fd:ba:c4:0c:96:4f:31:b6:8a:78:83:73:71:4b:78: c7:1e:f5:56:12:6a:59:42:b0:18:73:d7:35:de:e8:a4:b1:b5: 68:a8:98:f1:95:a9:23:00:ba:84:93:b2:60:1a:bc:7c:8f:7d: b0:87:35:43:3d:68:30:17:67:95:49:ae:66:e3:d5:6d:86:17: d2:65:4b:05:df:28:2e:3d:ca:bb:b7:c0:8d:89:48:27:17:ff: fd:fe:ee:34:fc:a1:e7:db:60:9b:7c:31:45:d1:1a:3d:0f:ee: 44:30:c9:4e:9c:fb:25:cb:dc:27:27:80:a4:c0:96:93:64:09: 47:e9:11:df:5b:44:eb:3e:f5:67:60:13:b9:cf:fe:d9:5c:ea: 88:e7:32:2c:61:71:38:09:3b:4d:47:1a:af:10:38:7e:64:17: 40:1a:e7:58:db:4d:7a:0b:71:42:c1:34:ed:3c:d8:d5:31:da: 87:5e:1a:92:af:c1:98:8c:cb:f2:02:45:4e:5a:43:09:a6:43: 9a:f5:52:4a:df:ac:86:0b:22:a5:af:9d:dd:51:aa:04:0c:f4: de:8c:b5:9d:74:77:67:56:6f:0e:d2:f9:0a:9f:db:76:0e:04: ff:7e:39:01:98:0d:d6:0e:ee:8e:a7:37:71:6b:1d:06:a1:df: 02:ea:99:14 -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgISAZt4ojon/Kk/1VACFx4h5GyBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3 NjUwMjkwHhcNMjYwMTAxMDgxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMjQ3ZjZhZDIxZjU3NjI1Y2YwNjRkZWIxZDUxMGIwMTgxYzZlNTY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJ0JgvPY8PJmMjz7R0cozEWVxyL/ rkBi5kagGWkkPANM0Q6j04ZzQa0ttLT+NBHifVqPf1+WevDKH7sTwGTtcsS1JsXd Gbsz/WD+4MlFXlusMw40Eqjhj0YUORQTIjqncWDoWlTuGViKbIdkFigzUufbOjhS 54Dzdit77juz8MiTwNBj2yUIdZDv+X9vLIaqEFhJJuq1Wq/LZWaFFiVkXKo+zUy9 KGx2Vx1nrwSYQxCWDkjofXLvkGmaK70pr54w1gnGw5c/EbtbAQqK88mSp0SiDeDC VMV9rYkWdj2SqiQWMSrNDJqL8lIhtd/+v6qAPOoYASdCBUoI9EETH3f18QIDAQAB o4ICiTCCAoUwHQYDVR0OBBYEFDJH9q0h9XYlzwZN6x1RCwGBxuVmMB8GA1UdIwQY MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt MDM1ZDk3N2Y0MjE2LzEvTWtmMnJTSDFkaVhQQmszckhWRUxBWUhHNVdZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2 LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizCBiAQCAAEwgYEDBANV vUgDBANWNZgDBABfsT8DBABfsUMDBABfsUoDBABfsVUDBAPCBmgwDAMEAcMoFgME AcMoGAMEA8NIsAMEANSGFAMEANSGGwMEAdSHBgMEAdWx4gMEAdWx5gMEAdWx6gME AdWx7gMEAdWx8gMEAdWx9jALAwQB1bH6AwMB1bAwDQYJKoZIhvcNAQELBQADggEB ANRiov26xAyWTzG2iniDc3FLeMce9VYSallCsBhz1zXe6KSxtWiomPGVqSMAuoST smAavHyPfbCHNUM9aDAXZ5VJrmbj1W2GF9JlSwXfKC49yru3wI2JSCcX//3+7jT8 oefbYJt8MUXRGj0P7kQwyU6c+yXL3CcngKTAlpNkCUfpEd9bROs+9WdgE7nP/tlc 6ojnMixhcTgJO01HGq8QOH5kF0Aa51jbTXoLcULBNO082NUx2odeGpKvwZiMy/IC RU5aQwmmQ5r1UkrfrIYLIqWvnd1RqgQM9N6MtZ10d2dWbw7S+Qqf23YOBP9+OQGY DdYO7o6nN3FrHQah3wLqmRQ= -----END CERTIFICATE-----Generated at Fri Jan 2 16:24:29 2026 by rpki-client