This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/9c5cef-d4e4-44e1-abf5-bb48828c9f05/1/maZq56SMgB7nWqqF5eeF3G-X-7A.roa File: maZq56SMgB7nWqqF5eeF3G-X-7A.roa (raw, json) Hash identifier: xVS8tTvs0Q9QEIgJ9B2IqY6QH4qt+wpz/OCltyOVeVw= Subject key identifier: 99:A6:6A:E7:A4:8C:80:1E:E7:5A:AA:85:E5:E7:85:DC:6F:97:FB:B0 Certificate issuer: /CN=d9f90449509ebf9e3b0f42c1cdc22e3ef4007426 Certificate serial: 019B791041DAE6E666D58ED3CB12AE3F1885 Authority key identifier: D9:F9:04:49:50:9E:BF:9E:3B:0F:42:C1:CD:C2:2E:3E:F4:00:74:26 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fkESVCev547D0LBzcIuPvQAdCY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/9c5cef-d4e4-44e1-abf5-bb48828c9f05/1/maZq56SMgB7nWqqF5eeF3G-X-7A.roa Signing time: Thu 01 Jan 2026 10:17:47 +0000 ROA not before: Thu 01 Jan 2026 10:17:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206102 IP address blocks: 152.89.136.0/24 maxlen: 24 152.89.137.0/24 maxlen: 24 152.89.138.0/24 maxlen: 24 152.89.139.0/24 maxlen: 24 185.195.96.0/23 maxlen: 23 185.195.96.0/24 maxlen: 24 185.195.97.0/24 maxlen: 24 185.195.98.0/23 maxlen: 23 185.195.98.0/24 maxlen: 24 185.195.99.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/9c5cef-d4e4-44e1-abf5-bb48828c9f05/1/2fkESVCev547D0LBzcIuPvQAdCY.crl rsync://rpki.ripe.net/repository/DEFAULT/83/9c5cef-d4e4-44e1-abf5-bb48828c9f05/1/2fkESVCev547D0LBzcIuPvQAdCY.mft rsync://rpki.ripe.net/repository/DEFAULT/2fkESVCev547D0LBzcIuPvQAdCY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:41:da:e6:e6:66:d5:8e:d3:cb:12:ae:3f:18:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d9f90449509ebf9e3b0f42c1cdc22e3ef4007426 Validity Not Before: Jan 1 10:17:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=99a66ae7a48c801ee75aaa85e5e785dc6f97fbb0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:db:5e:81:a7:94:ac:d5:af:73:56:7c:08:43: 67:cc:55:9b:44:80:7c:87:c4:f4:5e:22:4a:a1:5f: 58:68:b9:ca:1e:59:39:db:2a:b2:11:1d:13:61:8c: 71:72:34:f4:e6:d6:4a:35:c3:2f:a3:fc:b7:ad:76: 60:9b:7a:19:8d:d6:24:c7:68:67:75:39:b5:9b:cc: c5:76:a9:41:0c:2f:a7:40:07:2b:47:cb:58:55:f7: 73:01:fc:a7:86:2a:59:87:63:cc:b9:65:8e:fd:3d: 73:32:c6:1c:01:c6:1e:9c:06:d3:a6:44:86:eb:3f: 19:8f:f6:81:e2:73:04:f0:31:90:1b:ff:08:75:5a: 00:77:be:a0:d7:af:5f:b1:df:c8:97:f0:13:21:40: 7e:57:21:6b:06:e2:9f:c1:75:24:a5:98:d8:be:09: 35:9b:80:25:08:dd:fc:c8:23:88:2b:da:6e:09:bd: f6:8c:a6:6f:74:76:2c:4f:e3:62:14:27:6f:fc:55: a7:96:05:f2:b6:73:18:a8:9c:67:89:2c:8e:2b:25: 73:0a:2d:e7:aa:eb:c3:ed:80:47:c2:5b:64:45:ef: 10:bb:b1:d8:25:b4:1c:ed:e7:98:c8:e8:d8:ad:6e: 89:87:c1:c0:1d:35:54:43:93:97:ea:3e:1e:10:cc: a6:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:A6:6A:E7:A4:8C:80:1E:E7:5A:AA:85:E5:E7:85:DC:6F:97:FB:B0 X509v3 Authority Key Identifier: keyid:D9:F9:04:49:50:9E:BF:9E:3B:0F:42:C1:CD:C2:2E:3E:F4:00:74:26 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fkESVCev547D0LBzcIuPvQAdCY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/9c5cef-d4e4-44e1-abf5-bb48828c9f05/1/maZq56SMgB7nWqqF5eeF3G-X-7A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/83/9c5cef-d4e4-44e1-abf5-bb48828c9f05/1/2fkESVCev547D0LBzcIuPvQAdCY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 152.89.136.0/22 185.195.96.0/22 Signature Algorithm: sha256WithRSAEncryption 91:32:c1:de:d6:ef:8d:99:49:31:bc:de:fb:03:4d:c0:cd:e3: df:77:ed:d5:df:b2:0c:9a:86:98:d9:7d:cc:c2:2c:7b:3f:2d: 42:52:9c:32:89:eb:1e:25:be:d3:db:a4:e8:5c:d2:5c:ca:74: ef:78:25:07:ff:e6:bb:c9:ec:8a:8c:be:f9:a0:78:80:7a:4c: d3:22:0a:87:b1:dd:35:46:1e:fd:65:ba:99:46:e3:0a:b6:b8: 65:a4:45:3a:be:64:37:1b:20:a5:99:2d:da:53:48:1b:58:6e: c4:09:13:5f:23:ce:a3:4d:51:b8:0f:fb:f6:ab:f5:38:d8:e0: 75:d2:87:5b:81:8a:93:64:21:e8:9e:49:ca:be:a6:2a:40:b7: b2:d3:b4:5b:b1:64:06:a9:80:2b:de:19:09:46:67:b7:27:6c: be:af:8a:cf:d0:79:2e:46:b3:61:9f:4a:37:3d:3e:68:79:bc: 14:8d:f1:99:fa:e0:1b:a2:f4:c4:ef:e9:5c:66:9f:02:c9:69: d2:dd:9f:6a:2f:b7:f4:86:74:60:f5:47:60:5a:63:63:88:46: c3:95:f6:c8:86:f7:82:a9:2d:1e:c4:d4:00:b2:1b:12:8d:75: ee:a0:1c:45:d9:be:84:11:95:ee:4a:25:ac:fd:ca:7a:ac:27: 6d:86:1d:dd -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5EEHa5uZm1Y7TyxKuPxiFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5ZjkwNDQ5NTA5ZWJmOWUzYjBmNDJjMWNkYzIyZTNlZjQw MDc0MjYwHhcNMjYwMTAxMTAxNzQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5OWE2NmFlN2E0OGM4MDFlZTc1YWFhODVlNWU3ODVkYzZmOTdmYmIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNtegaeUrNWvc1Z8CENnzFWbRIB8 h8T0XiJKoV9YaLnKHlk52yqyER0TYYxxcjT05tZKNcMvo/y3rXZgm3oZjdYkx2hn dTm1m8zFdqlBDC+nQAcrR8tYVfdzAfynhipZh2PMuWWO/T1zMsYcAcYenAbTpkSG 6z8Zj/aB4nME8DGQG/8IdVoAd76g169fsd/Il/ATIUB+VyFrBuKfwXUkpZjYvgk1 m4AlCN38yCOIK9puCb32jKZvdHYsT+NiFCdv/FWnlgXytnMYqJxniSyOKyVzCi3n quvD7YBHwltkRe8Qu7HYJbQc7eeYyOjYrW6Jh8HAHTVUQ5OX6j4eEMymGQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFJmmauekjIAe51qqheXnhdxvl/uwMB8GA1UdIwQY MBaAFNn5BElQnr+eOw9Cwc3CLj70AHQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmZrRVNWQ2V2NTQ3RDBMQnpjSXVQdlFBZENZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My85YzVjZWYtZDRlNC00NGUxLWFiZjUt YmI0ODgyOGM5ZjA1LzEvbWFacTU2U01nQjduV3FxRjVlZUYzRy1YLTdBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84My85YzVjZWYtZDRlNC00NGUxLWFiZjUtYmI0ODgyOGM5ZjA1 LzEvMmZrRVNWQ2V2NTQ3RDBMQnpjSXVQdlFBZENZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmFmIAwQC ucNgMA0GCSqGSIb3DQEBCwUAA4IBAQCRMsHe1u+NmUkxvN77A03AzePfd+3V37IM moaY2X3Mwix7Py1CUpwyieseJb7T26ToXNJcynTveCUH/+a7yeyKjL75oHiAekzT IgqHsd01Rh79ZbqZRuMKtrhlpEU6vmQ3GyClmS3aU0gbWG7ECRNfI86jTVG4D/v2 q/U42OB10odbgYqTZCHonknKvqYqQLey07RbsWQGqYAr3hkJRme3J2y+r4rP0Hku RrNhn0o3PT5oebwUjfGZ+uAbovTE7+lcZp8CyWnS3Z9qL7f0hnRg9UdgWmNjiEbD lfbIhveCqS0exNQAshsSjXXuoBxF2b6EEZXuSiWs/cp6rCdthh3d -----END CERTIFICATE-----Generated at Tue Jan 27 01:13:41 2026 by rpki-client