This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/MbxVurKYN8xqBXt4GCcNgnfIuiY.roa File: MbxVurKYN8xqBXt4GCcNgnfIuiY.roa (raw, json) Hash identifier: x3GDjgwgD1RnHIS+Ztov3aWczXJrFL3jnbKHq3Hp8xY= Subject key identifier: 31:BC:55:BA:B2:98:37:CC:6A:05:7B:78:18:27:0D:82:77:C8:BA:26 Certificate issuer: /CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49 Certificate serial: 019B7A5B42B06DEF84D71199A7CC11935978 Authority key identifier: DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/MbxVurKYN8xqBXt4GCcNgnfIuiY.roa Signing time: Thu 01 Jan 2026 16:19:19 +0000 ROA not before: Thu 01 Jan 2026 16:19:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 61159 IP address blocks: 91.223.19.0/24 maxlen: 24 185.158.208.0/22 maxlen: 24 194.110.204.0/24 maxlen: 24 195.234.112.0/22 maxlen: 24 2a02:2278:ff00::/40 maxlen: 56 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/3R2uzTCut0ZSu92l2tlnbOSIqkk.crl rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/3R2uzTCut0ZSu92l2tlnbOSIqkk.mft rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:42:b0:6d:ef:84:d7:11:99:a7:cc:11:93:59:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49 Validity Not Before: Jan 1 16:19:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=31bc55bab29837cc6a057b7818270d8277c8ba26 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:cc:1b:18:e9:3f:f4:01:85:87:7c:51:7a:9d: 7f:9e:e7:24:ec:24:28:e1:9b:dd:19:e1:5a:c0:a8: ae:46:a4:f0:a3:03:54:69:8d:32:71:d3:6a:38:41: f2:0c:88:bc:3c:e5:cf:68:df:58:bd:25:5f:17:9a: 34:72:9b:c6:88:00:16:97:83:a2:25:d0:34:fc:55: f6:e5:d8:ae:1e:ec:d0:a9:6d:41:d9:4a:94:af:f7: 6c:da:aa:ea:53:0e:48:8a:10:e1:73:f7:ef:a4:88: 54:0a:4e:4e:68:ac:3a:20:53:5a:6a:8a:2a:c3:c8: 9b:3e:5d:12:34:4b:16:37:ca:57:dc:0a:ad:d1:bf: 66:80:b2:98:33:54:4e:15:e3:e3:63:2d:27:b6:04: 46:f0:dd:30:1e:f8:fd:bb:86:d6:63:82:53:4a:24: 68:98:d9:08:72:5f:bd:4e:4c:ac:cd:4d:b8:36:31: 09:40:97:2a:ce:cb:e2:05:f6:88:1b:e3:a7:82:16: e7:12:02:6a:1e:64:90:82:6e:eb:cf:8f:80:4c:3e: ed:02:38:19:42:f4:bf:58:74:88:9a:e7:55:41:db: 02:0c:a1:fc:1b:e2:d4:81:ed:b5:79:03:89:20:d1: c5:a7:d5:a9:ff:95:fe:48:ba:42:ad:94:64:8a:cc: 37:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:BC:55:BA:B2:98:37:CC:6A:05:7B:78:18:27:0D:82:77:C8:BA:26 X509v3 Authority Key Identifier: keyid:DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/MbxVurKYN8xqBXt4GCcNgnfIuiY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/3R2uzTCut0ZSu92l2tlnbOSIqkk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.223.19.0/24 185.158.208.0/22 194.110.204.0/24 195.234.112.0/22 IPv6: 2a02:2278:ff00::/40 Signature Algorithm: sha256WithRSAEncryption 0c:38:26:66:62:36:fc:47:1f:ec:01:8a:f6:37:9d:99:c8:00: ea:90:ec:4f:77:7b:17:0c:a3:48:17:e3:af:f6:21:97:89:00: 63:49:21:7c:07:00:39:f6:68:9d:bc:a4:05:f2:41:66:40:cc: 36:3d:16:2d:c2:b5:1d:45:b9:28:57:34:7e:eb:34:d5:1a:f8: b7:39:ae:06:39:0b:4c:d9:a6:97:92:5b:0a:bf:3c:32:25:f2: ca:07:15:87:00:4d:13:9e:f6:b5:dd:bb:1b:87:52:33:7b:f1: 9c:f5:1a:b1:8b:4a:03:38:58:89:33:43:67:79:0b:55:33:1c: c3:58:4c:42:b6:a2:ad:9b:2a:3b:88:65:83:82:20:3a:2a:b0: 4d:e1:37:5c:98:e8:06:7c:74:7f:4d:69:19:b0:2f:34:e6:d1: c2:57:3d:80:d8:68:0a:90:46:ed:97:2f:b5:c7:a8:51:4d:34: f5:d2:a1:0f:1f:15:8e:f4:66:e0:bc:ed:43:a8:f4:bf:20:1c: 32:aa:77:9c:9e:b5:08:8d:ce:fb:d6:7d:ed:f3:b8:a7:ba:4d: 9d:18:19:83:9d:77:c6:14:b2:58:bc:b8:cc:dd:db:c1:68:64: 7d:e5:63:70:fa:f4:e5:4f:0a:55:21:c9:23:7e:e4:95:49:d7: 93:77:2e:65 -----BEGIN CERTIFICATE----- MIIFHzCCBAegAwIBAgISAZt6W0Kwbe+E1xGZp8wRk1l4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkMWRhZWNkMzBhZWI3NDY1MmJiZGRhNWRhZDk2NzZjZTQ4 OGFhNDkwHhcNMjYwMTAxMTYxOTE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMWJjNTViYWIyOTgzN2NjNmEwNTdiNzgxODI3MGQ4Mjc3YzhiYTI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqswbGOk/9AGFh3xRep1/nuck7CQo 4ZvdGeFawKiuRqTwowNUaY0ycdNqOEHyDIi8POXPaN9YvSVfF5o0cpvGiAAWl4Oi JdA0/FX25diuHuzQqW1B2UqUr/ds2qrqUw5IihDhc/fvpIhUCk5OaKw6IFNaaooq w8ibPl0SNEsWN8pX3Aqt0b9mgLKYM1ROFePjYy0ntgRG8N0wHvj9u4bWY4JTSiRo mNkIcl+9TkyszU24NjEJQJcqzsviBfaIG+OnghbnEgJqHmSQgm7rz4+ATD7tAjgZ QvS/WHSImudVQdsCDKH8G+LUge21eQOJINHFp9Wp/5X+SLpCrZRkisw3bQIDAQAB o4ICKzCCAicwHQYDVR0OBBYEFDG8VbqymDfMagV7eBgnDYJ3yLomMB8GA1UdIwQY MBaAFN0drs0wrrdGUrvdpdrZZ2zkiKpJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTct MDYwYWMwODkwOTY2LzEvTWJ4VnVyS1lOOHhxQlh0NEdDY05nbmZJdWlZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTctMDYwYWMwODkwOTY2 LzEvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQAW98TAwQC uZ7QAwQAwm7MAwQCw+pwMA4EAgACMAgDBgAqAiJ4/zANBgkqhkiG9w0BAQsFAAOC AQEADDgmZmI2/Ecf7AGK9jedmcgA6pDsT3d7FwyjSBfjr/Yhl4kAY0khfAcAOfZo nbykBfJBZkDMNj0WLcK1HUW5KFc0fus01Rr4tzmuBjkLTNmml5JbCr88MiXyygcV hwBNE572td27G4dSM3vxnPUasYtKAzhYiTNDZ3kLVTMcw1hMQrairZsqO4hlg4Ig OiqwTeE3XJjoBnx0f01pGbAvNObRwlc9gNhoCpBG7ZcvtceoUU009dKhDx8VjvRm 4LztQ6j0vyAcMqp3nJ61CI3O+9Z97fO4p7pNnRgZg513xhSyWLy4zN3bwWhkfeVj cPr05U8KVSHJI37klUnXk3cuZQ== -----END CERTIFICATE-----Generated at Tue Feb 10 07:11:47 2026 by rpki-client