This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/db41c9-e8a0-4f90-a0d5-887509c4602a/1/mhN_hNZ1j8lwPoNsrGHb44SIv-s.roa File: mhN_hNZ1j8lwPoNsrGHb44SIv-s.roa (raw, json) Hash identifier: hJkkP4O0XxAi785LCkE7R27Ypx1r454excqvJY+K/QE= Subject key identifier: 9A:13:7F:84:D6:75:8F:C9:70:3E:83:6C:AC:61:DB:E3:84:88:BF:EB Certificate issuer: /CN=cab8b8da9ccd4d261b72ada034a0875665a64487 Certificate serial: 019B7910CD5BBD210D3A42CF04A6A7983EC2 Authority key identifier: CA:B8:B8:DA:9C:CD:4D:26:1B:72:AD:A0:34:A0:87:56:65:A6:44:87 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yri42pzNTSYbcq2gNKCHVmWmRIc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/db41c9-e8a0-4f90-a0d5-887509c4602a/1/mhN_hNZ1j8lwPoNsrGHb44SIv-s.roa Signing time: Thu 01 Jan 2026 10:18:22 +0000 ROA not before: Thu 01 Jan 2026 10:18:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209492 IP address blocks: 81.172.60.0/22 maxlen: 24 171.22.84.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/db41c9-e8a0-4f90-a0d5-887509c4602a/1/yri42pzNTSYbcq2gNKCHVmWmRIc.crl rsync://rpki.ripe.net/repository/DEFAULT/9c/db41c9-e8a0-4f90-a0d5-887509c4602a/1/yri42pzNTSYbcq2gNKCHVmWmRIc.mft rsync://rpki.ripe.net/repository/DEFAULT/yri42pzNTSYbcq2gNKCHVmWmRIc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 22:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:cd:5b:bd:21:0d:3a:42:cf:04:a6:a7:98:3e:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cab8b8da9ccd4d261b72ada034a0875665a64487 Validity Not Before: Jan 1 10:18:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9a137f84d6758fc9703e836cac61dbe38488bfeb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:5f:44:04:73:1f:27:51:0e:b0:fa:d6:4d:6c: e2:a2:f9:5a:fe:ad:8d:81:0e:70:e5:28:e6:b1:52: 64:5a:69:66:e7:a2:83:e3:e8:0f:11:cb:ca:58:c7: ab:1e:38:9a:fe:78:e2:c8:dd:67:42:12:24:6e:7c: 2d:a7:83:bd:a3:19:97:3c:8c:e3:97:98:de:65:01: af:36:41:bd:e7:be:e6:ef:9c:15:13:f1:20:93:da: c7:f8:00:d0:b1:bc:ec:0b:4c:66:af:88:3a:5c:94: 1c:0d:3e:c2:d1:f9:6b:f8:8f:95:cb:f2:fd:23:90: b8:cb:c4:11:85:26:ef:03:a7:25:a0:f2:2e:6d:83: 96:2c:1e:3c:c8:d6:ac:5d:34:96:ee:1d:67:80:cf: 1a:84:bd:47:91:f2:ae:56:85:b8:10:9e:6f:a5:22: 0a:45:06:f9:9a:e0:20:78:4f:a3:46:1c:ca:fc:ba: 95:1b:29:d8:f2:38:be:e8:dc:44:b5:bb:28:4b:4f: 08:39:5b:72:96:0a:49:e3:fd:f4:e9:0b:8a:22:68: 99:b2:27:8a:e4:87:f2:50:2f:e7:66:d6:89:43:19: 52:a0:e2:ec:dc:75:b3:dc:84:02:5e:3a:32:c2:7b: fc:f4:fd:b5:cd:53:77:48:ff:bc:8e:88:c4:9c:c8: 5e:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:13:7F:84:D6:75:8F:C9:70:3E:83:6C:AC:61:DB:E3:84:88:BF:EB X509v3 Authority Key Identifier: keyid:CA:B8:B8:DA:9C:CD:4D:26:1B:72:AD:A0:34:A0:87:56:65:A6:44:87 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yri42pzNTSYbcq2gNKCHVmWmRIc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/db41c9-e8a0-4f90-a0d5-887509c4602a/1/mhN_hNZ1j8lwPoNsrGHb44SIv-s.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/db41c9-e8a0-4f90-a0d5-887509c4602a/1/yri42pzNTSYbcq2gNKCHVmWmRIc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.172.60.0/22 171.22.84.0/22 Signature Algorithm: sha256WithRSAEncryption 38:91:3f:b8:91:bd:bc:89:c8:e1:e5:67:a5:14:ba:b0:6f:94: 42:67:0d:69:73:54:50:52:8d:0c:5f:85:f9:9b:31:a8:56:7b: 2b:1c:43:dc:fc:90:4e:f7:aa:5d:0b:79:97:13:84:a5:b6:58: fd:18:60:44:19:75:46:84:bc:f1:ce:ff:e2:f2:e4:43:d4:93: 74:07:eb:d9:5e:56:c6:a2:3e:de:98:5e:ee:9e:70:73:07:3f: d2:0d:56:4b:88:1e:21:55:d7:cc:09:0f:e6:cd:53:63:25:c0: 2b:e1:2f:ca:40:93:3c:00:b6:7e:03:6e:48:ed:fc:fa:51:59: 1f:c2:a0:10:c9:8f:b2:a9:c5:60:d7:4c:f1:ac:00:8c:33:a8: 46:1d:fc:a7:37:17:cd:d9:49:ba:f3:2f:59:ff:b9:83:64:45: b3:e2:e6:1e:f6:f6:32:be:e3:01:f2:a1:d2:4b:d7:1d:4a:84: 08:80:91:30:63:6f:33:3e:e9:43:47:36:8f:db:a4:dc:cb:09: a9:e9:2b:1f:f3:34:5b:d3:3c:df:23:63:29:50:6a:75:50:e5: b5:02:e0:b0:17:e6:d0:2a:48:f1:cf:9c:b2:14:9c:e2:03:fd: f0:eb:c9:25:a4:1e:2e:74:c5:ed:f1:72:6c:6a:d1:bf:95:04: fb:09:19:4f -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5EM1bvSENOkLPBKanmD7CMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhYjhiOGRhOWNjZDRkMjYxYjcyYWRhMDM0YTA4NzU2NjVh NjQ0ODcwHhcNMjYwMTAxMTAxODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5YTEzN2Y4NGQ2NzU4ZmM5NzAzZTgzNmNhYzYxZGJlMzg0ODhiZmViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1V9EBHMfJ1EOsPrWTWziovla/q2N gQ5w5SjmsVJkWmlm56KD4+gPEcvKWMerHjia/njiyN1nQhIkbnwtp4O9oxmXPIzj l5jeZQGvNkG9577m75wVE/Egk9rH+ADQsbzsC0xmr4g6XJQcDT7C0flr+I+Vy/L9 I5C4y8QRhSbvA6cloPIubYOWLB48yNasXTSW7h1ngM8ahL1HkfKuVoW4EJ5vpSIK RQb5muAgeE+jRhzK/LqVGynY8ji+6NxEtbsoS08IOVtylgpJ4/306QuKImiZsieK 5IfyUC/nZtaJQxlSoOLs3HWz3IQCXjoywnv89P21zVN3SP+8jojEnMhenQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFJoTf4TWdY/JcD6DbKxh2+OEiL/rMB8GA1UdIwQY MBaAFMq4uNqczU0mG3KtoDSgh1ZlpkSHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveXJpNDJwek5UU1liY3EyZ05LQ0hWbVdtUkljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9kYjQxYzktZThhMC00ZjkwLWEwZDUt ODg3NTA5YzQ2MDJhLzEvbWhOX2hOWjFqOGx3UG9Oc3JHSGI0NFNJdi1zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yy9kYjQxYzktZThhMC00ZjkwLWEwZDUtODg3NTA5YzQ2MDJh LzEveXJpNDJwek5UU1liY3EyZ05LQ0hWbVdtUkljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCUaw8AwQC qxZUMA0GCSqGSIb3DQEBCwUAA4IBAQA4kT+4kb28icjh5WelFLqwb5RCZw1pc1RQ Uo0MX4X5mzGoVnsrHEPc/JBO96pdC3mXE4Sltlj9GGBEGXVGhLzxzv/i8uRD1JN0 B+vZXlbGoj7emF7unnBzBz/SDVZLiB4hVdfMCQ/mzVNjJcAr4S/KQJM8ALZ+A25I 7fz6UVkfwqAQyY+yqcVg10zxrACMM6hGHfynNxfN2Um68y9Z/7mDZEWz4uYe9vYy vuMB8qHSS9cdSoQIgJEwY28zPulDRzaP26Tcywmp6Ssf8zRb0zzfI2MpUGp1UOW1 AuCwF+bQKkjxz5yyFJziA/3w68klpB4udMXt8XJsatG/lQT7CRlP -----END CERTIFICATE-----Generated at Wed Jan 21 04:57:51 2026 by rpki-client