This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/1d7f08-e77c-4338-9a39-8e19c0db86c2/1/MkZDnhBWSDVFNPdTIbLySY13AZo.roa File: MkZDnhBWSDVFNPdTIbLySY13AZo.roa (raw, json) Hash identifier: G0tZaVek6hHuGJJA8eubBZEIhMXdNUS6nfdqgnLslHA= Subject key identifier: 32:46:43:9E:10:56:48:35:45:34:F7:53:21:B2:F2:49:8D:77:01:9A Certificate issuer: /CN=239572ddfcab6291e6410ccd4e860ee36000e668 Certificate serial: 019B7FF26F7D335ED401657F7FBDBC3D5054 Authority key identifier: 23:95:72:DD:FC:AB:62:91:E6:41:0C:CD:4E:86:0E:E3:60:00:E6:68 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I5Vy3fyrYpHmQQzNToYO42AA5mg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/1d7f08-e77c-4338-9a39-8e19c0db86c2/1/MkZDnhBWSDVFNPdTIbLySY13AZo.roa Signing time: Fri 02 Jan 2026 18:22:33 +0000 ROA not before: Fri 02 Jan 2026 18:22:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201225 IP address blocks: 109.232.160.0/24 maxlen: 24 109.232.161.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/1d7f08-e77c-4338-9a39-8e19c0db86c2/1/I5Vy3fyrYpHmQQzNToYO42AA5mg.crl rsync://rpki.ripe.net/repository/DEFAULT/a4/1d7f08-e77c-4338-9a39-8e19c0db86c2/1/I5Vy3fyrYpHmQQzNToYO42AA5mg.mft rsync://rpki.ripe.net/repository/DEFAULT/I5Vy3fyrYpHmQQzNToYO42AA5mg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:6f:7d:33:5e:d4:01:65:7f:7f:bd:bc:3d:50:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=239572ddfcab6291e6410ccd4e860ee36000e668 Validity Not Before: Jan 2 18:22:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3246439e105648354534f75321b2f2498d77019a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:58:0e:a8:02:20:89:c1:88:b7:00:8e:e3:09: a0:71:1a:95:34:fa:25:95:c2:71:14:ae:a6:cf:1e: 7b:81:1a:b1:75:5e:11:fc:ae:2e:f9:e8:af:5d:7a: 7a:33:5a:52:6d:c5:e0:51:57:d1:4f:59:8e:36:3b: 3e:3f:75:1c:5f:05:04:2c:5d:7d:92:f5:bd:f2:12: 51:b2:42:d1:6c:16:aa:44:7b:2a:2d:0d:ac:b9:44: 5e:f1:cd:0c:d5:01:57:d8:2e:0b:60:e6:42:94:29: b9:66:11:7f:58:29:d3:9b:60:a0:15:c5:df:ca:33: 53:8d:d3:e6:ee:1a:80:51:c5:76:bb:d9:3c:a3:43: 07:19:7c:73:51:9e:1c:99:6d:c1:5b:72:a5:53:f2: 15:eb:9c:f3:7c:d4:b8:3e:c6:51:9e:5a:78:4f:b2: 8d:9e:50:8b:c3:1e:82:83:b6:dc:9a:44:1e:58:a7: 97:68:3d:84:68:cb:03:ff:c3:84:b8:3e:35:32:0b: a9:cf:ea:43:d6:bd:be:0c:3c:74:01:b7:eb:38:28: cc:58:0c:a2:15:d8:f0:88:16:f9:3c:75:da:20:f2: 62:67:4c:7e:22:fb:6d:34:18:7a:0c:9f:d0:f5:68: c1:97:65:56:8a:14:e7:e9:ad:ad:39:cb:1e:d5:99: 2a:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:46:43:9E:10:56:48:35:45:34:F7:53:21:B2:F2:49:8D:77:01:9A X509v3 Authority Key Identifier: keyid:23:95:72:DD:FC:AB:62:91:E6:41:0C:CD:4E:86:0E:E3:60:00:E6:68 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I5Vy3fyrYpHmQQzNToYO42AA5mg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1d7f08-e77c-4338-9a39-8e19c0db86c2/1/MkZDnhBWSDVFNPdTIbLySY13AZo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1d7f08-e77c-4338-9a39-8e19c0db86c2/1/I5Vy3fyrYpHmQQzNToYO42AA5mg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.232.160.0/23 Signature Algorithm: sha256WithRSAEncryption 53:21:09:0d:30:97:fb:af:9c:df:29:15:ce:d5:32:a8:92:6b: 32:bd:a4:aa:e3:51:da:6a:02:24:b8:ca:bd:8b:fc:2a:ab:e8: 33:eb:e0:01:9e:1f:9b:6c:a7:97:60:13:74:54:d0:bb:1d:32: 64:48:a1:a6:46:6f:f3:bf:7f:d6:c7:00:1e:d9:62:91:30:8b: 82:c1:ff:b8:f8:a5:66:2f:ea:9f:c1:21:95:25:d5:53:f9:3b: 55:81:0d:83:b4:d3:3e:f5:54:12:d2:aa:32:50:df:72:dc:f5: 65:ab:bb:7e:99:17:64:f3:01:a1:52:d1:36:57:de:51:bf:e3: cd:e2:10:9f:94:b9:6c:f5:1e:60:e0:7b:18:cb:8a:3a:71:4a: 29:ec:b0:50:1f:81:28:e8:86:79:21:41:bc:61:18:0b:f6:eb: 90:47:da:9b:8f:2e:ef:19:24:d2:09:4e:01:1e:72:e3:6e:bb: f0:b4:12:58:a1:90:2c:5a:f4:bd:c0:47:a7:34:47:90:35:06: 1d:41:fd:8c:ae:25:e9:48:b7:cd:95:15:c6:c4:e9:a6:bf:56: 28:bf:33:87:8c:21:46:a6:04:c0:c8:de:4e:a3:09:09:f3:9a: 2f:8d:92:d6:32:2e:41:96:cb:13:62:9c:f0:6b:e5:c7:d9:7f: 47:68:04:b1 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/8m99M17UAWV/f728PVBUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzOTU3MmRkZmNhYjYyOTFlNjQxMGNjZDRlODYwZWUzNjAw MGU2NjgwHhcNMjYwMTAyMTgyMjMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMjQ2NDM5ZTEwNTY0ODM1NDUzNGY3NTMyMWIyZjI0OThkNzcwMTlhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1gOqAIgicGItwCO4wmgcRqVNPol lcJxFK6mzx57gRqxdV4R/K4u+eivXXp6M1pSbcXgUVfRT1mONjs+P3UcXwUELF19 kvW98hJRskLRbBaqRHsqLQ2suURe8c0M1QFX2C4LYOZClCm5ZhF/WCnTm2CgFcXf yjNTjdPm7hqAUcV2u9k8o0MHGXxzUZ4cmW3BW3KlU/IV65zzfNS4PsZRnlp4T7KN nlCLwx6Cg7bcmkQeWKeXaD2EaMsD/8OEuD41Mgupz+pD1r2+DDx0AbfrOCjMWAyi FdjwiBb5PHXaIPJiZ0x+IvttNBh6DJ/Q9WjBl2VWihTn6a2tOcse1Zkq7QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFDJGQ54QVkg1RTT3UyGy8kmNdwGaMB8GA1UdIwQY MBaAFCOVct38q2KR5kEMzU6GDuNgAOZoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSTVWeTNmeXJZcEhtUVF6TlRvWU80MkFBNW1nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xZDdmMDgtZTc3Yy00MzM4LTlhMzkt OGUxOWMwZGI4NmMyLzEvTWtaRG5oQldTRFZGTlBkVEliTHlTWTEzQVpvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNC8xZDdmMDgtZTc3Yy00MzM4LTlhMzktOGUxOWMwZGI4NmMy LzEvSTVWeTNmeXJZcEhtUVF6TlRvWU80MkFBNW1nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbeigMA0G CSqGSIb3DQEBCwUAA4IBAQBTIQkNMJf7r5zfKRXO1TKokmsyvaSq41HaagIkuMq9 i/wqq+gz6+ABnh+bbKeXYBN0VNC7HTJkSKGmRm/zv3/WxwAe2WKRMIuCwf+4+KVm L+qfwSGVJdVT+TtVgQ2DtNM+9VQS0qoyUN9y3PVlq7t+mRdk8wGhUtE2V95Rv+PN 4hCflLls9R5g4HsYy4o6cUop7LBQH4Eo6IZ5IUG8YRgL9uuQR9qbjy7vGSTSCU4B HnLjbrvwtBJYoZAsWvS9wEenNEeQNQYdQf2MriXpSLfNlRXGxOmmv1YovzOHjCFG pgTAyN5OowkJ85ovjZLWMi5BlssTYpzwa+XH2X9HaASx -----END CERTIFICATE-----Generated at Mon Feb 9 18:42:42 2026 by rpki-client