This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/Mky6mh6SVIcLxVTFybCIs5ADFpc.roa File: Mky6mh6SVIcLxVTFybCIs5ADFpc.roa (raw, json) Hash identifier: fcKDz5AzWhAzAqlQ+bJeOIYmVmdWQaRd2LrGnOJ/5Vw= Subject key identifier: 32:4C:BA:9A:1E:92:54:87:0B:C5:54:C5:C9:B0:88:B3:90:03:16:97 Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4 Certificate serial: 019B7BA5475D4E9402B84CE6268C4B4D9760 Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/Mky6mh6SVIcLxVTFybCIs5ADFpc.roa Signing time: Thu 01 Jan 2026 22:19:47 +0000 ROA not before: Thu 01 Jan 2026 22:19:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202209 IP address blocks: 94.236.145.0/24 maxlen: 24 94.236.159.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:47:5d:4e:94:02:b8:4c:e6:26:8c:4b:4d:97:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4 Validity Not Before: Jan 1 22:19:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=324cba9a1e9254870bc554c5c9b088b390031697 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:43:0f:f6:85:91:a6:10:48:b1:df:3a:f0:fa: ea:ce:16:70:3c:80:59:9a:6a:57:9b:22:e9:ce:03: a2:ac:8c:7c:ce:f4:77:7e:b3:d7:9b:4a:26:a1:e2: c8:fe:6a:4e:1f:1b:02:9d:40:a3:a5:52:65:f7:5e: 66:71:68:3c:86:d6:02:a3:1c:ea:f8:c7:e3:08:15: 1f:9a:6b:86:65:f8:4a:5f:51:ff:d7:01:fb:33:bb: 5e:6f:a4:06:03:35:32:e7:32:50:a3:e2:55:c5:db: 0f:27:02:96:14:b5:10:c1:9f:cf:b4:6d:c1:bd:c4: eb:9b:6b:80:04:72:e4:4a:d8:8d:2f:a0:07:05:19: 3e:c8:8e:75:c8:a0:9c:15:66:61:88:e8:eb:fd:1a: 6f:ab:56:4f:f1:0d:f2:b0:c8:d9:48:85:71:95:45: 57:1d:44:1f:e5:33:b5:9a:63:30:33:7a:fc:c9:6c: f6:d9:29:5e:90:d2:97:80:40:79:df:0c:7a:b2:9d: 2e:3b:7a:4f:68:ed:48:53:c7:c8:3d:70:ca:71:1c: eb:91:ba:ed:c6:66:37:62:c0:09:19:1e:d4:5a:c9: d1:1e:04:a4:db:15:86:ad:20:70:ad:31:e1:05:16: 79:23:df:5b:c5:3e:28:0b:ab:b3:67:47:ae:cb:34: dc:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:4C:BA:9A:1E:92:54:87:0B:C5:54:C5:C9:B0:88:B3:90:03:16:97 X509v3 Authority Key Identifier: keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/Mky6mh6SVIcLxVTFybCIs5ADFpc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 94.236.145.0/24 94.236.159.0/24 Signature Algorithm: sha256WithRSAEncryption 0a:52:f6:8b:96:cd:3f:05:3c:a1:38:98:9b:dc:f9:31:7b:f8: ea:6e:52:55:d9:71:bf:d1:5c:df:ff:c9:9b:ac:05:d8:c8:a3: 72:f9:91:23:20:7f:76:5c:b3:9a:df:92:74:d4:b0:f8:b4:68: 2e:91:b5:48:f9:0e:b0:35:86:d0:8c:6a:5a:5b:a9:39:f6:26: 0c:8d:9b:2d:a4:21:c7:d3:67:1e:16:93:2c:fd:57:04:b6:8a: dd:c8:84:f5:16:6a:bc:f0:0f:a5:2b:48:89:4d:20:8c:f9:70: 81:21:78:68:e3:b8:b9:a9:9b:3f:5a:07:8f:fe:e2:e1:0f:07: 13:bc:f5:b1:cd:2e:e1:5b:96:d6:94:77:af:15:dc:ae:1b:a5: 61:96:32:30:9a:2f:84:35:63:b4:2e:0f:fe:87:49:1f:1e:66: 92:ba:96:4a:5a:19:41:c9:68:76:45:68:02:a7:d0:c3:58:7a: 7f:21:a4:78:9b:6e:3f:d0:a6:db:d0:c5:67:1c:cf:bf:36:85: e9:71:e4:72:c8:87:be:ad:9b:d1:24:eb:9b:56:94:ba:3b:7c: 3d:f4:ea:7d:b2:bf:ee:94:6e:b0:a4:37:b2:7a:43:53:12:b5: 3c:35:c4:6b:cb:45:b9:6d:3a:5b:af:91:10:2f:08:0d:63:bd: a2:69:9e:9f -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt7pUddTpQCuEzmJoxLTZdgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4 ZmI0YzQwHhcNMjYwMTAxMjIxOTQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMjRjYmE5YTFlOTI1NDg3MGJjNTU0YzVjOWIwODhiMzkwMDMxNjk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0MP9oWRphBIsd868PrqzhZwPIBZ mmpXmyLpzgOirIx8zvR3frPXm0omoeLI/mpOHxsCnUCjpVJl915mcWg8htYCoxzq +MfjCBUfmmuGZfhKX1H/1wH7M7teb6QGAzUy5zJQo+JVxdsPJwKWFLUQwZ/PtG3B vcTrm2uABHLkStiNL6AHBRk+yI51yKCcFWZhiOjr/Rpvq1ZP8Q3ysMjZSIVxlUVX HUQf5TO1mmMwM3r8yWz22SlekNKXgEB53wx6sp0uO3pPaO1IU8fIPXDKcRzrkbrt xmY3YsAJGR7UWsnRHgSk2xWGrSBwrTHhBRZ5I99bxT4oC6uzZ0euyzTcywIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFDJMupoeklSHC8VUxcmwiLOQAxaXMB8GA1UdIwQY MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct ODcyYmEyZDlmNDRjLzEvTWt5Nm1oNlNWSWNMeFZURnliQ0lzNUFERnBjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXuyRAwQA XuyfMA0GCSqGSIb3DQEBCwUAA4IBAQAKUvaLls0/BTyhOJib3Pkxe/jqblJV2XG/ 0Vzf/8mbrAXYyKNy+ZEjIH92XLOa35J01LD4tGgukbVI+Q6wNYbQjGpaW6k59iYM jZstpCHH02ceFpMs/VcEtordyIT1Fmq88A+lK0iJTSCM+XCBIXho47i5qZs/WgeP /uLhDwcTvPWxzS7hW5bWlHevFdyuG6VhljIwmi+ENWO0Lg/+h0kfHmaSupZKWhlB yWh2RWgCp9DDWHp/IaR4m24/0Kbb0MVnHM+/NoXpceRyyIe+rZvRJOubVpS6O3w9 9Op9sr/ulG6wpDeyekNTErU8NcRry0W5bTpbr5EQLwgNY72iaZ6f -----END CERTIFICATE-----Generated at Mon Jan 26 10:23:19 2026 by rpki-client