This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/mXIUM2kiyOLjpAVTpXs9HhfDNfc.roa File: mXIUM2kiyOLjpAVTpXs9HhfDNfc.roa (raw, json) Hash identifier: gABdSnnh7vVHsofsdTGV+68MIIXEAwF2Pew3xWqm9n8= Subject key identifier: 99:72:14:33:69:22:C8:E2:E3:A4:05:53:A5:7B:3D:1E:17:C3:35:F7 Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4 Certificate serial: 019B77C74081F55FC1B9E48EF9E2AE56179A Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/mXIUM2kiyOLjpAVTpXs9HhfDNfc.roa Signing time: Thu 01 Jan 2026 04:18:25 +0000 ROA not before: Thu 01 Jan 2026 04:18:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 6079 IP address blocks: 77.223.200.0/23 maxlen: 24 79.139.64.0/23 maxlen: 24 121.127.48.0/21 maxlen: 24 168.75.224.0/20 maxlen: 24 176.222.48.0/22 maxlen: 24 194.149.76.0/22 maxlen: 24 198.14.16.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 13:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:40:81:f5:5f:c1:b9:e4:8e:f9:e2:ae:56:17:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4 Validity Not Before: Jan 1 04:18:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=997214336922c8e2e3a40553a57b3d1e17c335f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:1a:a2:f8:20:d9:21:c2:d0:5f:97:cd:d8:c8: d3:01:82:22:15:8e:fa:6d:be:31:6d:3b:e1:c4:6e: 2e:9c:6d:a7:40:48:61:8c:29:da:ed:7d:20:97:d4: c2:30:f7:b6:d1:a6:73:92:4f:c4:91:b1:59:48:60: e7:95:2a:18:6d:a0:fe:ea:62:55:29:a1:c1:6a:64: b8:8e:52:97:40:0e:d8:67:11:de:53:62:4e:bd:63: 6b:bd:03:c0:ae:a7:13:0b:e3:36:0d:1e:ea:57:d1: 87:c2:f5:25:67:8e:e5:1b:47:4f:d5:2d:e4:85:79: 35:10:94:17:7c:8c:e0:62:f6:c4:ef:e4:a8:c8:07: 18:6e:7d:90:f3:7d:d3:a8:e4:3c:53:d1:52:33:af: fd:e9:10:28:d9:58:fb:0f:2e:d1:14:3e:bc:25:2b: 77:f6:b2:d2:03:4f:ee:ea:6d:06:3b:6b:35:f5:ea: 5f:e8:05:f6:25:8e:cc:65:84:48:b9:10:0a:67:e2: 90:fe:3e:31:5a:37:63:61:43:0f:3d:3c:44:1c:74: ab:b3:94:92:0a:2d:4d:e9:c2:c7:91:88:4e:ea:a8: 93:44:07:a3:76:03:a5:c4:b8:67:e6:e0:b0:02:24: c4:4d:3e:39:02:c1:7d:3c:de:80:55:b7:6a:0c:13: 8c:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:72:14:33:69:22:C8:E2:E3:A4:05:53:A5:7B:3D:1E:17:C3:35:F7 X509v3 Authority Key Identifier: keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/mXIUM2kiyOLjpAVTpXs9HhfDNfc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.223.200.0/23 79.139.64.0/23 121.127.48.0/21 168.75.224.0/20 176.222.48.0/22 194.149.76.0/22 198.14.16.0/20 Signature Algorithm: sha256WithRSAEncryption 87:59:fb:fa:e3:0e:86:20:36:7c:89:72:16:2c:7c:e6:58:45: 1d:80:10:44:e9:98:ee:f6:21:11:0b:82:d0:3e:f0:ac:ec:62: f6:93:45:5b:fa:aa:18:6a:06:db:02:fa:ba:87:68:a5:d4:25: 2c:1c:09:a9:bb:9e:e9:6c:a0:cc:ff:92:20:d2:67:94:9f:51: 31:37:0d:c5:29:93:09:c6:12:91:84:47:c5:ab:c1:66:a3:3d: e8:f8:a0:81:3f:a3:c0:7d:ae:69:0f:cf:7d:22:00:72:1b:88: cb:af:ba:28:2a:63:5b:67:92:98:98:96:3d:50:95:8f:8d:20: 97:91:ab:84:b5:2e:3b:c4:ef:2d:8f:bb:76:d1:ef:ae:bc:e2: 1e:9c:a7:6d:44:cc:e0:82:83:15:7a:82:31:9c:18:19:43:97: 53:69:35:13:cc:bf:ab:dd:bd:bc:f5:2f:78:0d:4c:af:64:25: c7:55:0f:c9:b3:36:9e:ab:86:c1:68:25:4a:fd:13:13:b0:66: ec:f6:8d:af:86:ec:47:d6:fb:e3:f6:e7:21:cb:5b:8c:47:f9: d4:79:03:0e:cd:7f:83:f9:c2:10:30:32:d1:d8:9f:e0:03:bb: fa:99:3c:a7:f1:74:1c:1a:ff:a0:28:ad:c3:bb:06:ab:86:72: 69:40:7a:68 -----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgISAZt3x0CB9V/BueSO+eKuVheaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi NWRlZTQwHhcNMjYwMTAxMDQxODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5OTcyMTQzMzY5MjJjOGUyZTNhNDA1NTNhNTdiM2QxZTE3YzMzNWY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBqi+CDZIcLQX5fN2MjTAYIiFY76 bb4xbTvhxG4unG2nQEhhjCna7X0gl9TCMPe20aZzkk/EkbFZSGDnlSoYbaD+6mJV KaHBamS4jlKXQA7YZxHeU2JOvWNrvQPArqcTC+M2DR7qV9GHwvUlZ47lG0dP1S3k hXk1EJQXfIzgYvbE7+SoyAcYbn2Q833TqOQ8U9FSM6/96RAo2Vj7Dy7RFD68JSt3 9rLSA0/u6m0GO2s19epf6AX2JY7MZYRIuRAKZ+KQ/j4xWjdjYUMPPTxEHHSrs5SS Ci1N6cLHkYhO6qiTRAejdgOlxLhn5uCwAiTETT45AsF9PN6AVbdqDBOMuQIDAQAB o4ICLTCCAikwHQYDVR0OBBYEFJlyFDNpIsji46QFU6V7PR4XwzX3MB8GA1UdIwQY MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt NTlmNTk4NGI2NGVhLzEvbVhJVU0ya2l5T0xqcEFWVHBYczlIaGZETmZjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBTd/IAwQB T4tAAwQDeX8wAwQEqEvgAwQCsN4wAwQCwpVMAwQExg4QMA0GCSqGSIb3DQEBCwUA A4IBAQCHWfv64w6GIDZ8iXIWLHzmWEUdgBBE6Zju9iERC4LQPvCs7GL2k0Vb+qoY agbbAvq6h2il1CUsHAmpu57pbKDM/5Ig0meUn1ExNw3FKZMJxhKRhEfFq8Fmoz3o +KCBP6PAfa5pD899IgByG4jLr7ooKmNbZ5KYmJY9UJWPjSCXkauEtS47xO8tj7t2 0e+uvOIenKdtRMzggoMVeoIxnBgZQ5dTaTUTzL+r3b289S94DUyvZCXHVQ/Jszae q4bBaCVK/RMTsGbs9o2vhuxH1vvj9uchy1uMR/nUeQMOzX+D+cIQMDLR2J/gA7v6 mTyn8XQcGv+gKK3DuwarhnJpQHpo -----END CERTIFICATE-----Generated at Thu Jan 1 20:22:30 2026 by rpki-client