This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/MJ0wcLYLagq2-IQh1IDBnVmPp4Y.roa File: MJ0wcLYLagq2-IQh1IDBnVmPp4Y.roa (raw, json) Hash identifier: nddzrdr88MahK2kDnudEExFRXp/cZ5hcgfEP7PPKmNA= Subject key identifier: 30:9D:30:70:B6:0B:6A:0A:B6:F8:84:21:D4:80:C1:9D:59:8F:A7:86 Certificate issuer: /CN=0b9d86096a49110cf9bf670240b519315b66abcb Certificate serial: 019BE4C231CC8F12C30E9E8D8D4BD2C20B0F Authority key identifier: 0B:9D:86:09:6A:49:11:0C:F9:BF:67:02:40:B5:19:31:5B:66:AB:CB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C52GCWpJEQz5v2cCQLUZMVtmq8s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/MJ0wcLYLagq2-IQh1IDBnVmPp4Y.roa Signing time: Thu 22 Jan 2026 08:11:30 +0000 ROA not before: Thu 22 Jan 2026 08:11:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20559 IP address blocks: 5.172.40.0/21 maxlen: 24 31.200.208.0/21 maxlen: 24 45.13.164.0/22 maxlen: 24 45.133.196.0/22 maxlen: 24 45.146.124.0/22 maxlen: 24 46.19.216.0/21 maxlen: 24 46.226.88.0/21 maxlen: 24 85.209.108.0/22 maxlen: 24 88.218.152.0/22 maxlen: 24 91.218.148.0/22 maxlen: 24 91.224.248.0/23 maxlen: 24 93.186.176.0/20 maxlen: 24 185.46.64.0/22 maxlen: 24 185.51.56.0/22 maxlen: 24 185.113.84.0/22 maxlen: 24 185.122.116.0/22 maxlen: 24 193.37.204.0/22 maxlen: 24 193.187.188.0/22 maxlen: 24 194.213.112.0/23 maxlen: 24 2a00:d10::/32 maxlen: 48 2a03:3400::/32 maxlen: 48 2a06:6940::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/C52GCWpJEQz5v2cCQLUZMVtmq8s.crl rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/C52GCWpJEQz5v2cCQLUZMVtmq8s.mft rsync://rpki.ripe.net/repository/DEFAULT/C52GCWpJEQz5v2cCQLUZMVtmq8s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:e4:c2:31:cc:8f:12:c3:0e:9e:8d:8d:4b:d2:c2:0b:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0b9d86096a49110cf9bf670240b519315b66abcb Validity Not Before: Jan 22 08:11:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=309d3070b60b6a0ab6f88421d480c19d598fa786 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:38:0c:31:07:03:8d:97:a5:54:ec:2e:aa:8b: 74:0a:c0:a9:71:b3:05:53:ae:a4:5c:e7:61:8d:19: 9c:4b:2e:fa:f6:bf:d5:57:5e:e9:90:73:ad:7c:98: 85:35:4d:e9:f3:9f:7d:b8:2a:8f:94:0a:4a:6c:b3: 10:85:64:d5:11:6f:5b:93:22:f8:b3:57:b9:a7:e7: fc:13:ed:60:3d:b9:69:f5:2f:5c:4c:1a:78:81:b8: ab:dd:6f:6f:9f:1d:1b:a5:16:2c:e0:8a:8b:5c:24: c3:7a:a0:e0:76:81:f4:3d:a7:4c:9f:98:88:ca:f4: 1d:1c:1f:73:65:32:23:b7:04:67:64:5c:8b:68:92: fc:f0:58:85:31:e3:5b:12:14:47:84:f8:c9:e6:50: ab:ab:46:d4:d0:45:d2:2f:f7:0f:af:56:70:b3:94: 09:e5:02:e2:f0:ab:1c:ac:19:fd:23:c0:8b:da:07: 8e:83:58:17:b9:67:fa:da:de:2b:8a:a7:f1:f3:06: 70:29:c6:54:d4:80:58:2c:51:5d:ad:d3:64:4e:6b: 3b:5f:b2:d7:93:7c:66:4f:19:b6:13:b3:80:8b:fb: 5e:af:6b:c5:ce:de:6d:b8:19:e0:68:ea:58:ca:e7: 18:0b:3d:4f:a0:6a:b8:2b:d9:de:09:dc:66:d2:ca: 2e:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:9D:30:70:B6:0B:6A:0A:B6:F8:84:21:D4:80:C1:9D:59:8F:A7:86 X509v3 Authority Key Identifier: keyid:0B:9D:86:09:6A:49:11:0C:F9:BF:67:02:40:B5:19:31:5B:66:AB:CB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C52GCWpJEQz5v2cCQLUZMVtmq8s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/MJ0wcLYLagq2-IQh1IDBnVmPp4Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/C52GCWpJEQz5v2cCQLUZMVtmq8s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.172.40.0/21 31.200.208.0/21 45.13.164.0/22 45.133.196.0/22 45.146.124.0/22 46.19.216.0/21 46.226.88.0/21 85.209.108.0/22 88.218.152.0/22 91.218.148.0/22 91.224.248.0/23 93.186.176.0/20 185.46.64.0/22 185.51.56.0/22 185.113.84.0/22 185.122.116.0/22 193.37.204.0/22 193.187.188.0/22 194.213.112.0/23 IPv6: 2a00:d10::/32 2a03:3400::/32 2a06:6940::/29 Signature Algorithm: sha256WithRSAEncryption 44:79:af:14:3e:e2:49:f3:1a:92:01:fc:e8:cf:12:f7:77:5c: 1f:37:eb:aa:1b:29:6d:59:d3:67:c8:92:08:c0:f5:2c:5f:ad: 64:c1:34:96:99:72:5f:ff:fc:eb:a4:ad:67:89:5c:7f:e6:0b: 27:73:09:15:68:ae:70:5d:02:81:ba:41:36:f4:5a:0d:e4:ce: 4f:71:3f:30:5a:a0:09:57:0a:43:00:35:f3:33:3c:5c:c9:1b: 22:22:2f:73:ce:bf:76:09:5d:d9:e8:fa:16:bf:64:17:54:03: 07:3d:7e:c3:70:60:aa:6e:fb:81:7e:38:7d:95:bc:5b:31:12: 58:e6:94:de:09:30:d0:c3:71:04:0d:da:75:51:b6:a9:f2:44: 76:0f:5e:a6:6a:07:72:21:c2:9d:f2:4b:4b:35:28:04:b0:f8: 9d:7e:db:c4:b5:15:bb:7f:f7:92:37:6f:b6:52:7f:0b:66:5f: 19:de:20:81:a0:ff:35:f0:01:c2:1b:64:3d:f1:ef:4e:ce:25: 22:30:bd:8f:18:43:d1:83:67:2b:ed:8e:93:ad:02:ca:b9:a6: 79:f8:91:55:f7:e3:59:7b:3e:05:4e:3d:86:76:74:5b:a3:2d: 86:8e:2c:78:ab:f9:65:b8:0e:8d:de:45:2f:74:e7:6a:5e:7f: 58:e4:e3:59 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgISAZvkwjHMjxLDDp6NjUvSwgsPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBiOWQ4NjA5NmE0OTExMGNmOWJmNjcwMjQwYjUxOTMxNWI2 NmFiY2IwHhcNMjYwMTIyMDgxMTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMDlkMzA3MGI2MGI2YTBhYjZmODg0MjFkNDgwYzE5ZDU5OGZhNzg2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTgMMQcDjZelVOwuqot0CsCpcbMF U66kXOdhjRmcSy769r/VV17pkHOtfJiFNU3p8599uCqPlApKbLMQhWTVEW9bkyL4 s1e5p+f8E+1gPblp9S9cTBp4gbir3W9vnx0bpRYs4IqLXCTDeqDgdoH0PadMn5iI yvQdHB9zZTIjtwRnZFyLaJL88FiFMeNbEhRHhPjJ5lCrq0bU0EXSL/cPr1Zws5QJ 5QLi8KscrBn9I8CL2geOg1gXuWf62t4riqfx8wZwKcZU1IBYLFFdrdNkTms7X7LX k3xmTxm2E7OAi/ter2vFzt5tuBngaOpYyucYCz1PoGq4K9neCdxm0souLwIDAQAB o4IClTCCApEwHQYDVR0OBBYEFDCdMHC2C2oKtviEIdSAwZ1Zj6eGMB8GA1UdIwQY MBaAFAudhglqSREM+b9nAkC1GTFbZqvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQzUyR0NXcEpFUXo1djJjQ1FMVVpNVnRtcThzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8xZTFhOTctZjI3Ni00YTUxLWIxYjUt OGMxMDkwOWE0ODVjLzEvTUowd2NMWUxhZ3EyLUlRaDFJREJuVm1QcDRZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZS8xZTFhOTctZjI3Ni00YTUxLWIxYjUtOGMxMDkwOWE0ODVj LzEvQzUyR0NXcEpFUXo1djJjQ1FMVVpNVnRtcThzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGqBggrBgEFBQcBBwEB/wSBmjCBlzB4BAIAATByAwQDBawo AwQDH8jQAwQCLQ2kAwQCLYXEAwQCLZJ8AwQDLhPYAwQDLuJYAwQCVdFsAwQCWNqY AwQCW9qUAwQBW+D4AwQEXbqwAwQCuS5AAwQCuTM4AwQCuXFUAwQCuXp0AwQCwSXM AwQCwbu8AwQBwtVwMBsEAgACMBUDBQAqAA0QAwUAKgM0AAMFAyoGaUAwDQYJKoZI hvcNAQELBQADggEBAER5rxQ+4knzGpIB/OjPEvd3XB8366obKW1Z02fIkgjA9Sxf rWTBNJaZcl///OukrWeJXH/mCydzCRVornBdAoG6QTb0Wg3kzk9xPzBaoAlXCkMA NfMzPFzJGyIiL3POv3YJXdno+ha/ZBdUAwc9fsNwYKpu+4F+OH2VvFsxEljmlN4J MNDDcQQN2nVRtqnyRHYPXqZqB3Ihwp3yS0s1KASw+J1+28S1Fbt/95I3b7ZSfwtm XxneIIGg/zXwAcIbZD3x707OJSIwvY8YQ9GDZyvtjpOtAsq5pnn4kVX341l7PgVO PYZ2dFujLYaOLHir+WW4Do3eRS9052pef1jk41k= -----END CERTIFICATE-----Generated at Tue Jan 27 10:20:02 2026 by rpki-client