This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/baf9f3-0e48-4c47-bc26-1b1100731448/1/mhQF4f0__P51DebimYZU_QVT_0w.roa File: mhQF4f0__P51DebimYZU_QVT_0w.roa (raw, json) Hash identifier: cJI4Av5bydgJH0qgwcwT6kGmqoTQvZg1s0ClaW/gppY= Subject key identifier: 9A:14:05:E1:FD:3F:FC:FE:75:0D:E6:E2:99:86:54:FD:05:53:FF:4C Certificate issuer: /CN=73cfe11e8a7093bdc95bc01e20db4376e22aa516 Certificate serial: 019B77596199641B7CEC12250AD297347E17 Authority key identifier: 73:CF:E1:1E:8A:70:93:BD:C9:5B:C0:1E:20:DB:43:76:E2:2A:A5:16 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c8_hHopwk73JW8AeINtDduIqpRY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/baf9f3-0e48-4c47-bc26-1b1100731448/1/mhQF4f0__P51DebimYZU_QVT_0w.roa Signing time: Thu 01 Jan 2026 02:18:24 +0000 ROA not before: Thu 01 Jan 2026 02:18:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8075 IP address blocks: 213.109.150.0/24 maxlen: 24 2001:3bc0:b1d::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/baf9f3-0e48-4c47-bc26-1b1100731448/1/c8_hHopwk73JW8AeINtDduIqpRY.crl rsync://rpki.ripe.net/repository/DEFAULT/d8/baf9f3-0e48-4c47-bc26-1b1100731448/1/c8_hHopwk73JW8AeINtDduIqpRY.mft rsync://rpki.ripe.net/repository/DEFAULT/c8_hHopwk73JW8AeINtDduIqpRY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:61:99:64:1b:7c:ec:12:25:0a:d2:97:34:7e:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=73cfe11e8a7093bdc95bc01e20db4376e22aa516 Validity Not Before: Jan 1 02:18:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9a1405e1fd3ffcfe750de6e2998654fd0553ff4c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:8b:72:c0:e8:e6:88:61:a2:eb:7a:aa:f7:25: 8c:a1:52:53:f1:46:f1:68:c7:4e:6f:fc:e0:91:61: 15:2f:2d:f6:7d:c3:06:ca:9c:b9:5d:b6:50:b7:81: 18:27:75:45:90:44:68:89:a9:c0:e5:77:86:a2:bf: e9:b0:cc:44:99:e6:bb:cf:bf:85:b3:b2:16:cb:2c: 1d:11:a0:b3:82:52:55:1a:39:fe:6a:27:51:36:b5: c3:42:3b:2e:b5:56:e9:3e:06:4e:89:aa:30:51:fb: af:07:90:0d:f1:59:87:96:f3:cd:19:6e:e9:69:3c: 9e:02:e7:77:27:16:cc:bc:47:b0:ee:53:89:65:a6: ae:e5:aa:bb:69:1a:ca:e5:61:f2:f0:a4:fe:5c:e1: 3a:2a:f9:b4:db:4d:2b:c4:2f:a8:cb:6a:22:62:d8: fe:7c:f7:42:ff:cd:65:60:6a:f9:cb:ab:bc:78:ea: 5e:a6:09:b8:96:e5:29:e3:36:c9:51:ff:be:35:ff: de:86:cb:67:38:2b:37:73:fc:1d:ed:ae:89:6e:39: 24:cf:12:52:62:42:57:ae:ae:58:fe:97:e4:74:53: 64:63:48:1a:06:d7:66:85:3f:eb:05:7d:52:e2:de: c1:e2:a3:f4:c3:41:ae:09:05:28:67:e8:02:8a:f5: 00:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:14:05:E1:FD:3F:FC:FE:75:0D:E6:E2:99:86:54:FD:05:53:FF:4C X509v3 Authority Key Identifier: keyid:73:CF:E1:1E:8A:70:93:BD:C9:5B:C0:1E:20:DB:43:76:E2:2A:A5:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8_hHopwk73JW8AeINtDduIqpRY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/baf9f3-0e48-4c47-bc26-1b1100731448/1/mhQF4f0__P51DebimYZU_QVT_0w.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/baf9f3-0e48-4c47-bc26-1b1100731448/1/c8_hHopwk73JW8AeINtDduIqpRY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 213.109.150.0/24 IPv6: 2001:3bc0:b1d::/48 Signature Algorithm: sha256WithRSAEncryption 43:50:96:57:90:80:49:52:d1:b8:93:01:19:84:b9:8b:13:9a: 0b:f2:51:42:88:97:7e:b5:02:28:b0:43:db:3c:e4:a6:a3:8f: 00:d4:16:34:7a:d6:72:8c:a8:63:3a:f3:9e:c3:d1:06:69:c4: 38:3d:da:80:84:a3:82:86:97:80:01:9e:2e:09:55:a3:1d:9a: 5a:f2:81:10:db:20:c9:09:22:7e:ca:fd:d9:53:52:5c:4a:a0: 44:f9:af:c6:cc:50:1e:72:08:3d:e7:dc:52:0e:9a:ac:4f:6b: 93:55:95:bd:27:55:02:e6:4a:85:60:b2:58:54:c7:70:74:cd: 2b:03:74:b1:39:a0:cb:8a:a7:51:38:9b:34:8e:6b:a8:21:a1: a7:69:f5:3c:14:d5:0f:94:6b:b7:1c:16:a7:1a:70:71:d6:2d: b7:52:e1:e4:96:b5:61:1b:83:f7:1c:c9:c1:08:e1:a3:07:77: 6e:25:57:66:0c:c1:82:e2:af:fa:98:51:6a:5a:d6:d5:bd:d6: 23:24:75:1f:f4:21:74:62:8b:09:57:12:99:85:ef:aa:c1:a2: b8:06:d3:87:82:90:a1:c2:bf:23:bd:be:e4:8d:30:3a:65:bd: 99:74:60:9b:04:d0:ab:27:29:b9:ad:f1:5c:11:a8:18:3a:2e: 29:64:49:05 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt3WWGZZBt87BIlCtKXNH4XMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDczY2ZlMTFlOGE3MDkzYmRjOTViYzAxZTIwZGI0Mzc2ZTIy YWE1MTYwHhcNMjYwMTAxMDIxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5YTE0MDVlMWZkM2ZmY2ZlNzUwZGU2ZTI5OTg2NTRmZDA1NTNmZjRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlotywOjmiGGi63qq9yWMoVJT8Ubx aMdOb/zgkWEVLy32fcMGypy5XbZQt4EYJ3VFkERoianA5XeGor/psMxEmea7z7+F s7IWyywdEaCzglJVGjn+aidRNrXDQjsutVbpPgZOiaowUfuvB5AN8VmHlvPNGW7p aTyeAud3JxbMvEew7lOJZaau5aq7aRrK5WHy8KT+XOE6Kvm0200rxC+oy2oiYtj+ fPdC/81lYGr5y6u8eOpepgm4luUp4zbJUf++Nf/ehstnOCs3c/wd7a6JbjkkzxJS YkJXrq5Y/pfkdFNkY0gaBtdmhT/rBX1S4t7B4qP0w0GuCQUoZ+gCivUACQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFJoUBeH9P/z+dQ3m4pmGVP0FU/9MMB8GA1UdIwQY MBaAFHPP4R6KcJO9yVvAHiDbQ3biKqUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYzhfaEhvcHdrNzNKVzhBZUlOdERkdUlxcFJZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9iYWY5ZjMtMGU0OC00YzQ3LWJjMjYt MWIxMTAwNzMxNDQ4LzEvbWhRRjRmMF9fUDUxRGViaW1ZWlVfUVZUXzB3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOC9iYWY5ZjMtMGU0OC00YzQ3LWJjMjYtMWIxMTAwNzMxNDQ4 LzEvYzhfaEhvcHdrNzNKVzhBZUlOdERkdUlxcFJZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA1W2WMA8E AgACMAkDBwAgATvACx0wDQYJKoZIhvcNAQELBQADggEBAENQlleQgElS0biTARmE uYsTmgvyUUKIl361AiiwQ9s85KajjwDUFjR61nKMqGM6857D0QZpxDg92oCEo4KG l4ABni4JVaMdmlrygRDbIMkJIn7K/dlTUlxKoET5r8bMUB5yCD3n3FIOmqxPa5NV lb0nVQLmSoVgslhUx3B0zSsDdLE5oMuKp1E4mzSOa6ghoadp9TwU1Q+Ua7ccFqca cHHWLbdS4eSWtWEbg/ccycEI4aMHd24lV2YMwYLir/qYUWpa1tW91iMkdR/0IXRi iwlXEpmF76rBorgG04eCkKHCvyO9vuSNMDplvZl0YJsE0KsnKbmt8VwRqBg6Lilk SQU= -----END CERTIFICATE-----Generated at Sun Jan 18 16:37:47 2026 by rpki-client