This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/MbxgL5tetza-XbgTHGZJW_GyHMU.roa File: MbxgL5tetza-XbgTHGZJW_GyHMU.roa (raw, json) Hash identifier: JW1e1T6cnut+XpnxzGzdWG1ur23wfYnCvpfLO4S1onE= Subject key identifier: 31:BC:60:2F:9B:5E:B7:36:BE:5D:B8:13:1C:66:49:5B:F1:B2:1C:C5 Certificate issuer: /CN=421bae989898d9402424aadafbb47c3a6d4c25b3 Certificate serial: 019B7DCA8A7413E6CE66E5D0E715434BFE85 Authority key identifier: 42:1B:AE:98:98:98:D9:40:24:24:AA:DA:FB:B4:7C:3A:6D:4C:25:B3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QhuumJiY2UAkJKra-7R8Om1MJbM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/MbxgL5tetza-XbgTHGZJW_GyHMU.roa Signing time: Fri 02 Jan 2026 08:19:44 +0000 ROA not before: Fri 02 Jan 2026 08:19:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197580 IP address blocks: 46.245.136.0/21 maxlen: 21 83.174.148.0/23 maxlen: 23 83.174.151.0/24 maxlen: 24 83.174.152.0/23 maxlen: 23 83.174.154.0/24 maxlen: 24 83.174.156.0/22 maxlen: 22 185.42.208.0/24 maxlen: 24 185.254.216.0/23 maxlen: 23 185.254.219.0/24 maxlen: 24 2a01:6320::/32 maxlen: 32 2a05:dec0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/QhuumJiY2UAkJKra-7R8Om1MJbM.crl rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/QhuumJiY2UAkJKra-7R8Om1MJbM.mft rsync://rpki.ripe.net/repository/DEFAULT/QhuumJiY2UAkJKra-7R8Om1MJbM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 06 Feb 2026 11:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:8a:74:13:e6:ce:66:e5:d0:e7:15:43:4b:fe:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=421bae989898d9402424aadafbb47c3a6d4c25b3 Validity Not Before: Jan 2 08:19:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=31bc602f9b5eb736be5db8131c66495bf1b21cc5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:ee:23:6c:3b:94:be:f9:c0:4e:1c:c4:c2:b8: 79:e4:55:df:01:0e:9e:0d:00:31:03:8d:fb:75:51: 17:86:89:57:e6:47:96:5f:09:18:1d:2d:ab:83:44: b3:eb:fc:75:df:67:9d:6d:1c:07:22:f1:ee:c7:ca: eb:ad:5e:6b:63:cd:4e:e8:e3:cd:1e:be:e4:6d:3d: cf:0a:eb:40:a2:83:a3:ac:a0:78:52:b3:59:ee:fe: 07:69:f3:21:93:52:65:6c:45:23:65:a7:52:93:a2: 02:70:a6:1a:8e:08:b9:53:82:bf:4e:bd:19:f3:7b: 8f:3e:1f:4f:e0:09:f5:02:a3:97:ee:51:17:f9:8d: c8:81:8d:74:a9:b1:27:94:d4:e3:4c:c7:aa:d1:b5: 91:c7:24:25:90:1b:45:ab:d0:13:33:66:a4:c2:f3: 24:72:a2:2a:24:50:e5:46:c6:c3:dc:91:2d:a9:72: b9:b1:0e:01:44:d5:24:c8:99:bb:ea:8e:c5:bb:88: a7:da:04:75:d8:7a:a4:8d:bf:55:89:f2:d7:e3:24: 2b:4f:94:43:5b:5f:20:ea:e1:76:e0:c6:60:17:98: 5c:d0:43:d7:35:4d:45:69:15:e4:3d:a9:3d:0e:3c: a6:fe:88:96:1f:4d:77:67:c1:02:2c:13:a0:e0:bf: f9:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:BC:60:2F:9B:5E:B7:36:BE:5D:B8:13:1C:66:49:5B:F1:B2:1C:C5 X509v3 Authority Key Identifier: keyid:42:1B:AE:98:98:98:D9:40:24:24:AA:DA:FB:B4:7C:3A:6D:4C:25:B3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QhuumJiY2UAkJKra-7R8Om1MJbM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/MbxgL5tetza-XbgTHGZJW_GyHMU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/QhuumJiY2UAkJKra-7R8Om1MJbM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.245.136.0/21 83.174.148.0/23 83.174.151.0-83.174.154.255 83.174.156.0/22 185.42.208.0/24 185.254.216.0/23 185.254.219.0/24 IPv6: 2a01:6320::/32 2a05:dec0::/29 Signature Algorithm: sha256WithRSAEncryption 9a:4f:2c:a5:a6:f7:ba:4a:d7:4e:2f:bd:56:97:64:78:bd:bf: f3:55:6c:44:00:04:ca:c4:bb:6e:ec:7c:40:03:a1:7f:0f:57: 65:48:93:81:8c:79:f4:17:b6:b9:92:50:a6:d1:86:a1:e7:e1: ba:3f:2b:de:49:cd:02:25:7d:69:83:8c:f7:bb:95:40:21:2e: 2b:56:8c:37:8f:40:7a:b2:06:50:27:07:48:6b:1e:b9:1b:c1: 38:cf:75:65:ed:26:6e:17:bc:77:0c:e4:d8:58:d5:41:78:47: 88:e5:63:72:c6:97:dc:09:ab:0c:ab:a5:a3:d6:5f:b8:75:16: 4f:77:3e:97:f1:a4:52:30:7b:38:e5:74:6b:b7:e1:7f:f3:91: 99:3f:df:03:da:cc:8f:56:14:9c:65:fa:99:a6:5a:83:16:0b: 4a:bc:8b:34:0a:0f:76:74:95:03:bb:78:ef:ff:a5:dd:c6:ae: 5a:de:ef:e9:95:7d:8d:98:fb:5a:69:c1:be:55:ad:95:f9:e4: 90:36:a2:6c:64:68:05:8e:ca:9f:58:57:a2:07:c6:27:25:bd: 46:46:a2:46:5a:b9:52:ea:ea:c8:19:c2:ec:a7:e9:25:1e:15: 7a:f9:22:3b:38:98:05:20:8b:61:40:03:b8:28:92:00:d1:87: 16:9c:cf:39 -----BEGIN CERTIFICATE----- MIIFPzCCBCegAwIBAgISAZt9yop0E+bOZuXQ5xVDS/6FMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQyMWJhZTk4OTg5OGQ5NDAyNDI0YWFkYWZiYjQ3YzNhNmQ0 YzI1YjMwHhcNMjYwMTAyMDgxOTQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMWJjNjAyZjliNWViNzM2YmU1ZGI4MTMxYzY2NDk1YmYxYjIxY2M1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmu4jbDuUvvnAThzEwrh55FXfAQ6e DQAxA437dVEXholX5keWXwkYHS2rg0Sz6/x132edbRwHIvHux8rrrV5rY81O6OPN Hr7kbT3PCutAooOjrKB4UrNZ7v4HafMhk1JlbEUjZadSk6ICcKYajgi5U4K/Tr0Z 83uPPh9P4An1AqOX7lEX+Y3IgY10qbEnlNTjTMeq0bWRxyQlkBtFq9ATM2akwvMk cqIqJFDlRsbD3JEtqXK5sQ4BRNUkyJm76o7Fu4in2gR12Hqkjb9VifLX4yQrT5RD W18g6uF24MZgF5hc0EPXNU1FaRXkPak9Djym/oiWH013Z8ECLBOg4L/5QwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDG8YC+bXrc2vl24ExxmSVvxshzFMB8GA1UdIwQY MBaAFEIbrpiYmNlAJCSq2vu0fDptTCWzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUWh1dW1KaVkyVUFrSktyYS03UjhPbTFNSmJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9iMzRjYjAtMmY3MS00ZjU5LWJkNWUt NjdlZmNiM2Q4NmZlLzEvTWJ4Z0w1dGV0emEtWGJnVEhHWkpXX0d5SE1VLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS9iMzRjYjAtMmY3MS00ZjU5LWJkNWUtNjdlZmNiM2Q4NmZl LzEvUWh1dW1KaVkyVUFrSktyYS03UjhPbTFNSmJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDA4BAIAATAyAwQDLvWIAwQB U66UMAwDBABTrpcDBABTrpoDBAJTrpwDBAC5KtADBAG5/tgDBAC5/tswFAQCAAIw DgMFACoBYyADBQMqBd7AMA0GCSqGSIb3DQEBCwUAA4IBAQCaTyylpve6StdOL71W l2R4vb/zVWxEAATKxLtu7HxAA6F/D1dlSJOBjHn0F7a5klCm0Yah5+G6PyveSc0C JX1pg4z3u5VAIS4rVow3j0B6sgZQJwdIax65G8E4z3Vl7SZuF7x3DOTYWNVBeEeI 5WNyxpfcCasMq6Wj1l+4dRZPdz6X8aRSMHs45XRrt+F/85GZP98D2syPVhScZfqZ plqDFgtKvIs0Cg92dJUDu3jv/6Xdxq5a3u/plX2NmPtaacG+Va2V+eSQNqJsZGgF jsqfWFeiB8YnJb1GRqJGWrlS6urIGcLsp+klHhV6+SI7OJgFIIthQAO4KJIA0YcW nM85 -----END CERTIFICATE-----Generated at Thu Feb 5 16:35:03 2026 by rpki-client