This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/MrcfiWWeeHrqP_pqEZhEX7Pzo_Q.roa File: MrcfiWWeeHrqP_pqEZhEX7Pzo_Q.roa (raw, json) Hash identifier: H7hbWyILGQtBmbl86qOETv8YGiP8vIu9bDhfHyhG8/Y= Subject key identifier: 32:B7:1F:89:65:9E:78:7A:EA:3F:FA:6A:11:98:44:5F:B3:F3:A3:F4 Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839 Certificate serial: 019B7C8090658ABD3A192BE3BF9768C32EC3 Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/MrcfiWWeeHrqP_pqEZhEX7Pzo_Q.roa Signing time: Fri 02 Jan 2026 02:19:18 +0000 ROA not before: Fri 02 Jan 2026 02:19:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 400342 IP address blocks: 2a00:e460::/29 maxlen: 48 2a0b:d900::/29 maxlen: 48 2a0c:65c0::/29 maxlen: 48 2a0c:6980::/29 maxlen: 48 2a13:97c0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 21:01:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:90:65:8a:bd:3a:19:2b:e3:bf:97:68:c3:2e:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839 Validity Not Before: Jan 2 02:19:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=32b71f89659e787aea3ffa6a1198445fb3f3a3f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:93:ae:7a:5b:1e:1b:1a:cf:b7:70:50:a4:3c: 36:ed:d2:0a:7d:a4:f1:e3:d7:01:19:6c:2e:cc:56: 44:38:ef:34:c8:7c:81:ba:3b:1f:6e:59:6a:f6:50: ac:93:de:49:cb:0d:8b:16:6a:63:65:20:ce:e1:f5: 99:7c:4e:51:8f:a4:dc:3d:69:2f:a2:ed:e0:a1:66: 61:e1:e0:46:d9:a3:c0:08:99:22:3b:d5:2a:06:d1: 0b:2d:2e:4e:8d:63:67:30:5d:93:8e:a2:dd:9c:23: 5d:5b:ea:d0:81:e3:1c:e3:88:01:17:d3:3a:99:12: 63:ee:dc:ca:08:9a:89:64:29:44:8e:df:24:a5:92: 93:48:63:da:ff:fb:eb:4b:b6:bb:b2:44:f9:bf:d8: bb:da:13:74:5b:c3:3b:41:18:c0:d6:63:36:fc:53: 22:96:6d:f0:40:01:b8:5c:a3:c9:90:01:b7:91:40: 08:f4:77:75:cf:7a:7b:0f:ac:62:7b:e1:99:38:55: 01:11:16:76:c2:04:2d:84:f8:00:a0:3d:6b:ed:5b: 66:8d:b3:85:03:fa:6f:a2:95:b3:43:69:5a:d1:a5: ac:7d:b5:f7:bf:9e:02:bf:9c:6a:cc:f3:93:fb:9d: 76:bc:95:79:d1:8f:3d:a9:da:75:d9:84:34:fc:99: 40:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:B7:1F:89:65:9E:78:7A:EA:3F:FA:6A:11:98:44:5F:B3:F3:A3:F4 X509v3 Authority Key Identifier: keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/MrcfiWWeeHrqP_pqEZhEX7Pzo_Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a00:e460::/29 2a0b:d900::/29 2a0c:65c0::/29 2a0c:6980::/29 2a13:97c0::/29 Signature Algorithm: sha256WithRSAEncryption 49:a9:17:ec:fd:ff:b0:db:ba:b3:d2:d8:68:6d:e8:ef:f4:8f: 58:78:b9:40:0f:9b:05:6e:8d:d5:cd:aa:2a:2d:3a:5f:e1:d4: bb:c5:2b:72:19:ee:66:f3:59:78:96:10:ff:03:e5:bc:e3:66: cb:1e:3c:fb:9b:ed:8f:3d:1b:61:c1:19:98:d0:a4:bd:49:8c: bc:4e:ec:72:f1:c5:05:b2:32:94:96:9c:ef:61:6a:8b:6e:46: d7:e7:a6:96:ae:3d:9e:22:0c:a6:8d:13:66:43:47:fc:6a:7f: e0:7a:56:c2:7e:ae:89:90:a9:49:b5:da:ca:88:30:30:d9:d9: 33:bc:5c:66:11:6b:9d:95:4b:8d:0f:20:cb:f4:e1:60:44:c1: 32:b4:9f:b1:4b:48:09:60:28:e9:89:74:e2:43:0a:d0:7d:8b: 89:cc:9e:c5:6e:e3:47:40:35:36:df:69:cf:d4:71:14:ed:c5: c9:05:74:83:ec:28:29:22:f5:54:7b:d3:e7:de:12:21:12:bc: 89:73:c1:5c:f4:19:c5:ea:52:d7:30:de:06:72:ed:2d:0c:3f: 2b:f9:6e:d0:c0:6a:48:fd:8e:de:be:82:de:7d:08:aa:aa:6e: f4:95:9f:38:09:94:ca:df:26:6f:6d:93:3f:37:de:2f:a9:55: b7:12:d1:14 -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt8gJBlir06GSvjv5dowy7DMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx ZmE4MzkwHhcNMjYwMTAyMDIxOTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMmI3MWY4OTY1OWU3ODdhZWEzZmZhNmExMTk4NDQ1ZmIzZjNhM2Y0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpOuelseGxrPt3BQpDw27dIKfaTx 49cBGWwuzFZEOO80yHyBujsfbllq9lCsk95Jyw2LFmpjZSDO4fWZfE5Rj6TcPWkv ou3goWZh4eBG2aPACJkiO9UqBtELLS5OjWNnMF2TjqLdnCNdW+rQgeMc44gBF9M6 mRJj7tzKCJqJZClEjt8kpZKTSGPa//vrS7a7skT5v9i72hN0W8M7QRjA1mM2/FMi lm3wQAG4XKPJkAG3kUAI9Hd1z3p7D6xie+GZOFUBERZ2wgQthPgAoD1r7VtmjbOF A/pvopWzQ2la0aWsfbX3v54Cv5xqzPOT+512vJV50Y89qdp12YQ0/JlARQIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFDK3H4llnnh66j/6ahGYRF+z86P0MB8GA1UdIwQY MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt MzA0OTVmNDAzNzg0LzEvTXJjZmlXV2VlSHJxUF9wcUVaaEVYN1B6b19RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0 LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgDkYAMF AyoL2QADBQMqDGXAAwUDKgxpgAMFAyoTl8AwDQYJKoZIhvcNAQELBQADggEBAEmp F+z9/7DburPS2Ght6O/0j1h4uUAPmwVujdXNqiotOl/h1LvFK3IZ7mbzWXiWEP8D 5bzjZssePPub7Y89G2HBGZjQpL1JjLxO7HLxxQWyMpSWnO9haotuRtfnppauPZ4i DKaNE2ZDR/xqf+B6VsJ+romQqUm12sqIMDDZ2TO8XGYRa52VS40PIMv04WBEwTK0 n7FLSAlgKOmJdOJDCtB9i4nMnsVu40dANTbfac/UcRTtxckFdIPsKCki9VR70+fe EiESvIlzwVz0GcXqUtcw3gZy7S0MPyv5btDAakj9jt6+gt59CKqqbvSVnzgJlMrf Jm9tkz833i+pVbcS0RQ= -----END CERTIFICATE-----Generated at Wed Jan 21 04:57:50 2026 by rpki-client