This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/d794a3-f3ae-4fbe-98ea-20e1c3e3f8e2/1/mgzdOFd8B2ya1Xohy6YCT8xW7b0.roa File: mgzdOFd8B2ya1Xohy6YCT8xW7b0.roa (raw, json) Hash identifier: /7uRJWT90D6J/lwYKLHfljOz+L9OgupUQYidcbYQ5rU= Subject key identifier: 9A:0C:DD:38:57:7C:07:6C:9A:D5:7A:21:CB:A6:02:4F:CC:56:ED:BD Certificate issuer: /CN=ddd5708f429adadba1b4a38c94dd77654afaf97d Certificate serial: 019B78A2847A6A9767DBE33CA0252EE31BDC Authority key identifier: DD:D5:70:8F:42:9A:DA:DB:A1:B4:A3:8C:94:DD:77:65:4A:FA:F9:7D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3dVwj0Ka2tuhtKOMlN13ZUr6-X0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/d794a3-f3ae-4fbe-98ea-20e1c3e3f8e2/1/mgzdOFd8B2ya1Xohy6YCT8xW7b0.roa Signing time: Thu 01 Jan 2026 08:17:55 +0000 ROA not before: Thu 01 Jan 2026 08:17:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197667 IP address blocks: 31.41.80.0/21 maxlen: 21 31.41.82.0/24 maxlen: 24 31.41.83.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/d794a3-f3ae-4fbe-98ea-20e1c3e3f8e2/1/3dVwj0Ka2tuhtKOMlN13ZUr6-X0.crl rsync://rpki.ripe.net/repository/DEFAULT/f7/d794a3-f3ae-4fbe-98ea-20e1c3e3f8e2/1/3dVwj0Ka2tuhtKOMlN13ZUr6-X0.mft rsync://rpki.ripe.net/repository/DEFAULT/3dVwj0Ka2tuhtKOMlN13ZUr6-X0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 17:00:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:84:7a:6a:97:67:db:e3:3c:a0:25:2e:e3:1b:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ddd5708f429adadba1b4a38c94dd77654afaf97d Validity Not Before: Jan 1 08:17:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9a0cdd38577c076c9ad57a21cba6024fcc56edbd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:b6:4b:89:5c:f6:59:f5:eb:e6:57:c5:d6:be: 8f:86:7a:3a:9e:49:5e:0d:19:ee:f8:31:88:84:7d: ee:7d:23:cc:26:59:f3:33:1e:cd:93:79:32:bd:3c: 30:e6:f0:18:4f:a6:aa:ec:12:2a:54:3d:bf:7b:54: 17:df:e2:a5:c8:ad:a1:0c:f5:c9:e7:50:70:78:a0: 51:10:ad:2c:46:5d:e6:1d:87:ff:40:0a:2d:d6:35: 25:b6:cf:3b:ca:2f:68:10:85:63:9a:02:8a:60:35: 64:ff:d7:e1:4d:c7:38:0d:5c:df:b6:2c:33:42:0a: 81:70:0c:6a:a0:6a:7a:09:48:86:97:02:2a:3d:9b: a9:0f:db:88:4a:22:b7:c8:30:5d:7c:11:13:f9:d6: e5:44:75:27:74:70:0e:c4:86:72:31:c6:5a:7e:fe: b8:17:7d:0c:a5:9a:61:22:fd:a2:25:42:fe:fe:f9: 19:49:64:db:49:b3:1b:3f:32:91:dc:6e:ae:f8:64: 52:b1:db:8a:43:b5:0b:df:7a:d6:66:20:46:4c:9d: f1:42:41:89:fd:1e:66:15:76:d6:ee:95:f9:7a:4b: da:9b:24:5c:7d:39:e5:20:66:11:4f:94:53:b0:8c: d5:0a:a2:f6:b4:80:0a:34:41:92:64:9c:78:60:0e: 77:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:0C:DD:38:57:7C:07:6C:9A:D5:7A:21:CB:A6:02:4F:CC:56:ED:BD X509v3 Authority Key Identifier: keyid:DD:D5:70:8F:42:9A:DA:DB:A1:B4:A3:8C:94:DD:77:65:4A:FA:F9:7D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3dVwj0Ka2tuhtKOMlN13ZUr6-X0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/d794a3-f3ae-4fbe-98ea-20e1c3e3f8e2/1/mgzdOFd8B2ya1Xohy6YCT8xW7b0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/d794a3-f3ae-4fbe-98ea-20e1c3e3f8e2/1/3dVwj0Ka2tuhtKOMlN13ZUr6-X0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.41.80.0/21 Signature Algorithm: sha256WithRSAEncryption 37:12:77:76:d7:2b:b6:21:88:76:c3:bf:4b:ea:1d:59:b9:09: 12:b0:01:83:49:4f:f0:91:99:2f:a3:54:ef:f3:fc:6b:22:b5: 07:59:29:4c:5a:2c:85:07:3a:2c:e2:36:8a:89:d9:70:ea:98: de:be:12:dc:c6:04:58:dc:17:9d:fc:c4:05:62:4f:89:dd:8c: 98:90:4b:2c:ed:79:a9:d9:18:5c:9f:2f:3a:31:8e:60:52:66: f0:bf:b2:02:be:3b:f9:7d:83:3c:da:19:68:2b:e3:70:5c:a0: b3:f9:c0:29:5a:f1:fa:9a:9c:64:2a:31:77:d6:d4:8a:37:1e: 2c:59:ee:83:39:ab:10:0c:3a:e2:cb:4c:44:90:39:43:75:2e: ae:92:f9:58:c5:71:45:b4:c1:82:cf:dd:bb:f7:fa:a0:d1:b5: 3f:a6:bf:57:61:4f:c8:11:50:d1:ba:50:29:02:67:bc:3d:ef: 7b:10:2b:c1:b9:66:cc:43:f3:ed:c2:e2:c5:86:2d:40:8c:c8: c2:15:71:61:f2:97:c4:26:5d:97:dc:e2:de:48:d1:bd:f1:5f: 98:12:b3:f2:9d:14:7f:38:97:80:3f:4d:d8:6d:26:09:07:54: ba:ab:2d:bb:0f:ca:91:46:0b:d7:f2:5b:59:b2:77:e5:03:bf: c3:5d:6e:36 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4ooR6apdn2+M8oCUu4xvcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkZDU3MDhmNDI5YWRhZGJhMWI0YTM4Yzk0ZGQ3NzY1NGFm YWY5N2QwHhcNMjYwMTAxMDgxNzU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5YTBjZGQzODU3N2MwNzZjOWFkNTdhMjFjYmE2MDI0ZmNjNTZlZGJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbZLiVz2WfXr5lfF1r6Phno6nkle DRnu+DGIhH3ufSPMJlnzMx7Nk3kyvTww5vAYT6aq7BIqVD2/e1QX3+KlyK2hDPXJ 51BweKBREK0sRl3mHYf/QAot1jUlts87yi9oEIVjmgKKYDVk/9fhTcc4DVzftiwz QgqBcAxqoGp6CUiGlwIqPZupD9uISiK3yDBdfBET+dblRHUndHAOxIZyMcZafv64 F30MpZphIv2iJUL+/vkZSWTbSbMbPzKR3G6u+GRSsduKQ7UL33rWZiBGTJ3xQkGJ /R5mFXbW7pX5ekvamyRcfTnlIGYRT5RTsIzVCqL2tIAKNEGSZJx4YA539wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJoM3ThXfAdsmtV6IcumAk/MVu29MB8GA1UdIwQY MBaAFN3VcI9CmtrbobSjjJTdd2VK+vl9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2RWd2owS2EydHVodEtPTWxOMTNaVXI2LVgwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9kNzk0YTMtZjNhZS00ZmJlLTk4ZWEt MjBlMWMzZTNmOGUyLzEvbWd6ZE9GZDhCMnlhMVhvaHk2WUNUOHhXN2IwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNy9kNzk0YTMtZjNhZS00ZmJlLTk4ZWEtMjBlMWMzZTNmOGUy LzEvM2RWd2owS2EydHVodEtPTWxOMTNaVXI2LVgwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDHylQMA0G CSqGSIb3DQEBCwUAA4IBAQA3End21yu2IYh2w79L6h1ZuQkSsAGDSU/wkZkvo1Tv 8/xrIrUHWSlMWiyFBzos4jaKidlw6pjevhLcxgRY3Bed/MQFYk+J3YyYkEss7Xmp 2Rhcny86MY5gUmbwv7ICvjv5fYM82hloK+NwXKCz+cApWvH6mpxkKjF31tSKNx4s We6DOasQDDriy0xEkDlDdS6ukvlYxXFFtMGCz9279/qg0bU/pr9XYU/IEVDRulAp Ame8Pe97ECvBuWbMQ/PtwuLFhi1AjMjCFXFh8pfEJl2X3OLeSNG98V+YErPynRR/ OJeAP03YbSYJB1S6qy27D8qRRgvX8ltZsnflA7/DXW42 -----END CERTIFICATE-----Generated at Tue Feb 10 03:10:26 2026 by rpki-client