This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/mrolwK2KC0w8DkEJIzjFPnT8aDY.roa File: mrolwK2KC0w8DkEJIzjFPnT8aDY.roa (raw, json) Hash identifier: KWvJn4y2GSmF/qywBZLEL1QJaSchEcFy2JpZDDXnxyg= Subject key identifier: 9A:BA:25:C0:AD:8A:0B:4C:3C:0E:41:09:23:38:C5:3E:74:FC:68:36 Certificate issuer: /CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3 Certificate serial: 019B7F1576A84B9738D28989BCD658EC00F2 Authority key identifier: DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/mrolwK2KC0w8DkEJIzjFPnT8aDY.roa Signing time: Fri 02 Jan 2026 14:21:11 +0000 ROA not before: Fri 02 Jan 2026 14:21:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 40065 IP address blocks: 2.56.255.0/24 maxlen: 24 2.59.151.0/24 maxlen: 24 5.181.219.0/24 maxlen: 24 31.40.214.0/24 maxlen: 24 45.12.88.0/24 maxlen: 24 45.12.90.0/24 maxlen: 24 45.67.223.0/24 maxlen: 24 185.183.84.0/24 maxlen: 24 185.186.146.0/23 maxlen: 23 185.194.148.0/24 maxlen: 24 185.201.226.0/24 maxlen: 24 185.201.227.0/24 maxlen: 24 185.238.248.0/24 maxlen: 24 185.238.250.0/24 maxlen: 24 193.9.44.0/24 maxlen: 24 193.9.46.0/24 maxlen: 24 193.22.152.0/24 maxlen: 24 212.103.62.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 20:01:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:76:a8:4b:97:38:d2:89:89:bc:d6:58:ec:00:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3 Validity Not Before: Jan 2 14:21:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9aba25c0ad8a0b4c3c0e41092338c53e74fc6836 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:dc:1b:2b:e2:b2:d2:37:d5:4c:b1:31:20:83: cb:3a:ff:9a:51:29:95:0f:cb:f3:21:db:07:7b:25: 64:c5:f9:4b:f6:89:f3:8c:e6:39:42:44:4d:24:5b: f8:9a:fa:9f:d0:6c:b7:80:f2:c7:18:e8:23:b8:21: 7f:08:a4:b6:12:fb:11:d0:ab:4c:84:86:3d:9c:bc: c0:84:47:cf:cc:55:05:53:d4:84:b9:5e:fe:7c:2c: ca:8c:17:a4:4b:ab:ba:33:28:5b:e9:d6:f9:e7:cf: 9e:f3:41:7c:2e:3c:15:08:ac:ef:57:1c:25:77:9d: 31:b1:af:e8:74:ea:33:93:eb:66:03:e8:b9:f1:c2: 10:54:85:17:89:01:91:b5:13:f3:d0:30:e9:84:e3: 1d:43:01:50:8e:f7:d1:55:07:54:49:81:23:c0:19: 35:76:84:2b:02:21:5c:59:10:64:cd:ed:8d:c9:85: d7:67:b0:ad:2b:8e:38:9c:12:45:63:ad:18:e9:d2: 77:46:ba:d0:6a:a5:36:74:06:b3:d8:ce:3e:fd:57: a5:22:08:46:46:88:8c:df:0d:75:92:c5:47:98:54: 90:b7:91:f7:34:4c:bf:e6:9e:b3:dc:44:8f:58:f9: e1:81:d8:43:9b:f2:cb:2e:7f:45:25:08:d4:d1:03: 91:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:BA:25:C0:AD:8A:0B:4C:3C:0E:41:09:23:38:C5:3E:74:FC:68:36 X509v3 Authority Key Identifier: keyid:DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/mrolwK2KC0w8DkEJIzjFPnT8aDY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.56.255.0/24 2.59.151.0/24 5.181.219.0/24 31.40.214.0/24 45.12.88.0/24 45.12.90.0/24 45.67.223.0/24 185.183.84.0/24 185.186.146.0/23 185.194.148.0/24 185.201.226.0/23 185.238.248.0/24 185.238.250.0/24 193.9.44.0/24 193.9.46.0/24 193.22.152.0/24 212.103.62.0/24 Signature Algorithm: sha256WithRSAEncryption 89:21:df:60:ca:63:39:dd:a4:78:78:47:f4:7b:bf:ac:9e:0a: 13:30:9c:ee:90:ec:03:5a:9f:d9:66:0a:33:13:f1:00:fd:55: aa:b6:75:a2:ba:7b:33:c1:e4:ab:74:20:72:9f:04:a1:4a:3e: 9f:89:12:ca:ef:a6:ec:da:d4:0c:9b:5c:b7:2d:6d:ec:b7:1c: 5b:9f:f1:42:8e:8d:11:50:fc:f5:9e:d3:fb:ff:a6:a4:18:f4: 48:84:25:74:92:f5:22:bc:d3:83:2f:08:33:75:67:b8:07:ee: 19:07:03:03:c8:bf:9a:47:83:ea:3a:39:75:69:9c:23:e7:80: a8:e6:b0:61:8b:d1:d5:c7:93:67:f2:b5:e1:34:0b:60:a3:7b: 3b:d0:35:9d:1a:97:f1:f1:31:e7:01:7c:b8:49:fe:75:52:32: 53:d5:a1:b7:8b:15:27:a2:34:d8:3f:c0:e2:b2:68:5f:5e:50: 17:5a:6d:05:b1:cd:7d:3b:08:83:98:f0:0d:95:53:68:a2:05: 80:42:b9:11:41:58:f0:8e:d8:2b:3c:f9:57:8d:85:34:3b:82: 51:95:29:4b:aa:4c:8b:7f:5d:b9:1c:60:e5:7e:fb:58:22:33: cb:4b:4e:f8:fd:e5:45:d8:1f:8c:3b:43:36:2a:1e:51:59:5b: ce:5f:32:74 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgISAZt/FXaoS5c40omJvNZY7ADyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRmM2ZkYzRiZjMzYmQ4MGZlMTI4ZDc1Njg0M2Y2MGIzOWQ1 YmVlZTMwHhcNMjYwMTAyMTQyMTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5YWJhMjVjMGFkOGEwYjRjM2MwZTQxMDkyMzM4YzUzZTc0ZmM2ODM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3NwbK+Ky0jfVTLExIIPLOv+aUSmV D8vzIdsHeyVkxflL9onzjOY5QkRNJFv4mvqf0Gy3gPLHGOgjuCF/CKS2EvsR0KtM hIY9nLzAhEfPzFUFU9SEuV7+fCzKjBekS6u6Myhb6db558+e80F8LjwVCKzvVxwl d50xsa/odOozk+tmA+i58cIQVIUXiQGRtRPz0DDphOMdQwFQjvfRVQdUSYEjwBk1 doQrAiFcWRBkze2NyYXXZ7CtK444nBJFY60Y6dJ3RrrQaqU2dAaz2M4+/VelIghG RoiM3w11ksVHmFSQt5H3NEy/5p6z3ESPWPnhgdhDm/LLLn9FJQjU0QORhwIDAQAB o4ICaTCCAmUwHQYDVR0OBBYEFJq6JcCtigtMPA5BCSM4xT50/Gg2MB8GA1UdIwQY MBaAFN8/3EvzO9gP4SjXVoQ/YLOdW+7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMt YTQ3M2VjNTQxMGMzLzEvbXJvbHdLMktDMHc4RGtFSkl6akZQblQ4YURZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMtYTQ3M2VjNTQxMGMz LzEvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAAjj/AwQA AjuXAwQABbXbAwQAHyjWAwQALQxYAwQALQxaAwQALUPfAwQAubdUAwQBubqSAwQA ucKUAwQBucniAwQAue74AwQAue76AwQAwQksAwQAwQkuAwQAwRaYAwQA1Gc+MA0G CSqGSIb3DQEBCwUAA4IBAQCJId9gymM53aR4eEf0e7+sngoTMJzukOwDWp/ZZgoz E/EA/VWqtnWiunszweSrdCBynwShSj6fiRLK76bs2tQMm1y3LW3stxxbn/FCjo0R UPz1ntP7/6akGPRIhCV0kvUivNODLwgzdWe4B+4ZBwMDyL+aR4PqOjl1aZwj54Co 5rBhi9HVx5Nn8rXhNAtgo3s70DWdGpfx8THnAXy4Sf51UjJT1aG3ixUnojTYP8Di smhfXlAXWm0Fsc19OwiDmPANlVNoogWAQrkRQVjwjtgrPPlXjYU0O4JRlSlLqkyL f125HGDlfvtYIjPLS074/eVF2B+MO0M2Kh5RWVvOXzJ0 -----END CERTIFICATE-----Generated at Tue Jan 20 06:04:29 2026 by rpki-client