This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MGSZDimx-uClkpNl4eILvS6s7io.roa File: MGSZDimx-uClkpNl4eILvS6s7io.roa (raw, json) Hash identifier: YrCIf3novbb9Hrm3e5KiqAqn6/7zUqQTPEV7oqLvXho= Subject key identifier: 30:64:99:0E:29:B1:FA:E0:A5:92:93:65:E1:E2:0B:BD:2E:AC:EE:2A Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Certificate serial: 019B7D5CF6E818CA8F993D71E7EFF1E7EF6A Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MGSZDimx-uClkpNl4eILvS6s7io.roa Signing time: Fri 02 Jan 2026 06:20:03 +0000 ROA not before: Fri 02 Jan 2026 06:20:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203943 IP address blocks: 2a0e:b107:5a1::/48 maxlen: 48 2a0e:b107:5a2::/48 maxlen: 48 2a0e:b107:5a3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:f6:e8:18:ca:8f:99:3d:71:e7:ef:f1:e7:ef:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Validity Not Before: Jan 2 06:20:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3064990e29b1fae0a5929365e1e20bbd2eacee2a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:65:4c:99:21:c6:02:79:e7:f2:cd:29:e2:df: df:87:93:5b:bf:e4:20:0b:da:6d:26:37:eb:6c:eb: 10:34:10:49:63:a5:01:92:b7:42:cd:c6:dc:ee:4f: 57:ec:2b:47:97:8e:e3:47:8a:6c:82:a7:12:d6:e4: 92:32:57:f6:58:2d:78:3d:e2:22:7e:d3:0f:04:20: 32:bd:72:0e:75:02:c5:7b:dc:22:c1:c5:4b:ae:ff: 02:f4:16:31:fb:f8:43:42:3f:6e:0d:17:7f:94:93: 85:ea:a7:ed:b3:96:8c:c2:55:be:fc:af:84:5e:66: 61:f5:25:dc:79:c7:cc:9a:52:fe:dd:9a:68:a1:d2: 14:77:e2:c4:e8:89:99:79:20:62:27:2b:31:ef:85: 70:51:c9:22:d8:15:7e:ce:25:18:5a:ae:13:5b:4b: 23:2a:01:b8:9a:54:2e:14:7e:39:be:95:11:36:79: 38:13:0f:f7:ca:08:07:6a:72:25:ee:ce:76:1d:78: 0b:5f:13:78:aa:db:10:6b:60:ae:02:2c:62:b8:27: d0:4f:95:55:74:c1:6d:83:5c:85:f7:5b:b4:4f:79: 1d:bf:1b:94:9a:92:4c:98:f6:c6:b9:d2:33:18:f1: ad:14:bb:bb:b2:bd:9d:62:cf:ea:74:a2:49:04:95: 23:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:64:99:0E:29:B1:FA:E0:A5:92:93:65:E1:E2:0B:BD:2E:AC:EE:2A X509v3 Authority Key Identifier: keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MGSZDimx-uClkpNl4eILvS6s7io.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0e:b107:5a1::-2a0e:b107:5a3:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 7c:09:c0:ac:9b:b9:58:15:84:22:95:3e:37:75:0c:09:60:9b: 2b:73:12:fd:05:5f:a1:6c:aa:44:06:b9:8b:f1:b7:a1:fb:97: 69:bf:18:1c:f1:c4:95:d7:4d:48:7c:b5:58:ba:92:9e:10:19: 44:1b:40:08:f9:7a:a8:c7:49:73:b0:a7:63:63:85:90:43:fb: 50:e1:2f:75:df:dd:bb:b1:11:0d:43:93:7e:e2:c9:40:17:c2: 83:37:c6:05:cc:00:90:14:ba:d0:b4:94:60:50:b1:eb:8e:a9: 7f:0f:d8:e3:45:84:e3:c5:6c:24:40:f9:ef:81:f0:59:5c:fd: 8c:8f:d2:5f:19:33:6a:03:f4:4d:a9:5f:b2:ab:27:df:54:94: bb:d7:22:c4:86:8e:a0:60:74:04:bd:87:84:bd:d5:ab:b7:ed: 24:4d:ee:61:8b:b6:74:af:88:f0:b9:7d:26:68:06:fb:c6:f3: ee:a5:2c:ee:9b:ab:92:b0:42:03:5a:53:fe:bf:39:23:97:02: 7c:c8:6f:c5:8f:5d:8b:5d:e1:67:58:f8:e9:0b:00:aa:36:db: 94:6a:d5:e6:24:82:99:e8:98:73:df:c0:cd:b5:91:56:21:e8: 08:30:ce:93:66:cb:34:13:c3:cc:b7:b7:58:40:5e:e0:bd:cf: e3:12:30:c4 -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt9XPboGMqPmT1x5+/x5+9qMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw ZmFkOWIwHhcNMjYwMTAyMDYyMDAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMDY0OTkwZTI5YjFmYWUwYTU5MjkzNjVlMWUyMGJiZDJlYWNlZTJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWVMmSHGAnnn8s0p4t/fh5Nbv+Qg C9ptJjfrbOsQNBBJY6UBkrdCzcbc7k9X7CtHl47jR4psgqcS1uSSMlf2WC14PeIi ftMPBCAyvXIOdQLFe9wiwcVLrv8C9BYx+/hDQj9uDRd/lJOF6qfts5aMwlW+/K+E XmZh9SXcecfMmlL+3ZpoodIUd+LE6ImZeSBiJysx74VwUcki2BV+ziUYWq4TW0sj KgG4mlQuFH45vpURNnk4Ew/3yggHanIl7s52HXgLXxN4qtsQa2CuAixiuCfQT5VV dMFtg1yF91u0T3kdvxuUmpJMmPbGudIzGPGtFLu7sr2dYs/qdKJJBJUjUQIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFDBkmQ4psfrgpZKTZeHiC70urO4qMB8GA1UdIwQY MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt ZGM1ZWM3NDhmNmE1LzEvTUdTWkRpbXgtdUNsa3BObDRlSUx2UzZzN2lvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1 LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqDrEH BaEDBwIqDrEHBaAwDQYJKoZIhvcNAQELBQADggEBAHwJwKybuVgVhCKVPjd1DAlg mytzEv0FX6FsqkQGuYvxt6H7l2m/GBzxxJXXTUh8tVi6kp4QGUQbQAj5eqjHSXOw p2NjhZBD+1DhL3Xf3buxEQ1Dk37iyUAXwoM3xgXMAJAUutC0lGBQseuOqX8P2ONF hOPFbCRA+e+B8Flc/YyP0l8ZM2oD9E2pX7KrJ99UlLvXIsSGjqBgdAS9h4S91au3 7SRN7mGLtnSviPC5fSZoBvvG8+6lLO6bq5KwQgNaU/6/OSOXAnzIb8WPXYtd4WdY +OkLAKo225Rq1eYkgpnomHPfwM21kVYh6AgwzpNmyzQTw8y3t1hAXuC9z+MSMMQ= -----END CERTIFICATE-----Generated at Sun Jan 11 23:53:55 2026 by rpki-client