This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/db6231-3a7a-484d-8bee-3b8d8b76b7f6/1/Mg9CIEP-XkNK3HjRwB4U97AixZM.roa File: Mg9CIEP-XkNK3HjRwB4U97AixZM.roa (raw, json) Hash identifier: QNXNP032rfC9FKERXA++HNZyYYvFs9+9TJ5FNJnFvfQ= Subject key identifier: 32:0F:42:20:43:FE:5E:43:4A:DC:78:D1:C0:1E:14:F7:B0:22:C5:93 Certificate issuer: /CN=29ff15581bb904f1b90538742118b01f9efaa662 Certificate serial: 019B7F83F54B63736509C5956407F412D585 Authority key identifier: 29:FF:15:58:1B:B9:04:F1:B9:05:38:74:21:18:B0:1F:9E:FA:A6:62 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kf8VWBu5BPG5BTh0IRiwH576pmI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/db6231-3a7a-484d-8bee-3b8d8b76b7f6/1/Mg9CIEP-XkNK3HjRwB4U97AixZM.roa Signing time: Fri 02 Jan 2026 16:21:53 +0000 ROA not before: Fri 02 Jan 2026 16:21:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60587 IP address blocks: 91.223.91.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/db6231-3a7a-484d-8bee-3b8d8b76b7f6/1/Kf8VWBu5BPG5BTh0IRiwH576pmI.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/db6231-3a7a-484d-8bee-3b8d8b76b7f6/1/Kf8VWBu5BPG5BTh0IRiwH576pmI.mft rsync://rpki.ripe.net/repository/DEFAULT/Kf8VWBu5BPG5BTh0IRiwH576pmI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 01:01:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:f5:4b:63:73:65:09:c5:95:64:07:f4:12:d5:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29ff15581bb904f1b90538742118b01f9efaa662 Validity Not Before: Jan 2 16:21:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=320f422043fe5e434adc78d1c01e14f7b022c593 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:5d:75:14:14:28:27:2e:81:0b:6f:9a:d4:69: c6:ce:83:1d:7c:a4:a8:12:da:5b:d0:f8:37:56:2a: 3a:e0:05:bb:51:6f:4b:59:26:2b:9d:0a:cd:3f:e6: d2:76:8b:94:e6:a4:85:81:7e:57:42:79:cd:de:73: 55:df:3d:13:06:18:74:3d:6e:38:ef:b0:6a:46:3e: 72:e6:21:da:3b:71:1f:8f:dc:14:f0:de:fc:12:8e: 88:00:0f:7b:d8:f7:99:87:8e:49:84:9a:0d:f7:fc: 66:b1:32:4d:7b:43:97:85:49:6f:b0:cd:f4:37:fc: 8d:0b:00:c5:8d:93:4c:90:09:4b:97:d1:d3:40:f0: 2c:e3:59:2c:42:42:39:de:f4:83:e9:cd:85:30:48: 90:d2:f4:7f:ba:fb:3e:9b:4d:4f:fe:5f:49:a4:d0: 56:7b:a5:6b:3e:38:fc:91:34:42:4c:87:07:6d:3f: 45:94:a8:c2:41:0f:fd:0d:2a:28:ea:b1:d9:e4:59: b0:70:62:54:c7:18:5a:d2:dd:30:f8:91:0f:33:eb: 4f:f0:fa:af:f7:c2:3a:a0:74:92:f4:30:60:58:dc: c9:68:e6:99:a0:09:de:89:36:67:3c:74:3d:6a:18: 00:5f:a3:be:a5:db:88:3e:70:82:a5:d4:c5:c1:a6: b0:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:0F:42:20:43:FE:5E:43:4A:DC:78:D1:C0:1E:14:F7:B0:22:C5:93 X509v3 Authority Key Identifier: keyid:29:FF:15:58:1B:B9:04:F1:B9:05:38:74:21:18:B0:1F:9E:FA:A6:62 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kf8VWBu5BPG5BTh0IRiwH576pmI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/db6231-3a7a-484d-8bee-3b8d8b76b7f6/1/Mg9CIEP-XkNK3HjRwB4U97AixZM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/db6231-3a7a-484d-8bee-3b8d8b76b7f6/1/Kf8VWBu5BPG5BTh0IRiwH576pmI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.223.91.0/24 Signature Algorithm: sha256WithRSAEncryption 14:99:fa:ae:40:f0:2a:77:ee:fd:87:10:7e:db:ff:40:b8:f9: 4e:2b:9b:ee:96:43:29:5a:40:f1:c0:36:b0:85:0e:58:37:6b: 47:70:c2:e7:a0:fa:ff:45:17:50:0d:7e:77:39:a9:6a:ba:9b: 3e:59:68:6f:cb:6d:4f:70:84:fb:55:9d:1c:e0:b0:dd:32:58: 60:8b:4b:7d:86:12:1d:b8:a6:31:8d:dc:0a:22:63:5d:5a:8a: d6:e1:f3:89:42:ce:eb:ca:db:c0:10:e8:0c:3d:49:de:14:ac: d4:fd:dd:9d:c3:0f:14:91:bd:eb:d1:bd:5f:5d:e5:b5:a0:43: 44:27:32:46:37:8e:01:04:e6:e0:f1:2e:67:95:e1:4c:b3:5b: ef:4d:c0:a0:75:34:f9:ae:f4:63:0d:49:e8:97:07:0e:5e:0f: c9:ee:51:53:11:cf:0b:d2:e4:82:aa:da:f8:fa:86:4e:01:19: 73:11:fa:c4:8a:60:8d:c5:54:41:00:4d:47:12:13:a6:40:f8: d1:db:af:c8:b1:50:07:d1:2e:a7:3f:4c:a4:27:05:29:02:fd: 35:17:fc:41:cc:d9:10:94:5c:ce:02:24:da:c1:e7:8d:bc:f2: c6:de:74:49:04:63:78:2a:b3:2e:0b:ca:5c:12:ba:52:c0:46: 5d:ae:d6:5a -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/g/VLY3NlCcWVZAf0EtWFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5ZmYxNTU4MWJiOTA0ZjFiOTA1Mzg3NDIxMThiMDFmOWVm YWE2NjIwHhcNMjYwMTAyMTYyMTUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMjBmNDIyMDQzZmU1ZTQzNGFkYzc4ZDFjMDFlMTRmN2IwMjJjNTkzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj111FBQoJy6BC2+a1GnGzoMdfKSo Etpb0Pg3Vio64AW7UW9LWSYrnQrNP+bSdouU5qSFgX5XQnnN3nNV3z0TBhh0PW44 77BqRj5y5iHaO3Efj9wU8N78Eo6IAA972PeZh45JhJoN9/xmsTJNe0OXhUlvsM30 N/yNCwDFjZNMkAlLl9HTQPAs41ksQkI53vSD6c2FMEiQ0vR/uvs+m01P/l9JpNBW e6VrPjj8kTRCTIcHbT9FlKjCQQ/9DSoo6rHZ5FmwcGJUxxha0t0w+JEPM+tP8Pqv 98I6oHSS9DBgWNzJaOaZoAneiTZnPHQ9ahgAX6O+pduIPnCCpdTFwaawgQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFDIPQiBD/l5DStx40cAeFPewIsWTMB8GA1UdIwQY MBaAFCn/FVgbuQTxuQU4dCEYsB+e+qZiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2Y4VldCdTVCUEc1QlRoMElSaXdINTc2cG1JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9kYjYyMzEtM2E3YS00ODRkLThiZWUt M2I4ZDhiNzZiN2Y2LzEvTWc5Q0lFUC1Ya05LM0hqUndCNFU5N0FpeFpNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy9kYjYyMzEtM2E3YS00ODRkLThiZWUtM2I4ZDhiNzZiN2Y2 LzEvS2Y4VldCdTVCUEc1QlRoMElSaXdINTc2cG1JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW99bMA0G CSqGSIb3DQEBCwUAA4IBAQAUmfquQPAqd+79hxB+2/9AuPlOK5vulkMpWkDxwDaw hQ5YN2tHcMLnoPr/RRdQDX53Oalqups+WWhvy21PcIT7VZ0c4LDdMlhgi0t9hhId uKYxjdwKImNdWorW4fOJQs7rytvAEOgMPUneFKzU/d2dww8Ukb3r0b1fXeW1oENE JzJGN44BBObg8S5nleFMs1vvTcCgdTT5rvRjDUnolwcOXg/J7lFTEc8L0uSCqtr4 +oZOARlzEfrEimCNxVRBAE1HEhOmQPjR26/IsVAH0S6nP0ykJwUpAv01F/xBzNkQ lFzOAiTaweeNvPLG3nRJBGN4KrMuC8pcErpSwEZdrtZa -----END CERTIFICATE-----Generated at Mon Jan 12 12:27:13 2026 by rpki-client