This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/ac0385-2090-4704-8e01-3e62e9e78906/1/mGKvGN6mzAi9Xi9OgEnQnIpovsQ.roa File: mGKvGN6mzAi9Xi9OgEnQnIpovsQ.roa (raw, json) Hash identifier: AZAga0gvOyoyk29F5YS9oe0dyqX933PqnZoBR7aFkQw= Subject key identifier: 98:62:AF:18:DE:A6:CC:08:BD:5E:2F:4E:80:49:D0:9C:8A:68:BE:C4 Certificate issuer: /CN=f572325d2d21974669c488f9ebaa6bbb92cd5fed Certificate serial: 019B775934E46C6B0014C4BCE028B9E36445 Authority key identifier: F5:72:32:5D:2D:21:97:46:69:C4:88:F9:EB:AA:6B:BB:92:CD:5F:ED Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9XIyXS0hl0ZpxIj566pru5LNX-0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/ac0385-2090-4704-8e01-3e62e9e78906/1/mGKvGN6mzAi9Xi9OgEnQnIpovsQ.roa Signing time: Thu 01 Jan 2026 02:18:13 +0000 ROA not before: Thu 01 Jan 2026 02:18:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 2107 IP address blocks: 193.138.1.0/24 maxlen: 24 193.138.2.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/ac0385-2090-4704-8e01-3e62e9e78906/1/9XIyXS0hl0ZpxIj566pru5LNX-0.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/ac0385-2090-4704-8e01-3e62e9e78906/1/9XIyXS0hl0ZpxIj566pru5LNX-0.mft rsync://rpki.ripe.net/repository/DEFAULT/9XIyXS0hl0ZpxIj566pru5LNX-0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 08:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:34:e4:6c:6b:00:14:c4:bc:e0:28:b9:e3:64:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f572325d2d21974669c488f9ebaa6bbb92cd5fed Validity Not Before: Jan 1 02:18:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9862af18dea6cc08bd5e2f4e8049d09c8a68bec4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:7a:e4:40:75:95:b9:96:ad:a5:98:54:c6:fc: fc:b0:32:74:b4:0e:2a:2a:86:36:e9:2a:65:4a:05: 70:ae:2a:47:09:cf:2e:06:a8:a7:0c:1e:fd:2f:3f: d5:3c:01:7b:e6:e8:49:99:c2:da:72:0d:ab:7a:0c: 43:87:6a:bd:21:de:a0:d6:d4:ef:96:5c:10:92:c8: 0c:27:40:36:e3:4a:74:86:5c:0b:9a:1d:e0:d8:be: a8:80:91:b3:f5:90:44:bb:99:3a:91:07:78:64:64: 3e:21:f0:06:dc:cc:34:2c:3f:4d:86:c2:a4:2d:5c: c5:ec:f1:9a:d6:9c:29:7c:ea:07:99:ed:75:f0:d7: 6e:31:ed:59:bc:68:af:c2:a4:ea:16:c8:c7:59:d8: 0b:8c:dc:8d:73:d4:13:42:fe:88:7a:53:97:5e:42: 78:48:2a:09:de:7e:c7:76:dc:64:fe:71:dc:4c:16: 93:08:59:6d:ee:d4:71:e0:ce:c2:88:5f:f0:e4:0f: 86:28:69:04:4d:62:0e:c8:8c:b6:a7:2c:b2:0e:16: 84:21:16:33:3e:24:0e:c1:9c:68:93:df:8d:9f:55: 11:70:0a:ca:b5:e6:ca:42:64:82:a3:00:27:af:3c: 62:0e:80:81:7a:01:29:f2:e8:fa:39:4e:07:45:4e: 09:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:62:AF:18:DE:A6:CC:08:BD:5E:2F:4E:80:49:D0:9C:8A:68:BE:C4 X509v3 Authority Key Identifier: keyid:F5:72:32:5D:2D:21:97:46:69:C4:88:F9:EB:AA:6B:BB:92:CD:5F:ED X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XIyXS0hl0ZpxIj566pru5LNX-0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ac0385-2090-4704-8e01-3e62e9e78906/1/mGKvGN6mzAi9Xi9OgEnQnIpovsQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ac0385-2090-4704-8e01-3e62e9e78906/1/9XIyXS0hl0ZpxIj566pru5LNX-0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.138.1.0-193.138.2.255 Signature Algorithm: sha256WithRSAEncryption 6c:10:9d:8a:cf:dc:c5:30:5f:77:da:82:44:b3:8a:90:bf:e4: 7d:9e:ce:2d:f0:8d:92:53:5d:a7:b5:83:a1:c7:78:7c:be:70: a8:ea:ea:17:37:44:ef:96:83:53:3d:d1:90:c0:01:b9:35:fc: de:a4:ab:15:1d:26:ea:12:87:52:d7:5e:f9:0e:5f:f6:c7:bb: 7f:65:94:b4:04:30:0f:88:9f:bf:f6:aa:f7:80:41:99:77:b8: 0f:21:cf:c0:e3:f3:de:a4:6f:4d:86:52:7b:19:f7:0b:3c:32: 80:1a:e6:04:ce:eb:4f:b2:61:23:f7:44:e4:4a:6c:2b:77:08: 3f:98:ef:81:ba:ec:a2:3a:1b:06:a2:8e:41:ce:f6:bc:a9:ac: 71:49:a7:9c:5f:bd:14:e9:e4:a0:31:50:54:f7:de:72:73:12: 22:7b:2b:39:26:26:4c:be:5c:e5:2f:b4:14:cd:89:1d:89:14: e3:c1:2d:3c:dd:be:73:b0:a3:d6:73:b6:12:32:b2:4a:52:fe: ed:62:0f:7f:41:06:2e:d5:13:10:51:ce:ae:ff:e1:81:86:16: af:c0:2f:86:02:32:71:58:50:f6:92:91:a0:b0:8e:63:75:43: 38:17:15:81:7a:4b:85:07:da:46:08:e9:33:38:d4:18:0f:bf: 57:a7:35:ae -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt3WTTkbGsAFMS84Ci542RFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY1NzIzMjVkMmQyMTk3NDY2OWM0ODhmOWViYWE2YmJiOTJj ZDVmZWQwHhcNMjYwMTAxMDIxODEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ODYyYWYxOGRlYTZjYzA4YmQ1ZTJmNGU4MDQ5ZDA5YzhhNjhiZWM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3XrkQHWVuZatpZhUxvz8sDJ0tA4q KoY26SplSgVwripHCc8uBqinDB79Lz/VPAF75uhJmcLacg2regxDh2q9Id6g1tTv llwQksgMJ0A240p0hlwLmh3g2L6ogJGz9ZBEu5k6kQd4ZGQ+IfAG3Mw0LD9NhsKk LVzF7PGa1pwpfOoHme118NduMe1ZvGivwqTqFsjHWdgLjNyNc9QTQv6IelOXXkJ4 SCoJ3n7Hdtxk/nHcTBaTCFlt7tRx4M7CiF/w5A+GKGkETWIOyIy2pyyyDhaEIRYz PiQOwZxok9+Nn1URcArKtebKQmSCowAnrzxiDoCBegEp8uj6OU4HRU4JnQIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFJhirxjepswIvV4vToBJ0JyKaL7EMB8GA1UdIwQY MBaAFPVyMl0tIZdGacSI+euqa7uSzV/tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOVhJeVhTMGhsMFpweElqNTY2cHJ1NUxOWC0wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9hYzAzODUtMjA5MC00NzA0LThlMDEt M2U2MmU5ZTc4OTA2LzEvbUdLdkdONm16QWk5WGk5T2dFblFuSXBvdnNRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy9hYzAzODUtMjA5MC00NzA0LThlMDEtM2U2MmU5ZTc4OTA2 LzEvOVhJeVhTMGhsMFpweElqNTY2cHJ1NUxOWC0wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADBigED BADBigIwDQYJKoZIhvcNAQELBQADggEBAGwQnYrP3MUwX3fagkSzipC/5H2ezi3w jZJTXae1g6HHeHy+cKjq6hc3RO+Wg1M90ZDAAbk1/N6kqxUdJuoSh1LXXvkOX/bH u39llLQEMA+In7/2qveAQZl3uA8hz8Dj896kb02GUnsZ9ws8MoAa5gTO60+yYSP3 RORKbCt3CD+Y74G67KI6GwaijkHO9ryprHFJp5xfvRTp5KAxUFT33nJzEiJ7Kzkm Jky+XOUvtBTNiR2JFOPBLTzdvnOwo9ZzthIyskpS/u1iD39BBi7VExBRzq7/4YGG Fq/AL4YCMnFYUPaSkaCwjmN1QzgXFYF6S4UH2kYI6TM41BgPv1enNa4= -----END CERTIFICATE-----Generated at Mon Jan 12 15:46:15 2026 by rpki-client