This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/McPz5S5PBhTWxGifH8fs1_NS2jU.roa File: McPz5S5PBhTWxGifH8fs1_NS2jU.roa (raw, json) Hash identifier: KEIARx1I4vqfMuZP+WJZ2f9AE00BEAWPF5jqTraiMB4= Subject key identifier: 31:C3:F3:E5:2E:4F:06:14:D6:C4:68:9F:1F:C7:EC:D7:F3:52:DA:35 Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba Certificate serial: 019B7AC78AA3FA3969CC00AD6315897EE497 Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/McPz5S5PBhTWxGifH8fs1_NS2jU.roa Signing time: Thu 01 Jan 2026 18:17:36 +0000 ROA not before: Thu 01 Jan 2026 18:17:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39074 IP address blocks: 5.202.136.0/22 maxlen: 22 5.202.136.0/23 maxlen: 23 5.202.136.0/24 maxlen: 24 5.202.137.0/24 maxlen: 24 5.202.138.0/23 maxlen: 23 5.202.138.0/24 maxlen: 24 5.202.139.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.mft rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:8a:a3:fa:39:69:cc:00:ad:63:15:89:7e:e4:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba Validity Not Before: Jan 1 18:17:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=31c3f3e52e4f0614d6c4689f1fc7ecd7f352da35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:3a:d5:59:e7:21:00:9f:9c:4b:cc:89:99:88: 03:98:48:bb:40:ae:18:9a:95:19:4e:79:e7:f0:b2: 5f:8f:01:e3:1a:ab:23:fa:c5:9f:e1:2f:8b:1a:05: 98:0a:d9:40:b4:00:bf:d0:b4:2a:e9:ad:da:63:a7: 48:37:74:3b:5a:67:76:9e:e8:45:9f:a6:13:4c:68: 1b:fc:05:3a:ab:f7:a5:ed:4a:89:b1:a7:ac:82:4c: 01:31:91:c7:5f:1f:4d:59:4b:04:fb:a5:87:f8:fa: 52:74:18:3a:e9:ea:9e:d2:9e:0d:94:b1:c9:27:78: 8b:76:a9:a3:b1:b5:40:d5:58:28:fc:4b:f8:7e:83: 70:3a:3c:9c:a6:ec:db:82:56:f3:de:fe:3a:a5:91: 1a:1f:4a:83:7f:71:75:ae:14:5b:87:2b:b3:42:4c: e2:da:28:aa:1f:47:d2:46:13:af:f2:30:60:29:21: 76:c0:b9:a5:e3:83:05:4a:04:3f:56:cb:b4:3d:c6: c6:a9:7b:a3:e5:68:5e:ef:7f:dd:f1:68:54:26:0f: 58:4a:a1:44:1e:48:41:ed:26:09:f1:25:bb:4a:e9: ff:69:8d:2b:67:cf:09:38:12:2d:1b:46:6e:91:35: 96:0b:fc:42:fb:67:6f:ed:89:3c:37:02:93:ec:3f: b9:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:C3:F3:E5:2E:4F:06:14:D6:C4:68:9F:1F:C7:EC:D7:F3:52:DA:35 X509v3 Authority Key Identifier: keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/McPz5S5PBhTWxGifH8fs1_NS2jU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.202.136.0/22 Signature Algorithm: sha256WithRSAEncryption a4:20:6e:38:be:2d:9e:4c:d7:2a:e1:75:2f:1f:33:e2:59:26: 88:ca:25:aa:c8:f5:32:47:49:d6:49:0a:74:36:08:f0:43:8c: c0:6f:4c:69:ff:8d:c1:b1:8c:ee:19:4b:e2:90:e8:d5:c3:60: 56:32:e3:70:5a:f1:52:a0:34:31:e8:6b:1f:ec:cd:9f:d6:3b: 66:3e:62:62:e7:ae:e3:76:97:e3:b0:2e:53:57:49:6f:12:f4: 86:91:fd:bf:59:38:66:7f:64:6e:29:2d:82:5a:c0:33:84:8a: d8:6d:a3:e3:41:54:a8:99:eb:cb:b9:61:31:bc:2c:94:7c:d9: 52:aa:c1:67:4c:8e:e7:6f:56:cf:1e:63:80:64:7a:90:5f:58: 8c:39:19:22:96:eb:8d:0a:0d:ab:7a:ca:08:44:0e:51:56:53: ba:64:57:8a:ba:4a:6c:14:69:35:dd:8d:be:fa:49:e2:65:3f: 66:d4:ad:81:af:b1:88:f9:50:aa:8e:b7:0a:5d:54:70:0e:ee: 62:00:45:31:03:12:b8:db:84:d1:92:82:40:e4:64:50:7f:59: d5:68:a7:8c:b2:4e:91:35:a6:ec:32:6f:6f:5d:a8:30:26:f6: 4e:a6:fc:b8:61:55:a2:ba:a6:99:51:9d:eb:f6:db:ed:89:f1: 72:f6:44:66 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6x4qj+jlpzACtYxWJfuSXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1 OTVlYmEwHhcNMjYwMTAxMTgxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMWMzZjNlNTJlNGYwNjE0ZDZjNDY4OWYxZmM3ZWNkN2YzNTJkYTM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzrVWechAJ+cS8yJmYgDmEi7QK4Y mpUZTnnn8LJfjwHjGqsj+sWf4S+LGgWYCtlAtAC/0LQq6a3aY6dIN3Q7Wmd2nuhF n6YTTGgb/AU6q/el7UqJsaesgkwBMZHHXx9NWUsE+6WH+PpSdBg66eqe0p4NlLHJ J3iLdqmjsbVA1Vgo/Ev4foNwOjycpuzbglbz3v46pZEaH0qDf3F1rhRbhyuzQkzi 2iiqH0fSRhOv8jBgKSF2wLml44MFSgQ/Vsu0PcbGqXuj5Whe73/d8WhUJg9YSqFE HkhB7SYJ8SW7Sun/aY0rZ88JOBItG0ZukTWWC/xC+2dv7Yk8NwKT7D+5PwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFDHD8+UuTwYU1sRonx/H7NfzUto1MB8GA1UdIwQY MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt MTA5ODJlMDQwZDUzLzEvTWNQejVTNVBCaFRXeEdpZkg4ZnMxX05TMmpVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBcqIMA0G CSqGSIb3DQEBCwUAA4IBAQCkIG44vi2eTNcq4XUvHzPiWSaIyiWqyPUyR0nWSQp0 NgjwQ4zAb0xp/43BsYzuGUvikOjVw2BWMuNwWvFSoDQx6Gsf7M2f1jtmPmJi567j dpfjsC5TV0lvEvSGkf2/WThmf2RuKS2CWsAzhIrYbaPjQVSomevLuWExvCyUfNlS qsFnTI7nb1bPHmOAZHqQX1iMORkiluuNCg2resoIRA5RVlO6ZFeKukpsFGk13Y2+ +kniZT9m1K2Br7GI+VCqjrcKXVRwDu5iAEUxAxK424TRkoJA5GRQf1nVaKeMsk6R NabsMm9vXagwJvZOpvy4YVWiuqaZUZ3r9tvtifFy9kRm -----END CERTIFICATE-----Generated at Sun Jan 11 23:53:49 2026 by rpki-client