This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/4db770-d7f5-4bcb-ba44-857712720a35/1/mb-aWZ5_d3ag789UTUZQ7IaflbA.roa File: mb-aWZ5_d3ag789UTUZQ7IaflbA.roa (raw, json) Hash identifier: hsap3kqEKhxhExKW9nXN0i5BJCJKmqUW77rfHPyUXL0= Subject key identifier: 99:BF:9A:59:9E:7F:77:76:A0:EF:CF:54:4D:46:50:EC:86:9F:95:B0 Certificate issuer: /CN=eab9a157e12a2ef717d13231af06fd85454b3151 Certificate serial: 019B77C6A76110AD2437FA8EDAB24D56E40D Authority key identifier: EA:B9:A1:57:E1:2A:2E:F7:17:D1:32:31:AF:06:FD:85:45:4B:31:51 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6rmhV-EqLvcX0TIxrwb9hUVLMVE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/4db770-d7f5-4bcb-ba44-857712720a35/1/mb-aWZ5_d3ag789UTUZQ7IaflbA.roa Signing time: Thu 01 Jan 2026 04:17:46 +0000 ROA not before: Thu 01 Jan 2026 04:17:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198622 IP address blocks: 37.157.0.0/21 maxlen: 24 185.84.60.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/4db770-d7f5-4bcb-ba44-857712720a35/1/6rmhV-EqLvcX0TIxrwb9hUVLMVE.crl rsync://rpki.ripe.net/repository/DEFAULT/e2/4db770-d7f5-4bcb-ba44-857712720a35/1/6rmhV-EqLvcX0TIxrwb9hUVLMVE.mft rsync://rpki.ripe.net/repository/DEFAULT/6rmhV-EqLvcX0TIxrwb9hUVLMVE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 09:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:a7:61:10:ad:24:37:fa:8e:da:b2:4d:56:e4:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=eab9a157e12a2ef717d13231af06fd85454b3151 Validity Not Before: Jan 1 04:17:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=99bf9a599e7f7776a0efcf544d4650ec869f95b0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:6a:94:9d:cd:7e:3f:0f:da:79:fb:4b:1a:ee: 62:81:ac:bc:07:d0:78:0e:44:44:cb:b8:7f:b4:66: 3b:c1:08:46:54:52:47:d1:9c:81:b0:bc:a2:5d:6d: e5:c4:16:aa:6b:b9:46:d6:24:72:96:27:e1:03:63: a4:9b:ff:fb:ba:33:34:2a:c6:6f:8d:63:ba:9a:37: 74:fc:19:66:74:23:cc:e9:8a:dc:6c:e7:72:3f:8e: 11:4e:a6:b1:cd:72:38:27:3e:13:82:1e:e0:a9:33: e1:3e:1b:b6:9f:49:c8:bf:3c:18:c9:ba:51:69:06: d9:23:7a:3b:fe:1e:54:e9:67:64:ee:89:a1:46:c7: ba:d5:57:74:fe:3d:05:4a:c2:fd:9b:0a:14:f6:72: 51:20:f7:a2:2c:fc:0d:37:ab:3b:a8:44:d9:5c:e1: b9:1b:84:91:9b:2e:da:b4:46:5e:58:05:e5:a6:c0: af:a4:30:bd:d6:82:7c:08:30:3f:61:02:a3:91:c2: e7:c6:e6:7e:6d:76:36:2c:87:29:7c:d1:b3:82:5d: 5b:b2:a0:3c:f8:e5:da:15:ca:a4:fa:3c:65:bd:53: 3d:fe:1c:2c:00:e5:6f:d7:40:7d:a3:33:2a:54:01: 32:9a:bc:58:a1:90:55:e4:f1:28:61:2c:1e:6a:0d: 61:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:BF:9A:59:9E:7F:77:76:A0:EF:CF:54:4D:46:50:EC:86:9F:95:B0 X509v3 Authority Key Identifier: keyid:EA:B9:A1:57:E1:2A:2E:F7:17:D1:32:31:AF:06:FD:85:45:4B:31:51 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6rmhV-EqLvcX0TIxrwb9hUVLMVE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/4db770-d7f5-4bcb-ba44-857712720a35/1/mb-aWZ5_d3ag789UTUZQ7IaflbA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/4db770-d7f5-4bcb-ba44-857712720a35/1/6rmhV-EqLvcX0TIxrwb9hUVLMVE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.157.0.0/21 185.84.60.0/22 Signature Algorithm: sha256WithRSAEncryption 9c:29:25:b2:0b:7f:c3:e3:88:ed:87:66:d8:4d:5d:23:f3:cb: 05:d5:dd:b0:1c:38:ea:87:3e:1b:48:30:83:c9:0e:be:e1:d1: 19:af:d2:36:3e:e2:0b:2f:81:9a:73:57:10:c0:bc:ed:8b:6f: 79:8a:4d:81:81:2b:ad:83:f0:9b:ed:a4:56:7f:cc:42:ec:66: f8:0e:2f:4a:d7:29:4b:4f:e8:24:79:51:bd:a4:3d:20:8d:c9: 4a:e6:8c:3d:4c:26:69:42:a5:6a:ed:c3:95:79:9f:03:b7:e6: 0c:24:c8:e3:a5:6a:db:2d:38:bb:04:33:c1:2d:90:73:3a:ad: 2c:43:81:d9:e9:05:e6:f6:66:a5:28:41:8c:84:82:f1:90:57: eb:f0:11:7f:29:63:e3:a0:68:f6:26:23:85:27:23:c1:ce:45: 14:97:40:6f:a2:95:52:56:dc:1b:86:a5:25:fa:9e:87:f7:9f: 8a:eb:1f:50:04:d7:31:77:c0:81:80:9c:60:b5:b0:b8:51:5d: cc:b3:b3:59:33:1e:7d:d9:0b:ce:2e:94:6f:01:fb:8d:ff:f2: 38:78:99:1f:46:e1:6a:aa:f0:ae:1e:1c:9b:51:75:61:49:73: 5f:62:90:12:99:e3:64:ae:35:60:53:9b:c3:54:21:a2:7b:26: 1c:dd:fb:b2 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt3xqdhEK0kN/qO2rJNVuQNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVhYjlhMTU3ZTEyYTJlZjcxN2QxMzIzMWFmMDZmZDg1NDU0 YjMxNTEwHhcNMjYwMTAxMDQxNzQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5OWJmOWE1OTllN2Y3Nzc2YTBlZmNmNTQ0ZDQ2NTBlYzg2OWY5NWIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWqUnc1+Pw/aeftLGu5igay8B9B4 DkREy7h/tGY7wQhGVFJH0ZyBsLyiXW3lxBaqa7lG1iRylifhA2Okm//7ujM0KsZv jWO6mjd0/BlmdCPM6YrcbOdyP44RTqaxzXI4Jz4Tgh7gqTPhPhu2n0nIvzwYybpR aQbZI3o7/h5U6Wdk7omhRse61Vd0/j0FSsL9mwoU9nJRIPeiLPwNN6s7qETZXOG5 G4SRmy7atEZeWAXlpsCvpDC91oJ8CDA/YQKjkcLnxuZ+bXY2LIcpfNGzgl1bsqA8 +OXaFcqk+jxlvVM9/hwsAOVv10B9ozMqVAEymrxYoZBV5PEoYSweag1h/QIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFJm/mlmef3d2oO/PVE1GUOyGn5WwMB8GA1UdIwQY MBaAFOq5oVfhKi73F9EyMa8G/YVFSzFRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNnJtaFYtRXFMdmNYMFRJeHJ3YjloVVZMTVZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi80ZGI3NzAtZDdmNS00YmNiLWJhNDQt ODU3NzEyNzIwYTM1LzEvbWItYVdaNV9kM2FnNzg5VVRVWlE3SWFmbGJBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMi80ZGI3NzAtZDdmNS00YmNiLWJhNDQtODU3NzEyNzIwYTM1 LzEvNnJtaFYtRXFMdmNYMFRJeHJ3YjloVVZMTVZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDJZ0AAwQC uVQ8MA0GCSqGSIb3DQEBCwUAA4IBAQCcKSWyC3/D44jth2bYTV0j88sF1d2wHDjq hz4bSDCDyQ6+4dEZr9I2PuILL4Gac1cQwLzti295ik2BgSutg/Cb7aRWf8xC7Gb4 Di9K1ylLT+gkeVG9pD0gjclK5ow9TCZpQqVq7cOVeZ8Dt+YMJMjjpWrbLTi7BDPB LZBzOq0sQ4HZ6QXm9malKEGMhILxkFfr8BF/KWPjoGj2JiOFJyPBzkUUl0BvopVS VtwbhqUl+p6H95+K6x9QBNcxd8CBgJxgtbC4UV3Ms7NZMx592QvOLpRvAfuN//I4 eJkfRuFqqvCuHhybUXVhSXNfYpASmeNkrjVgU5vDVCGieyYc3fuy -----END CERTIFICATE-----Generated at Thu Jan 1 15:53:52 2026 by rpki-client