This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/046ffe-05eb-4c8c-8545-02483e6482cb/1/A5tB2m_AKkFH2MRYLSZP1qj6r7Y.roa File: A5tB2m_AKkFH2MRYLSZP1qj6r7Y.roa (raw, json) Hash identifier: JU4CZpqlBacShwjyBoLo9X21T9K67+NvyzH3SwXTo+Y= Subject key identifier: 03:9B:41:DA:6F:C0:2A:41:47:D8:C4:58:2D:26:4F:D6:A8:FA:AF:B6 Certificate issuer: /CN=68f43b5bbcc4962806ea9322ec292e9b66ddccc5 Certificate serial: 019B7C80091CA86FD81BC9E516AA053DB78F Authority key identifier: 68:F4:3B:5B:BC:C4:96:28:06:EA:93:22:EC:29:2E:9B:66:DD:CC:C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aPQ7W7zEligG6pMi7Ckum2bdzMU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/046ffe-05eb-4c8c-8545-02483e6482cb/1/A5tB2m_AKkFH2MRYLSZP1qj6r7Y.roa Signing time: Fri 02 Jan 2026 02:18:44 +0000 ROA not before: Fri 02 Jan 2026 02:18:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213312 IP address blocks: 104.204.244.0/22 maxlen: 22 104.204.245.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/046ffe-05eb-4c8c-8545-02483e6482cb/1/aPQ7W7zEligG6pMi7Ckum2bdzMU.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/046ffe-05eb-4c8c-8545-02483e6482cb/1/aPQ7W7zEligG6pMi7Ckum2bdzMU.mft rsync://rpki.ripe.net/repository/DEFAULT/aPQ7W7zEligG6pMi7Ckum2bdzMU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:09:1c:a8:6f:d8:1b:c9:e5:16:aa:05:3d:b7:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68f43b5bbcc4962806ea9322ec292e9b66ddccc5 Validity Not Before: Jan 2 02:18:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=039b41da6fc02a4147d8c4582d264fd6a8faafb6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:d4:6a:95:3f:f6:b6:37:57:4c:cd:69:29:55: 8b:70:54:92:2f:54:ac:9b:0d:3a:ed:29:e2:06:f4: e9:99:0b:90:e8:c6:94:d9:b6:76:47:29:b5:2e:d3: db:ab:d9:b7:c2:06:fb:bb:bf:98:4e:f0:cc:50:26: 2b:22:5b:f9:1a:14:5a:2b:98:f9:8e:1c:84:db:fd: 7e:03:92:f5:7c:3b:3f:9b:46:9d:28:06:fd:85:83: 2f:7b:6a:3e:8f:86:b0:94:2c:5c:f2:fc:2b:d4:d0: 42:89:06:c5:76:c0:92:5f:23:73:fe:1c:13:6b:ca: bd:a6:13:10:f5:8a:e0:20:6e:9b:a1:7e:a9:95:dd: b4:97:2d:c0:36:b4:fc:69:0d:6f:b6:c1:d7:ef:22: f6:f8:04:74:1a:e2:9d:e8:e2:04:56:93:ca:f1:0f: 54:38:99:f6:4c:8c:01:4a:78:27:33:57:f6:ca:fa: ff:20:3e:20:45:df:ba:6a:c4:cd:ff:f5:27:3d:ff: 3b:95:88:b4:1e:fa:1f:c1:7d:2c:1a:57:90:9d:4c: 24:1f:a7:20:f0:c9:8b:76:4c:26:57:c4:28:33:32: 8f:9e:72:26:84:27:b5:92:23:c3:b9:e3:18:21:82: 3d:f7:9c:be:d0:2e:4b:8f:37:35:0e:19:4a:b5:26: a2:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:9B:41:DA:6F:C0:2A:41:47:D8:C4:58:2D:26:4F:D6:A8:FA:AF:B6 X509v3 Authority Key Identifier: keyid:68:F4:3B:5B:BC:C4:96:28:06:EA:93:22:EC:29:2E:9B:66:DD:CC:C5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPQ7W7zEligG6pMi7Ckum2bdzMU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/046ffe-05eb-4c8c-8545-02483e6482cb/1/A5tB2m_AKkFH2MRYLSZP1qj6r7Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/046ffe-05eb-4c8c-8545-02483e6482cb/1/aPQ7W7zEligG6pMi7Ckum2bdzMU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 104.204.244.0/22 Signature Algorithm: sha256WithRSAEncryption 85:28:50:29:0f:ae:df:bf:d3:a2:63:b5:f5:46:06:1c:85:51: b4:c5:67:03:ad:f3:eb:4f:84:4f:e4:84:dc:dd:73:19:36:e9: 35:a8:0f:dd:3b:04:9b:f2:a8:92:cf:cc:b5:21:e5:90:eb:34: f1:17:9c:17:60:f7:da:24:8e:ef:3a:5b:74:26:42:0e:2e:5d: 0b:d8:f4:36:f5:09:08:91:5a:f3:eb:bd:32:d6:18:58:27:43: f0:61:0b:4f:f1:9e:88:09:8c:24:e2:e2:66:4e:fe:7f:25:ce: 46:99:08:e8:a5:2a:85:41:cb:80:51:d0:4a:ff:7d:ab:77:99: 1e:0a:72:cf:d9:7d:58:cb:50:a8:2e:6d:1f:bd:96:86:4a:58: 4b:20:3c:97:c7:d0:8b:8f:6c:b1:f9:97:66:51:b8:41:e0:aa: 7e:05:0f:c0:70:85:7d:60:de:93:70:98:fc:a6:1c:90:f8:3c: 5d:5c:bf:20:c2:5c:9f:49:db:f6:5b:b9:22:93:cb:b7:c7:f2: 07:a7:41:78:e3:c9:9d:fe:8d:9c:d1:5b:7b:5a:a0:43:e5:5b: ad:d8:cf:b4:a4:85:88:d8:51:81:cb:5f:a8:e3:d1:41:3c:ad: 8f:6a:e2:93:81:f6:d8:ef:99:76:54:68:0d:d7:d8:34:f8:ba: 0c:ce:ea:13 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt8gAkcqG/YG8nlFqoFPbePMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4ZjQzYjViYmNjNDk2MjgwNmVhOTMyMmVjMjkyZTliNjZk ZGNjYzUwHhcNMjYwMTAyMDIxODQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMzliNDFkYTZmYzAyYTQxNDdkOGM0NTgyZDI2NGZkNmE4ZmFhZmI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNRqlT/2tjdXTM1pKVWLcFSSL1Ss mw067SniBvTpmQuQ6MaU2bZ2Rym1LtPbq9m3wgb7u7+YTvDMUCYrIlv5GhRaK5j5 jhyE2/1+A5L1fDs/m0adKAb9hYMve2o+j4awlCxc8vwr1NBCiQbFdsCSXyNz/hwT a8q9phMQ9YrgIG6boX6pld20ly3ANrT8aQ1vtsHX7yL2+AR0GuKd6OIEVpPK8Q9U OJn2TIwBSngnM1f2yvr/ID4gRd+6asTN//UnPf87lYi0HvofwX0sGleQnUwkH6cg 8MmLdkwmV8QoMzKPnnImhCe1kiPDueMYIYI995y+0C5Ljzc1DhlKtSai4QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFAObQdpvwCpBR9jEWC0mT9ao+q+2MB8GA1UdIwQY MBaAFGj0O1u8xJYoBuqTIuwpLptm3czFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYVBRN1c3ekVsaWdHNnBNaTdDa3VtMmJkek1VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8wNDZmZmUtMDVlYi00YzhjLTg1NDUt MDI0ODNlNjQ4MmNiLzEvQTV0QjJtX0FLa0ZIMk1SWUxTWlAxcWo2cjdZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy8wNDZmZmUtMDVlYi00YzhjLTg1NDUtMDI0ODNlNjQ4MmNi LzEvYVBRN1c3ekVsaWdHNnBNaTdDa3VtMmJkek1VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCaMz0MA0G CSqGSIb3DQEBCwUAA4IBAQCFKFApD67fv9OiY7X1RgYchVG0xWcDrfPrT4RP5ITc 3XMZNuk1qA/dOwSb8qiSz8y1IeWQ6zTxF5wXYPfaJI7vOlt0JkIOLl0L2PQ29QkI kVrz670y1hhYJ0PwYQtP8Z6ICYwk4uJmTv5/Jc5GmQjopSqFQcuAUdBK/32rd5ke CnLP2X1Yy1CoLm0fvZaGSlhLIDyXx9CLj2yx+ZdmUbhB4Kp+BQ/AcIV9YN6TcJj8 phyQ+DxdXL8gwlyfSdv2W7kik8u3x/IHp0F448md/o2c0Vt7WqBD5Vut2M+0pIWI 2FGBy1+o49FBPK2PauKTgfbY75l2VGgN19g0+LoMzuoT -----END CERTIFICATE-----Generated at Wed Jan 21 07:23:25 2026 by rpki-client