This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/1-VdJiuApsZ7aJVd5zTWsqCTOaBQ.roa File: 1-VdJiuApsZ7aJVd5zTWsqCTOaBQ.roa (raw, json) Hash identifier: X5tCIZSuz5L062RdKMm8nAoNi5cmoeRhaOKXOi/VX9o= Subject key identifier: F9:57:49:8A:E0:29:B1:9E:DA:25:57:79:CD:35:AC:A8:24:CE:68:14 Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9 Certificate serial: 019B79114C0A9A79C604DA0AA5A8A14262C6 Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/1-VdJiuApsZ7aJVd5zTWsqCTOaBQ.roa Signing time: Thu 01 Jan 2026 10:18:55 +0000 ROA not before: Thu 01 Jan 2026 10:18:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200525 IP address blocks: 104.250.200.0/22 maxlen: 22 104.250.204.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:4c:0a:9a:79:c6:04:da:0a:a5:a8:a1:42:62:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9 Validity Not Before: Jan 1 10:18:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f957498ae029b19eda255779cd35aca824ce6814 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:db:22:6c:a0:6d:0c:5c:c7:45:03:b5:18:e9: 62:49:cb:c4:d7:83:7f:4e:85:48:f1:09:5f:46:f3: 6b:59:a1:73:b4:bf:8a:9e:88:7b:b0:3c:e3:42:7b: aa:79:f0:81:cb:b7:53:58:33:35:0b:6a:32:3d:de: 70:73:8e:ab:02:8c:a6:ec:67:cb:a4:9b:bf:1b:f6: 67:77:ca:79:81:99:b2:98:2e:2e:4a:00:20:a2:3d: 79:19:4a:26:3d:c3:3b:d9:6c:bc:a9:49:75:7e:51: 21:a8:36:b6:e2:b6:4c:74:bb:91:55:e7:42:fd:69: db:9c:c2:4e:3e:54:77:0b:10:9f:8d:26:90:0c:0b: f4:48:58:b8:f4:9e:ff:8e:ea:f4:59:db:c3:c3:b3: 6e:f6:1c:f2:f8:c0:f6:c2:05:8f:e4:84:a5:7e:3b: f8:3b:62:85:74:81:13:35:bf:12:25:be:36:19:d2: 6c:84:f5:ff:05:b6:26:88:54:ff:3e:56:d3:a5:6c: d9:95:5a:96:7a:03:df:bf:69:a1:0f:f1:1c:b6:44: 66:d3:66:00:72:ba:f1:85:7a:7d:c1:83:10:e5:ac: 0c:7f:f1:47:94:e6:ae:0b:dc:a4:ac:dd:88:86:c3: c7:e8:95:e3:7c:6a:3a:8d:dd:5a:5f:db:0a:a9:75: ed:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:57:49:8A:E0:29:B1:9E:DA:25:57:79:CD:35:AC:A8:24:CE:68:14 X509v3 Authority Key Identifier: keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/1-VdJiuApsZ7aJVd5zTWsqCTOaBQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 104.250.200.0/21 Signature Algorithm: sha256WithRSAEncryption 36:81:22:11:0a:3c:3b:ed:34:30:ef:1b:0c:62:19:fa:28:94: d7:df:68:ed:02:ea:dd:b6:22:12:9c:f7:47:e5:14:6b:86:4e: 5c:72:97:d3:43:aa:28:83:b3:74:82:fb:da:bf:d7:1f:a2:cb: b2:85:68:62:76:63:4a:80:08:5f:62:b3:1b:4e:de:3b:7c:0f: b9:55:48:fa:6e:13:8c:de:fa:57:22:dd:75:ea:63:aa:98:69: 75:aa:6c:d6:f7:6f:63:54:1a:43:fc:d6:fd:21:03:49:27:2d: a5:77:31:19:a1:cc:94:8b:85:f1:ec:33:84:76:7c:e2:d8:3d: 1b:f5:6c:a2:5e:72:3c:7a:3f:71:90:1a:9a:e8:38:1e:bb:62: 16:24:d8:86:ff:72:d1:87:53:93:f6:de:a2:c3:50:f2:3d:21: 0a:ae:0f:e8:19:bf:d0:8c:59:80:f1:5a:e0:95:f3:d2:e4:63: 8d:34:ce:8b:88:1a:77:cd:f0:2f:16:b4:d2:27:32:c0:15:7a: 8f:89:f0:bd:c8:f6:71:eb:81:b8:9f:c8:9f:7b:a7:ff:cb:29: 1e:da:7b:e9:ea:22:70:1a:7c:1c:34:bb:4c:e7:04:15:45:a0: 21:b9:74:63:20:60:ad:a4:9e:b9:7b:e6:ae:47:d9:dc:4a:43: 6b:6d:64:5b -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt5EUwKmnnGBNoKpaihQmLGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj Mzg1ZTkwHhcNMjYwMTAxMTAxODU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmOTU3NDk4YWUwMjliMTllZGEyNTU3NzljZDM1YWNhODI0Y2U2ODE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtsibKBtDFzHRQO1GOliScvE14N/ ToVI8QlfRvNrWaFztL+Knoh7sDzjQnuqefCBy7dTWDM1C2oyPd5wc46rAoym7GfL pJu/G/Znd8p5gZmymC4uSgAgoj15GUomPcM72Wy8qUl1flEhqDa24rZMdLuRVedC /WnbnMJOPlR3CxCfjSaQDAv0SFi49J7/jur0WdvDw7Nu9hzy+MD2wgWP5ISlfjv4 O2KFdIETNb8SJb42GdJshPX/BbYmiFT/PlbTpWzZlVqWegPfv2mhD/EctkRm02YA crrxhXp9wYMQ5awMf/FHlOauC9ykrN2IhsPH6JXjfGo6jd1aX9sKqXXtzQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFPlXSYrgKbGe2iVXec01rKgkzmgUMB8GA1UdIwQY MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt ZmIwNzk1NWYzYWFhLzEvMS1WZEppdUFwc1o3YUpWZDV6VFdzcUNUT2FCUS5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvNWEvZmRkNjMzLWM2NTgtNDljNS05ZThmLWZiMDc5NTVmM2Fh YS8xL1lGZ2VaejJBOTBkSk5ySVROLXI4d2IzRGhlay5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA2j6yDAN BgkqhkiG9w0BAQsFAAOCAQEANoEiEQo8O+00MO8bDGIZ+iiU199o7QLq3bYiEpz3 R+UUa4ZOXHKX00OqKIOzdIL72r/XH6LLsoVoYnZjSoAIX2KzG07eO3wPuVVI+m4T jN76VyLddepjqphpdaps1vdvY1QaQ/zW/SEDSSctpXcxGaHMlIuF8ewzhHZ84tg9 G/Vsol5yPHo/cZAamug4HrtiFiTYhv9y0YdTk/beosNQ8j0hCq4P6Bm/0IxZgPFa 4JXz0uRjjTTOi4gad83wLxa00icywBV6j4nwvcj2ceuBuJ/In3un/8spHtp76eoi cBp8HDS7TOcEFUWgIbl0YyBgraSeuXvmrkfZ3EpDa21kWw== -----END CERTIFICATE-----Generated at Fri Jan 2 02:39:45 2026 by rpki-client