This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/5IHTeN6LKIDnfI5mwDY4JzGJDbM.roa File: 5IHTeN6LKIDnfI5mwDY4JzGJDbM.roa (raw, json) Hash identifier: /66IefTfWZpEf8UBvSA88R3U5BIftrP1ZhvhO1YmKqM= Subject key identifier: E4:81:D3:78:DE:8B:28:80:E7:7C:8E:66:C0:36:38:27:31:89:0D:B3 Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9 Certificate serial: 019B7911597C627C97D2B0C178832545486F Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/5IHTeN6LKIDnfI5mwDY4JzGJDbM.roa Signing time: Thu 01 Jan 2026 10:18:58 +0000 ROA not before: Thu 01 Jan 2026 10:18:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 397032 IP address blocks: 45.43.163.0/24 maxlen: 24 216.173.77.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:59:7c:62:7c:97:d2:b0:c1:78:83:25:45:48:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9 Validity Not Before: Jan 1 10:18:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e481d378de8b2880e77c8e66c036382731890db3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:91:84:79:7d:24:09:66:e0:17:70:f0:29:da: 3b:ae:89:ee:27:4d:2d:53:e2:f5:61:b9:ed:db:a8: 99:4e:2f:1c:4d:cb:53:db:ae:86:60:ae:97:8a:95: 53:40:f3:4e:8e:50:33:73:ac:24:85:3e:d0:69:06: 24:1d:d3:26:96:cf:6f:1b:57:f8:4b:09:0c:7e:89: 72:24:f8:72:3b:91:30:4c:28:10:03:30:c0:99:5c: 40:be:07:6b:c1:fa:10:57:a4:1b:fc:81:26:e5:29: 5c:9f:86:af:33:c3:fa:f8:53:b6:97:59:c6:76:e5: c3:11:c1:13:ba:05:eb:b1:c6:ab:b0:23:75:6d:34: 70:f1:fd:7c:0a:27:a5:a3:4b:b2:c7:a9:c3:1c:7f: 39:4e:3d:27:d6:57:ea:60:b5:79:40:b3:8e:b9:b7: 00:ad:14:78:37:f6:5c:26:7a:c1:4c:07:31:00:66: 19:31:d0:31:ed:4b:8f:af:fb:c3:d7:39:81:ff:04: e1:02:f8:e8:be:fc:4b:c7:c8:0e:94:63:8c:42:0d: 6a:07:a8:7e:3b:8a:c6:a0:0a:09:f8:44:84:a2:37: fc:38:8f:2b:ca:00:8f:c8:5a:04:28:a2:c1:1d:bd: d2:8e:d6:51:77:d2:60:89:62:d8:e4:d2:b2:b2:68: 29:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:81:D3:78:DE:8B:28:80:E7:7C:8E:66:C0:36:38:27:31:89:0D:B3 X509v3 Authority Key Identifier: keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/5IHTeN6LKIDnfI5mwDY4JzGJDbM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.43.163.0/24 216.173.77.0/24 Signature Algorithm: sha256WithRSAEncryption 2f:9c:bc:11:05:76:05:52:6f:88:64:d5:aa:5e:dc:fd:92:27: ac:8a:ea:ea:a4:35:65:c5:45:43:a1:cf:fb:37:a1:f3:ef:a9: 43:20:61:21:8b:18:a3:f0:1e:73:f3:14:f1:b8:d8:bd:50:f6: b6:fb:04:6c:e3:a7:14:23:ed:3e:05:b6:bd:f1:cd:9c:26:91: 66:d3:01:33:41:17:e5:85:08:4c:32:a0:2e:94:c9:58:9b:00: c9:35:c0:6f:28:fc:1e:22:ce:d9:d1:98:44:19:4e:8a:75:a1: ff:9e:39:bf:af:80:d5:74:c7:77:f7:a8:17:21:d2:85:69:43: 7c:77:0e:71:8b:e7:e0:1f:ac:13:88:db:29:25:82:68:7a:a0: 8f:a5:53:25:a7:eb:88:d0:ec:ea:19:fc:53:3a:b1:49:cc:ed: f0:7f:97:ab:6a:57:29:44:40:d8:15:8b:b5:69:fa:08:5f:15: 75:bd:fa:fd:17:c3:2d:c7:8f:66:2a:f3:9b:b9:b2:a7:80:64: a9:48:da:16:e6:35:b1:01:2f:75:8a:56:41:70:65:4a:6f:7c: 0e:39:e3:17:08:0b:e2:3f:52:6f:a3:ee:4a:95:2c:5f:4d:7d: a8:d6:da:c7:93:db:cb:a4:9b:b6:29:0c:e4:82:86:14:c5:54: c9:cc:fc:29 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5EVl8YnyX0rDBeIMlRUhvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj Mzg1ZTkwHhcNMjYwMTAxMTAxODU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlNDgxZDM3OGRlOGIyODgwZTc3YzhlNjZjMDM2MzgyNzMxODkwZGIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupGEeX0kCWbgF3DwKdo7ronuJ00t U+L1Ybnt26iZTi8cTctT266GYK6XipVTQPNOjlAzc6wkhT7QaQYkHdMmls9vG1f4 SwkMfolyJPhyO5EwTCgQAzDAmVxAvgdrwfoQV6Qb/IEm5Slcn4avM8P6+FO2l1nG duXDEcETugXrscarsCN1bTRw8f18Cielo0uyx6nDHH85Tj0n1lfqYLV5QLOOubcA rRR4N/ZcJnrBTAcxAGYZMdAx7UuPr/vD1zmB/wThAvjovvxLx8gOlGOMQg1qB6h+ O4rGoAoJ+ESEojf8OI8rygCPyFoEKKLBHb3SjtZRd9JgiWLY5NKysmgprQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFOSB03jeiyiA53yOZsA2OCcxiQ2zMB8GA1UdIwQY MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt ZmIwNzk1NWYzYWFhLzEvNUlIVGVONkxLSURuZkk1bXdEWTRKekdKRGJNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALSujAwQA 2K1NMA0GCSqGSIb3DQEBCwUAA4IBAQAvnLwRBXYFUm+IZNWqXtz9kiesiurqpDVl xUVDoc/7N6Hz76lDIGEhixij8B5z8xTxuNi9UPa2+wRs46cUI+0+Bba98c2cJpFm 0wEzQRflhQhMMqAulMlYmwDJNcBvKPweIs7Z0ZhEGU6KdaH/njm/r4DVdMd396gX IdKFaUN8dw5xi+fgH6wTiNspJYJoeqCPpVMlp+uI0OzqGfxTOrFJzO3wf5eralcp REDYFYu1afoIXxV1vfr9F8Mtx49mKvObubKngGSpSNoW5jWxAS91ilZBcGVKb3wO OeMXCAviP1Jvo+5KlSxfTX2o1trHk9vLpJu2KQzkgoYUxVTJzPwp -----END CERTIFICATE-----Generated at Fri Jan 2 02:36:34 2026 by rpki-client