This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/5bNFrIg9gDG6xiW1SZ4JBKcfRX4.roa File: 5bNFrIg9gDG6xiW1SZ4JBKcfRX4.roa (raw, json) Hash identifier: HrrIM91azHOhmtZGfvk+7Vic7AgE/pg9oswn9LnselI= Subject key identifier: E5:B3:45:AC:88:3D:80:31:BA:C6:25:B5:49:9E:09:04:A7:1F:45:7E Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9 Certificate serial: 019B791141EE74091A9404FD15CF07494EFE Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/5bNFrIg9gDG6xiW1SZ4JBKcfRX4.roa Signing time: Thu 01 Jan 2026 10:18:52 +0000 ROA not before: Thu 01 Jan 2026 10:18:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 40676 IP address blocks: 45.43.147.0/24 maxlen: 24 45.43.152.0/24 maxlen: 24 104.222.160.0/24 maxlen: 24 104.222.163.0/24 maxlen: 24 104.222.164.0/24 maxlen: 24 104.222.165.0/24 maxlen: 24 104.222.166.0/24 maxlen: 24 104.239.74.0/24 maxlen: 24 104.239.79.0/24 maxlen: 24 104.239.89.0/24 maxlen: 24 104.239.102.0/24 maxlen: 24 104.239.109.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:41:ee:74:09:1a:94:04:fd:15:cf:07:49:4e:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9 Validity Not Before: Jan 1 10:18:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e5b345ac883d8031bac625b5499e0904a71f457e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:44:af:c5:19:84:6d:e4:99:c1:d4:e4:b4:69: 1e:00:a7:6a:f9:91:9c:9b:c2:b5:f6:84:fe:0c:9b: d0:eb:f3:15:4c:d1:17:74:a8:32:c7:8c:cf:72:ba: 2a:d1:65:05:43:17:be:c1:66:4a:ac:2d:ad:ad:b6: 66:55:28:26:4a:d4:c4:d8:5b:d6:b8:64:3d:84:a4: 5a:fb:57:c5:2d:28:76:33:ab:08:ff:76:2f:62:ed: 7d:85:39:bf:b9:17:ed:0b:42:19:18:6a:fb:e6:e5: 19:3a:51:7f:30:3e:06:db:74:45:a8:23:08:77:a7: a9:2e:d8:e9:2b:d9:ea:43:82:33:8a:91:96:92:fc: 61:f1:90:c8:1c:48:07:87:57:4e:e2:9d:da:72:12: 11:5d:12:e0:e8:29:c7:5a:fb:26:e9:8b:a4:40:eb: e0:2f:95:92:32:28:49:db:8c:eb:58:d0:7b:d9:89: b9:b0:2e:39:53:2b:9f:ff:81:3f:30:7c:fd:bd:08: d0:8c:21:5c:66:14:ee:f3:42:7c:f6:47:d9:95:4d: 7c:4b:31:db:39:f1:f0:71:29:be:dd:2c:ca:4d:16: 75:74:52:44:3c:33:39:36:86:c4:8b:46:1a:2a:7f: d9:c3:70:18:a4:8e:8b:52:a3:10:c9:1e:1a:5d:67: 94:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:B3:45:AC:88:3D:80:31:BA:C6:25:B5:49:9E:09:04:A7:1F:45:7E X509v3 Authority Key Identifier: keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/5bNFrIg9gDG6xiW1SZ4JBKcfRX4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.43.147.0/24 45.43.152.0/24 104.222.160.0/24 104.222.163.0-104.222.166.255 104.239.74.0/24 104.239.79.0/24 104.239.89.0/24 104.239.102.0/24 104.239.109.0/24 Signature Algorithm: sha256WithRSAEncryption 8b:bf:f5:11:ee:e9:88:a0:e7:56:88:38:f5:2a:32:71:bc:65: 14:69:a3:45:b9:87:91:55:b3:9a:9a:bb:6c:cc:68:30:39:cf: 32:c5:a6:b7:73:0a:0f:29:a9:9f:f1:63:20:fb:40:c7:02:29: d6:6e:40:c4:88:1b:83:49:a6:db:34:87:9d:5e:12:50:a5:bf: e1:62:c8:ae:af:55:a1:29:ee:48:f2:c9:b8:63:e3:43:ea:09: f3:2b:46:3c:19:71:d7:81:1e:fc:35:db:29:ef:a5:43:53:55: 11:d2:39:67:a1:a2:b2:ed:72:7a:72:ba:53:4c:37:5a:08:89: 96:5d:d1:13:53:29:11:a9:f2:48:fa:dd:d4:1d:23:6f:0d:82: ab:f9:1e:ed:72:c6:b4:91:01:be:c6:be:00:f5:c5:81:64:f3: 17:65:a9:d6:8e:cc:ca:22:4b:0d:fa:b9:49:d4:51:10:f2:15: fd:77:8c:6f:6a:52:31:23:3f:3e:e3:87:2b:13:dc:0c:f6:aa: 7b:e4:98:e2:ea:8d:0c:41:a2:3b:e6:91:08:88:18:87:d1:fe: 5f:b0:fe:a7:96:a8:58:27:b3:db:5d:d6:50:6a:63:20:b1:90: 27:5b:26:e9:4a:b0:19:c0:80:dc:43:7b:51:76:13:ee:3d:0a: 23:aa:aa:f4 -----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgISAZt5EUHudAkalAT9Fc8HSU7+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj Mzg1ZTkwHhcNMjYwMTAxMTAxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlNWIzNDVhYzg4M2Q4MDMxYmFjNjI1YjU0OTllMDkwNGE3MWY0NTdlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqESvxRmEbeSZwdTktGkeAKdq+ZGc m8K19oT+DJvQ6/MVTNEXdKgyx4zPcroq0WUFQxe+wWZKrC2trbZmVSgmStTE2FvW uGQ9hKRa+1fFLSh2M6sI/3YvYu19hTm/uRftC0IZGGr75uUZOlF/MD4G23RFqCMI d6epLtjpK9nqQ4IzipGWkvxh8ZDIHEgHh1dO4p3achIRXRLg6CnHWvsm6YukQOvg L5WSMihJ24zrWNB72Ym5sC45Uyuf/4E/MHz9vQjQjCFcZhTu80J89kfZlU18SzHb OfHwcSm+3SzKTRZ1dFJEPDM5NobEi0YaKn/Zw3AYpI6LUqMQyR4aXWeU3QIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFOWzRayIPYAxusYltUmeCQSnH0V+MB8GA1UdIwQY MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt ZmIwNzk1NWYzYWFhLzEvNWJORnJJZzlnREc2eGlXMVNaNEpCS2NmUlg0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQALSuTAwQA LSuYAwQAaN6gMAwDBABo3qMDBABo3qYDBABo70oDBABo708DBABo71kDBABo72YD BABo720wDQYJKoZIhvcNAQELBQADggEBAIu/9RHu6Yig51aIOPUqMnG8ZRRpo0W5 h5FVs5qau2zMaDA5zzLFprdzCg8pqZ/xYyD7QMcCKdZuQMSIG4NJpts0h51eElCl v+FiyK6vVaEp7kjyybhj40PqCfMrRjwZcdeBHvw12ynvpUNTVRHSOWehorLtcnpy ulNMN1oIiZZd0RNTKRGp8kj63dQdI28Ngqv5Hu1yxrSRAb7GvgD1xYFk8xdlqdaO zMoiSw36uUnUURDyFf13jG9qUjEjPz7jhysT3Az2qnvkmOLqjQxBojvmkQiIGIfR /l+w/qeWqFgns9td1lBqYyCxkCdbJulKsBnAgNxDe1F2E+49CiOqqvQ= -----END CERTIFICATE-----Generated at Fri Jan 2 02:39:01 2026 by rpki-client