This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/5lczYNen58G9rP8J76RVbGX7VYs.roa File: 5lczYNen58G9rP8J76RVbGX7VYs.roa (raw, json) Hash identifier: XgOe366Izu9gVF52kKZEfCJuTkkf948emL2IU+TZV8w= Subject key identifier: E6:57:33:60:D7:A7:E7:C1:BD:AC:FF:09:EF:A4:55:6C:65:FB:55:8B Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9 Certificate serial: 019B7911551CB18E4E0E464ABD9681092B80 Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/5lczYNen58G9rP8J76RVbGX7VYs.roa Signing time: Thu 01 Jan 2026 10:18:57 +0000 ROA not before: Thu 01 Jan 2026 10:18:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213541 IP address blocks: 45.43.166.0/24 maxlen: 24 104.239.15.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:55:1c:b1:8e:4e:0e:46:4a:bd:96:81:09:2b:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9 Validity Not Before: Jan 1 10:18:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e6573360d7a7e7c1bdacff09efa4556c65fb558b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:ab:a7:f3:9d:7c:98:94:3e:1e:f2:26:2b:10: 62:22:cd:ef:2e:a3:3f:55:38:c7:fe:28:61:25:74: 92:62:d0:59:7b:0b:f4:44:70:25:f4:cd:63:5a:1a: ff:d5:24:07:ad:31:b1:5b:4a:54:eb:e9:f0:ac:8a: 5b:5e:1c:2c:0c:38:2d:78:1b:bf:6d:7e:40:70:f6: 59:1b:93:10:4e:a2:46:84:54:60:cb:95:31:3e:61: 00:af:bd:db:9c:63:fb:5f:9b:c6:7f:05:0a:dc:6f: 6c:d5:03:8e:08:73:7b:5e:50:af:e2:43:8a:ed:b7: ba:d8:b5:02:b7:c5:04:3c:04:c5:c4:1f:a0:7c:e4: 0c:31:0a:15:db:93:dd:75:f6:3a:ca:f6:2e:7f:2e: c2:5e:32:1d:8c:f6:14:35:90:0e:52:a6:59:b4:17: f4:07:8b:ee:88:ff:79:0d:1d:36:13:57:af:97:7c: 7b:65:8f:c1:cb:9d:b1:16:1f:ef:f3:fa:e7:17:b3: 10:f2:a5:d5:ce:39:ed:51:f8:97:9c:2f:98:97:2e: f9:2c:10:de:06:cb:6c:fe:af:f2:7c:50:ca:05:25: d4:f4:ba:b4:02:c8:69:d3:09:21:b5:5c:2b:05:72: d9:d4:17:b8:9a:79:cd:8d:59:1e:09:0a:b2:e4:fd: c0:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:57:33:60:D7:A7:E7:C1:BD:AC:FF:09:EF:A4:55:6C:65:FB:55:8B X509v3 Authority Key Identifier: keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/5lczYNen58G9rP8J76RVbGX7VYs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.43.166.0/24 104.239.15.0/24 Signature Algorithm: sha256WithRSAEncryption 33:36:19:4c:d1:e7:2d:50:fa:da:3e:22:86:a6:94:6e:1d:c6: 64:0b:7f:0b:21:4c:e8:cc:59:41:c2:ae:f9:ba:60:4f:0c:31: df:94:ae:0c:54:53:16:2f:72:bc:75:9c:84:c7:dc:b2:e7:f9: ae:c8:c4:e3:93:3b:2e:53:28:d3:95:61:c8:e2:f0:b6:ef:57: 73:f6:12:10:34:43:16:bd:6a:73:65:d4:1e:f7:ff:24:15:33: ca:93:e2:ed:44:0a:2e:46:fd:78:cf:48:49:ca:1d:e6:5e:cb: 02:9e:7d:ae:19:3f:7c:63:6b:19:d2:f0:ab:5a:44:96:4e:8c: 52:7c:44:0a:d6:aa:6c:53:94:1a:ff:cb:0e:7d:37:d8:53:12: 48:b4:46:41:d8:51:91:14:28:93:8c:00:18:c8:c2:7c:f8:1a: 90:fb:81:71:20:d8:5d:3c:87:2f:1a:3b:66:91:ef:27:e3:c3: 82:41:5e:1f:30:4f:79:fb:f6:81:4b:31:c4:59:c6:92:58:91: db:f9:8b:15:63:ca:1a:35:24:17:55:62:88:74:c5:db:03:dc: 3a:4f:3b:48:f8:a3:f1:44:64:52:8e:48:35:81:0c:57:5d:a9: 7a:44:96:e4:73:0d:22:a1:c3:8d:a7:8a:8f:f6:1d:36:8a:8c: 9f:45:42:38 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5EVUcsY5ODkZKvZaBCSuAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj Mzg1ZTkwHhcNMjYwMTAxMTAxODU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlNjU3MzM2MGQ3YTdlN2MxYmRhY2ZmMDllZmE0NTU2YzY1ZmI1NThiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqun8518mJQ+HvImKxBiIs3vLqM/ VTjH/ihhJXSSYtBZewv0RHAl9M1jWhr/1SQHrTGxW0pU6+nwrIpbXhwsDDgteBu/ bX5AcPZZG5MQTqJGhFRgy5UxPmEAr73bnGP7X5vGfwUK3G9s1QOOCHN7XlCv4kOK 7be62LUCt8UEPATFxB+gfOQMMQoV25PddfY6yvYufy7CXjIdjPYUNZAOUqZZtBf0 B4vuiP95DR02E1evl3x7ZY/By52xFh/v8/rnF7MQ8qXVzjntUfiXnC+Yly75LBDe Bsts/q/yfFDKBSXU9Lq0Ashp0wkhtVwrBXLZ1Be4mnnNjVkeCQqy5P3A7QIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFOZXM2DXp+fBvaz/Ce+kVWxl+1WLMB8GA1UdIwQY MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt ZmIwNzk1NWYzYWFhLzEvNWxjellOZW41OEc5clA4Sjc2UlZiR1g3VllzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALSumAwQA aO8PMA0GCSqGSIb3DQEBCwUAA4IBAQAzNhlM0ectUPraPiKGppRuHcZkC38LIUzo zFlBwq75umBPDDHflK4MVFMWL3K8dZyEx9yy5/muyMTjkzsuUyjTlWHI4vC271dz 9hIQNEMWvWpzZdQe9/8kFTPKk+LtRAouRv14z0hJyh3mXssCnn2uGT98Y2sZ0vCr WkSWToxSfEQK1qpsU5Qa/8sOfTfYUxJItEZB2FGRFCiTjAAYyMJ8+BqQ+4FxINhd PIcvGjtmke8n48OCQV4fME95+/aBSzHEWcaSWJHb+YsVY8oaNSQXVWKIdMXbA9w6 TztI+KPxRGRSjkg1gQxXXal6RJbkcw0iocONp4qP9h02ioyfRUI4 -----END CERTIFICATE-----Generated at Fri Jan 2 02:41:18 2026 by rpki-client