This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/8TU9Y5-L6oo29kWm4XXccHmCKjY.roa File: 8TU9Y5-L6oo29kWm4XXccHmCKjY.roa (raw, json) Hash identifier: zjDXUjJCsPW06lBpnyNybsHERRj3kGTNpvdxE1S2cC8= Subject key identifier: F1:35:3D:63:9F:8B:EA:8A:36:F6:45:A6:E1:75:DC:70:79:82:2A:36 Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9 Certificate serial: 019B7911391F80A9CA47F6EEF155D388029B Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/8TU9Y5-L6oo29kWm4XXccHmCKjY.roa Signing time: Thu 01 Jan 2026 10:18:50 +0000 ROA not before: Thu 01 Jan 2026 10:18:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5511 IP address blocks: 45.43.145.0/24 maxlen: 24 45.43.155.0/24 maxlen: 24 45.43.156.0/24 maxlen: 24 45.43.160.0/24 maxlen: 24 64.137.16.0/24 maxlen: 24 104.238.17.0/24 maxlen: 24 104.239.51.0/24 maxlen: 24 104.239.64.0/24 maxlen: 24 104.239.65.0/24 maxlen: 24 216.173.94.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:39:1f:80:a9:ca:47:f6:ee:f1:55:d3:88:02:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9 Validity Not Before: Jan 1 10:18:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f1353d639f8bea8a36f645a6e175dc7079822a36 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:7a:56:31:cd:1d:45:ab:28:0e:7b:82:71:06: 85:c4:b0:c7:7b:dc:bf:b8:3f:ba:f6:2a:8f:2a:e0: e5:01:9b:ad:18:55:be:54:b9:9d:37:35:7b:c3:20: 13:32:bc:ba:ce:73:06:01:d6:ba:6b:40:4f:5c:9c: 98:c5:7e:53:d6:e9:a2:7a:35:76:4d:f6:fb:bf:bd: 04:e7:94:a6:00:61:ba:fd:e5:10:2f:c1:35:43:93: d6:ef:97:83:47:2a:04:62:e3:a8:42:a9:4b:d9:3b: cb:cb:7a:2e:47:f1:db:c9:c0:90:6f:9a:05:e8:c1: 85:15:4a:5e:92:70:ad:e7:40:ba:59:05:b3:76:82: b8:04:f0:a7:ce:79:49:97:67:1c:e8:b6:48:bb:5b: c0:a9:b1:39:97:64:1e:b1:de:d0:a3:f4:b4:52:27: ce:80:70:e8:ed:9a:84:e3:5f:d1:40:0b:92:d8:04: b0:08:23:88:47:54:58:a5:0c:aa:62:77:88:d1:87: ad:f2:0e:68:74:ef:49:ae:a7:53:e4:19:37:95:68: b2:96:89:ad:1a:c6:34:4b:a7:e4:7b:81:11:90:5e: b0:6b:25:7c:79:34:7a:ec:85:cc:14:9b:e6:0f:c9: 08:5f:17:57:3a:db:59:1a:b7:a5:47:a7:b3:1b:d2: f4:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:35:3D:63:9F:8B:EA:8A:36:F6:45:A6:E1:75:DC:70:79:82:2A:36 X509v3 Authority Key Identifier: keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/8TU9Y5-L6oo29kWm4XXccHmCKjY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.43.145.0/24 45.43.155.0-45.43.156.255 45.43.160.0/24 64.137.16.0/24 104.238.17.0/24 104.239.51.0/24 104.239.64.0/23 216.173.94.0/24 Signature Algorithm: sha256WithRSAEncryption 54:c6:7b:8a:c4:61:51:4a:5e:b4:43:6c:52:fc:16:48:38:97: 3e:ca:23:ff:11:87:cb:ed:68:51:c8:8b:21:98:61:24:f5:4a: ae:04:d2:c2:3b:33:4b:31:ad:9d:e4:95:52:65:6e:03:ff:b1: 40:49:28:27:ea:21:0d:33:d5:fb:11:93:e4:24:8c:0a:f9:60: b0:a1:b9:d5:4f:67:4e:35:b6:f3:a6:11:ba:33:ca:3b:bb:49: 9b:24:10:76:8c:48:df:b1:e9:d3:03:3c:fe:ab:6a:dc:14:49: 52:b8:db:73:32:aa:a7:4f:e1:12:59:4a:fa:dc:4d:56:62:15: 6f:70:13:fb:71:6d:40:0f:73:2c:39:6d:6b:34:ea:b0:e4:b2: 14:00:b2:c6:5c:46:fc:af:d6:e3:9d:a3:51:d5:73:d5:53:76: d1:e6:a6:8a:bc:12:ae:59:fd:1a:8d:3b:6a:dc:5a:c0:32:3a: 96:e7:82:11:ca:f7:51:38:56:18:26:0d:9c:31:c3:d2:b5:55: da:e2:dc:21:f9:ce:f2:95:60:e5:9f:0a:72:16:1d:2e:4a:5e: 36:a6:94:84:c5:8e:7a:39:1a:88:c0:f3:8f:83:3b:6d:6d:be: 66:07:23:a3:55:cc:62:f3:21:4b:f0:5c:fa:37:5c:a5:fc:ab: 94:8d:23:a1 -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgISAZt5ETkfgKnKR/bu8VXTiAKbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj Mzg1ZTkwHhcNMjYwMTAxMTAxODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMTM1M2Q2MzlmOGJlYThhMzZmNjQ1YTZlMTc1ZGM3MDc5ODIyYTM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHpWMc0dRasoDnuCcQaFxLDHe9y/ uD+69iqPKuDlAZutGFW+VLmdNzV7wyATMry6znMGAda6a0BPXJyYxX5T1umiejV2 Tfb7v70E55SmAGG6/eUQL8E1Q5PW75eDRyoEYuOoQqlL2TvLy3ouR/HbycCQb5oF 6MGFFUpeknCt50C6WQWzdoK4BPCnznlJl2cc6LZIu1vAqbE5l2Qesd7Qo/S0UifO gHDo7ZqE41/RQAuS2ASwCCOIR1RYpQyqYneI0Yet8g5odO9JrqdT5Bk3lWiylomt GsY0S6fke4ERkF6wayV8eTR67IXMFJvmD8kIXxdXOttZGrelR6ezG9L0FwIDAQAB o4ICOzCCAjcwHQYDVR0OBBYEFPE1PWOfi+qKNvZFpuF13HB5gio2MB8GA1UdIwQY MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt ZmIwNzk1NWYzYWFhLzEvOFRVOVk1LUw2b28yOWtXbTRYWGNjSG1DS2pZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQALSuRMAwD BAAtK5sDBAAtK5wDBAAtK6ADBABAiRADBABo7hEDBABo7zMDBAFo70ADBADYrV4w DQYJKoZIhvcNAQELBQADggEBAFTGe4rEYVFKXrRDbFL8Fkg4lz7KI/8Rh8vtaFHI iyGYYST1Sq4E0sI7M0sxrZ3klVJlbgP/sUBJKCfqIQ0z1fsRk+QkjAr5YLChudVP Z041tvOmEbozyju7SZskEHaMSN+x6dMDPP6ratwUSVK423MyqqdP4RJZSvrcTVZi FW9wE/txbUAPcyw5bWs06rDkshQAssZcRvyv1uOdo1HVc9VTdtHmpoq8Eq5Z/RqN O2rcWsAyOpbnghHK91E4VhgmDZwxw9K1Vdri3CH5zvKVYOWfCnIWHS5KXjamlITF jno5GojA84+DO21tvmYHI6NVzGLzIUvwXPo3XKX8q5SNI6E= -----END CERTIFICATE-----Generated at Fri Jan 2 02:41:14 2026 by rpki-client