This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/CaiWVFgbMuIy3C2fydPlnxcKOj0.roa File: CaiWVFgbMuIy3C2fydPlnxcKOj0.roa (raw, json) Hash identifier: e+D2cMsj36XqR2PSipoMHXP8v2EQ26JCvO+8Sr8mEgY= Subject key identifier: 09:A8:96:54:58:1B:32:E2:32:DC:2D:9F:C9:D3:E5:9F:17:0A:3A:3D Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9 Certificate serial: 019B79115280DC2D24C07F9E01E7FD5FCC57 Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/CaiWVFgbMuIy3C2fydPlnxcKOj0.roa Signing time: Thu 01 Jan 2026 10:18:56 +0000 ROA not before: Thu 01 Jan 2026 10:18:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211001 IP address blocks: 104.222.179.0/24 maxlen: 24 104.239.47.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:52:80:dc:2d:24:c0:7f:9e:01:e7:fd:5f:cc:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9 Validity Not Before: Jan 1 10:18:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=09a89654581b32e232dc2d9fc9d3e59f170a3a3d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:15:92:b4:2a:8c:47:75:18:3d:eb:e9:ce:cc: 1a:8c:c1:cc:cf:39:1a:49:a3:dd:05:cd:dc:94:16: 1c:95:d9:94:5d:08:26:51:c9:ff:39:0f:3e:11:66: b7:d9:8b:58:40:80:68:df:d0:c5:b2:16:08:83:8d: f5:7c:c9:9d:fa:1c:3f:b0:7e:5f:17:58:d3:81:c7: b8:89:e2:8b:13:5d:5b:81:44:cb:6f:51:6f:e4:82: 81:3c:77:5b:a6:34:93:d8:b9:e7:c2:da:f7:3d:b9: 69:54:ed:97:65:fd:a1:21:e1:76:65:33:52:a8:6c: 3a:ea:aa:ce:d3:cd:31:0e:a5:ef:84:fa:8e:4e:38: 18:29:41:89:ad:42:92:84:80:34:dc:91:a5:79:1e: 4b:ea:fc:30:a6:69:dd:c5:2c:36:09:b1:fc:73:fa: bc:4c:12:82:03:59:44:42:a1:01:2d:ab:c2:ff:23: a4:d7:ef:28:b6:04:b6:ba:83:9a:c3:80:49:a1:9e: 4b:57:a9:68:67:08:6f:33:4c:5f:84:f9:b1:55:7f: 2f:2c:c4:bc:f9:2d:cc:2a:90:f2:29:04:cd:53:6d: 9a:88:ee:86:b5:47:6b:7d:ad:83:94:bf:d9:40:19: 7e:e9:f0:3b:0e:1f:18:6b:0b:02:c1:ad:42:fe:b0: ad:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:A8:96:54:58:1B:32:E2:32:DC:2D:9F:C9:D3:E5:9F:17:0A:3A:3D X509v3 Authority Key Identifier: keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/CaiWVFgbMuIy3C2fydPlnxcKOj0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 104.222.179.0/24 104.239.47.0/24 Signature Algorithm: sha256WithRSAEncryption 02:8a:35:80:b1:3a:53:76:03:b7:45:b9:b7:b6:0c:18:d5:cc: 8e:1d:79:b8:d4:3f:5f:42:90:0b:40:58:3c:9e:1e:4b:a1:80: de:ca:88:32:cb:66:2a:e7:c2:09:31:7f:aa:c4:6b:c7:ba:37: 42:01:16:19:59:8c:c9:2f:a2:dc:cf:f1:35:e1:55:71:21:79: 3a:12:a2:39:7a:67:65:4a:36:15:7c:34:7e:7f:d5:b6:52:b6: 61:4b:00:5e:2e:3c:d5:d5:41:21:0e:1f:6f:d3:d9:68:39:00: d0:7b:5b:f7:6d:7f:68:91:d7:c3:32:df:98:ac:1d:60:d6:dc: 24:0b:b0:4d:5d:34:d1:90:1d:db:3c:2e:24:a7:36:a4:0f:bd: 0b:06:f6:d2:63:b7:5e:fa:3d:02:73:e5:cb:89:93:48:89:68: f2:0f:08:d4:58:05:13:f0:29:9e:15:6e:56:10:72:e0:e2:e4: 80:96:1d:be:98:19:c8:d3:25:03:8c:4d:dc:b3:1a:8a:93:44: 47:4f:16:96:2b:d0:a2:a8:62:ec:ed:9a:a3:d0:c1:0d:21:75: ce:39:7c:f3:a2:6e:47:d2:a2:2e:b2:42:80:ac:bc:95:02:42: 94:53:4f:7a:ad:b7:a5:9f:f1:64:0b:14:ef:4c:24:c9:18:c8: 2c:54:31:51 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5EVKA3C0kwH+eAef9X8xXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj Mzg1ZTkwHhcNMjYwMTAxMTAxODU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOWE4OTY1NDU4MWIzMmUyMzJkYzJkOWZjOWQzZTU5ZjE3MGEzYTNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4RWStCqMR3UYPevpzswajMHMzzka SaPdBc3clBYcldmUXQgmUcn/OQ8+EWa32YtYQIBo39DFshYIg431fMmd+hw/sH5f F1jTgce4ieKLE11bgUTLb1Fv5IKBPHdbpjST2Lnnwtr3PblpVO2XZf2hIeF2ZTNS qGw66qrO080xDqXvhPqOTjgYKUGJrUKShIA03JGleR5L6vwwpmndxSw2CbH8c/q8 TBKCA1lEQqEBLavC/yOk1+8otgS2uoOaw4BJoZ5LV6loZwhvM0xfhPmxVX8vLMS8 +S3MKpDyKQTNU22aiO6GtUdrfa2DlL/ZQBl+6fA7Dh8YawsCwa1C/rCtpwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFAmollRYGzLiMtwtn8nT5Z8XCjo9MB8GA1UdIwQY MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt ZmIwNzk1NWYzYWFhLzEvQ2FpV1ZGZ2JNdUl5M0MyZnlkUGxueGNLT2owLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAaN6zAwQA aO8vMA0GCSqGSIb3DQEBCwUAA4IBAQACijWAsTpTdgO3Rbm3tgwY1cyOHXm41D9f QpALQFg8nh5LoYDeyogyy2Yq58IJMX+qxGvHujdCARYZWYzJL6Lcz/E14VVxIXk6 EqI5emdlSjYVfDR+f9W2UrZhSwBeLjzV1UEhDh9v09loOQDQe1v3bX9okdfDMt+Y rB1g1twkC7BNXTTRkB3bPC4kpzakD70LBvbSY7de+j0Cc+XLiZNIiWjyDwjUWAUT 8CmeFW5WEHLg4uSAlh2+mBnI0yUDjE3csxqKk0RHTxaWK9CiqGLs7Zqj0MENIXXO OXzzom5H0qIuskKArLyVAkKUU096rbeln/FkCxTvTCTJGMgsVDFR -----END CERTIFICATE-----Generated at Fri Jan 2 02:39:53 2026 by rpki-client