This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/DbhldEvFw3GsG752iVLoz0pfMgI.roa File: DbhldEvFw3GsG752iVLoz0pfMgI.roa (raw, json) Hash identifier: OC2NYDQPvre5c9WbV933tYIy28Ev6PGc5UEt6pZXt5E= Subject key identifier: 0D:B8:65:74:4B:C5:C3:71:AC:1B:BE:76:89:52:E8:CF:4A:5F:32:02 Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9 Certificate serial: 019B79113797DB15D3CE74753C37AC5EB14B Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/DbhldEvFw3GsG752iVLoz0pfMgI.roa Signing time: Thu 01 Jan 2026 10:18:50 +0000 ROA not before: Thu 01 Jan 2026 10:18:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 2914 IP address blocks: 64.137.52.0/23 maxlen: 23 104.233.0.0/22 maxlen: 22 104.233.4.0/22 maxlen: 22 104.238.0.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:37:97:db:15:d3:ce:74:75:3c:37:ac:5e:b1:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9 Validity Not Before: Jan 1 10:18:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0db865744bc5c371ac1bbe768952e8cf4a5f3202 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:06:52:73:3d:0a:45:6b:80:39:20:e8:d6:00: 08:88:a8:d6:ad:8e:b5:98:84:81:c8:e2:57:07:1a: af:fc:20:19:67:2d:41:25:3c:1c:e7:51:2a:c9:96: 8e:ca:b1:67:71:5f:11:6b:02:96:9c:c6:82:e2:ab: ee:6b:51:fd:9a:e9:94:fb:26:ae:24:f7:d0:89:a9: 84:f3:37:6a:43:5b:ec:1e:2a:4a:14:2f:e6:b5:42: 55:3d:1f:67:92:e6:0f:69:c1:dd:46:0d:18:42:2c: 06:33:0b:34:78:35:fd:e2:af:9a:c4:e2:d8:91:11: 8c:31:a3:ef:eb:e6:d6:42:b7:74:ac:5c:1a:8c:65: c4:e1:dc:52:99:a9:ad:fb:03:07:31:c6:90:7f:23: d6:19:07:a7:c3:01:73:e2:88:2d:bb:15:30:06:b9: 0b:99:2a:6a:44:17:a3:5d:52:22:ad:bc:21:f5:f9: b1:0a:a7:49:58:08:46:0a:5a:ac:9f:71:3d:d8:3c: 3b:21:6f:39:33:b2:ac:8f:59:02:84:de:07:27:d5: d3:e8:d0:fa:cb:fb:7b:36:5b:84:ed:af:b1:99:f0: 8b:b2:2f:7e:1a:73:e4:93:b7:37:c3:0f:bf:2c:20: 7c:5c:cf:35:17:24:5a:30:80:90:1c:fc:bb:2b:ac: d4:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:B8:65:74:4B:C5:C3:71:AC:1B:BE:76:89:52:E8:CF:4A:5F:32:02 X509v3 Authority Key Identifier: keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/DbhldEvFw3GsG752iVLoz0pfMgI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 64.137.52.0/23 104.233.0.0/21 104.238.0.0/22 Signature Algorithm: sha256WithRSAEncryption 5e:98:c3:df:10:2b:d7:d5:92:b1:df:57:63:19:a3:f0:c7:0f: 9b:f9:4d:5c:fc:f5:b5:99:77:e0:7d:8a:84:dd:b9:b8:d3:f3: 46:ba:3b:7a:0d:96:32:c1:9a:5f:35:05:a0:16:fa:5c:71:b3: e2:77:8f:47:58:bb:87:22:8b:0a:1a:5c:12:3c:3a:40:4d:43: da:c8:34:c9:81:64:42:9c:4f:18:4a:14:89:71:e8:5d:42:ff: 14:66:b8:08:5c:bc:2c:d7:31:7c:8b:b2:d1:7b:51:0c:20:1d: 36:0d:1b:a3:57:be:2c:b5:5b:2d:9f:fb:79:0e:71:3e:7a:cc: 4d:09:83:95:58:22:e2:c6:4f:97:f5:c2:89:01:36:cb:1a:90: 21:77:c8:76:c2:cb:fd:09:c5:98:ec:9a:8e:8a:26:4f:54:e5: 0e:db:f0:8d:00:a2:5b:67:62:fb:a9:9f:c0:2f:b2:8a:d9:21: 81:1b:6f:4f:90:98:c9:46:0a:5b:d3:6c:ee:45:54:50:b4:b3: 8b:c7:8d:16:9f:9f:0d:48:27:2a:20:b9:db:57:c1:3e:97:e0: 38:87:f3:b6:67:78:ec:0b:b9:73:dd:82:c0:37:d0:35:c2:8b: 26:63:75:22:7f:b1:1e:37:2b:f0:03:6b:d2:e4:d3:b0:53:ee: b7:5d:12:52 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt5ETeX2xXTznR1PDesXrFLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj Mzg1ZTkwHhcNMjYwMTAxMTAxODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZGI4NjU3NDRiYzVjMzcxYWMxYmJlNzY4OTUyZThjZjRhNWYzMjAyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1gZScz0KRWuAOSDo1gAIiKjWrY61 mISByOJXBxqv/CAZZy1BJTwc51EqyZaOyrFncV8RawKWnMaC4qvua1H9mumU+yau JPfQiamE8zdqQ1vsHipKFC/mtUJVPR9nkuYPacHdRg0YQiwGMws0eDX94q+axOLY kRGMMaPv6+bWQrd0rFwajGXE4dxSmamt+wMHMcaQfyPWGQenwwFz4ogtuxUwBrkL mSpqRBejXVIirbwh9fmxCqdJWAhGClqsn3E92Dw7IW85M7Ksj1kChN4HJ9XT6ND6 y/t7NluE7a+xmfCLsi9+GnPkk7c3ww+/LCB8XM81FyRaMICQHPy7K6zU6QIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFA24ZXRLxcNxrBu+dolS6M9KXzICMB8GA1UdIwQY MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt ZmIwNzk1NWYzYWFhLzEvRGJobGRFdkZ3M0dzRzc1MmlWTG96MHBmTWdJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBQIk0AwQD aOkAAwQCaO4AMA0GCSqGSIb3DQEBCwUAA4IBAQBemMPfECvX1ZKx31djGaPwxw+b +U1c/PW1mXfgfYqE3bm40/NGujt6DZYywZpfNQWgFvpccbPid49HWLuHIosKGlwS PDpATUPayDTJgWRCnE8YShSJcehdQv8UZrgIXLws1zF8i7LRe1EMIB02DRujV74s tVstn/t5DnE+esxNCYOVWCLixk+X9cKJATbLGpAhd8h2wsv9CcWY7JqOiiZPVOUO 2/CNAKJbZ2L7qZ/AL7KK2SGBG29PkJjJRgpb02zuRVRQtLOLx40Wn58NSCcqILnb V8E+l+A4h/O2Z3jsC7lz3YLAN9A1wosmY3Uif7EeNyvwA2vS5NOwU+63XRJS -----END CERTIFICATE-----Generated at Fri Jan 2 02:39:46 2026 by rpki-client