This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/F6o9jUifoRshK6jAyshoJykDjsU.roa File: F6o9jUifoRshK6jAyshoJykDjsU.roa (raw, json) Hash identifier: QVsRnoCjmzsNISribuipUsFnsRJ8WlmzqIlDK6TvGB4= Subject key identifier: 17:AA:3D:8D:48:9F:A1:1B:21:2B:A8:C0:CA:C8:68:27:29:03:8E:C5 Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9 Certificate serial: 019B7911369F01F29F5EFB3DD6DF7D22FC55 Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/F6o9jUifoRshK6jAyshoJykDjsU.roa Signing time: Thu 01 Jan 2026 10:18:49 +0000 ROA not before: Thu 01 Jan 2026 10:18:49 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 174 IP address blocks: 104.238.28.0/24 maxlen: 24 104.238.31.0/24 maxlen: 24 104.243.192.0/24 maxlen: 24 204.52.104.0/24 maxlen: 24 216.173.88.0/23 maxlen: 23 216.173.92.0/24 maxlen: 24 216.173.93.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:36:9f:01:f2:9f:5e:fb:3d:d6:df:7d:22:fc:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9 Validity Not Before: Jan 1 10:18:49 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=17aa3d8d489fa11b212ba8c0cac8682729038ec5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:87:6b:7f:08:28:c4:db:a9:9c:dc:24:81:46: dd:84:32:e4:db:56:62:ff:c5:4e:6e:0f:5f:05:be: f9:38:01:f2:cd:50:29:d5:45:e5:ec:e9:3a:d0:fb: c4:00:04:08:4b:79:28:ac:99:f6:aa:73:00:1f:90: 7c:c1:1a:b3:59:76:a0:c2:b7:0a:32:32:0f:48:0c: f1:46:76:b6:7c:9a:1f:03:c3:cf:b4:e9:d9:7f:0e: 81:74:39:54:7e:d4:c1:30:98:45:ad:0d:14:4c:e3: bc:58:40:98:1f:95:ce:90:4d:89:ae:0c:b0:b4:5b: 29:71:d9:39:1a:3a:a4:b3:55:87:b9:96:34:0b:4e: c4:e4:c1:54:f7:5e:ad:52:b5:8d:97:1f:82:88:35: e7:a5:70:43:f1:40:c2:60:8d:ad:65:32:a5:b1:0c: c2:f6:de:23:fd:b5:43:f0:fb:7e:70:50:cf:0c:d5: 26:ff:59:66:db:19:40:82:7b:b6:d4:ec:ac:14:fb: eb:43:09:18:9d:0f:39:66:e6:b0:9f:6f:b9:72:d7: 38:55:e8:b3:6e:53:53:ba:13:5b:9d:81:a1:72:9e: 3d:d5:01:22:10:da:e7:a9:4f:58:e2:99:02:f8:25: 4a:75:ea:e6:5d:35:f8:99:35:20:8c:f0:e4:47:50: d5:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:AA:3D:8D:48:9F:A1:1B:21:2B:A8:C0:CA:C8:68:27:29:03:8E:C5 X509v3 Authority Key Identifier: keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/F6o9jUifoRshK6jAyshoJykDjsU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 104.238.28.0/24 104.238.31.0/24 104.243.192.0/24 204.52.104.0/24 216.173.88.0/23 216.173.92.0/23 Signature Algorithm: sha256WithRSAEncryption 3f:5c:56:29:6f:3b:5c:dd:ce:d5:a2:80:e0:82:7f:14:a4:b9: 2c:a8:8e:b8:e5:59:76:5e:5b:13:b3:eb:0d:69:19:64:27:70: fa:e2:e2:f9:fd:cf:75:4d:21:85:20:c5:63:48:c8:42:f3:0d: 43:be:4d:54:8d:25:96:80:8b:82:e7:de:dd:0f:f8:36:fe:57: 45:61:cb:a2:53:3d:45:e8:f9:70:0b:e3:f3:92:af:e1:7c:96: 8a:95:1f:45:d0:0b:8d:53:2b:d4:df:0d:15:3e:b7:71:c6:9a: fa:8c:25:53:ae:a2:89:61:1e:06:6c:cc:df:34:82:b1:5c:a9: 8d:da:bb:fe:38:c4:a7:09:93:84:d2:63:8f:9b:1c:74:84:51: 0c:37:c9:9a:59:e3:3d:25:70:00:0f:a4:c3:d5:40:28:19:30: 31:72:bc:a0:9c:4f:ab:0c:90:e1:16:63:f5:25:0d:df:06:a4: 2b:93:ad:a0:1d:23:0c:5c:e2:7c:02:52:4f:c1:29:fe:9e:09: 34:8a:69:4e:74:61:e5:a8:ad:39:f3:f5:e2:f8:66:6e:32:e9: 12:49:84:b3:0f:25:89:3a:bc:6d:0f:d0:4a:88:7d:dc:39:78: 7c:c0:48:e8:93:0d:8d:5a:68:aa:39:ca:cf:21:18:64:d2:17: b8:0f:5f:00 -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt5ETafAfKfXvs91t99IvxVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj Mzg1ZTkwHhcNMjYwMTAxMTAxODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxN2FhM2Q4ZDQ4OWZhMTFiMjEyYmE4YzBjYWM4NjgyNzI5MDM4ZWM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYdrfwgoxNupnNwkgUbdhDLk21Zi /8VObg9fBb75OAHyzVAp1UXl7Ok60PvEAAQIS3korJn2qnMAH5B8wRqzWXagwrcK MjIPSAzxRna2fJofA8PPtOnZfw6BdDlUftTBMJhFrQ0UTOO8WECYH5XOkE2Jrgyw tFspcdk5Gjqks1WHuZY0C07E5MFU916tUrWNlx+CiDXnpXBD8UDCYI2tZTKlsQzC 9t4j/bVD8Pt+cFDPDNUm/1lm2xlAgnu21OysFPvrQwkYnQ85Zuawn2+5ctc4Veiz blNTuhNbnYGhcp491QEiENrnqU9Y4pkC+CVKdermXTX4mTUgjPDkR1DVaQIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFBeqPY1In6EbISuowMrIaCcpA47FMB8GA1UdIwQY MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt ZmIwNzk1NWYzYWFhLzEvRjZvOWpVaWZvUnNoSzZqQXlzaG9KeWtEanNVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAaO4cAwQA aO4fAwQAaPPAAwQAzDRoAwQB2K1YAwQB2K1cMA0GCSqGSIb3DQEBCwUAA4IBAQA/ XFYpbztc3c7VooDggn8UpLksqI645Vl2XlsTs+sNaRlkJ3D64uL5/c91TSGFIMVj SMhC8w1Dvk1UjSWWgIuC597dD/g2/ldFYcuiUz1F6PlwC+Pzkq/hfJaKlR9F0AuN UyvU3w0VPrdxxpr6jCVTrqKJYR4GbMzfNIKxXKmN2rv+OMSnCZOE0mOPmxx0hFEM N8maWeM9JXAAD6TD1UAoGTAxcrygnE+rDJDhFmP1JQ3fBqQrk62gHSMMXOJ8AlJP wSn+ngk0imlOdGHlqK058/Xi+GZuMukSSYSzDyWJOrxtD9BKiH3cOXh8wEjokw2N WmiqOcrPIRhk0he4D18A -----END CERTIFICATE-----Generated at Fri Jan 2 02:42:13 2026 by rpki-client