This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/I2e-OeRrYy2k_6Hk2S4t_mAtdT0.roa File: I2e-OeRrYy2k_6Hk2S4t_mAtdT0.roa (raw, json) Hash identifier: jVKCB1dArYz7FWnojMjSJNvxJg2Xpsns7xobitO+Msw= Subject key identifier: 23:67:BE:39:E4:6B:63:2D:A4:FF:A1:E4:D9:2E:2D:FE:60:2D:75:3D Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9 Certificate serial: 019B033A47E3C301907F367B1D7369F61D2F Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/I2e-OeRrYy2k_6Hk2S4t_mAtdT0.roa Signing time: Tue 09 Dec 2025 13:08:29 +0000 ROA not before: Tue 09 Dec 2025 13:08:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 174 IP address blocks: 104.238.28.0/24 maxlen: 24 104.238.31.0/24 maxlen: 24 104.243.192.0/24 maxlen: 24 204.52.104.0/24 maxlen: 24 216.173.88.0/23 maxlen: 23 216.173.92.0/24 maxlen: 24 216.173.93.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 11 Dec 2025 23:21:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:03:3a:47:e3:c3:01:90:7f:36:7b:1d:73:69:f6:1d:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9 Validity Not Before: Dec 9 13:08:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=2367be39e46b632da4ffa1e4d92e2dfe602d753d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:51:d0:ae:49:64:e4:d2:9b:3b:e8:de:4a:78: 42:3b:10:95:83:db:7f:d9:24:5d:24:d4:78:97:7c: 37:c7:6d:2c:cb:fd:72:f4:6a:e3:37:f6:07:2d:a9: 36:22:9b:1c:e4:f0:7e:33:89:79:c3:e1:f2:50:9f: 3e:f3:06:ad:f9:c0:a0:8a:40:de:4a:63:74:ae:37: 4b:34:f2:d9:e2:70:de:20:de:58:c4:1b:9e:02:8a: 6b:55:12:66:ad:61:e5:82:56:20:ad:9a:ab:95:48: 2f:5a:e6:1a:6f:d6:7e:cd:d4:99:26:20:e8:e2:ea: 4c:f8:19:ad:6a:82:03:ae:9e:7d:4e:99:6d:2e:d1: 2b:e5:7f:65:55:a4:f1:b5:ab:f3:4d:08:71:aa:9b: 62:1c:38:87:2c:57:cb:07:1f:85:8f:ad:68:56:6e: 9b:86:4e:52:47:6d:77:3e:6f:a1:3a:9e:5b:63:e8: b0:6e:03:b9:1e:6d:2a:c5:81:a2:9f:b8:6b:69:5f: 85:e7:5c:38:bd:db:f6:81:3b:48:f6:06:a9:5d:f0: 28:79:06:73:b6:32:bb:73:ad:ca:4d:b8:cf:f8:c7: 27:92:4f:f5:10:91:ea:db:6d:cf:55:33:0a:fe:7b: b8:93:67:c8:02:e3:a6:45:86:5c:03:d0:c8:f3:e3: 22:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:67:BE:39:E4:6B:63:2D:A4:FF:A1:E4:D9:2E:2D:FE:60:2D:75:3D X509v3 Authority Key Identifier: keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/I2e-OeRrYy2k_6Hk2S4t_mAtdT0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 104.238.28.0/24 104.238.31.0/24 104.243.192.0/24 204.52.104.0/24 216.173.88.0/23 216.173.92.0/23 Signature Algorithm: sha256WithRSAEncryption 44:46:41:82:6c:31:4c:87:a4:60:70:7d:30:68:4d:18:82:29: 1f:e7:40:96:55:89:ca:89:f6:48:21:64:c1:e0:17:c2:1e:41: 6b:0b:81:1a:02:8d:f0:5b:db:54:b6:7f:fd:87:f0:4a:28:b1: 57:9f:c0:51:e3:1e:47:48:7c:be:be:76:e4:f0:e4:0b:47:f9: 59:a1:8a:0e:15:54:56:64:5d:6c:35:3c:ac:d1:3a:ef:16:66: 78:ab:ec:9d:38:2b:48:9a:ae:15:86:3b:6b:7d:d0:7c:8f:81: 3f:d2:14:10:d4:b4:8a:01:00:e5:01:ac:39:35:1c:d3:18:70: ad:30:ea:d5:4f:01:04:70:47:d0:b5:87:2d:98:39:cd:59:c0: 93:0f:1c:5c:42:22:80:c2:55:d9:2c:58:b7:8c:06:74:92:b0: bc:04:a1:b3:0e:9f:49:36:52:45:e1:29:9c:ed:8b:2a:17:08: f5:58:f0:0d:d9:f8:28:97:05:c4:00:f8:9e:f7:8e:fd:05:3f: 0b:db:2b:3e:bd:7c:88:f9:11:a5:aa:96:be:0f:ff:82:43:e7: 37:27:20:07:d3:32:a8:05:6d:83:07:90:57:77:ea:09:5c:37: 29:a3:9d:9d:43:44:47:40:36:86:c0:f7:9f:07:b0:cc:ee:c0: 25:43:6c:85 -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZsDOkfjwwGQfzZ7HXNp9h0vMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj Mzg1ZTkwHhcNMjUxMjA5MTMwODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMzY3YmUzOWU0NmI2MzJkYTRmZmExZTRkOTJlMmRmZTYwMmQ3NTNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFHQrklk5NKbO+jeSnhCOxCVg9t/ 2SRdJNR4l3w3x20sy/1y9GrjN/YHLak2Ipsc5PB+M4l5w+HyUJ8+8wat+cCgikDe SmN0rjdLNPLZ4nDeIN5YxBueAoprVRJmrWHlglYgrZqrlUgvWuYab9Z+zdSZJiDo 4upM+BmtaoIDrp59TpltLtEr5X9lVaTxtavzTQhxqptiHDiHLFfLBx+Fj61oVm6b hk5SR213Pm+hOp5bY+iwbgO5Hm0qxYGin7hraV+F51w4vdv2gTtI9gapXfAoeQZz tjK7c63KTbjP+Mcnkk/1EJHq223PVTMK/nu4k2fIAuOmRYZcA9DI8+Mi+QIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFCNnvjnka2MtpP+h5NkuLf5gLXU9MB8GA1UdIwQY MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt ZmIwNzk1NWYzYWFhLzEvSTJlLU9lUnJZeTJrXzZIazJTNHRfbUF0ZFQwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAaO4cAwQA aO4fAwQAaPPAAwQAzDRoAwQB2K1YAwQB2K1cMA0GCSqGSIb3DQEBCwUAA4IBAQBE RkGCbDFMh6RgcH0waE0Ygikf50CWVYnKifZIIWTB4BfCHkFrC4EaAo3wW9tUtn/9 h/BKKLFXn8BR4x5HSHy+vnbk8OQLR/lZoYoOFVRWZF1sNTys0TrvFmZ4q+ydOCtI mq4VhjtrfdB8j4E/0hQQ1LSKAQDlAaw5NRzTGHCtMOrVTwEEcEfQtYctmDnNWcCT DxxcQiKAwlXZLFi3jAZ0krC8BKGzDp9JNlJF4Smc7YsqFwj1WPAN2fgolwXEAPie 9479BT8L2ys+vXyI+RGlqpa+D/+CQ+c3JyAH0zKoBW2DB5BXd+oJXDcpo52dQ0RH QDaGwPefB7DM7sAlQ2yF -----END CERTIFICATE-----Generated at Thu Dec 11 06:44:56 2025 by rpki-client