This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/K1561lCGECZ5OvgJVQN0GeH8TJs.roa File: K1561lCGECZ5OvgJVQN0GeH8TJs.roa (raw, json) Hash identifier: +n08ka0TVKTrE8aFQiMQ58wWPvYsmFQIk4Ftue/jvKM= Subject key identifier: 2B:5E:7A:D6:50:86:10:26:79:3A:F8:09:55:03:74:19:E1:FC:4C:9B Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9 Certificate serial: 019B791144520CC7B03C9758553A6804C04D Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/K1561lCGECZ5OvgJVQN0GeH8TJs.roa Signing time: Thu 01 Jan 2026 10:18:53 +0000 ROA not before: Thu 01 Jan 2026 10:18:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50053 IP address blocks: 104.238.27.0/24 maxlen: 24 104.249.40.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:44:52:0c:c7:b0:3c:97:58:55:3a:68:04:c0:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9 Validity Not Before: Jan 1 10:18:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2b5e7ad650861026793af80955037419e1fc4c9b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:cf:f6:c6:c2:34:4d:a7:f0:16:16:77:ff:5f: 8f:0b:40:a2:bf:9a:5d:6b:db:f0:b8:d1:c6:a3:b7: dd:b4:0c:cf:91:50:dc:82:c1:e6:0e:9e:b9:4f:e3: 64:38:ff:75:91:6e:c6:59:74:c6:54:0c:c9:cb:00: 56:8d:00:15:93:64:6e:ff:46:81:f1:6d:9c:cd:85: 56:53:c4:e6:a1:28:64:1c:3e:30:30:bc:00:da:15: 77:f1:56:b5:d6:20:28:5a:4f:08:65:a7:e0:c0:97: 00:7d:fa:13:97:01:e8:15:09:1c:b7:6c:e5:3a:98: 46:d9:4d:44:ff:c5:11:1e:76:89:9a:65:ff:81:ac: 77:76:c9:53:f7:d4:a2:fb:6c:49:82:61:f8:c7:8c: 69:34:d2:de:62:24:e7:fe:9e:18:0e:1e:c5:7f:be: bc:e2:4c:21:bf:3b:ac:85:77:df:4f:56:da:34:e3: 53:80:7e:dd:57:02:e6:77:fd:69:6d:f7:46:f2:bc: 80:24:5e:89:8d:93:62:a9:ae:35:9b:be:2a:7f:b6: be:6f:53:3b:78:d2:75:e6:df:3a:68:9c:f9:c2:45: c2:85:cf:18:60:82:57:18:fc:45:65:10:4f:12:e1: 1e:60:6c:ad:75:be:a0:7e:bc:f3:e9:e4:24:df:cc: f9:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:5E:7A:D6:50:86:10:26:79:3A:F8:09:55:03:74:19:E1:FC:4C:9B X509v3 Authority Key Identifier: keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/K1561lCGECZ5OvgJVQN0GeH8TJs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 104.238.27.0/24 104.249.40.0/24 Signature Algorithm: sha256WithRSAEncryption 70:3e:1e:4d:e5:1c:a5:d1:14:5d:36:53:54:80:1e:c8:c5:39: f7:cf:fb:e5:51:66:21:d1:57:f0:57:de:61:d2:91:af:b5:ac: 67:fe:18:f8:65:fb:18:75:35:ff:8f:75:33:46:ab:10:dc:99: 93:ad:e3:c6:81:87:63:75:e5:c7:18:d3:e5:01:0d:86:aa:c1: 41:02:52:1e:19:17:51:da:1a:97:66:0c:3d:11:cb:03:3d:e3: 67:f9:28:db:a0:14:59:f1:9b:d9:75:79:cd:15:2c:97:f1:70: 2e:46:83:54:8a:f3:3c:70:40:4f:cd:c6:7c:e6:86:1d:61:80: bb:8c:bd:a7:62:4b:01:99:20:83:5c:66:19:c6:7f:0d:fa:73: bc:82:89:73:42:18:ef:c0:3b:bb:31:42:64:84:51:bb:32:7b: 40:4b:0b:3f:9f:84:ee:83:40:69:8e:db:1b:b4:aa:c0:7a:20: 66:5c:3e:b5:40:f4:9f:14:64:e9:52:4f:9e:ce:b7:23:a3:38: 1e:4d:e7:d3:ea:d8:d8:30:4e:eb:20:16:bd:bd:5f:43:c0:81: 3a:6a:36:c1:4b:6c:60:05:7d:61:2d:55:48:c7:f6:61:6f:cb: d9:14:3a:97:1e:a5:fb:85:eb:44:6b:d1:8f:e3:09:7b:b0:5d: 24:9e:c5:99 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5EURSDMewPJdYVTpoBMBNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj Mzg1ZTkwHhcNMjYwMTAxMTAxODUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYjVlN2FkNjUwODYxMDI2NzkzYWY4MDk1NTAzNzQxOWUxZmM0YzliMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8/2xsI0TafwFhZ3/1+PC0Civ5pd a9vwuNHGo7fdtAzPkVDcgsHmDp65T+NkOP91kW7GWXTGVAzJywBWjQAVk2Ru/0aB 8W2czYVWU8TmoShkHD4wMLwA2hV38Va11iAoWk8IZafgwJcAffoTlwHoFQkct2zl OphG2U1E/8URHnaJmmX/gax3dslT99Si+2xJgmH4x4xpNNLeYiTn/p4YDh7Ff768 4kwhvzushXffT1baNONTgH7dVwLmd/1pbfdG8ryAJF6JjZNiqa41m74qf7a+b1M7 eNJ15t86aJz5wkXChc8YYIJXGPxFZRBPEuEeYGytdb6gfrzz6eQk38z5xwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFCteetZQhhAmeTr4CVUDdBnh/EybMB8GA1UdIwQY MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt ZmIwNzk1NWYzYWFhLzEvSzE1NjFsQ0dFQ1o1T3ZnSlZRTjBHZUg4VEpzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAaO4bAwQA aPkoMA0GCSqGSIb3DQEBCwUAA4IBAQBwPh5N5Ryl0RRdNlNUgB7IxTn3z/vlUWYh 0VfwV95h0pGvtaxn/hj4ZfsYdTX/j3UzRqsQ3JmTrePGgYdjdeXHGNPlAQ2GqsFB AlIeGRdR2hqXZgw9EcsDPeNn+SjboBRZ8ZvZdXnNFSyX8XAuRoNUivM8cEBPzcZ8 5oYdYYC7jL2nYksBmSCDXGYZxn8N+nO8golzQhjvwDu7MUJkhFG7MntASws/n4Tu g0BpjtsbtKrAeiBmXD61QPSfFGTpUk+ezrcjozgeTefT6tjYME7rIBa9vV9DwIE6 ajbBS2xgBX1hLVVIx/Zhb8vZFDqXHqX7hetEa9GP4wl7sF0knsWZ -----END CERTIFICATE-----Generated at Thu Jan 1 21:34:35 2026 by rpki-client