This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/KT3lNTMlzIyq_RwTbgPELwfPBAM.roa File: KT3lNTMlzIyq_RwTbgPELwfPBAM.roa (raw, json) Hash identifier: YekgxjJnEXSh+V7fahk5ENPziqlAQewmHIfsPIHMFAQ= Subject key identifier: 29:3D:E5:35:33:25:CC:8C:AA:FD:1C:13:6E:03:C4:2F:07:CF:04:03 Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9 Certificate serial: 019B79114B1799E0DBB1EF64757EE21101E8 Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/KT3lNTMlzIyq_RwTbgPELwfPBAM.roa Signing time: Thu 01 Jan 2026 10:18:54 +0000 ROA not before: Thu 01 Jan 2026 10:18:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 150445 IP address blocks: 64.137.75.0/24 maxlen: 24 64.137.84.0/24 maxlen: 24 64.137.90.0/24 maxlen: 24 64.137.126.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:4b:17:99:e0:db:b1:ef:64:75:7e:e2:11:01:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9 Validity Not Before: Jan 1 10:18:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=293de5353325cc8caafd1c136e03c42f07cf0403 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:92:ce:6c:49:5e:ed:fb:1c:82:23:4f:6e:03: 3c:f6:37:ac:78:6f:bc:95:28:44:7d:8b:12:5f:b4: 30:68:cd:bf:cb:ce:88:0e:b7:dc:92:79:53:85:b3: d2:20:1a:27:7d:93:e7:dc:70:47:8b:5c:29:88:f7: 39:c5:5b:1d:65:75:d1:ca:2b:ea:81:ce:bd:bc:cf: 66:17:39:46:1f:07:0e:e0:33:f4:28:d7:7e:f8:a6: 65:60:13:6f:88:b8:e8:a8:07:9c:6f:e5:a2:be:31: f9:0c:bc:ec:ac:d4:67:f5:59:d4:a7:ee:47:76:30: 62:6f:64:73:d5:73:0d:a3:7e:51:ec:15:3e:7f:63: f0:cc:e0:bc:7e:9d:a8:3d:bd:78:57:77:ef:d0:e4: 36:fd:32:e5:52:c3:6c:a1:92:fb:f3:fd:f8:33:e7: f7:e8:84:a8:93:bb:64:28:f8:67:ce:7f:60:c9:1c: 6a:8d:26:c9:ee:f7:99:81:85:aa:b9:19:1a:06:bd: 07:5e:96:b8:57:0a:85:0e:29:e4:92:d5:e5:7c:1a: 1d:19:50:d2:66:eb:23:c9:9a:93:02:3c:a0:ad:b9: a5:12:d0:f0:ce:fe:70:bd:ba:b9:2e:e7:ef:42:83: 39:4a:43:ba:33:fb:a8:f7:02:13:38:23:8f:e9:34: 24:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:3D:E5:35:33:25:CC:8C:AA:FD:1C:13:6E:03:C4:2F:07:CF:04:03 X509v3 Authority Key Identifier: keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/KT3lNTMlzIyq_RwTbgPELwfPBAM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 64.137.75.0/24 64.137.84.0/24 64.137.90.0/24 64.137.126.0/24 Signature Algorithm: sha256WithRSAEncryption 12:3c:4e:0c:db:24:2d:29:07:86:e8:10:0a:54:d5:ec:ee:d4: 4b:54:03:9b:d6:a8:a4:a6:67:26:36:a0:61:55:99:8f:79:a6: 5a:13:b0:98:22:74:82:de:cd:ff:db:d9:7d:c2:ba:34:4f:4c: 9c:01:81:7c:50:b5:49:3d:29:aa:5f:04:14:07:4d:3e:19:6c: 12:52:e9:bc:7b:6a:b2:a6:a3:e2:57:57:96:05:22:b1:dd:b4: c0:04:eb:40:e1:90:10:ab:c3:5c:b8:58:08:03:57:b9:e3:93: 60:fe:79:34:8d:c5:91:72:64:81:63:13:35:1c:49:0f:b2:14: 72:0e:ef:a8:36:b8:be:bf:e7:55:f5:3a:08:ca:8d:72:a7:e4: c2:af:fd:82:c1:46:c1:72:90:a4:42:89:ca:b3:88:57:8d:37: 3d:6f:91:f2:11:13:c9:e8:99:8d:fe:9c:5c:dc:95:41:9e:2c: 21:14:1b:c4:1d:19:3b:46:72:b4:71:c1:24:18:59:db:85:43: 62:19:ab:42:24:ea:6e:1b:6a:cb:9b:52:2c:6c:7e:c5:30:f7: 6f:62:5e:3b:b1:9c:f1:88:a7:39:e5:42:fd:e8:61:69:b9:77: c8:22:d0:f7:0c:8e:50:84:2a:41:93:83:6b:35:b1:00:83:a1: e9:30:99:2f -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt5EUsXmeDbse9kdX7iEQHoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj Mzg1ZTkwHhcNMjYwMTAxMTAxODU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOTNkZTUzNTMzMjVjYzhjYWFmZDFjMTM2ZTAzYzQyZjA3Y2YwNDAzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJLObEle7fscgiNPbgM89jeseG+8 lShEfYsSX7QwaM2/y86IDrfcknlThbPSIBonfZPn3HBHi1wpiPc5xVsdZXXRyivq gc69vM9mFzlGHwcO4DP0KNd++KZlYBNviLjoqAecb+WivjH5DLzsrNRn9VnUp+5H djBib2Rz1XMNo35R7BU+f2PwzOC8fp2oPb14V3fv0OQ2/TLlUsNsoZL78/34M+f3 6ISok7tkKPhnzn9gyRxqjSbJ7veZgYWquRkaBr0HXpa4VwqFDinkktXlfBodGVDS ZusjyZqTAjygrbmlEtDwzv5wvbq5LufvQoM5SkO6M/uo9wITOCOP6TQkXwIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFCk95TUzJcyMqv0cE24DxC8HzwQDMB8GA1UdIwQY MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt ZmIwNzk1NWYzYWFhLzEvS1QzbE5UTWx6SXlxX1J3VGJnUEVMd2ZQQkFNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAQIlLAwQA QIlUAwQAQIlaAwQAQIl+MA0GCSqGSIb3DQEBCwUAA4IBAQASPE4M2yQtKQeG6BAK VNXs7tRLVAOb1qikpmcmNqBhVZmPeaZaE7CYInSC3s3/29l9wro0T0ycAYF8ULVJ PSmqXwQUB00+GWwSUum8e2qypqPiV1eWBSKx3bTABOtA4ZAQq8NcuFgIA1e545Ng /nk0jcWRcmSBYxM1HEkPshRyDu+oNri+v+dV9ToIyo1yp+TCr/2CwUbBcpCkQonK s4hXjTc9b5HyERPJ6JmN/pxc3JVBniwhFBvEHRk7RnK0ccEkGFnbhUNiGatCJOpu G2rLm1IsbH7FMPdvYl47sZzxiKc55UL96GFpuXfIItD3DI5QhCpBk4NrNbEAg6Hp MJkv -----END CERTIFICATE-----Generated at Fri Jan 2 02:39:53 2026 by rpki-client