This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/MBAYvLPuLSz9inxp4uSw7zPg5wI.roa File: MBAYvLPuLSz9inxp4uSw7zPg5wI.roa (raw, json) Hash identifier: okFcuP1AipqC5eGFf7ohOfnw0VStIcjb8XO1ViyiZ5M= Subject key identifier: 30:10:18:BC:B3:EE:2D:2C:FD:8A:7C:69:E2:E4:B0:EF:33:E0:E7:02 Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9 Certificate serial: 019B7911564C684C63348F5760E818140866 Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/MBAYvLPuLSz9inxp4uSw7zPg5wI.roa Signing time: Thu 01 Jan 2026 10:18:57 +0000 ROA not before: Thu 01 Jan 2026 10:18:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214449 IP address blocks: 104.222.176.0/24 maxlen: 24 104.233.56.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:56:4c:68:4c:63:34:8f:57:60:e8:18:14:08:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9 Validity Not Before: Jan 1 10:18:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=301018bcb3ee2d2cfd8a7c69e2e4b0ef33e0e702 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:19:e3:6e:47:5d:e0:2e:d1:58:cb:d7:a3:b1: c2:64:b9:a4:0a:3d:b5:52:7b:f5:89:a9:32:8c:95: 07:d5:9d:6b:aa:5d:19:82:11:9f:cc:c6:a2:07:59: 6d:11:89:1d:80:eb:93:b8:9f:e1:6c:3e:8a:f7:54: df:00:6c:01:67:c2:58:0a:11:54:e9:c9:94:ad:25: 70:06:8b:c2:0f:93:ec:cd:b1:16:d6:69:7a:ab:5f: fb:03:0a:c9:bc:ff:d6:64:b8:72:bb:95:a2:9a:04: c1:1e:71:8b:8a:0a:eb:5a:83:a1:06:84:d5:15:1e: ac:5b:48:06:b9:66:d9:d8:08:18:12:34:2a:c9:b4: c6:70:5c:1f:d7:bc:5a:cf:44:bf:37:d0:cd:d2:0a: bf:10:dd:92:5e:10:20:49:86:28:ac:0a:d4:84:28: d3:aa:a3:b0:9e:4a:29:54:a7:d8:f5:a2:7e:ab:0b: 07:2c:89:41:da:a4:1b:c1:2a:f5:5f:d9:69:b6:58: 44:0d:54:a9:46:bf:38:db:bb:fc:0f:40:71:22:1c: 9d:1a:27:34:4a:66:74:1c:cf:70:75:fc:78:26:85: f0:74:de:d7:63:e8:57:c4:c6:aa:67:38:0b:79:64: c6:50:b2:f8:1a:88:aa:b3:11:bd:b2:0f:e5:81:d0: 7c:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:10:18:BC:B3:EE:2D:2C:FD:8A:7C:69:E2:E4:B0:EF:33:E0:E7:02 X509v3 Authority Key Identifier: keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/MBAYvLPuLSz9inxp4uSw7zPg5wI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 104.222.176.0/24 104.233.56.0/24 Signature Algorithm: sha256WithRSAEncryption 22:78:1d:e2:a5:57:b1:00:84:88:2f:c2:5f:53:e6:95:e7:1f: cc:7b:74:1f:9d:19:ad:11:e3:24:05:58:b3:0f:aa:de:a7:82: 0c:98:48:9d:f5:90:98:d3:3f:79:b3:5a:f8:d7:69:d8:d4:81: 04:31:0a:d2:32:80:01:3d:dc:6e:da:3b:8f:e9:52:fd:88:2b: 3e:da:c1:8f:79:b2:b7:7b:03:19:f7:71:59:b6:95:6a:f0:a1: 9f:41:3a:e1:16:7a:d0:3c:53:58:84:22:b0:1e:2a:0e:f3:f2: 87:2b:37:25:92:63:98:ac:b7:ff:d3:ae:45:94:01:16:85:55: d6:21:0f:09:ec:9a:9b:64:80:dc:bb:83:10:22:61:7f:cc:50: d2:11:d5:11:1f:e6:96:d8:50:a1:f8:ce:b7:da:a9:30:f3:ee: d7:0f:db:e7:74:a9:d9:4e:08:ce:0e:76:d1:70:ee:19:df:77: 8a:0f:e4:e9:d6:a5:2a:d3:6b:9b:c2:e2:53:81:88:95:ec:05: 48:21:44:58:1b:d9:a8:f0:ec:d4:a5:10:b9:1f:41:dd:69:b0: 8d:3c:5f:d8:59:7b:96:80:d2:1d:fb:03:03:fe:08:7f:ae:95: 97:72:8a:b3:b6:46:91:96:70:d0:4b:b3:31:54:57:25:f9:d8: 42:61:30:38 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5EVZMaExjNI9XYOgYFAhmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj Mzg1ZTkwHhcNMjYwMTAxMTAxODU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMDEwMThiY2IzZWUyZDJjZmQ4YTdjNjllMmU0YjBlZjMzZTBlNzAyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxnjbkdd4C7RWMvXo7HCZLmkCj21 Unv1iakyjJUH1Z1rql0ZghGfzMaiB1ltEYkdgOuTuJ/hbD6K91TfAGwBZ8JYChFU 6cmUrSVwBovCD5PszbEW1ml6q1/7AwrJvP/WZLhyu5WimgTBHnGLigrrWoOhBoTV FR6sW0gGuWbZ2AgYEjQqybTGcFwf17xaz0S/N9DN0gq/EN2SXhAgSYYorArUhCjT qqOwnkopVKfY9aJ+qwsHLIlB2qQbwSr1X9lptlhEDVSpRr8427v8D0BxIhydGic0 SmZ0HM9wdfx4JoXwdN7XY+hXxMaqZzgLeWTGULL4GoiqsxG9sg/lgdB87wIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFDAQGLyz7i0s/Yp8aeLksO8z4OcCMB8GA1UdIwQY MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt ZmIwNzk1NWYzYWFhLzEvTUJBWXZMUHVMU3o5aW54cDR1U3c3elBnNXdJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAaN6wAwQA aOk4MA0GCSqGSIb3DQEBCwUAA4IBAQAieB3ipVexAISIL8JfU+aV5x/Me3QfnRmt EeMkBVizD6rep4IMmEid9ZCY0z95s1r412nY1IEEMQrSMoABPdxu2juP6VL9iCs+ 2sGPebK3ewMZ93FZtpVq8KGfQTrhFnrQPFNYhCKwHioO8/KHKzclkmOYrLf/065F lAEWhVXWIQ8J7JqbZIDcu4MQImF/zFDSEdURH+aW2FCh+M632qkw8+7XD9vndKnZ TgjODnbRcO4Z33eKD+Tp1qUq02ubwuJTgYiV7AVIIURYG9mo8OzUpRC5H0HdabCN PF/YWXuWgNId+wMD/gh/rpWXcoqztkaRlnDQS7MxVFcl+dhCYTA4 -----END CERTIFICATE-----Generated at Fri Jan 2 02:36:37 2026 by rpki-client