This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/PJUgOfGzBf0F5wPTEQ_B1HwVUl8.roa File: PJUgOfGzBf0F5wPTEQ_B1HwVUl8.roa (raw, json) Hash identifier: pRPLkiO0k08M058szvX08eWP3oo4RKEH6OPfcR8S/Dk= Subject key identifier: 3C:95:20:39:F1:B3:05:FD:05:E7:03:D3:11:0F:C1:D4:7C:15:52:5F Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9 Certificate serial: 019B79114FEB2042524827B216059DBEEE09 Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/PJUgOfGzBf0F5wPTEQ_B1HwVUl8.roa Signing time: Thu 01 Jan 2026 10:18:56 +0000 ROA not before: Thu 01 Jan 2026 10:18:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209183 IP address blocks: 104.238.30.0/24 maxlen: 24 104.239.74.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:4f:eb:20:42:52:48:27:b2:16:05:9d:be:ee:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9 Validity Not Before: Jan 1 10:18:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3c952039f1b305fd05e703d3110fc1d47c15525f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:47:ff:27:8a:9d:9b:a2:d8:0b:30:c2:f8:e8: 69:d7:0f:9b:6a:e6:8a:cb:b6:73:41:7d:87:30:da: 54:e6:40:1a:03:d6:5e:bc:cc:59:d8:6a:58:a6:11: 2f:3b:f8:7a:9b:15:4f:2b:4c:c0:2a:33:70:5b:65: 22:30:92:35:d6:6e:ad:c5:5c:19:67:dc:c7:92:cb: 92:9f:4b:17:5e:94:0c:c1:7d:24:3d:26:22:a2:3c: a2:af:b7:2f:65:71:2c:bc:04:e3:d7:90:65:74:d3: fc:a1:29:fb:ec:f3:9c:b2:df:a5:93:d0:07:35:64: 34:27:79:16:d8:61:ed:b2:b2:53:86:fd:9c:5d:e0: cb:33:90:37:2c:75:ff:80:a5:fb:97:81:3e:d1:02: 98:42:6d:da:cc:95:4d:51:82:f0:77:59:40:ec:e4: c1:61:40:57:05:41:68:83:c0:16:98:f5:5a:4f:6d: ee:b4:06:b4:0d:db:fd:0d:94:b4:20:9a:28:07:f2: 75:48:74:23:ef:31:65:e2:e9:41:49:db:ec:03:cb: 0b:b0:40:33:33:f9:f5:9c:4e:3c:67:f2:68:67:1c: 25:31:64:5d:9a:3b:3f:b9:46:d2:76:ab:a8:56:95: ff:b9:bb:65:d2:b8:50:1a:3a:79:ad:7b:54:fe:61: 87:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:95:20:39:F1:B3:05:FD:05:E7:03:D3:11:0F:C1:D4:7C:15:52:5F X509v3 Authority Key Identifier: keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/PJUgOfGzBf0F5wPTEQ_B1HwVUl8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 104.238.30.0/24 104.239.74.0/24 Signature Algorithm: sha256WithRSAEncryption 28:7d:d0:ea:51:cd:c3:13:90:bb:12:02:47:78:c5:27:96:e8: bc:ee:b0:36:03:2e:3c:93:f1:0e:f8:c3:b2:88:33:09:1a:30: a7:65:12:09:a9:2c:d2:bd:4f:32:16:bc:4f:24:5c:b6:c8:1d: a6:d0:20:9e:2f:c4:f9:98:40:b8:82:a0:f8:f5:58:df:bd:8f: 78:7f:1b:f8:3f:06:dd:0c:31:b7:2d:8f:b9:cf:03:f0:78:04: 2e:3b:9e:2e:1f:49:00:45:69:02:59:de:28:88:be:90:5f:ac: 9e:0f:db:90:63:d7:16:a9:87:cc:d8:d6:dc:c7:60:63:8a:88: b9:89:97:72:17:bf:70:22:80:73:96:cc:a4:51:d8:f5:62:07: 87:db:29:cc:56:74:3c:d5:a0:ef:1d:57:f6:6c:f8:aa:24:4c: 9c:75:ce:2c:0e:ea:5c:7e:e3:4e:b0:07:93:61:32:72:1e:31: c9:4b:90:2e:ec:d8:f4:b7:5d:d2:7e:5e:1e:ad:aa:3f:ca:6e: d8:50:41:ba:46:41:50:08:4b:62:13:0c:cd:de:6b:71:4e:67: 78:7a:cb:65:e9:5b:de:d1:a9:48:8c:b4:29:8e:25:52:9a:0b: 72:3a:e6:45:2e:bf:d1:11:89:e6:c1:d1:03:be:bc:66:32:7f: 74:da:6d:67 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5EU/rIEJSSCeyFgWdvu4JMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj Mzg1ZTkwHhcNMjYwMTAxMTAxODU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYzk1MjAzOWYxYjMwNWZkMDVlNzAzZDMxMTBmYzFkNDdjMTU1MjVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUf/J4qdm6LYCzDC+Ohp1w+bauaK y7ZzQX2HMNpU5kAaA9ZevMxZ2GpYphEvO/h6mxVPK0zAKjNwW2UiMJI11m6txVwZ Z9zHksuSn0sXXpQMwX0kPSYiojyir7cvZXEsvATj15BldNP8oSn77POcst+lk9AH NWQ0J3kW2GHtsrJThv2cXeDLM5A3LHX/gKX7l4E+0QKYQm3azJVNUYLwd1lA7OTB YUBXBUFog8AWmPVaT23utAa0Ddv9DZS0IJooB/J1SHQj7zFl4ulBSdvsA8sLsEAz M/n1nE48Z/JoZxwlMWRdmjs/uUbSdquoVpX/ubtl0rhQGjp5rXtU/mGHnwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFDyVIDnxswX9BecD0xEPwdR8FVJfMB8GA1UdIwQY MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt ZmIwNzk1NWYzYWFhLzEvUEpVZ09mR3pCZjBGNXdQVEVRX0IxSHdWVWw4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAaO4eAwQA aO9KMA0GCSqGSIb3DQEBCwUAA4IBAQAofdDqUc3DE5C7EgJHeMUnlui87rA2Ay48 k/EO+MOyiDMJGjCnZRIJqSzSvU8yFrxPJFy2yB2m0CCeL8T5mEC4gqD49VjfvY94 fxv4PwbdDDG3LY+5zwPweAQuO54uH0kARWkCWd4oiL6QX6yeD9uQY9cWqYfM2Nbc x2Bjioi5iZdyF79wIoBzlsykUdj1YgeH2ynMVnQ81aDvHVf2bPiqJEycdc4sDupc fuNOsAeTYTJyHjHJS5Au7Nj0t13Sfl4erao/ym7YUEG6RkFQCEtiEwzN3mtxTmd4 estl6Vve0alIjLQpjiVSmgtyOuZFLr/REYnmwdEDvrxmMn902m1n -----END CERTIFICATE-----Generated at Fri Jan 2 02:42:29 2026 by rpki-client