This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YzUy3B_sIWfxRgNgqZ-XdBLTX7o.roa File: YzUy3B_sIWfxRgNgqZ-XdBLTX7o.roa (raw, json) Hash identifier: 6i18dYhqP9oZOk1XvDjTLpvwNHO4Bs+cVnk2HAZQXw0= Subject key identifier: 63:35:32:DC:1F:EC:21:67:F1:46:03:60:A9:9F:97:74:12:D3:5F:BA Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9 Certificate serial: 019B7911567CC1C5A122465CE6013647FECD Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YzUy3B_sIWfxRgNgqZ-XdBLTX7o.roa Signing time: Thu 01 Jan 2026 10:18:58 +0000 ROA not before: Thu 01 Jan 2026 10:18:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214706 IP address blocks: 45.43.162.0/24 maxlen: 24 104.167.0.0/24 maxlen: 24 104.239.82.0/24 maxlen: 24 104.239.98.0/24 maxlen: 24 204.52.107.0/24 maxlen: 24 216.173.95.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:56:7c:c1:c5:a1:22:46:5c:e6:01:36:47:fe:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9 Validity Not Before: Jan 1 10:18:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=633532dc1fec2167f1460360a99f977412d35fba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:a0:c1:9c:79:7b:07:c0:3b:73:5c:2f:7c:a5: 50:f1:5b:19:43:bd:65:0f:19:e2:f7:e1:54:29:20: 8b:ae:5a:99:9e:f5:92:63:82:16:dc:db:7e:c8:28: 3f:91:35:5e:4e:2f:12:0a:eb:c1:2d:a8:ab:95:23: e7:ec:fe:c1:f6:27:3c:1c:aa:4d:1d:80:c8:b1:ec: 71:5a:4f:d2:4f:e8:41:11:dd:90:6b:e8:18:63:71: 9b:28:a2:1c:93:b1:aa:41:94:d5:d8:e9:58:a0:84: a8:2f:48:81:6e:c3:b8:24:25:59:4b:c2:ab:29:a3: 5b:8d:55:ee:84:cb:c0:d6:f4:aa:c0:6a:52:3c:ec: cc:3e:92:e7:f7:5d:91:c8:01:f2:c3:82:ab:58:47: 60:b0:62:b3:81:60:46:3c:0c:2b:58:db:6c:a5:4a: 3f:85:a0:7e:ea:a7:47:ee:b0:90:7c:3c:6a:50:f1: b9:21:b8:20:7e:c1:24:26:11:03:13:2d:4d:3a:97: 5a:24:72:c2:5b:1b:6d:37:f7:44:48:17:0d:86:27: 4d:82:45:c0:37:f1:9e:64:fd:4f:87:5e:af:da:46: 76:58:c4:5d:df:ac:cd:87:32:78:49:02:d2:5e:28: 15:3f:80:ea:68:cf:11:15:ac:8e:9d:9a:31:d6:71: ae:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:35:32:DC:1F:EC:21:67:F1:46:03:60:A9:9F:97:74:12:D3:5F:BA X509v3 Authority Key Identifier: keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YzUy3B_sIWfxRgNgqZ-XdBLTX7o.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.43.162.0/24 104.167.0.0/24 104.239.82.0/24 104.239.98.0/24 204.52.107.0/24 216.173.95.0/24 Signature Algorithm: sha256WithRSAEncryption 9b:0b:c8:c5:a3:e1:53:75:2d:0a:fa:81:49:0c:bc:e4:e0:d7: 21:8e:b9:8b:20:3f:b4:39:19:0d:2c:78:58:c7:a9:8e:11:97: a3:0b:88:69:15:6b:0d:54:ba:4c:a4:bd:4d:d4:6d:23:a7:82: cf:68:44:f7:8c:da:72:d5:b4:91:c2:a3:57:26:39:41:10:75: eb:2c:6d:fa:65:75:73:98:ca:8c:64:66:a3:d4:22:03:d8:48: f6:0f:df:3a:32:92:48:a3:ff:15:f8:be:e6:22:08:b6:5a:f5: ad:d3:21:bc:74:0d:10:93:78:6c:f1:bd:70:f9:5b:03:e5:90: 0a:54:aa:11:a1:1c:7a:f7:85:c9:76:d3:0d:8a:8e:f1:03:bf: 39:1e:fc:d2:61:b0:95:31:26:7e:50:6d:3b:c3:e5:4e:26:e8: b0:d2:42:2a:22:54:98:30:55:2c:85:52:11:6b:68:41:e3:55: 60:3f:5e:8b:aa:3e:30:0c:37:e8:21:86:46:5b:ee:8a:ac:86: 6e:9b:14:fb:13:60:88:40:ee:33:c5:82:ab:03:72:21:80:a2: bc:39:13:ae:46:40:5e:b9:0c:17:a2:8a:cc:2d:c2:ee:04:d9: bd:b3:29:ea:7c:99:3d:41:c5:0f:72:1b:f3:02:68:36:0c:fd: dd:21:fc:ee -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt5EVZ8wcWhIkZc5gE2R/7NMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj Mzg1ZTkwHhcNMjYwMTAxMTAxODU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MzM1MzJkYzFmZWMyMTY3ZjE0NjAzNjBhOTlmOTc3NDEyZDM1ZmJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqDBnHl7B8A7c1wvfKVQ8VsZQ71l Dxni9+FUKSCLrlqZnvWSY4IW3Nt+yCg/kTVeTi8SCuvBLairlSPn7P7B9ic8HKpN HYDIsexxWk/ST+hBEd2Qa+gYY3GbKKIck7GqQZTV2OlYoISoL0iBbsO4JCVZS8Kr KaNbjVXuhMvA1vSqwGpSPOzMPpLn912RyAHyw4KrWEdgsGKzgWBGPAwrWNtspUo/ haB+6qdH7rCQfDxqUPG5IbggfsEkJhEDEy1NOpdaJHLCWxttN/dESBcNhidNgkXA N/GeZP1Ph16v2kZ2WMRd36zNhzJ4SQLSXigVP4DqaM8RFayOnZox1nGurwIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFGM1Mtwf7CFn8UYDYKmfl3QS01+6MB8GA1UdIwQY MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt ZmIwNzk1NWYzYWFhLzEvWXpVeTNCX3NJV2Z4UmdOZ3FaLVhkQkxUWDdvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALSuiAwQA aKcAAwQAaO9SAwQAaO9iAwQAzDRrAwQA2K1fMA0GCSqGSIb3DQEBCwUAA4IBAQCb C8jFo+FTdS0K+oFJDLzk4NchjrmLID+0ORkNLHhYx6mOEZejC4hpFWsNVLpMpL1N 1G0jp4LPaET3jNpy1bSRwqNXJjlBEHXrLG36ZXVzmMqMZGaj1CID2Ej2D986MpJI o/8V+L7mIgi2WvWt0yG8dA0Qk3hs8b1w+VsD5ZAKVKoRoRx694XJdtMNio7xA785 HvzSYbCVMSZ+UG07w+VOJuiw0kIqIlSYMFUshVIRa2hB41VgP16Lqj4wDDfoIYZG W+6KrIZumxT7E2CIQO4zxYKrA3IhgKK8OROuRkBeuQwXoorMLcLuBNm9synqfJk9 QcUPchvzAmg2DP3dIfzu -----END CERTIFICATE-----Generated at Fri Jan 2 02:42:39 2026 by rpki-client