This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/f0b5MqOONe23-FGK0SZ2BoG3ztw.roa File: f0b5MqOONe23-FGK0SZ2BoG3ztw.roa (raw, json) Hash identifier: XSlhvjEy5dqO4tK63qO7hW/51PXOO/ev2jUNxafybLU= Subject key identifier: 7F:46:F9:32:A3:8E:35:ED:B7:F8:51:8A:D1:26:76:06:81:B7:CE:DC Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9 Certificate serial: 019B791137F5E39337D783269BE15B4612AC Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/f0b5MqOONe23-FGK0SZ2BoG3ztw.roa Signing time: Thu 01 Jan 2026 10:18:50 +0000 ROA not before: Thu 01 Jan 2026 10:18:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3320 IP address blocks: 64.137.29.0/24 maxlen: 24 64.137.34.0/23 maxlen: 23 64.137.40.0/23 maxlen: 23 64.137.114.0/24 maxlen: 24 64.137.119.0/24 maxlen: 24 64.137.125.0/24 maxlen: 24 64.137.127.0/24 maxlen: 24 84.246.108.0/24 maxlen: 24 204.52.112.0/20 maxlen: 24 204.52.120.0/24 maxlen: 24 204.52.121.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:37:f5:e3:93:37:d7:83:26:9b:e1:5b:46:12:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9 Validity Not Before: Jan 1 10:18:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7f46f932a38e35edb7f8518ad126760681b7cedc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:1b:b9:3a:48:91:40:1f:f5:39:5b:e7:0c:58: 1b:d7:c4:42:cc:9a:11:ea:a2:a9:3d:7d:2a:ce:3f: 3c:9d:a8:4b:61:ef:0c:fd:79:41:7a:e0:57:49:94: 1a:55:f3:9e:1e:d8:03:11:f2:06:1d:43:c9:f7:29: 05:96:4e:dc:73:f1:d9:6c:16:8a:0d:03:fc:76:e4: 7b:45:aa:55:9e:47:2b:a1:61:fc:68:5a:ea:98:93: f1:89:85:22:e2:27:ca:7e:b9:e5:67:96:88:56:9a: 32:c8:4e:85:21:58:28:23:4b:f3:06:23:01:10:80: 5b:87:d0:a2:4b:42:93:b3:fe:a9:96:5a:2f:de:b2: 6d:65:bb:f2:bc:4c:c8:77:da:f9:96:24:b1:65:a4: d8:b7:f4:08:2b:0a:41:db:bc:4b:cc:d3:67:49:91: cb:f7:cc:10:69:ed:39:8a:02:6c:43:8f:e9:64:ed: 95:5e:96:e7:98:d6:2d:d0:1e:7b:c5:8c:a1:23:b1: 08:d1:49:25:e6:bb:b2:bf:8f:88:62:08:eb:59:da: b6:27:32:57:41:2c:40:60:2e:02:43:07:df:3e:1e: bd:a3:9d:44:ab:a6:d7:ce:4c:4a:0a:f7:55:ed:7e: 29:50:db:66:79:e1:ee:1a:ed:fa:27:40:ff:fb:9a: ce:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:46:F9:32:A3:8E:35:ED:B7:F8:51:8A:D1:26:76:06:81:B7:CE:DC X509v3 Authority Key Identifier: keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/f0b5MqOONe23-FGK0SZ2BoG3ztw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 64.137.29.0/24 64.137.34.0/23 64.137.40.0/23 64.137.114.0/24 64.137.119.0/24 64.137.125.0/24 64.137.127.0/24 84.246.108.0/24 204.52.112.0/20 Signature Algorithm: sha256WithRSAEncryption 47:03:73:cb:6c:18:0f:cb:0e:8a:1e:0c:f6:88:8e:ef:7e:95: 37:d7:5d:b1:21:3e:ae:0c:51:87:af:be:d2:f4:f2:aa:89:09: da:96:59:23:d1:10:9b:dd:84:41:7c:2e:9e:d9:9d:44:ad:fe: fc:e1:6b:4c:5e:5d:a8:84:70:fd:92:1b:5d:37:38:94:59:30: c3:57:21:a3:23:a5:c0:ba:a4:4b:82:38:e2:74:6e:a4:b8:f5: 63:99:b2:f0:d8:9f:61:38:ab:d0:d6:e4:93:92:85:11:b5:74: ea:90:ba:94:17:a9:f1:1e:7b:af:01:cc:36:20:4c:0a:81:24: 68:87:d2:e2:bc:ab:81:c0:a2:80:58:87:c8:56:20:45:e9:b7: 06:c5:85:45:e8:e2:c9:71:ca:6d:01:d1:a4:6b:5a:d4:b2:ef: c6:ec:45:ee:50:c8:3d:14:99:c1:be:3b:3a:35:26:b8:41:41: 33:b7:ce:c5:b2:bd:6d:b0:1d:2d:ae:e6:36:5f:28:b6:f4:53: 5b:d6:0f:e1:e6:02:42:ac:9e:f8:3e:47:0f:b0:72:a7:5d:b0: 0b:0f:5f:2d:b9:1e:62:12:69:a1:e5:9b:c6:da:a7:8c:59:de: de:1f:f8:d8:38:f1:2f:52:9f:81:96:a6:bb:62:67:9c:4f:0e: e4:95:2d:d5 -----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgISAZt5ETf145M314Mmm+FbRhKsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj Mzg1ZTkwHhcNMjYwMTAxMTAxODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3ZjQ2ZjkzMmEzOGUzNWVkYjdmODUxOGFkMTI2NzYwNjgxYjdjZWRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhu5OkiRQB/1OVvnDFgb18RCzJoR 6qKpPX0qzj88nahLYe8M/XlBeuBXSZQaVfOeHtgDEfIGHUPJ9ykFlk7cc/HZbBaK DQP8duR7RapVnkcroWH8aFrqmJPxiYUi4ifKfrnlZ5aIVpoyyE6FIVgoI0vzBiMB EIBbh9CiS0KTs/6pllov3rJtZbvyvEzId9r5liSxZaTYt/QIKwpB27xLzNNnSZHL 98wQae05igJsQ4/pZO2VXpbnmNYt0B57xYyhI7EI0Ukl5ruyv4+IYgjrWdq2JzJX QSxAYC4CQwffPh69o51Eq6bXzkxKCvdV7X4pUNtmeeHuGu36J0D/+5rO1wIDAQAB o4ICOTCCAjUwHQYDVR0OBBYEFH9G+TKjjjXtt/hRitEmdgaBt87cMB8GA1UdIwQY MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt ZmIwNzk1NWYzYWFhLzEvZjBiNU1xT09OZTIzLUZHSzBTWjJCb0czenR3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAQIkdAwQB QIkiAwQBQIkoAwQAQIlyAwQAQIl3AwQAQIl9AwQAQIl/AwQAVPZsAwQEzDRwMA0G CSqGSIb3DQEBCwUAA4IBAQBHA3PLbBgPyw6KHgz2iI7vfpU3112xIT6uDFGHr77S 9PKqiQnallkj0RCb3YRBfC6e2Z1Erf784WtMXl2ohHD9khtdNziUWTDDVyGjI6XA uqRLgjjidG6kuPVjmbLw2J9hOKvQ1uSTkoURtXTqkLqUF6nxHnuvAcw2IEwKgSRo h9LivKuBwKKAWIfIViBF6bcGxYVF6OLJccptAdGka1rUsu/G7EXuUMg9FJnBvjs6 NSa4QUEzt87Fsr1tsB0truY2Xyi29FNb1g/h5gJCrJ74PkcPsHKnXbALD18tuR5i Emmh5ZvG2qeMWd7eH/jYOPEvUp+Blqa7YmecTw7klS3V -----END CERTIFICATE-----Generated at Fri Jan 2 02:38:13 2026 by rpki-client