This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/fgIg5hs23ucMZ5FgvAPlq1Du2ns.roa File: fgIg5hs23ucMZ5FgvAPlq1Du2ns.roa (raw, json) Hash identifier: ekllq4vQFl+yIkM8Y7seLjNEXTnr0GZ3MpP24+9CtXA= Subject key identifier: 7E:02:20:E6:1B:36:DE:E7:0C:67:91:60:BC:03:E5:AB:50:EE:DA:7B Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9 Certificate serial: 019B7911448E1DF97E114B66A0AA9D3800ED Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/fgIg5hs23ucMZ5FgvAPlq1Du2ns.roa Signing time: Thu 01 Jan 2026 10:18:53 +0000 ROA not before: Thu 01 Jan 2026 10:18:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50304 IP address blocks: 64.137.64.0/23 maxlen: 23 64.137.68.0/24 maxlen: 24 64.137.79.0/24 maxlen: 24 64.137.87.0/24 maxlen: 24 104.143.252.0/24 maxlen: 24 104.239.52.0/23 maxlen: 23 104.250.204.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:44:8e:1d:f9:7e:11:4b:66:a0:aa:9d:38:00:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9 Validity Not Before: Jan 1 10:18:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7e0220e61b36dee70c679160bc03e5ab50eeda7b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:37:64:77:5a:59:05:e7:2d:c5:cc:28:06:91: 06:c9:e5:92:83:67:b6:60:5a:29:f6:ba:55:c6:ad: a2:43:0b:d5:f6:19:f5:05:6f:19:a0:9f:1a:b9:df: 3c:7b:9f:d6:32:72:aa:3e:19:8c:e6:0a:e1:24:18: 6f:3b:ad:f8:fe:17:1d:0c:a4:c0:50:40:64:ca:26: 89:fd:b1:a4:81:87:a1:c7:3a:52:82:78:3a:07:58: 39:60:31:12:bb:43:f4:36:9d:ad:b5:f4:db:bc:ee: d7:ac:2d:52:18:44:43:ec:76:b8:c1:f6:36:6a:14: 0c:d7:03:b7:e9:85:1c:ce:d6:ce:2e:15:bc:eb:88: 7e:c3:04:74:f4:78:4c:2d:87:6f:40:9b:73:e6:6a: d3:23:7f:26:c3:07:32:8b:49:07:0a:99:dc:a9:69: 3e:ef:10:af:18:41:e7:e9:2a:72:c4:a5:a2:de:2d: 89:fa:6b:5c:a8:49:4c:10:9e:ed:a5:43:83:0e:f6: 47:23:62:41:2a:8f:00:77:31:1e:65:94:4d:62:b5: 1d:ec:5f:1c:2c:dd:83:53:28:a1:e8:a0:61:4c:f5: 80:04:c6:d1:f8:46:56:c1:12:14:b0:a2:13:0a:91: 9a:5d:8f:da:83:f1:06:79:20:07:fe:29:fd:e1:6f: e7:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:02:20:E6:1B:36:DE:E7:0C:67:91:60:BC:03:E5:AB:50:EE:DA:7B X509v3 Authority Key Identifier: keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/fgIg5hs23ucMZ5FgvAPlq1Du2ns.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 64.137.64.0/23 64.137.68.0/24 64.137.79.0/24 64.137.87.0/24 104.143.252.0/24 104.239.52.0/23 104.250.204.0/22 Signature Algorithm: sha256WithRSAEncryption 24:b6:d9:b8:cd:6a:6c:8d:63:5b:d6:7f:04:88:38:0c:cb:c1: 65:17:cd:dc:95:65:7a:1c:52:02:a4:0e:39:50:40:a2:c8:3f: 97:61:27:82:49:05:d5:16:35:f1:e8:f3:fb:fc:15:7e:6d:d7: 5b:6c:0d:41:f4:fb:0c:ab:73:e9:90:47:da:20:16:83:05:44: 0b:b7:4c:98:3c:6c:24:23:df:79:19:80:db:40:37:04:b6:b4: af:b0:6a:fd:3e:30:c2:ec:42:79:80:d9:40:55:f7:48:8a:a8: e8:a1:81:14:ca:64:f5:80:9f:49:07:a7:6b:7e:24:60:7b:16: 16:6f:70:e1:d6:1c:ae:e1:55:45:98:a6:13:46:a2:0d:bb:26: 08:c8:ca:21:ad:8e:7b:94:a2:90:37:51:56:9f:af:a2:97:bf: e5:dd:f1:d2:0d:1e:75:c9:32:1f:6a:62:2b:cf:59:a5:20:69: 7d:bb:1d:0c:fd:34:3e:10:4f:69:4a:57:88:11:16:d7:61:56: a0:00:5f:9d:70:58:08:c5:65:09:d5:6f:d5:ab:da:a5:a1:4e: c4:2a:e9:9a:e5:82:e4:5c:89:78:e6:0d:89:03:80:76:10:1b: 31:2e:ff:5c:03:4f:c7:a5:9e:08:a6:6c:2b:0c:e1:63:31:fb: 70:a6:16:52 -----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgISAZt5EUSOHfl+EUtmoKqdOADtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj Mzg1ZTkwHhcNMjYwMTAxMTAxODUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3ZTAyMjBlNjFiMzZkZWU3MGM2NzkxNjBiYzAzZTVhYjUwZWVkYTdiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzdkd1pZBectxcwoBpEGyeWSg2e2 YFop9rpVxq2iQwvV9hn1BW8ZoJ8aud88e5/WMnKqPhmM5grhJBhvO634/hcdDKTA UEBkyiaJ/bGkgYehxzpSgng6B1g5YDESu0P0Np2ttfTbvO7XrC1SGERD7Ha4wfY2 ahQM1wO36YUcztbOLhW864h+wwR09HhMLYdvQJtz5mrTI38mwwcyi0kHCpncqWk+ 7xCvGEHn6SpyxKWi3i2J+mtcqElMEJ7tpUODDvZHI2JBKo8AdzEeZZRNYrUd7F8c LN2DUyih6KBhTPWABMbR+EZWwRIUsKITCpGaXY/ag/EGeSAH/in94W/nFwIDAQAB o4ICLTCCAikwHQYDVR0OBBYEFH4CIOYbNt7nDGeRYLwD5atQ7tp7MB8GA1UdIwQY MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt ZmIwNzk1NWYzYWFhLzEvZmdJZzVoczIzdWNNWjVGZ3ZBUGxxMUR1Mm5zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBQIlAAwQA QIlEAwQAQIlPAwQAQIlXAwQAaI/8AwQBaO80AwQCaPrMMA0GCSqGSIb3DQEBCwUA A4IBAQAkttm4zWpsjWNb1n8EiDgMy8FlF83clWV6HFICpA45UECiyD+XYSeCSQXV FjXx6PP7/BV+bddbbA1B9PsMq3PpkEfaIBaDBUQLt0yYPGwkI995GYDbQDcEtrSv sGr9PjDC7EJ5gNlAVfdIiqjooYEUymT1gJ9JB6drfiRgexYWb3Dh1hyu4VVFmKYT RqINuyYIyMohrY57lKKQN1FWn6+il7/l3fHSDR51yTIfamIrz1mlIGl9ux0M/TQ+ EE9pSleIERbXYVagAF+dcFgIxWUJ1W/Vq9qloU7EKuma5YLkXIl45g2JA4B2EBsx Lv9cA0/HpZ4IpmwrDOFjMftwphZS -----END CERTIFICATE-----Generated at Fri Jan 2 02:39:26 2026 by rpki-client