This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/hD7Sk3VPc6DOhPBjEcPklNeBtIk.roa File: hD7Sk3VPc6DOhPBjEcPklNeBtIk.roa (raw, json) Hash identifier: f8kzKutPmzSDxYNqLi2bG78pUR0U1aGAyAUbhZ5xaVs= Subject key identifier: 84:3E:D2:93:75:4F:73:A0:CE:84:F0:63:11:C3:E4:94:D7:81:B4:89 Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9 Certificate serial: 019B79114100C2E32CB29FA0970FAA8822E7 Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/hD7Sk3VPc6DOhPBjEcPklNeBtIk.roa Signing time: Thu 01 Jan 2026 10:18:52 +0000 ROA not before: Thu 01 Jan 2026 10:18:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 22773 IP address blocks: 104.243.199.0/24 maxlen: 24 104.243.200.0/24 maxlen: 24 104.243.201.0/24 maxlen: 24 104.243.202.0/24 maxlen: 24 104.243.204.0/24 maxlen: 24 216.173.87.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:41:00:c2:e3:2c:b2:9f:a0:97:0f:aa:88:22:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9 Validity Not Before: Jan 1 10:18:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=843ed293754f73a0ce84f06311c3e494d781b489 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:18:3d:2e:90:29:21:80:74:98:fd:91:27:aa: df:1c:fa:c1:74:6a:66:84:61:46:f5:58:1a:b8:02: 58:b3:fc:88:a0:66:8e:1b:bc:54:a4:78:a5:ca:6b: 91:b8:1c:2d:34:db:9a:74:3e:98:f1:30:fa:f4:0e: 7d:e5:c2:50:46:01:29:e2:79:f4:b6:cb:88:a4:f2: 43:f0:57:fd:ca:06:a1:0e:4b:b5:2e:6f:7d:6d:19: 90:4d:93:94:ad:f3:42:45:8d:b1:15:fc:00:c0:59: 8b:f8:39:9c:44:ba:da:0b:b3:5f:ac:4c:4b:c6:ed: f9:20:44:1d:0d:b4:3b:67:96:10:aa:83:a0:9a:7c: ab:3c:3a:97:e6:86:c1:5d:84:78:f7:98:1a:f1:49: a4:f1:6b:44:b4:6e:02:de:78:26:c4:99:3f:e6:71: 6c:2f:f7:ae:7b:e6:1f:69:8c:d8:87:a3:41:cd:49: 1c:0b:16:af:e9:29:b2:c2:da:12:66:f6:c5:86:3a: f9:dd:11:34:18:e2:9e:17:2e:df:28:74:3b:61:b1: 68:aa:ed:a1:2b:9a:9d:15:c7:39:c9:c0:60:bc:60: 4b:12:16:33:c7:d8:f1:a4:64:0f:7a:42:c9:1b:20: 26:6e:2b:4e:6c:c8:a5:10:4f:61:0d:60:4e:e1:b1: 69:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:3E:D2:93:75:4F:73:A0:CE:84:F0:63:11:C3:E4:94:D7:81:B4:89 X509v3 Authority Key Identifier: keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/hD7Sk3VPc6DOhPBjEcPklNeBtIk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 104.243.199.0-104.243.202.255 104.243.204.0/24 216.173.87.0/24 Signature Algorithm: sha256WithRSAEncryption 38:95:05:9a:1f:ba:22:3d:6a:3c:64:91:30:ed:c7:62:e6:18: ec:6b:12:b9:a7:c9:6f:9e:8a:fe:3f:d1:83:28:1f:3a:5e:ce: 98:1e:58:61:4c:de:5b:b9:c9:8d:ac:12:76:a1:02:78:a1:e9: ac:02:d2:28:b8:4b:26:b1:c6:e6:45:5c:a6:de:fe:a2:ba:d1: e9:07:75:cd:a4:5a:95:4f:cc:50:a4:02:c8:0c:86:b6:4f:77: 14:bf:98:33:4a:65:42:74:00:74:0c:ed:4d:78:a6:84:20:13: 33:3a:aa:6d:c4:24:e5:c5:2a:f7:04:64:2a:71:06:65:30:f6: 31:fa:cd:4d:45:ba:f6:2f:82:ef:60:44:33:1f:0b:53:7f:b8: 46:92:ae:4d:10:87:5b:9b:2c:32:01:2e:92:e2:f0:ed:ff:72: 2c:5a:8b:bb:a7:96:a4:03:6b:96:85:fa:bf:92:c7:bb:b2:25: 2a:22:72:cd:8d:32:84:ab:8c:48:43:3a:fa:8e:b0:12:49:b1: e7:5f:e0:4b:29:1b:ec:d9:61:e2:4c:09:8b:7b:2a:b0:03:c3: 75:04:eb:c0:01:ed:81:92:53:8b:42:84:54:ef:24:7c:dc:5f: f8:3e:82:a4:8d:e8:58:0b:c1:33:79:72:af:6f:1d:29:55:82: 15:1a:76:47 -----BEGIN CERTIFICATE----- MIIFETCCA/mgAwIBAgISAZt5EUEAwuMssp+glw+qiCLnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj Mzg1ZTkwHhcNMjYwMTAxMTAxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NDNlZDI5Mzc1NGY3M2EwY2U4NGYwNjMxMWMzZTQ5NGQ3ODFiNDg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhg9LpApIYB0mP2RJ6rfHPrBdGpm hGFG9VgauAJYs/yIoGaOG7xUpHilymuRuBwtNNuadD6Y8TD69A595cJQRgEp4nn0 tsuIpPJD8Ff9ygahDku1Lm99bRmQTZOUrfNCRY2xFfwAwFmL+DmcRLraC7NfrExL xu35IEQdDbQ7Z5YQqoOgmnyrPDqX5obBXYR495ga8Umk8WtEtG4C3ngmxJk/5nFs L/eue+YfaYzYh6NBzUkcCxav6SmywtoSZvbFhjr53RE0GOKeFy7fKHQ7YbFoqu2h K5qdFcc5ycBgvGBLEhYzx9jxpGQPekLJGyAmbitObMilEE9hDWBO4bFpYQIDAQAB o4ICHTCCAhkwHQYDVR0OBBYEFIQ+0pN1T3OgzoTwYxHD5JTXgbSJMB8GA1UdIwQY MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt ZmIwNzk1NWYzYWFhLzEvaEQ3U2szVlBjNkRPaFBCakVjUGtsTmVCdElrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABo88cD BABo88oDBABo88wDBADYrVcwDQYJKoZIhvcNAQELBQADggEBADiVBZofuiI9ajxk kTDtx2LmGOxrErmnyW+eiv4/0YMoHzpezpgeWGFM3lu5yY2sEnahAnih6awC0ii4 SyaxxuZFXKbe/qK60ekHdc2kWpVPzFCkAsgMhrZPdxS/mDNKZUJ0AHQM7U14poQg EzM6qm3EJOXFKvcEZCpxBmUw9jH6zU1FuvYvgu9gRDMfC1N/uEaSrk0Qh1ubLDIB LpLi8O3/cixai7unlqQDa5aF+r+Sx7uyJSoics2NMoSrjEhDOvqOsBJJsedf4Esp G+zZYeJMCYt7KrADw3UE68AB7YGSU4tChFTvJHzcX/g+gqSN6FgLwTN5cq9vHSlV ghUadkc= -----END CERTIFICATE-----Generated at Fri Jan 2 02:38:13 2026 by rpki-client