This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/jivQwwxMU0WAFFGJPBcd3-EgDqA.roa File: jivQwwxMU0WAFFGJPBcd3-EgDqA.roa (raw, json) Hash identifier: xwFCoqcc4/YsvpcXp1VqW/TUzlpYKoKv+XhvYS5GHPo= Subject key identifier: 8E:2B:D0:C3:0C:4C:53:45:80:14:51:89:3C:17:1D:DF:E1:20:0E:A0 Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9 Certificate serial: 019B79113A97E267A0A6DB521233D5E2F620 Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/jivQwwxMU0WAFFGJPBcd3-EgDqA.roa Signing time: Thu 01 Jan 2026 10:18:50 +0000 ROA not before: Thu 01 Jan 2026 10:18:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 7029 IP address blocks: 104.238.4.0/24 maxlen: 24 104.238.5.0/24 maxlen: 24 104.238.8.0/24 maxlen: 24 104.238.9.0/24 maxlen: 24 104.239.30.0/23 maxlen: 23 104.239.94.0/24 maxlen: 24 138.128.157.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:3a:97:e2:67:a0:a6:db:52:12:33:d5:e2:f6:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9 Validity Not Before: Jan 1 10:18:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8e2bd0c30c4c5345801451893c171ddfe1200ea0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:37:28:4c:3f:b3:d4:dd:1d:5c:f9:49:df:9e: a3:5d:eb:75:ae:eb:7e:91:75:08:d6:44:5d:1b:34: 06:6c:83:40:47:d9:5d:af:02:b5:8b:36:e8:f1:b5: c8:68:4b:d4:49:4b:f8:35:81:78:a5:98:1b:c2:3a: d9:f6:cd:87:6f:13:09:0b:da:0d:60:50:89:99:96: 1e:ef:d9:c8:e6:ce:be:f0:30:73:de:7b:bc:1f:b6: 31:de:71:4c:32:80:8f:e6:2c:7f:30:f4:37:43:dd: 84:ea:40:9f:32:d6:63:36:80:e6:3b:52:27:37:3f: d5:c1:fd:88:74:b0:44:6a:eb:3c:4e:a6:45:0d:6b: 4d:7b:1a:6e:73:ca:27:85:97:e5:fc:2f:83:bf:d3: d5:ce:b9:7d:97:97:9d:78:db:5b:18:20:49:44:7c: eb:03:0c:e5:c0:b2:7f:21:73:63:8e:a9:84:bc:68: df:72:e7:83:93:06:be:67:55:3a:e0:0e:89:a0:73: 60:e9:e5:7b:2a:a2:29:6b:37:12:3f:d0:61:8b:8c: 2f:7c:67:94:33:2b:8b:f5:e9:08:d0:bc:b1:23:ab: 8d:55:94:5f:8e:f1:c5:b7:c5:a4:6c:af:a1:29:df: 07:99:10:f8:79:89:d0:e6:94:69:ab:f0:f1:09:ef: 45:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:2B:D0:C3:0C:4C:53:45:80:14:51:89:3C:17:1D:DF:E1:20:0E:A0 X509v3 Authority Key Identifier: keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/jivQwwxMU0WAFFGJPBcd3-EgDqA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 104.238.4.0/23 104.238.8.0/23 104.239.30.0/23 104.239.94.0/24 138.128.157.0/24 Signature Algorithm: sha256WithRSAEncryption 8e:d6:15:e7:27:93:9a:45:0a:a0:d9:34:4b:6b:26:78:5c:2c: 06:e8:6f:e3:df:a6:3f:5f:a5:e2:c1:86:0a:eb:19:9e:7a:7e: 09:b0:12:85:56:11:f1:9f:e7:5c:f2:2b:a2:80:ae:a9:8d:03: d4:3b:87:72:dd:de:b0:d2:68:f4:41:6e:ff:e4:84:b9:cc:72: 01:e2:e4:3b:23:7e:d4:d5:d6:c3:0d:fa:1a:0a:11:c5:86:a8: 11:24:cc:31:b1:34:74:01:5c:6b:42:87:a9:e5:ff:11:a4:62: 12:7f:ba:02:ce:8f:14:4d:34:8e:d5:ba:00:6e:66:2a:de:82: 48:f1:5a:5f:eb:e4:ff:b4:a8:32:07:7d:68:d0:c9:4a:6d:04: d2:f6:39:63:d3:85:96:59:22:77:c5:59:43:cd:a5:17:d8:06: 1b:32:87:e0:fc:0d:1e:3e:6f:dd:67:d6:d8:e7:cc:64:40:63: df:23:fa:be:9c:5d:9b:99:2c:38:fe:62:fb:d3:2a:ce:cc:d0: 6f:6c:55:28:04:28:cb:33:03:a7:db:09:4c:ac:f4:58:82:4a: d6:f3:0c:b4:0a:4f:2a:94:f1:97:5e:6b:64:b4:be:3d:84:88: 0d:ce:20:1b:16:ca:f0:70:bc:e2:51:45:20:00:0b:12:b9:35: 97:e3:da:df -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt5ETqX4megpttSEjPV4vYgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj Mzg1ZTkwHhcNMjYwMTAxMTAxODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4ZTJiZDBjMzBjNGM1MzQ1ODAxNDUxODkzYzE3MWRkZmUxMjAwZWEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzcoTD+z1N0dXPlJ356jXet1rut+ kXUI1kRdGzQGbINAR9ldrwK1izbo8bXIaEvUSUv4NYF4pZgbwjrZ9s2HbxMJC9oN YFCJmZYe79nI5s6+8DBz3nu8H7Yx3nFMMoCP5ix/MPQ3Q92E6kCfMtZjNoDmO1In Nz/Vwf2IdLBEaus8TqZFDWtNexpuc8onhZfl/C+Dv9PVzrl9l5edeNtbGCBJRHzr AwzlwLJ/IXNjjqmEvGjfcueDkwa+Z1U64A6JoHNg6eV7KqIpazcSP9Bhi4wvfGeU MyuL9ekI0LyxI6uNVZRfjvHFt8WkbK+hKd8HmRD4eYnQ5pRpq/DxCe9FtwIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFI4r0MMMTFNFgBRRiTwXHd/hIA6gMB8GA1UdIwQY MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt ZmIwNzk1NWYzYWFhLzEvaml2UXd3eE1VMFdBRkZHSlBCY2QzLUVnRHFBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBaO4EAwQB aO4IAwQBaO8eAwQAaO9eAwQAioCdMA0GCSqGSIb3DQEBCwUAA4IBAQCO1hXnJ5Oa RQqg2TRLayZ4XCwG6G/j36Y/X6XiwYYK6xmeen4JsBKFVhHxn+dc8iuigK6pjQPU O4dy3d6w0mj0QW7/5IS5zHIB4uQ7I37U1dbDDfoaChHFhqgRJMwxsTR0AVxrQoep 5f8RpGISf7oCzo8UTTSO1boAbmYq3oJI8Vpf6+T/tKgyB31o0MlKbQTS9jlj04WW WSJ3xVlDzaUX2AYbMofg/A0ePm/dZ9bY58xkQGPfI/q+nF2bmSw4/mL70yrOzNBv bFUoBCjLMwOn2wlMrPRYgkrW8wy0Ck8qlPGXXmtktL49hIgNziAbFsrwcLziUUUg AAsSuTWX49rf -----END CERTIFICATE-----Generated at Fri Jan 2 02:42:14 2026 by rpki-client