This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/oYlIYkZVITmpeDBCvfhV8b1NOWA.roa File: oYlIYkZVITmpeDBCvfhV8b1NOWA.roa (raw, json) Hash identifier: WmW7omnUtqIMJL/7pQ2oXC221OSLw+Ibkk+g39EeJ/Y= Subject key identifier: A1:89:48:62:46:55:21:39:A9:78:30:42:BD:F8:55:F1:BD:4D:39:60 Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9 Certificate serial: 019B79114BE46B8B86603F884A360A3946A2 Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/oYlIYkZVITmpeDBCvfhV8b1NOWA.roa Signing time: Thu 01 Jan 2026 10:18:55 +0000 ROA not before: Thu 01 Jan 2026 10:18:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199959 IP address blocks: 45.43.147.0/24 maxlen: 24 45.43.152.0/24 maxlen: 24 64.137.54.0/24 maxlen: 24 104.239.74.0/24 maxlen: 24 104.239.79.0/24 maxlen: 24 104.239.89.0/24 maxlen: 24 104.239.102.0/24 maxlen: 24 104.239.109.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:4b:e4:6b:8b:86:60:3f:88:4a:36:0a:39:46:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9 Validity Not Before: Jan 1 10:18:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a189486246552139a9783042bdf855f1bd4d3960 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:aa:6b:6f:2d:a1:98:7f:9b:55:25:d0:cb:1e: c4:88:68:2b:64:c4:0a:38:07:34:95:b8:b5:52:dd: ee:3e:f5:b5:87:81:85:47:7e:0f:2a:ec:ef:ad:fe: 69:b2:6b:02:6d:2a:eb:cf:c3:57:7d:0e:88:a3:98: 31:b5:da:59:67:f0:b0:ae:af:b9:a1:9c:78:1f:12: 8c:54:39:41:cd:ce:fc:d1:43:0c:31:83:58:2d:4d: d9:8e:11:54:b2:15:66:5b:7a:ce:64:dd:ea:9f:44: 25:e7:57:54:eb:56:20:ff:22:28:84:96:77:2a:7a: 1a:17:f4:0d:7a:8f:bb:e7:70:bb:1b:df:64:43:85: c3:6e:99:d6:1d:14:90:3f:53:16:89:c9:5f:8a:f5: 94:26:08:62:64:0a:fa:a3:1c:dd:52:8c:c7:ee:96: a7:71:da:da:19:72:dd:df:0d:2d:ed:c7:1a:06:c5: 39:ad:60:d5:b5:c2:6e:84:67:6c:59:16:fa:62:e9: ad:d7:28:80:31:4d:20:f8:25:0d:aa:53:48:a8:ba: 66:71:1c:91:cc:3a:0a:75:d8:30:8a:14:47:ae:92: d3:51:24:7a:ad:07:1a:db:b8:4c:62:67:3c:ef:0a: e0:3b:60:2a:c8:de:5c:6d:23:df:20:fc:a4:d1:77: 5d:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:89:48:62:46:55:21:39:A9:78:30:42:BD:F8:55:F1:BD:4D:39:60 X509v3 Authority Key Identifier: keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/oYlIYkZVITmpeDBCvfhV8b1NOWA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.43.147.0/24 45.43.152.0/24 64.137.54.0/24 104.239.74.0/24 104.239.79.0/24 104.239.89.0/24 104.239.102.0/24 104.239.109.0/24 Signature Algorithm: sha256WithRSAEncryption 41:7a:6b:9a:85:b5:a1:56:4b:6e:8b:99:de:e2:45:38:04:81: 16:3d:ba:b6:16:47:0c:66:31:a6:e7:00:2a:04:d4:8a:b5:8a: 96:c5:47:e8:58:a1:86:8a:6e:cb:7a:6c:11:85:82:7f:cf:4f: 18:81:b4:b8:23:43:b9:55:59:13:b1:64:c1:e4:df:46:db:58: b6:b0:a1:7f:30:95:82:14:a5:84:68:35:a6:77:12:25:87:53: 9a:a6:38:35:2c:88:1e:b6:cc:b1:06:ec:72:69:84:90:28:ea: 62:5d:e4:a7:63:f5:51:22:81:51:fd:83:8f:87:20:eb:78:9f: 31:f3:ff:e0:4f:6c:cb:0e:70:a0:65:ed:9d:d0:fd:39:25:c6: da:25:f3:c7:37:c4:c4:8a:dd:c6:e0:61:f8:12:09:74:b4:f9: 2d:11:c8:13:12:99:35:54:c8:02:da:e0:3b:dc:63:52:1e:e4: de:fc:b8:9d:1d:d2:6d:7e:38:e9:98:e3:3e:3a:20:03:ad:aa: 6e:77:bb:38:2a:bc:a6:86:52:8a:8d:57:7f:99:ac:70:48:3d: 9c:6d:1e:81:ef:8b:fd:28:2c:b3:25:f5:5c:ec:40:a1:73:5d: ec:a0:c4:a9:d5:0d:3c:36:4e:e3:06:3c:35:94:12:1a:2f:7c: f5:ff:78:a3 -----BEGIN CERTIFICATE----- MIIFJzCCBA+gAwIBAgISAZt5EUvka4uGYD+ISjYKOUaiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj Mzg1ZTkwHhcNMjYwMTAxMTAxODU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMTg5NDg2MjQ2NTUyMTM5YTk3ODMwNDJiZGY4NTVmMWJkNGQzOTYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaprby2hmH+bVSXQyx7EiGgrZMQK OAc0lbi1Ut3uPvW1h4GFR34PKuzvrf5psmsCbSrrz8NXfQ6Io5gxtdpZZ/Cwrq+5 oZx4HxKMVDlBzc780UMMMYNYLU3ZjhFUshVmW3rOZN3qn0Ql51dU61Yg/yIohJZ3 KnoaF/QNeo+753C7G99kQ4XDbpnWHRSQP1MWiclfivWUJghiZAr6oxzdUozH7pan cdraGXLd3w0t7ccaBsU5rWDVtcJuhGdsWRb6Yumt1yiAMU0g+CUNqlNIqLpmcRyR zDoKddgwihRHrpLTUSR6rQca27hMYmc87wrgO2AqyN5cbSPfIPyk0XddoQIDAQAB o4ICMzCCAi8wHQYDVR0OBBYEFKGJSGJGVSE5qXgwQr34VfG9TTlgMB8GA1UdIwQY MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt ZmIwNzk1NWYzYWFhLzEvb1lsSVlrWlZJVG1wZURCQ3ZmaFY4YjFOT1dBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALSuTAwQA LSuYAwQAQIk2AwQAaO9KAwQAaO9PAwQAaO9ZAwQAaO9mAwQAaO9tMA0GCSqGSIb3 DQEBCwUAA4IBAQBBemuahbWhVktui5ne4kU4BIEWPbq2FkcMZjGm5wAqBNSKtYqW xUfoWKGGim7LemwRhYJ/z08YgbS4I0O5VVkTsWTB5N9G21i2sKF/MJWCFKWEaDWm dxIlh1Oapjg1LIgetsyxBuxyaYSQKOpiXeSnY/VRIoFR/YOPhyDreJ8x8//gT2zL DnCgZe2d0P05JcbaJfPHN8TEit3G4GH4Egl0tPktEcgTEpk1VMgC2uA73GNSHuTe /LidHdJtfjjpmOM+OiADrapud7s4KrymhlKKjVd/maxwSD2cbR6B74v9KCyzJfVc 7EChc13soMSp1Q08Nk7jBjw1lBIaL3z1/3ij -----END CERTIFICATE-----Generated at Fri Jan 2 02:39:52 2026 by rpki-client