This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/pPnIchkE-b9QV64fcwGWUs34VTo.roa File: pPnIchkE-b9QV64fcwGWUs34VTo.roa (raw, json) Hash identifier: pvMfD/5kH39dKGNqapoSTj2Hkvq2OKXd4kQ+wZglGh8= Subject key identifier: A4:F9:C8:72:19:04:F9:BF:50:57:AE:1F:73:01:96:52:CD:F8:55:3A Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9 Certificate serial: 019B79114939021C55FC6E077D8A57F3FB5B Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/pPnIchkE-b9QV64fcwGWUs34VTo.roa Signing time: Thu 01 Jan 2026 10:18:54 +0000 ROA not before: Thu 01 Jan 2026 10:18:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 149428 IP address blocks: 64.137.28.0/24 maxlen: 24 104.238.14.0/24 maxlen: 24 104.238.19.0/24 maxlen: 24 104.238.20.0/24 maxlen: 24 104.239.84.0/23 maxlen: 23 104.239.96.0/23 maxlen: 23 138.128.159.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:49:39:02:1c:55:fc:6e:07:7d:8a:57:f3:fb:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9 Validity Not Before: Jan 1 10:18:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a4f9c8721904f9bf5057ae1f73019652cdf8553a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:27:12:d9:9c:7f:1f:b9:98:a2:00:e1:f5:38: 2a:b0:a6:14:c5:9b:0e:0c:81:8e:09:36:ba:a7:6f: ed:75:22:0e:de:26:21:0b:17:80:ee:6c:3c:03:3c: 51:c1:27:31:a0:03:6a:7c:2a:e5:a2:da:af:73:11: 20:26:ca:02:3f:e9:2e:d8:2e:bc:a7:59:45:a2:c9: 92:11:eb:a4:fe:3c:db:4d:c3:db:81:86:af:73:0d: be:a4:cb:44:ec:1c:4f:33:f6:81:c0:7c:98:0f:ce: 5e:92:b7:eb:f2:f9:a4:ec:7c:d4:4e:2a:5f:cd:41: 76:af:62:07:5f:7a:b9:8c:38:d4:08:7c:7c:45:c9: 7a:26:94:ba:8b:9c:5f:4d:10:17:1a:c9:4c:28:7b: 66:b5:a1:9d:ca:5e:6c:20:23:a5:32:b4:10:a8:64: 69:5d:7c:20:50:2a:3b:65:8a:a9:71:12:ea:5b:96: b1:50:02:1d:6c:03:0e:d4:57:ec:ad:0d:11:91:24: a8:83:4a:9a:cf:0f:5c:2f:17:f5:93:8d:b2:4a:a0: 86:84:3a:77:11:54:4d:1f:54:dd:14:40:ad:67:3a: 7d:75:d7:49:5b:13:d8:a9:c5:56:0c:dc:88:c7:c1: 28:6e:49:ff:2b:0d:d5:6e:a4:d5:b5:f5:fc:d2:64: fe:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:F9:C8:72:19:04:F9:BF:50:57:AE:1F:73:01:96:52:CD:F8:55:3A X509v3 Authority Key Identifier: keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/pPnIchkE-b9QV64fcwGWUs34VTo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 64.137.28.0/24 104.238.14.0/24 104.238.19.0-104.238.20.255 104.239.84.0/23 104.239.96.0/23 138.128.159.0/24 Signature Algorithm: sha256WithRSAEncryption 0e:cd:5f:14:1e:d7:c1:53:b8:e1:79:61:95:03:c2:86:8c:f7: 91:b6:59:78:62:a2:51:63:45:28:89:a5:bd:c2:ac:89:17:f9: 9d:81:c6:6a:c4:d6:eb:54:31:e7:23:e2:e8:70:cb:8a:d8:32: 10:5d:a5:27:52:62:f1:d3:8e:9c:6b:73:1a:c7:11:b9:29:39: b3:cf:1b:fc:03:99:a7:4f:9b:c7:e0:e5:67:49:eb:f9:44:94: 94:da:e8:16:c4:0f:49:64:ec:ca:63:b9:74:0f:88:02:3b:8c: e4:ff:97:af:b9:fd:6f:c6:93:4d:0d:a3:51:47:48:1a:e0:46: 2e:e9:38:39:0c:b7:be:57:42:ae:6f:02:df:64:6b:8b:53:d4: 9e:2e:25:0f:cc:87:aa:68:9e:19:59:7b:48:93:56:3f:08:e1: cc:1d:a9:26:a7:94:d7:41:3a:55:3f:4d:16:36:30:79:3b:a8: 75:5f:1a:ab:60:c7:d7:07:a1:1b:0d:32:54:ad:25:48:13:eb: cc:6a:5a:84:48:7b:6c:d1:83:35:e5:b8:6a:4f:e6:3b:f6:1d: d5:d1:08:e4:c3:1c:b0:87:6d:5e:3d:4e:67:a0:73:42:91:32: b7:b3:7f:4e:51:da:99:25:58:32:d6:f2:3b:b7:06:ed:82:76: 6e:7a:81:4c -----BEGIN CERTIFICATE----- MIIFIzCCBAugAwIBAgISAZt5EUk5AhxV/G4HfYpX8/tbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj Mzg1ZTkwHhcNMjYwMTAxMTAxODU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNGY5Yzg3MjE5MDRmOWJmNTA1N2FlMWY3MzAxOTY1MmNkZjg1NTNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArScS2Zx/H7mYogDh9TgqsKYUxZsO DIGOCTa6p2/tdSIO3iYhCxeA7mw8AzxRwScxoANqfCrlotqvcxEgJsoCP+ku2C68 p1lFosmSEeuk/jzbTcPbgYavcw2+pMtE7BxPM/aBwHyYD85ekrfr8vmk7HzUTipf zUF2r2IHX3q5jDjUCHx8Rcl6JpS6i5xfTRAXGslMKHtmtaGdyl5sICOlMrQQqGRp XXwgUCo7ZYqpcRLqW5axUAIdbAMO1FfsrQ0RkSSog0qazw9cLxf1k42ySqCGhDp3 EVRNH1TdFECtZzp9dddJWxPYqcVWDNyIx8Eobkn/Kw3VbqTVtfX80mT+1wIDAQAB o4ICLzCCAiswHQYDVR0OBBYEFKT5yHIZBPm/UFeuH3MBllLN+FU6MB8GA1UdIwQY MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt ZmIwNzk1NWYzYWFhLzEvcFBuSWNoa0UtYjlRVjY0ZmN3R1dVczM0VlRvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAQIkcAwQA aO4OMAwDBABo7hMDBABo7hQDBAFo71QDBAFo72ADBACKgJ8wDQYJKoZIhvcNAQEL BQADggEBAA7NXxQe18FTuOF5YZUDwoaM95G2WXhiolFjRSiJpb3CrIkX+Z2BxmrE 1utUMecj4uhwy4rYMhBdpSdSYvHTjpxrcxrHEbkpObPPG/wDmadPm8fg5WdJ6/lE lJTa6BbED0lk7MpjuXQPiAI7jOT/l6+5/W/Gk00No1FHSBrgRi7pODkMt75XQq5v At9ka4tT1J4uJQ/Mh6ponhlZe0iTVj8I4cwdqSanlNdBOlU/TRY2MHk7qHVfGqtg x9cHoRsNMlStJUgT68xqWoRIe2zRgzXluGpP5jv2HdXRCOTDHLCHbV49Tmegc0KR Mrezf05R2pklWDLW8ju3Bu2Cdm56gUw= -----END CERTIFICATE-----Generated at Fri Jan 2 02:37:38 2026 by rpki-client