This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/pZVkReQCLyAHTjgRCdbpZkDZ7Q0.roa File: pZVkReQCLyAHTjgRCdbpZkDZ7Q0.roa (raw, json) Hash identifier: 7OoBm+zELaoLHrV6ZxFezWGE3XgpD0nrww56WDbBFWs= Subject key identifier: A5:95:64:45:E4:02:2F:20:07:4E:38:11:09:D6:E9:66:40:D9:ED:0D Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9 Certificate serial: 019B7911386363563F04353E78428730404D Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/pZVkReQCLyAHTjgRCdbpZkDZ7Q0.roa Signing time: Thu 01 Jan 2026 10:18:50 +0000 ROA not before: Thu 01 Jan 2026 10:18:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3356 IP address blocks: 104.238.4.0/24 maxlen: 24 104.238.5.0/24 maxlen: 24 104.238.8.0/24 maxlen: 24 104.238.9.0/24 maxlen: 24 104.239.30.0/23 maxlen: 23 104.239.94.0/24 maxlen: 24 104.249.17.0/24 maxlen: 24 104.249.46.0/24 maxlen: 24 104.249.47.0/24 maxlen: 24 104.249.50.0/24 maxlen: 24 138.128.157.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:38:63:63:56:3f:04:35:3e:78:42:87:30:40:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9 Validity Not Before: Jan 1 10:18:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a5956445e4022f20074e381109d6e96640d9ed0d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:4f:e7:ee:ac:e9:9c:e6:ab:98:f0:fd:60:44: d2:9a:9a:61:b8:43:fe:23:5d:34:41:a2:ad:41:76: 3d:2e:ac:b4:55:b7:26:7a:fb:38:79:2e:83:91:9e: 73:c1:c3:3a:e8:4d:b9:76:1d:4d:c0:90:23:79:af: f0:cf:52:b1:d8:2c:75:7d:6e:bc:87:b4:11:8a:08: 2e:23:15:9f:b5:b1:01:ad:62:9d:67:91:35:9d:c0: ca:17:c9:82:48:f4:09:d9:f2:44:cc:d3:7e:56:0a: fb:2e:03:b5:7c:05:f3:e4:c1:6c:14:02:80:5b:d1: dd:9a:1e:60:2e:a0:b0:ac:be:2c:b7:d4:cd:75:56: 5e:dd:c8:ff:66:28:aa:28:db:57:68:49:80:06:73: 63:c4:16:d9:70:58:11:0d:ed:5f:a0:cb:96:86:6a: b1:ce:b4:de:ba:77:74:82:74:2a:b3:c4:e0:e9:33: 34:4c:b8:6b:11:24:8f:ea:75:a8:8d:72:41:b8:24: 7b:13:c8:bb:7c:18:f3:d8:cd:56:77:44:f9:80:7a: 5e:e2:d9:35:2a:f2:4f:e6:47:c5:78:60:fd:95:5b: 67:47:8c:f3:bb:50:5c:c5:5f:2a:c3:59:a5:89:82: 96:4e:28:76:58:a6:10:63:15:87:3d:93:9b:39:3d: 83:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:95:64:45:E4:02:2F:20:07:4E:38:11:09:D6:E9:66:40:D9:ED:0D X509v3 Authority Key Identifier: keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/pZVkReQCLyAHTjgRCdbpZkDZ7Q0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 104.238.4.0/23 104.238.8.0/23 104.239.30.0/23 104.239.94.0/24 104.249.17.0/24 104.249.46.0/23 104.249.50.0/24 138.128.157.0/24 Signature Algorithm: sha256WithRSAEncryption 6c:e8:a7:89:24:6b:f8:e1:cc:37:80:ea:3f:6e:a9:34:3d:96: 5f:b7:c6:18:69:18:56:3c:73:01:4d:1c:d2:4a:53:92:3c:ee: fa:29:8e:0d:7e:f3:d1:7f:9b:4e:b6:2b:db:76:5e:e0:8a:e8: 88:21:04:de:ca:9b:a9:6b:49:61:27:da:e9:51:9f:98:47:59: 8a:e5:cd:a5:2a:10:cc:19:51:2e:ea:03:7c:f8:7f:3c:47:c5: 7b:b9:7a:1f:d1:b3:c1:78:b4:01:e9:0a:6d:9c:d9:96:d5:f6: 5c:c5:df:be:f0:de:3c:99:c4:21:1a:6f:6f:9f:75:a0:11:ca: 27:8c:c7:61:d6:80:9f:ae:fb:09:48:07:31:2f:99:67:af:1e: 5d:60:b6:6b:3f:d8:49:1c:87:91:2e:de:8f:44:20:f2:94:92: 4c:df:cc:52:3d:6a:d5:df:6b:53:35:cc:70:26:95:7d:e4:80: 3c:be:06:49:24:ba:b1:9d:fe:04:3c:2d:42:a8:8b:02:ab:76: 86:be:f5:50:89:83:9d:39:a4:d7:71:5e:38:4e:46:bc:b8:0b: b0:e6:58:75:14:8e:0b:d6:4e:63:57:03:ce:03:b5:50:43:9c: 06:43:6b:1c:7c:37:a5:72:8f:f2:6d:26:e5:ea:84:ec:2e:10: 21:93:99:ae -----BEGIN CERTIFICATE----- MIIFJzCCBA+gAwIBAgISAZt5EThjY1Y/BDU+eEKHMEBNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj Mzg1ZTkwHhcNMjYwMTAxMTAxODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNTk1NjQ0NWU0MDIyZjIwMDc0ZTM4MTEwOWQ2ZTk2NjQwZDllZDBkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0/n7qzpnOarmPD9YETSmpphuEP+ I100QaKtQXY9Lqy0Vbcmevs4eS6DkZ5zwcM66E25dh1NwJAjea/wz1Kx2Cx1fW68 h7QRigguIxWftbEBrWKdZ5E1ncDKF8mCSPQJ2fJEzNN+Vgr7LgO1fAXz5MFsFAKA W9Hdmh5gLqCwrL4st9TNdVZe3cj/ZiiqKNtXaEmABnNjxBbZcFgRDe1foMuWhmqx zrTeund0gnQqs8Tg6TM0TLhrESSP6nWojXJBuCR7E8i7fBjz2M1Wd0T5gHpe4tk1 KvJP5kfFeGD9lVtnR4zzu1BcxV8qw1mliYKWTih2WKYQYxWHPZObOT2DRQIDAQAB o4ICMzCCAi8wHQYDVR0OBBYEFKWVZEXkAi8gB044EQnW6WZA2e0NMB8GA1UdIwQY MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt ZmIwNzk1NWYzYWFhLzEvcFpWa1JlUUNMeUFIVGpnUkNkYnBaa0RaN1EwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBaO4EAwQB aO4IAwQBaO8eAwQAaO9eAwQAaPkRAwQBaPkuAwQAaPkyAwQAioCdMA0GCSqGSIb3 DQEBCwUAA4IBAQBs6KeJJGv44cw3gOo/bqk0PZZft8YYaRhWPHMBTRzSSlOSPO76 KY4NfvPRf5tOtivbdl7giuiIIQTeypupa0lhJ9rpUZ+YR1mK5c2lKhDMGVEu6gN8 +H88R8V7uXof0bPBeLQB6QptnNmW1fZcxd++8N48mcQhGm9vn3WgEconjMdh1oCf rvsJSAcxL5lnrx5dYLZrP9hJHIeRLt6PRCDylJJM38xSPWrV32tTNcxwJpV95IA8 vgZJJLqxnf4EPC1CqIsCq3aGvvVQiYOdOaTXcV44Tka8uAuw5lh1FI4L1k5jVwPO A7VQQ5wGQ2scfDelco/ybSbl6oTsLhAhk5mu -----END CERTIFICATE-----Generated at Fri Jan 2 02:36:36 2026 by rpki-client