This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/wYtmYP1gj3Ft4QlT5MkY0any9vo.roa File: wYtmYP1gj3Ft4QlT5MkY0any9vo.roa (raw, json) Hash identifier: O5u2MKm35eTg0KJax68aiFe+0AvnZUXTep2MXspj0sI= Subject key identifier: C1:8B:66:60:FD:60:8F:71:6D:E1:09:53:E4:C9:18:D1:A9:F2:F6:FA Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9 Certificate serial: 019B7911499E255A20DEC99D88B031CBBBBD Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/wYtmYP1gj3Ft4QlT5MkY0any9vo.roa Signing time: Thu 01 Jan 2026 10:18:54 +0000 ROA not before: Thu 01 Jan 2026 10:18:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 149440 IP address blocks: 216.173.64.0/24 maxlen: 24 216.173.65.0/24 maxlen: 24 216.173.66.0/24 maxlen: 24 216.173.67.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:49:9e:25:5a:20:de:c9:9d:88:b0:31:cb:bb:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9 Validity Not Before: Jan 1 10:18:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c18b6660fd608f716de10953e4c918d1a9f2f6fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:6b:1d:64:dd:97:63:ba:5e:67:4c:b9:fd:1c: b8:ab:3f:a9:0d:5f:d3:c8:1e:e2:95:dd:2b:50:05: 05:2a:12:de:36:45:a7:79:78:ac:7d:63:72:20:41: c6:f4:4b:b4:c4:66:51:b2:a7:03:19:a6:3a:51:e1: f8:e5:93:05:f5:0a:d2:e6:c4:b2:6b:4d:f4:9c:6c: 20:30:0d:0c:ba:d1:38:fc:bb:8d:fe:4a:ee:8d:e5: b3:46:6c:b3:6a:06:f3:8d:a4:48:d4:ab:32:07:07: 15:de:08:35:30:0b:07:ed:f1:62:9e:1d:15:b3:d8: ff:b5:62:f1:24:73:75:5e:5d:6e:1f:ef:b0:ac:9b: 39:06:b1:e7:c5:20:ee:21:f9:c6:6f:bd:cc:d5:cc: 7a:1d:64:be:23:9d:be:7b:0e:4c:58:03:8c:24:d5: 78:cf:c0:a0:9e:b1:48:73:35:1b:ff:49:d6:6d:95: cf:58:3b:50:70:ba:68:e2:d9:40:94:71:b6:b2:fd: a0:b9:9a:01:93:87:33:9e:e9:14:d7:39:71:e8:d1: 5c:d3:25:0c:f3:03:74:46:af:5a:5c:29:fd:95:6b: 5a:cf:19:cb:54:b0:f7:55:f7:86:b4:8b:4b:e8:8e: 47:f8:1e:62:71:ab:d8:6b:3a:e8:2b:f1:03:63:4e: 0c:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:8B:66:60:FD:60:8F:71:6D:E1:09:53:E4:C9:18:D1:A9:F2:F6:FA X509v3 Authority Key Identifier: keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/wYtmYP1gj3Ft4QlT5MkY0any9vo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 216.173.64.0/22 Signature Algorithm: sha256WithRSAEncryption 8b:69:3a:fb:e5:6e:a6:69:bc:e9:2c:a7:14:de:c0:97:ae:6d: b1:a7:71:01:01:f9:5a:1c:d2:2f:ea:38:ad:06:78:c3:5f:0f: ba:a6:ed:da:9f:96:90:27:ca:bb:93:64:0e:56:93:09:72:11: 87:68:66:dc:3b:e3:de:ff:da:b3:a8:65:98:c6:46:60:dc:2c: 78:9b:a4:f7:df:85:7f:5f:20:30:17:4b:ee:77:a9:25:e2:ca: ae:70:8f:39:c4:74:c7:a3:d8:6d:69:69:8f:25:e2:42:48:bb: de:32:68:c0:25:cc:15:15:16:5e:49:00:a5:66:41:1d:93:1d: ba:d2:ba:4c:67:f7:4a:48:b0:8d:50:1b:87:c2:22:29:00:19: 92:33:fa:82:af:82:6d:d6:ca:92:2f:2c:77:d4:dc:3e:f7:35: a2:01:fc:4e:ee:3a:54:72:41:71:71:c8:16:4b:b2:57:b3:8f: 63:f3:59:c7:b6:86:2e:00:2b:22:8d:18:6d:97:cb:cb:dd:f5: 3d:86:65:ab:90:82:3f:2c:67:6c:a3:43:e8:ac:38:b9:ef:65: 95:4f:83:f6:82:7f:ad:9e:b6:f4:81:07:1d:88:f9:dd:27:64: a4:80:54:83:16:d2:68:1b:37:b8:9e:ff:7a:c0:0e:de:f0:94: 28:f0:2c:2e -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt5EUmeJVog3smdiLAxy7u9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj Mzg1ZTkwHhcNMjYwMTAxMTAxODU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjMThiNjY2MGZkNjA4ZjcxNmRlMTA5NTNlNGM5MThkMWE5ZjJmNmZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmsdZN2XY7peZ0y5/Ry4qz+pDV/T yB7ild0rUAUFKhLeNkWneXisfWNyIEHG9Eu0xGZRsqcDGaY6UeH45ZMF9QrS5sSy a030nGwgMA0MutE4/LuN/krujeWzRmyzagbzjaRI1KsyBwcV3gg1MAsH7fFinh0V s9j/tWLxJHN1Xl1uH++wrJs5BrHnxSDuIfnGb73M1cx6HWS+I52+ew5MWAOMJNV4 z8CgnrFIczUb/0nWbZXPWDtQcLpo4tlAlHG2sv2guZoBk4cznukU1zlx6NFc0yUM 8wN0Rq9aXCn9lWtazxnLVLD3VfeGtItL6I5H+B5icavYazroK/EDY04MmwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFMGLZmD9YI9xbeEJU+TJGNGp8vb6MB8GA1UdIwQY MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt ZmIwNzk1NWYzYWFhLzEvd1l0bVlQMWdqM0Z0NFFsVDVNa1kwYW55OXZvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2K1AMA0G CSqGSIb3DQEBCwUAA4IBAQCLaTr75W6mabzpLKcU3sCXrm2xp3EBAflaHNIv6jit BnjDXw+6pu3an5aQJ8q7k2QOVpMJchGHaGbcO+Pe/9qzqGWYxkZg3Cx4m6T334V/ XyAwF0vud6kl4squcI85xHTHo9htaWmPJeJCSLveMmjAJcwVFRZeSQClZkEdkx26 0rpMZ/dKSLCNUBuHwiIpABmSM/qCr4Jt1sqSLyx31Nw+9zWiAfxO7jpUckFxccgW S7JXs49j81nHtoYuACsijRhtl8vL3fU9hmWrkII/LGdso0PorDi572WVT4P2gn+t nrb0gQcdiPndJ2SkgFSDFtJoGze4nv96wA7e8JQo8Cwu -----END CERTIFICATE-----Generated at Fri Jan 2 02:41:20 2026 by rpki-client