This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/yg7SdJOz4fEUtwWUaZJIFwT8Olw.roa File: yg7SdJOz4fEUtwWUaZJIFwT8Olw.roa (raw, json) Hash identifier: QpLq8cTLPv/y+p5s5qOYX7FdySgn7PegFb/7Uz19Ae4= Subject key identifier: CA:0E:D2:74:93:B3:E1:F1:14:B7:05:94:69:92:48:17:04:FC:3A:5C Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9 Certificate serial: 019B79115B10EDFA46EB80ACE016A9B25419 Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/yg7SdJOz4fEUtwWUaZJIFwT8Olw.roa Signing time: Thu 01 Jan 2026 10:18:58 +0000 ROA not before: Thu 01 Jan 2026 10:18:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 397423 IP address blocks: 104.249.25.0/24 maxlen: 24 104.249.62.0/24 maxlen: 24 104.249.63.0/24 maxlen: 24 216.173.112.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:5b:10:ed:fa:46:eb:80:ac:e0:16:a9:b2:54:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9 Validity Not Before: Jan 1 10:18:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ca0ed27493b3e1f114b705946992481704fc3a5c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:aa:e9:6a:dd:85:1c:0e:f1:b7:28:9c:6d:b2: 5d:b9:98:52:6b:ec:e3:29:69:6a:6c:b1:46:91:be: 12:e4:a7:04:84:44:3b:79:22:55:14:3d:91:28:08: 79:8a:7f:a7:99:43:dd:32:61:91:3b:60:d7:ac:6c: 3a:17:ca:0a:67:9d:7e:32:d3:85:23:74:2a:13:c0: f8:d9:e8:9b:9d:3f:75:6c:5f:a0:6c:99:e7:25:9c: 9d:7e:a1:80:d0:1a:d5:d6:f3:01:15:50:bc:f8:7e: 60:63:17:fd:64:ae:cd:ac:06:88:36:8b:f7:29:f9: 3d:3c:f7:6b:f4:f2:f6:6d:f0:d4:e1:e5:88:7a:ec: 6e:56:d0:67:d3:31:f7:50:59:cc:42:ae:c1:df:db: b0:04:d8:97:95:14:8a:d8:19:85:e6:ab:a8:94:75: a9:34:4a:9b:d4:d5:f8:5a:aa:cf:20:bf:09:d9:4f: 08:af:8c:10:30:ee:78:24:a0:ce:26:c5:d9:af:fb: 7a:5f:fa:ff:e6:d9:4e:bf:c0:d0:b3:c3:b1:32:50: 9d:26:7b:d8:fd:ec:8f:27:6d:83:a2:df:23:35:fc: 68:de:3f:07:7f:60:47:ed:a2:ae:dd:9e:a8:34:1b: b8:af:a7:cc:50:80:2f:a6:a8:85:17:02:2f:40:6c: ad:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:0E:D2:74:93:B3:E1:F1:14:B7:05:94:69:92:48:17:04:FC:3A:5C X509v3 Authority Key Identifier: keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/yg7SdJOz4fEUtwWUaZJIFwT8Olw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 104.249.25.0/24 104.249.62.0/23 216.173.112.0/21 Signature Algorithm: sha256WithRSAEncryption 65:d8:89:6b:60:8a:2c:06:10:16:58:50:a8:0d:96:02:dd:0c: 21:fc:d1:b3:be:0a:b2:92:e6:d5:1d:27:f8:85:ce:87:44:00: 38:48:68:c9:f8:21:2a:e5:0d:6d:17:48:7b:91:5b:7b:c5:25: bf:27:d5:c0:9c:2f:b8:a2:55:15:3f:19:06:2d:8b:76:c0:94: b7:bd:68:58:be:eb:c3:5b:04:f7:e9:a9:a0:30:83:fc:05:f4: 42:73:b4:81:e0:21:71:0d:4c:f2:ca:1c:af:cb:26:b5:7e:e6: a2:99:f9:a6:29:09:81:82:50:78:d4:ec:a0:da:0c:bb:2c:ea: d2:e7:1c:48:5d:c5:e5:20:a7:25:b7:cc:fb:bd:81:a6:ad:53: 6d:45:36:1b:fd:31:e5:85:36:fb:55:e5:15:7f:23:00:51:8d: 7b:18:58:2e:34:d4:e4:4b:05:8e:91:a2:aa:a9:b3:0c:cb:ac: 35:3c:f1:f8:74:1d:ee:81:52:37:ed:23:cd:19:3e:81:cf:36: c1:e5:9e:89:aa:c2:46:e4:3a:40:84:83:71:dc:39:53:9d:12: 47:47:46:5e:fd:1d:48:bf:9a:56:69:70:ed:2a:79:92:c3:90: bd:2b:de:8d:63:4f:d0:b0:d0:b1:42:32:41:85:26:aa:6b:b4: e6:09:f7:c8 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt5EVsQ7fpG64Cs4BapslQZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj Mzg1ZTkwHhcNMjYwMTAxMTAxODU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYTBlZDI3NDkzYjNlMWYxMTRiNzA1OTQ2OTkyNDgxNzA0ZmMzYTVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6rpat2FHA7xtyicbbJduZhSa+zj KWlqbLFGkb4S5KcEhEQ7eSJVFD2RKAh5in+nmUPdMmGRO2DXrGw6F8oKZ51+MtOF I3QqE8D42eibnT91bF+gbJnnJZydfqGA0BrV1vMBFVC8+H5gYxf9ZK7NrAaINov3 Kfk9PPdr9PL2bfDU4eWIeuxuVtBn0zH3UFnMQq7B39uwBNiXlRSK2BmF5quolHWp NEqb1NX4WqrPIL8J2U8Ir4wQMO54JKDOJsXZr/t6X/r/5tlOv8DQs8OxMlCdJnvY /eyPJ22Dot8jNfxo3j8Hf2BH7aKu3Z6oNBu4r6fMUIAvpqiFFwIvQGytawIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFMoO0nSTs+HxFLcFlGmSSBcE/DpcMB8GA1UdIwQY MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt ZmIwNzk1NWYzYWFhLzEveWc3U2RKT3o0ZkVVdHdXVWFaSklGd1Q4T2x3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAaPkZAwQB aPk+AwQD2K1wMA0GCSqGSIb3DQEBCwUAA4IBAQBl2IlrYIosBhAWWFCoDZYC3Qwh /NGzvgqykubVHSf4hc6HRAA4SGjJ+CEq5Q1tF0h7kVt7xSW/J9XAnC+4olUVPxkG LYt2wJS3vWhYvuvDWwT36amgMIP8BfRCc7SB4CFxDUzyyhyvyya1fuaimfmmKQmB glB41Oyg2gy7LOrS5xxIXcXlIKclt8z7vYGmrVNtRTYb/THlhTb7VeUVfyMAUY17 GFguNNTkSwWOkaKqqbMMy6w1PPH4dB3ugVI37SPNGT6BzzbB5Z6JqsJG5DpAhINx 3DlTnRJHR0Ze/R1Iv5pWaXDtKnmSw5C9K96NY0/QsNCxQjJBhSaqa7TmCffI -----END CERTIFICATE-----Generated at Fri Jan 2 02:39:48 2026 by rpki-client