This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/139b38-5b24-407d-b17e-4ca35430dca3/1/60R1h-oxgPD3iJcDXQAz-94iJbU.roa File: 60R1h-oxgPD3iJcDXQAz-94iJbU.roa (raw, json) Hash identifier: Q4xOmlaV2o2SZe3E5kLrLywn0HX4BFk1d4KvQu8nLsY= Subject key identifier: EB:44:75:87:EA:31:80:F0:F7:88:97:03:5D:00:33:FB:DE:22:25:B5 Certificate issuer: /CN=80a333d13dc915f4fbfb61b25a4877e9138e7f1d Certificate serial: 019B76EB2B676FB89DCCD7CC529BA00146FE Authority key identifier: 80:A3:33:D1:3D:C9:15:F4:FB:FB:61:B2:5A:48:77:E9:13:8E:7F:1D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gKMz0T3JFfT7-2GyWkh36ROOfx0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/139b38-5b24-407d-b17e-4ca35430dca3/1/60R1h-oxgPD3iJcDXQAz-94iJbU.roa Signing time: Thu 01 Jan 2026 00:18:02 +0000 ROA not before: Thu 01 Jan 2026 00:18:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209123 IP address blocks: 2.58.88.0/22 maxlen: 24 2.58.88.0/24 maxlen: 24 2.58.89.0/24 maxlen: 24 2.58.90.0/24 maxlen: 24 2.58.91.0/24 maxlen: 24 2a09:e340::/29 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/139b38-5b24-407d-b17e-4ca35430dca3/1/gKMz0T3JFfT7-2GyWkh36ROOfx0.crl rsync://rpki.ripe.net/repository/DEFAULT/82/139b38-5b24-407d-b17e-4ca35430dca3/1/gKMz0T3JFfT7-2GyWkh36ROOfx0.mft rsync://rpki.ripe.net/repository/DEFAULT/gKMz0T3JFfT7-2GyWkh36ROOfx0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:2b:67:6f:b8:9d:cc:d7:cc:52:9b:a0:01:46:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=80a333d13dc915f4fbfb61b25a4877e9138e7f1d Validity Not Before: Jan 1 00:18:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=eb447587ea3180f0f78897035d0033fbde2225b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:aa:07:98:bc:19:19:1d:97:e0:05:72:21:2c: da:72:9a:ea:69:7b:0a:09:3e:5e:c7:18:89:93:af: cf:22:09:81:80:f6:1c:26:7c:b7:0a:a9:ef:94:73: c4:eb:6c:7a:c6:6b:74:e6:2c:99:db:6f:d3:4e:a1: 50:f6:7f:c0:80:30:39:a0:be:52:98:c5:8a:a4:91: 68:0b:7f:b0:18:6e:3a:c5:dc:87:3e:9b:e4:eb:6c: 07:f6:cb:c8:bb:e6:ee:92:35:1e:b4:99:b1:fc:f5: dc:e3:55:1e:f2:ea:6c:ab:81:c8:12:55:a7:f3:0c: c3:e7:a4:b9:9e:3a:62:d7:cb:95:b0:23:77:dd:8f: 5d:ad:8f:80:7c:64:13:89:1b:5e:a8:f0:de:e5:5f: fc:74:08:35:c6:f9:a9:d5:b6:ce:91:2c:6d:46:56: 32:e6:d6:72:81:58:72:3d:de:37:cc:47:c1:59:aa: 0e:7a:13:12:53:44:69:e8:07:f0:52:0b:30:fb:4c: 59:3e:c8:1c:df:79:93:c7:6e:74:7c:20:de:06:15: d0:e4:f2:f6:d8:a6:ad:91:23:ec:88:67:90:88:5b: 1a:52:c8:86:39:cf:3a:d3:cf:da:3f:67:e9:68:ee: 09:16:9e:62:67:cd:a1:56:6d:91:ea:31:f1:6f:67: 09:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:44:75:87:EA:31:80:F0:F7:88:97:03:5D:00:33:FB:DE:22:25:B5 X509v3 Authority Key Identifier: keyid:80:A3:33:D1:3D:C9:15:F4:FB:FB:61:B2:5A:48:77:E9:13:8E:7F:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gKMz0T3JFfT7-2GyWkh36ROOfx0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/139b38-5b24-407d-b17e-4ca35430dca3/1/60R1h-oxgPD3iJcDXQAz-94iJbU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/82/139b38-5b24-407d-b17e-4ca35430dca3/1/gKMz0T3JFfT7-2GyWkh36ROOfx0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.58.88.0/22 IPv6: 2a09:e340::/29 Signature Algorithm: sha256WithRSAEncryption 52:8e:de:75:65:17:4a:e9:36:5a:61:04:fd:bf:30:da:f2:56: 32:6d:81:34:af:b3:bb:46:94:8c:a3:18:64:89:0c:ce:2a:7c: db:68:95:bb:87:93:46:6d:72:5a:18:0d:16:f7:c1:9c:45:ef: ab:52:2a:b8:1a:ce:94:3d:ca:f1:4c:df:55:ae:5a:49:14:b8: 53:91:54:8f:74:30:fc:31:c7:f1:c6:22:64:d7:7f:97:dd:cc: 75:19:47:39:4f:13:5d:31:ef:27:18:e2:82:3a:01:84:c3:89: fa:61:5e:b0:7b:f3:20:6b:04:9b:3f:f7:ed:bb:3f:35:fe:13: b5:99:69:2a:1a:1a:04:11:e7:25:b0:48:ff:53:9b:ce:be:3a: 7a:27:47:cc:5d:86:05:92:17:aa:26:24:ec:8e:aa:69:20:e6: b3:ff:72:d2:99:8a:15:6c:a0:af:b7:fd:eb:89:59:66:89:8a: 2c:de:d4:33:79:0b:39:b5:0a:3b:04:a9:d6:1e:d9:f5:43:63: 5d:f9:da:5e:66:64:71:6d:02:0f:86:ca:5c:d6:c3:9a:29:b6: 22:84:df:40:52:a3:4f:7c:c9:40:df:16:b7:62:f9:42:5a:46: e8:2f:1e:6c:63:dc:a9:60:05:33:8b:d7:7c:92:7a:61:35:bc: be:ab:f9:e8 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt26ytnb7idzNfMUpugAUb+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgwYTMzM2QxM2RjOTE1ZjRmYmZiNjFiMjVhNDg3N2U5MTM4 ZTdmMWQwHhcNMjYwMTAxMDAxODAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlYjQ0NzU4N2VhMzE4MGYwZjc4ODk3MDM1ZDAwMzNmYmRlMjIyNWI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaoHmLwZGR2X4AVyISzacprqaXsK CT5exxiJk6/PIgmBgPYcJny3CqnvlHPE62x6xmt05iyZ22/TTqFQ9n/AgDA5oL5S mMWKpJFoC3+wGG46xdyHPpvk62wH9svIu+bukjUetJmx/PXc41Ue8upsq4HIElWn 8wzD56S5njpi18uVsCN33Y9drY+AfGQTiRteqPDe5V/8dAg1xvmp1bbOkSxtRlYy 5tZygVhyPd43zEfBWaoOehMSU0Rp6AfwUgsw+0xZPsgc33mTx250fCDeBhXQ5PL2 2KatkSPsiGeQiFsaUsiGOc8608/aP2fpaO4JFp5iZ82hVm2R6jHxb2cJCQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFOtEdYfqMYDw94iXA10AM/veIiW1MB8GA1UdIwQY MBaAFICjM9E9yRX0+/thslpId+kTjn8dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ0tNejBUM0pGZlQ3LTJHeVdraDM2Uk9PZngwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8xMzliMzgtNWIyNC00MDdkLWIxN2Ut NGNhMzU0MzBkY2EzLzEvNjBSMWgtb3hnUEQzaUpjRFhRQXotOTRpSmJVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Mi8xMzliMzgtNWIyNC00MDdkLWIxN2UtNGNhMzU0MzBkY2Ez LzEvZ0tNejBUM0pGZlQ3LTJHeVdraDM2Uk9PZngwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCAjpYMA0E AgACMAcDBQMqCeNAMA0GCSqGSIb3DQEBCwUAA4IBAQBSjt51ZRdK6TZaYQT9vzDa 8lYybYE0r7O7RpSMoxhkiQzOKnzbaJW7h5NGbXJaGA0W98GcRe+rUiq4Gs6UPcrx TN9VrlpJFLhTkVSPdDD8McfxxiJk13+X3cx1GUc5TxNdMe8nGOKCOgGEw4n6YV6w e/MgawSbP/ftuz81/hO1mWkqGhoEEeclsEj/U5vOvjp6J0fMXYYFkheqJiTsjqpp IOaz/3LSmYoVbKCvt/3riVlmiYos3tQzeQs5tQo7BKnWHtn1Q2Nd+dpeZmRxbQIP hspc1sOaKbYihN9AUqNPfMlA3xa3YvlCWkboLx5sY9ypYAUzi9d8knphNby+q/no -----END CERTIFICATE-----Generated at Mon Feb 9 22:35:28 2026 by rpki-client