This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/29fcb9-305c-406b-a7a4-1f6b2d14f4f9/1/yz4yGl1g1ZXuKdw5owwVJMviKuk.roa File: yz4yGl1g1ZXuKdw5owwVJMviKuk.roa (raw, json) Hash identifier: Sc/QeL6Zcy7WtO4lELE9453BMXinD0KNoVI3MxmHoCk= Subject key identifier: CB:3E:32:1A:5D:60:D5:95:EE:29:DC:39:A3:0C:15:24:CB:E2:2A:E9 Certificate issuer: /CN=5c57c8f8d9ee5e2ce7043e1ec26bb1693f7f121f Certificate serial: 019B7F831DECF93C45B5963C28BA26625C33 Authority key identifier: 5C:57:C8:F8:D9:EE:5E:2C:E7:04:3E:1E:C2:6B:B1:69:3F:7F:12:1F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XFfI-NnuXiznBD4ewmuxaT9_Eh8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/29fcb9-305c-406b-a7a4-1f6b2d14f4f9/1/yz4yGl1g1ZXuKdw5owwVJMviKuk.roa Signing time: Fri 02 Jan 2026 16:20:57 +0000 ROA not before: Fri 02 Jan 2026 16:20:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 1299 IP address blocks: 5.133.40.0/21 maxlen: 24 144.124.128.0/18 maxlen: 24 185.173.8.0/22 maxlen: 24 194.163.224.0/20 maxlen: 24 2a04:ed00::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/29fcb9-305c-406b-a7a4-1f6b2d14f4f9/1/XFfI-NnuXiznBD4ewmuxaT9_Eh8.crl rsync://rpki.ripe.net/repository/DEFAULT/da/29fcb9-305c-406b-a7a4-1f6b2d14f4f9/1/XFfI-NnuXiznBD4ewmuxaT9_Eh8.mft rsync://rpki.ripe.net/repository/DEFAULT/XFfI-NnuXiznBD4ewmuxaT9_Eh8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:1d:ec:f9:3c:45:b5:96:3c:28:ba:26:62:5c:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5c57c8f8d9ee5e2ce7043e1ec26bb1693f7f121f Validity Not Before: Jan 2 16:20:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cb3e321a5d60d595ee29dc39a30c1524cbe22ae9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:fc:3f:a9:4a:66:a2:9b:a5:c6:79:74:6f:c5: 14:f0:24:18:f1:75:94:98:38:cd:24:ac:67:22:ea: 3e:af:65:00:08:25:43:83:64:43:62:6e:56:4c:39: ab:51:dd:33:82:2f:24:53:4f:e5:de:95:4f:f6:88: 77:b9:65:d6:cd:76:ca:60:e9:fa:d9:d9:8d:db:4e: 0f:9e:ad:f1:5e:0f:e2:6b:9e:2d:15:1b:9a:a6:bb: 46:41:48:98:0b:8d:cb:2c:c7:2c:13:d8:40:94:bb: ec:75:f7:71:69:79:51:4e:c0:cc:27:bc:d9:3f:9c: 67:07:3f:3e:ce:b6:a4:c6:81:ee:23:4f:c0:c4:21: 95:ec:b8:81:34:af:a6:dd:2f:83:25:f3:21:60:7d: fb:20:e1:d7:c2:23:49:f8:fa:33:4e:8b:87:e1:3d: a4:aa:db:66:e4:6d:3d:3d:14:f8:b8:33:c8:09:a5: b5:a1:8f:5d:13:30:96:4e:e5:6b:d4:0d:54:43:73: ed:1c:e3:55:a8:60:d5:01:f3:88:e1:cf:70:5a:ed: 82:4b:52:16:2c:ce:22:44:6b:f3:34:b5:69:f9:23: 90:6d:1c:0d:09:62:62:7c:c9:1a:69:f5:8c:3b:33: 21:52:aa:8d:b5:e2:bb:87:8b:48:65:18:11:50:a7: 87:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:3E:32:1A:5D:60:D5:95:EE:29:DC:39:A3:0C:15:24:CB:E2:2A:E9 X509v3 Authority Key Identifier: keyid:5C:57:C8:F8:D9:EE:5E:2C:E7:04:3E:1E:C2:6B:B1:69:3F:7F:12:1F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XFfI-NnuXiznBD4ewmuxaT9_Eh8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/29fcb9-305c-406b-a7a4-1f6b2d14f4f9/1/yz4yGl1g1ZXuKdw5owwVJMviKuk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/29fcb9-305c-406b-a7a4-1f6b2d14f4f9/1/XFfI-NnuXiznBD4ewmuxaT9_Eh8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.133.40.0/21 144.124.128.0/18 185.173.8.0/22 194.163.224.0/20 IPv6: 2a04:ed00::/29 Signature Algorithm: sha256WithRSAEncryption 6c:f7:80:71:ba:84:f7:ed:0b:bd:ff:ab:0f:6d:fc:b6:29:07: 54:a2:48:9b:8c:f3:b8:59:6f:a2:ab:dc:d2:73:dc:77:e4:c6: 33:a8:0c:9e:72:f3:d2:54:09:d0:26:90:fa:57:67:f3:f4:35: 40:5d:b4:98:06:90:69:6e:10:78:1e:04:87:7e:b0:51:b0:f9: 6b:e2:8b:40:93:85:60:bd:09:6a:71:74:39:ef:da:78:3a:c6: d3:3a:95:e6:e4:f2:e1:48:5f:a1:17:56:4b:17:ec:a5:5e:80: f8:02:0f:c3:93:c5:cf:67:07:ca:69:de:6f:a7:5b:5c:99:ee: 81:67:f8:c9:7e:e9:d5:38:91:2a:0e:00:a0:c3:57:8b:2d:a7: 7c:5d:1e:c1:07:08:7e:f8:04:c1:8b:b7:2d:df:17:d7:34:cd: 42:02:28:9e:3d:2c:d4:6f:68:49:b3:ad:5c:35:79:20:35:bb: f8:cf:39:29:db:7e:8d:e7:e9:c7:f6:5f:45:0a:88:7b:2d:a6: b1:bb:68:6b:eb:2c:44:81:b6:75:fb:d7:e3:df:93:40:a3:5e: e1:6e:6e:b8:eb:c8:c4:cc:d1:9f:66:bd:a3:2d:e7:39:bd:51: ab:72:6a:25:22:89:10:11:36:37:ef:d8:e2:5c:4a:19:54:a4: 3e:f1:26:b2 -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt/gx3s+TxFtZY8KLomYlwzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjNTdjOGY4ZDllZTVlMmNlNzA0M2UxZWMyNmJiMTY5M2Y3 ZjEyMWYwHhcNMjYwMTAyMTYyMDU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYjNlMzIxYTVkNjBkNTk1ZWUyOWRjMzlhMzBjMTUyNGNiZTIyYWU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/w/qUpmopulxnl0b8UU8CQY8XWU mDjNJKxnIuo+r2UACCVDg2RDYm5WTDmrUd0zgi8kU0/l3pVP9oh3uWXWzXbKYOn6 2dmN204Pnq3xXg/ia54tFRuaprtGQUiYC43LLMcsE9hAlLvsdfdxaXlRTsDMJ7zZ P5xnBz8+zrakxoHuI0/AxCGV7LiBNK+m3S+DJfMhYH37IOHXwiNJ+PozTouH4T2k qttm5G09PRT4uDPICaW1oY9dEzCWTuVr1A1UQ3PtHONVqGDVAfOI4c9wWu2CS1IW LM4iRGvzNLVp+SOQbRwNCWJifMkaafWMOzMhUqqNteK7h4tIZRgRUKeHOwIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFMs+MhpdYNWV7incOaMMFSTL4irpMB8GA1UdIwQY MBaAFFxXyPjZ7l4s5wQ+HsJrsWk/fxIfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWEZmSS1ObnVYaXpuQkQ0ZXdtdXhhVDlfRWg4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8yOWZjYjktMzA1Yy00MDZiLWE3YTQt MWY2YjJkMTRmNGY5LzEveXo0eUdsMWcxWlh1S2R3NW93d1ZKTXZpS3VrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS8yOWZjYjktMzA1Yy00MDZiLWE3YTQtMWY2YjJkMTRmNGY5 LzEvWEZmSS1ObnVYaXpuQkQ0ZXdtdXhhVDlfRWg4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBYUoAwQG kHyAAwQCua0IAwQEwqPgMA0EAgACMAcDBQMqBO0AMA0GCSqGSIb3DQEBCwUAA4IB AQBs94BxuoT37Qu9/6sPbfy2KQdUokibjPO4WW+iq9zSc9x35MYzqAyecvPSVAnQ JpD6V2fz9DVAXbSYBpBpbhB4HgSHfrBRsPlr4otAk4VgvQlqcXQ579p4OsbTOpXm 5PLhSF+hF1ZLF+ylXoD4Ag/Dk8XPZwfKad5vp1tcme6BZ/jJfunVOJEqDgCgw1eL Lad8XR7BBwh++ATBi7ct3xfXNM1CAiiePSzUb2hJs61cNXkgNbv4zzkp236N5+nH 9l9FCoh7Laaxu2hr6yxEgbZ1+9fj35NAo17hbm6468jEzNGfZr2jLec5vVGrcmol IokQETY379jiXEoZVKQ+8Say -----END CERTIFICATE-----Generated at Wed Jan 21 07:23:30 2026 by rpki-client