This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/YKLCnWqQGV5hxfK6-6HEsp4L23Q.roa File: YKLCnWqQGV5hxfK6-6HEsp4L23Q.roa (raw, json) Hash identifier: 1fdZUQJAV9m1smg0tw26v4TRKjJ0L/6+Bvyr9TlaIXQ= Subject key identifier: 60:A2:C2:9D:6A:90:19:5E:61:C5:F2:BA:FB:A1:C4:B2:9E:0B:DB:74 Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839 Certificate serial: 019B7C8086211921F0129308AA95691E0E24 Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/YKLCnWqQGV5hxfK6-6HEsp4L23Q.roa Signing time: Fri 02 Jan 2026 02:19:16 +0000 ROA not before: Fri 02 Jan 2026 02:19:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204997 IP address blocks: 104.128.132.0/24 maxlen: 24 104.128.133.0/24 maxlen: 24 2a0c:5d00:3001::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 11:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:86:21:19:21:f0:12:93:08:aa:95:69:1e:0e:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839 Validity Not Before: Jan 2 02:19:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=60a2c29d6a90195e61c5f2bafba1c4b29e0bdb74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:7e:10:51:5c:ba:22:db:b8:b1:1d:9a:e3:df: a0:0b:80:96:14:c0:0d:92:29:49:62:9f:19:fb:64: 28:b3:cc:34:2c:bf:56:14:d2:e6:ed:5f:e3:40:13: 7e:df:ec:75:28:78:b3:7c:a5:72:61:d5:38:ff:54: c4:f9:36:43:58:7f:7c:4e:47:b3:d0:be:e4:2f:a6: c6:0a:74:b1:7a:3b:1e:68:e0:5a:c9:53:4e:f7:fe: 6c:cc:59:18:ee:20:8b:2f:d0:e0:d8:ac:1b:98:c3: f5:5f:a4:69:cd:64:88:16:c7:b0:58:79:fe:90:7e: 1e:bb:ca:88:c1:91:75:b5:01:48:ae:20:ee:47:34: de:62:19:ac:f1:91:e3:81:2b:5f:97:1c:94:99:2b: cb:2b:5b:fd:bf:b7:fc:cd:49:e3:6c:d5:8f:c7:92: fe:4c:3c:a3:a1:94:0e:8e:a6:68:17:97:0f:19:79: ba:7a:e5:f7:dd:ff:1f:ca:59:7c:3f:14:b3:b0:a2: 66:2a:fd:5d:c4:be:12:67:59:d1:db:24:19:c9:b3: 9f:a3:aa:e7:b6:69:77:84:25:78:10:e8:76:6b:4a: a4:8a:33:bd:56:72:2e:8a:74:85:b4:eb:f4:06:3c: d5:ee:be:d6:70:38:66:3d:c6:a1:48:51:f0:5c:d5: 82:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:A2:C2:9D:6A:90:19:5E:61:C5:F2:BA:FB:A1:C4:B2:9E:0B:DB:74 X509v3 Authority Key Identifier: keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/YKLCnWqQGV5hxfK6-6HEsp4L23Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 104.128.132.0/23 IPv6: 2a0c:5d00:3001::/48 Signature Algorithm: sha256WithRSAEncryption 4d:ad:e5:1d:2d:4e:67:0e:60:ce:f7:d6:d0:28:d4:af:89:f2: a2:7b:6c:08:23:ac:b7:58:0c:9b:f4:c1:57:e4:63:8a:6b:27: ed:a4:da:ad:64:05:37:07:6f:71:ed:aa:d0:bf:0c:16:66:0b: 9f:4d:d8:a5:92:2a:97:e1:1b:7f:14:94:17:01:94:c2:31:13: 75:1c:b7:cf:29:1d:04:20:d4:54:21:46:82:f5:3f:6f:41:d1: db:2e:bb:4a:05:7e:6d:2c:46:e1:bd:9e:11:3d:52:e8:97:66: 05:2c:99:31:2d:5b:5d:9d:90:6c:12:d0:9c:5b:36:1d:6b:c3: de:1b:ec:99:0a:47:a1:dd:11:e0:c6:4c:ec:00:7b:6f:ae:20: 0e:56:58:75:fa:e6:d8:06:cf:2b:d8:c4:22:c6:b5:50:be:a9: 9a:37:50:83:90:3f:d0:2a:a6:31:5a:d6:86:d4:f0:3e:01:09: 29:e0:64:21:e3:f1:78:13:00:c0:e3:51:eb:33:a7:90:59:72: 28:36:ff:94:91:50:1d:5b:81:cd:5f:16:4c:ed:8b:f3:3d:04: 42:0c:2c:5a:15:e2:71:f2:c2:4d:18:df:48:a6:ea:76:a7:08: df:75:dc:26:ff:b0:0a:da:1f:52:a3:c2:ae:25:3f:f7:00:7d: 0d:65:72:cb -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt8gIYhGSHwEpMIqpVpHg4kMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx ZmE4MzkwHhcNMjYwMTAyMDIxOTE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MGEyYzI5ZDZhOTAxOTVlNjFjNWYyYmFmYmExYzRiMjllMGJkYjc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnH4QUVy6Itu4sR2a49+gC4CWFMAN kilJYp8Z+2Qos8w0LL9WFNLm7V/jQBN+3+x1KHizfKVyYdU4/1TE+TZDWH98Tkez 0L7kL6bGCnSxejseaOBayVNO9/5szFkY7iCLL9Dg2KwbmMP1X6RpzWSIFsewWHn+ kH4eu8qIwZF1tQFIriDuRzTeYhms8ZHjgStflxyUmSvLK1v9v7f8zUnjbNWPx5L+ TDyjoZQOjqZoF5cPGXm6euX33f8fyll8PxSzsKJmKv1dxL4SZ1nR2yQZybOfo6rn tml3hCV4EOh2a0qkijO9VnIuinSFtOv0BjzV7r7WcDhmPcahSFHwXNWCmQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFGCiwp1qkBleYcXyuvuhxLKeC9t0MB8GA1UdIwQY MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt MzA0OTVmNDAzNzg0LzEvWUtMQ25XcVFHVjVoeGZLNi02SEVzcDRMMjNRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0 LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBaICEMA8E AgACMAkDBwAqDF0AMAEwDQYJKoZIhvcNAQELBQADggEBAE2t5R0tTmcOYM731tAo 1K+J8qJ7bAgjrLdYDJv0wVfkY4prJ+2k2q1kBTcHb3HtqtC/DBZmC59N2KWSKpfh G38UlBcBlMIxE3Uct88pHQQg1FQhRoL1P29B0dsuu0oFfm0sRuG9nhE9UuiXZgUs mTEtW12dkGwS0JxbNh1rw94b7JkKR6HdEeDGTOwAe2+uIA5WWHX65tgGzyvYxCLG tVC+qZo3UIOQP9AqpjFa1obU8D4BCSngZCHj8XgTAMDjUeszp5BZcig2/5SRUB1b gc1fFkzti/M9BEIMLFoV4nHywk0Y30im6nanCN913Cb/sAraH1Kjwq4lP/cAfQ1l css= -----END CERTIFICATE-----Generated at Fri Jan 2 18:20:48 2026 by rpki-client