This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/oyv9GLi6RmStBQrUUIRNPPhMP94.roa File: oyv9GLi6RmStBQrUUIRNPPhMP94.roa (raw, json) Hash identifier: Sh7Ia48+TnoC7cJxrCmNDBtuHk62gd//ZEtFJjzRb3M= Subject key identifier: A3:2B:FD:18:B8:BA:46:64:AD:05:0A:D4:50:84:4D:3C:F8:4C:3F:DE Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9 Certificate serial: 019AE3E6DD1BCE2CB2370E05D5F730EF2D5E Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/oyv9GLi6RmStBQrUUIRNPPhMP94.roa Signing time: Wed 03 Dec 2025 11:09:09 +0000 ROA not before: Wed 03 Dec 2025 11:09:09 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 174 IP address blocks: 104.238.28.0/24 maxlen: 24 104.238.31.0/24 maxlen: 24 104.243.192.0/24 maxlen: 24 104.249.21.0/24 maxlen: 24 204.52.104.0/24 maxlen: 24 216.173.88.0/23 maxlen: 23 216.173.92.0/24 maxlen: 24 216.173.93.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:e3:e6:dd:1b:ce:2c:b2:37:0e:05:d5:f7:30:ef:2d:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9 Validity Not Before: Dec 3 11:09:09 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=a32bfd18b8ba4664ad050ad450844d3cf84c3fde Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:1b:3a:b6:f3:c8:81:2d:8f:42:6a:d5:37:7a: 7f:7f:47:b0:64:80:94:4d:1d:1c:5e:c4:07:7b:51: 6e:08:9c:0c:2a:4d:f5:0a:07:bd:ba:64:47:ef:ce: 5b:ba:47:8f:ed:53:cf:d1:75:43:3b:f4:95:05:bf: 1c:95:3b:e7:fa:73:5c:c0:d3:e7:87:eb:84:e1:d4: 13:b1:c2:55:2f:84:81:a7:dc:05:1b:bd:86:99:96: e3:02:bf:d4:4a:28:2b:ae:3c:73:53:36:20:30:5d: 7e:7e:b9:a1:bd:6e:51:5c:a2:b3:24:63:25:eb:42: 40:f4:bb:fd:c5:e1:ab:6e:6e:45:b7:31:8e:49:b9: bb:0e:cf:bb:a8:6e:44:fa:8b:f4:0b:8d:83:b4:15: 8d:81:a2:d7:44:d6:69:23:f0:f0:df:2d:18:46:57: 0f:f1:75:3d:a5:18:63:01:32:c6:46:eb:e4:9e:a0: 84:e2:e7:76:f1:c4:3f:3a:18:1f:4f:30:3c:fc:9f: 62:70:74:53:3b:ad:b6:84:83:e0:f8:b9:71:49:af: ae:eb:76:65:9d:ec:ce:6d:77:f9:c3:b2:9f:5a:a3: 50:fe:c1:f0:d3:3d:1c:6f:55:9e:fa:f3:9c:82:7e: c5:61:00:ef:32:67:23:b5:52:c3:e6:b7:27:50:fe: db:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:2B:FD:18:B8:BA:46:64:AD:05:0A:D4:50:84:4D:3C:F8:4C:3F:DE X509v3 Authority Key Identifier: keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/oyv9GLi6RmStBQrUUIRNPPhMP94.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 104.238.28.0/24 104.238.31.0/24 104.243.192.0/24 104.249.21.0/24 204.52.104.0/24 216.173.88.0/23 216.173.92.0/23 Signature Algorithm: sha256WithRSAEncryption 96:62:4c:dc:6a:81:cc:66:7c:af:f8:7a:df:e1:e4:fb:8e:ee: b0:b0:7f:bf:6d:dd:f0:60:85:7b:3e:cd:88:7e:b9:5e:cd:2b: 33:83:4f:e6:a8:a3:09:85:7e:4e:94:30:d0:76:46:fc:1d:a9: 89:fa:47:e5:88:b3:96:a0:e8:8c:e4:11:09:a6:3e:49:9c:7c: d9:a4:77:96:7b:bd:d2:e4:59:bf:bb:a2:cd:eb:56:36:bd:22: 6f:aa:26:dc:8f:70:dc:1f:05:a2:c7:90:b2:93:67:06:c9:86: ce:2c:27:a8:8a:1c:0a:11:1a:16:cb:48:b0:58:f2:1d:66:71: 72:79:c7:4a:09:41:1d:9e:67:24:ff:da:d8:13:b4:ee:5f:7f: 05:e3:1d:e8:b3:7e:3f:2c:07:d1:23:26:5d:59:f7:b1:ba:ec: 3b:ca:66:4e:de:2f:76:06:dc:8d:c4:61:56:e2:29:db:27:b2: f6:2c:b6:29:9b:54:27:fb:4c:33:76:9b:5b:f0:ee:e0:31:60: ba:ea:b1:1f:0b:f4:11:b1:34:a6:2c:a6:ef:65:59:cf:69:d1: 3e:41:df:b5:a5:70:19:78:9a:a6:e0:fb:70:a2:0a:36:52:c8: e9:32:8e:19:02:94:a3:d6:40:16:d0:b8:0d:d1:2a:2c:83:0f: 47:3b:d0:a8 -----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgISAZrj5t0bziyyNw4F1fcw7y1eMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj Mzg1ZTkwHhcNMjUxMjAzMTEwOTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMzJiZmQxOGI4YmE0NjY0YWQwNTBhZDQ1MDg0NGQzY2Y4NGMzZmRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxs6tvPIgS2PQmrVN3p/f0ewZICU TR0cXsQHe1FuCJwMKk31Cge9umRH785bukeP7VPP0XVDO/SVBb8clTvn+nNcwNPn h+uE4dQTscJVL4SBp9wFG72GmZbjAr/USigrrjxzUzYgMF1+frmhvW5RXKKzJGMl 60JA9Lv9xeGrbm5FtzGOSbm7Ds+7qG5E+ov0C42DtBWNgaLXRNZpI/Dw3y0YRlcP 8XU9pRhjATLGRuvknqCE4ud28cQ/OhgfTzA8/J9icHRTO622hIPg+LlxSa+u63Zl nezObXf5w7KfWqNQ/sHw0z0cb1We+vOcgn7FYQDvMmcjtVLD5rcnUP7bbwIDAQAB o4ICLTCCAikwHQYDVR0OBBYEFKMr/Ri4ukZkrQUK1FCETTz4TD/eMB8GA1UdIwQY MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt ZmIwNzk1NWYzYWFhLzEvb3l2OUdMaTZSbVN0QlFyVVVJUk5QUGhNUDk0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAaO4cAwQA aO4fAwQAaPPAAwQAaPkVAwQAzDRoAwQB2K1YAwQB2K1cMA0GCSqGSIb3DQEBCwUA A4IBAQCWYkzcaoHMZnyv+Hrf4eT7ju6wsH+/bd3wYIV7Ps2IfrlezSszg0/mqKMJ hX5OlDDQdkb8HamJ+kfliLOWoOiM5BEJpj5JnHzZpHeWe73S5Fm/u6LN61Y2vSJv qibcj3DcHwWix5Cyk2cGyYbOLCeoihwKERoWy0iwWPIdZnFyecdKCUEdnmck/9rY E7TuX38F4x3os34/LAfRIyZdWfexuuw7ymZO3i92BtyNxGFW4inbJ7L2LLYpm1Qn +0wzdptb8O7gMWC66rEfC/QRsTSmLKbvZVnPadE+Qd+1pXAZeJqm4Ptwogo2Usjp Mo4ZApSj1kAW0LgN0Sosgw9HO9Co -----END CERTIFICATE-----Generated at Sat Dec 6 11:04:39 2025 by rpki-client