This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/4dMXi4_OZ1hIYb5lfSEix8dXAV4.roa File: 4dMXi4_OZ1hIYb5lfSEix8dXAV4.roa (raw, json) Hash identifier: pso0l4AjjbTbnTQh+xQFS2oQ9IVZGMVy1LttU/eMjhU= Subject key identifier: E1:D3:17:8B:8F:CE:67:58:48:61:BE:65:7D:21:22:C7:C7:57:01:5E Certificate issuer: /CN=0e43a0df059a5251a400b5a1f1321ba00d3120d2 Certificate serial: 019B7FF1F2BFC20849ED1784D147F32CE9DE Authority key identifier: 0E:43:A0:DF:05:9A:52:51:A4:00:B5:A1:F1:32:1B:A0:0D:31:20:D2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/4dMXi4_OZ1hIYb5lfSEix8dXAV4.roa Signing time: Fri 02 Jan 2026 18:22:01 +0000 ROA not before: Fri 02 Jan 2026 18:22:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39605 IP address blocks: 185.159.104.0/22 maxlen: 24 185.159.104.0/23 maxlen: 23 2a07:b880::/41 maxlen: 41 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.crl rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.mft rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 00:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f1:f2:bf:c2:08:49:ed:17:84:d1:47:f3:2c:e9:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0e43a0df059a5251a400b5a1f1321ba00d3120d2 Validity Not Before: Jan 2 18:22:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e1d3178b8fce67584861be657d2122c7c757015e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:34:63:7c:d5:4a:88:cc:74:50:c5:ab:55:5a: c2:a3:98:51:71:96:8d:b1:2c:93:a0:86:37:0d:81: 13:a4:39:33:81:75:fd:b5:7a:e6:ac:65:da:29:b0: 6d:49:a8:d6:f4:b3:1f:0f:c5:aa:49:8a:07:27:b0: d4:1f:5f:0a:04:34:58:c6:43:cc:f7:33:41:eb:a1: 93:d6:34:9e:2a:e0:b9:59:2f:79:1a:dd:66:0e:18: 01:b2:f1:f3:b6:de:94:ea:7d:32:42:66:bd:65:5c: 67:64:1b:73:d1:5c:19:b3:8f:5b:27:d6:19:0d:6d: 41:e7:bd:49:3a:07:9e:42:94:73:dc:67:6e:25:1d: da:62:be:3d:2a:94:c1:74:0c:8d:35:64:cd:a7:90: f4:60:26:18:89:0b:dc:6c:9d:8e:c4:e7:72:1b:59: 01:fd:af:46:3e:b1:57:51:54:8c:4a:fe:7b:cc:c1: d7:45:ec:8d:54:12:c4:b6:f2:e3:27:2f:7a:72:12: e3:de:e1:b8:76:6b:38:a4:98:98:31:3e:1d:22:ef: e3:d7:2d:3b:5c:e8:7f:c1:b4:55:0e:a0:c3:cc:44: 56:05:b3:80:bb:69:2c:92:f2:29:05:76:e5:fc:5c: a0:46:b7:da:48:3c:5d:cb:9a:7f:b6:63:a7:af:1b: d1:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:D3:17:8B:8F:CE:67:58:48:61:BE:65:7D:21:22:C7:C7:57:01:5E X509v3 Authority Key Identifier: keyid:0E:43:A0:DF:05:9A:52:51:A4:00:B5:A1:F1:32:1B:A0:0D:31:20:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/4dMXi4_OZ1hIYb5lfSEix8dXAV4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.159.104.0/22 IPv6: 2a07:b880::/41 Signature Algorithm: sha256WithRSAEncryption 41:67:39:d8:f9:47:a5:22:61:4d:15:aa:d4:15:18:96:b8:14: 6a:01:db:16:22:5f:30:c6:42:de:b7:66:c3:f9:2b:77:e1:7f: 7f:da:f4:81:e7:6f:f5:a4:0b:3c:10:1d:40:c0:11:d9:eb:79: 0a:ac:ec:37:17:74:36:03:94:1e:ba:d7:40:3b:2e:f8:73:37: 39:6e:55:ae:15:94:97:73:37:32:9f:a6:d6:e5:05:7a:8a:b3: 7a:8c:dd:ec:3c:36:9e:3c:ea:94:7e:5c:26:c4:1a:40:02:bf: 5f:87:8d:58:16:f2:0d:8a:73:74:f4:4b:c0:c4:da:07:11:22: fa:ea:2c:1a:09:02:fa:fa:12:63:a2:e9:b6:a5:f0:10:99:39: b0:81:44:9f:d7:32:07:ff:ea:c7:2e:f1:9d:ef:e8:c9:f8:bd: 32:93:6a:f3:c1:01:0c:a8:39:ac:09:51:32:5c:c0:b7:2d:32: af:62:79:95:ec:77:c4:3d:b7:fa:37:24:e8:cf:ea:2e:8d:76: 04:47:d2:7f:ee:fd:4d:60:dd:8a:9d:0c:f3:84:a2:30:54:d2: 19:e2:e2:19:e4:40:6c:2f:0a:8c:22:48:0a:59:ca:bf:2d:d4: 07:0d:dd:2b:4c:66:46:70:e8:bf:7d:51:42:d8:3c:f2:6e:4a: 54:c4:5c:79 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt/8fK/wghJ7ReE0UfzLOneMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBlNDNhMGRmMDU5YTUyNTFhNDAwYjVhMWYxMzIxYmEwMGQz MTIwZDIwHhcNMjYwMTAyMTgyMjAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMWQzMTc4YjhmY2U2NzU4NDg2MWJlNjU3ZDIxMjJjN2M3NTcwMTVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzRjfNVKiMx0UMWrVVrCo5hRcZaN sSyToIY3DYETpDkzgXX9tXrmrGXaKbBtSajW9LMfD8WqSYoHJ7DUH18KBDRYxkPM 9zNB66GT1jSeKuC5WS95Gt1mDhgBsvHztt6U6n0yQma9ZVxnZBtz0VwZs49bJ9YZ DW1B571JOgeeQpRz3GduJR3aYr49KpTBdAyNNWTNp5D0YCYYiQvcbJ2OxOdyG1kB /a9GPrFXUVSMSv57zMHXReyNVBLEtvLjJy96chLj3uG4dms4pJiYMT4dIu/j1y07 XOh/wbRVDqDDzERWBbOAu2kskvIpBXbl/FygRrfaSDxdy5p/tmOnrxvR4QIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFOHTF4uPzmdYSGG+ZX0hIsfHVwFeMB8GA1UdIwQY MBaAFA5DoN8FmlJRpAC1ofEyG6ANMSDSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wYmIzM2ItNjhmNy00NzQ4LTg0YWMt MDA0ZmU0MzNjN2M4LzEvNGRNWGk0X09aMWhJWWI1bGZTRWl4OGRYQVY0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS8wYmIzM2ItNjhmNy00NzQ4LTg0YWMtMDA0ZmU0MzNjN2M4 LzEvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuZ9oMA8E AgACMAkDBwcqB7iAAAAwDQYJKoZIhvcNAQELBQADggEBAEFnOdj5R6UiYU0VqtQV GJa4FGoB2xYiXzDGQt63ZsP5K3fhf3/a9IHnb/WkCzwQHUDAEdnreQqs7DcXdDYD lB6610A7LvhzNzluVa4VlJdzNzKfptblBXqKs3qM3ew8Np486pR+XCbEGkACv1+H jVgW8g2Kc3T0S8DE2gcRIvrqLBoJAvr6EmOi6bal8BCZObCBRJ/XMgf/6scu8Z3v 6Mn4vTKTavPBAQyoOawJUTJcwLctMq9ieZXsd8Q9t/o3JOjP6i6NdgRH0n/u/U1g 3YqdDPOEojBU0hni4hnkQGwvCowiSApZyr8t1AcN3StMZkZw6L99UULYPPJuSlTE XHk= -----END CERTIFICATE-----Generated at Mon Jan 26 09:22:54 2026 by rpki-client