This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/0840e9-7199-4e03-84fd-c28d14c7b731/1/4PSqkbn4bMtBeCnSBAdphuD0N68.roa File: 4PSqkbn4bMtBeCnSBAdphuD0N68.roa (raw, json) Hash identifier: 7WdKS6f+17GrfB54aQeANA2RWiVlXakknw1q0Gpsn4w= Subject key identifier: E0:F4:AA:91:B9:F8:6C:CB:41:78:29:D2:04:07:69:86:E0:F4:37:AF Certificate issuer: /CN=085af81b99ebf482f3c6b5351e29e28a2e20b398 Certificate serial: 019B7834CC232AA7141CA3DC5DE8E96F8489 Authority key identifier: 08:5A:F8:1B:99:EB:F4:82:F3:C6:B5:35:1E:29:E2:8A:2E:20:B3:98 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CFr4G5nr9ILzxrU1Hiniii4gs5g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/0840e9-7199-4e03-84fd-c28d14c7b731/1/4PSqkbn4bMtBeCnSBAdphuD0N68.roa Signing time: Thu 01 Jan 2026 06:18:04 +0000 ROA not before: Thu 01 Jan 2026 06:18:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5408 IP address blocks: 109.107.139.0/24 maxlen: 24 2a11:cfc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/0840e9-7199-4e03-84fd-c28d14c7b731/1/CFr4G5nr9ILzxrU1Hiniii4gs5g.crl rsync://rpki.ripe.net/repository/DEFAULT/5c/0840e9-7199-4e03-84fd-c28d14c7b731/1/CFr4G5nr9ILzxrU1Hiniii4gs5g.mft rsync://rpki.ripe.net/repository/DEFAULT/CFr4G5nr9ILzxrU1Hiniii4gs5g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:cc:23:2a:a7:14:1c:a3:dc:5d:e8:e9:6f:84:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=085af81b99ebf482f3c6b5351e29e28a2e20b398 Validity Not Before: Jan 1 06:18:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e0f4aa91b9f86ccb417829d204076986e0f437af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:a5:c2:a2:9c:d7:9c:62:43:ea:af:24:9a:e3: a5:96:7c:11:24:98:c3:90:b7:ae:fd:93:01:f2:13: f4:f3:fc:24:e5:8d:f3:06:39:0d:e8:de:86:a0:7e: 78:63:fb:b1:30:31:5e:aa:e8:15:a7:5c:2a:a7:71: 68:53:7a:57:e6:19:f5:b9:8e:87:6b:1b:0a:34:f9: 2d:29:ab:11:11:f5:f5:3c:6f:d7:a1:82:84:f1:a9: b0:b2:84:d5:cd:42:99:da:12:5a:21:e4:ba:f9:ea: c9:61:fb:4b:e5:e7:6f:e3:af:bd:10:2c:1a:05:69: 3e:86:8f:06:c3:81:e8:ea:07:73:ab:b0:e2:4b:0d: fe:c7:99:a2:33:dc:18:9a:a3:6b:da:19:15:3c:d3: e0:a8:3b:f8:2c:98:0a:93:16:df:26:7b:b6:3d:71: 38:d7:d6:52:91:62:3d:8f:eb:3b:e5:c8:25:24:73: 96:83:57:90:d6:cd:7c:fc:bd:b6:19:2e:35:62:54: 16:0d:b4:6c:cd:2c:ff:3f:e6:8a:3a:38:76:22:16: 2c:cb:fa:3b:59:c0:2d:f8:67:d6:a2:d0:88:cf:79: 4a:90:8d:aa:dd:9a:40:62:c7:f1:2b:81:28:68:41: c7:8b:37:ee:fb:25:74:ca:83:34:d0:de:a1:bc:69: d2:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:F4:AA:91:B9:F8:6C:CB:41:78:29:D2:04:07:69:86:E0:F4:37:AF X509v3 Authority Key Identifier: keyid:08:5A:F8:1B:99:EB:F4:82:F3:C6:B5:35:1E:29:E2:8A:2E:20:B3:98 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CFr4G5nr9ILzxrU1Hiniii4gs5g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/0840e9-7199-4e03-84fd-c28d14c7b731/1/4PSqkbn4bMtBeCnSBAdphuD0N68.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/0840e9-7199-4e03-84fd-c28d14c7b731/1/CFr4G5nr9ILzxrU1Hiniii4gs5g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.107.139.0/24 IPv6: 2a11:cfc0::/32 Signature Algorithm: sha256WithRSAEncryption 39:04:21:38:0a:89:dd:16:41:84:af:36:ed:92:00:a3:79:ab: 14:c3:a3:86:2b:2e:62:7c:ca:4d:ce:71:cd:f1:e0:62:28:29: e0:5f:3a:76:71:55:e6:70:d0:32:02:50:7b:00:d8:d5:55:59: e6:2e:98:03:0c:12:8c:af:30:64:cb:a8:de:22:3c:ff:ed:64: f9:5e:6d:9b:ed:7d:41:9f:af:eb:11:d5:e7:7b:58:89:d9:ec: a6:5f:21:ea:61:47:ea:4e:97:3d:22:2f:81:ee:95:10:c7:32: 04:67:b9:93:d9:5e:22:28:55:58:41:4c:52:c0:9d:46:fd:aa: 12:ee:b0:4b:51:35:89:af:ae:0b:00:cb:92:48:c7:7b:ab:e2: 04:6c:c2:25:cf:9c:10:67:7f:a2:dc:11:57:cb:12:8a:1d:c1: cc:d8:ed:30:ab:34:39:c8:22:68:44:12:12:a1:71:42:27:f6: 48:cf:35:70:39:f6:88:31:b3:ef:97:ee:9a:4f:0f:14:54:4c: f8:e9:a7:81:d0:db:dc:c6:e4:26:ce:f7:cc:26:d8:d0:6a:11: 76:42:7d:24:da:79:47:72:33:cd:bd:58:5c:0c:7c:cc:62:9c: 8e:ab:2b:43:6f:0f:12:da:26:68:ad:84:52:db:50:0d:31:5d: 6d:b5:9b:98 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt4NMwjKqcUHKPcXejpb4SJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4NWFmODFiOTllYmY0ODJmM2M2YjUzNTFlMjllMjhhMmUy MGIzOTgwHhcNMjYwMTAxMDYxODA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMGY0YWE5MWI5Zjg2Y2NiNDE3ODI5ZDIwNDA3Njk4NmUwZjQzN2FmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaXCopzXnGJD6q8kmuOllnwRJJjD kLeu/ZMB8hP08/wk5Y3zBjkN6N6GoH54Y/uxMDFequgVp1wqp3FoU3pX5hn1uY6H axsKNPktKasREfX1PG/XoYKE8amwsoTVzUKZ2hJaIeS6+erJYftL5edv46+9ECwa BWk+ho8Gw4Ho6gdzq7DiSw3+x5miM9wYmqNr2hkVPNPgqDv4LJgKkxbfJnu2PXE4 19ZSkWI9j+s75cglJHOWg1eQ1s18/L22GS41YlQWDbRszSz/P+aKOjh2IhYsy/o7 WcAt+GfWotCIz3lKkI2q3ZpAYsfxK4EoaEHHizfu+yV0yoM00N6hvGnSdQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFOD0qpG5+GzLQXgp0gQHaYbg9DevMB8GA1UdIwQY MBaAFAha+BuZ6/SC88a1NR4p4oouILOYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ0ZyNEc1bnI5SUx6eHJVMUhpbmlpaTRnczVnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8wODQwZTktNzE5OS00ZTAzLTg0ZmQt YzI4ZDE0YzdiNzMxLzEvNFBTcWtibjRiTXRCZUNuU0JBZHBodUQwTjY4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yy8wODQwZTktNzE5OS00ZTAzLTg0ZmQtYzI4ZDE0YzdiNzMx LzEvQ0ZyNEc1bnI5SUx6eHJVMUhpbmlpaTRnczVnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAbWuLMA0E AgACMAcDBQAqEc/AMA0GCSqGSIb3DQEBCwUAA4IBAQA5BCE4CondFkGErzbtkgCj easUw6OGKy5ifMpNznHN8eBiKCngXzp2cVXmcNAyAlB7ANjVVVnmLpgDDBKMrzBk y6jeIjz/7WT5Xm2b7X1Bn6/rEdXne1iJ2eymXyHqYUfqTpc9Ii+B7pUQxzIEZ7mT 2V4iKFVYQUxSwJ1G/aoS7rBLUTWJr64LAMuSSMd7q+IEbMIlz5wQZ3+i3BFXyxKK HcHM2O0wqzQ5yCJoRBISoXFCJ/ZIzzVwOfaIMbPvl+6aTw8UVEz46aeB0NvcxuQm zvfMJtjQahF2Qn0k2nlHcjPNvVhcDHzMYpyOqytDbw8S2iZorYRS21ANMV1ttZuY -----END CERTIFICATE-----Generated at Mon Jan 26 06:32:24 2026 by rpki-client