This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/562548-7b3d-40b3-9c05-18585ed94a98/1/4SfojSm1O0yZDYuVtjhC0oqjoZo.roa File: 4SfojSm1O0yZDYuVtjhC0oqjoZo.roa (raw, json) Hash identifier: q4mcTRajmA1x3P8ne7N/z6IxFaFTMj4qWNPcuiyXN+A= Subject key identifier: E1:27:E8:8D:29:B5:3B:4C:99:0D:8B:95:B6:38:42:D2:8A:A3:A1:9A Certificate issuer: /CN=ab87734368d88315f11b329386cc5ef2bb875858 Certificate serial: 019B7F851500A88AD512166638F3430E447F Authority key identifier: AB:87:73:43:68:D8:83:15:F1:1B:32:93:86:CC:5E:F2:BB:87:58:58 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q4dzQ2jYgxXxGzKThsxe8ruHWFg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/562548-7b3d-40b3-9c05-18585ed94a98/1/4SfojSm1O0yZDYuVtjhC0oqjoZo.roa Signing time: Fri 02 Jan 2026 16:23:06 +0000 ROA not before: Fri 02 Jan 2026 16:23:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198167 IP address blocks: 185.108.28.0/24 maxlen: 24 185.108.29.0/24 maxlen: 24 185.108.30.0/24 maxlen: 24 185.108.31.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/562548-7b3d-40b3-9c05-18585ed94a98/1/q4dzQ2jYgxXxGzKThsxe8ruHWFg.crl rsync://rpki.ripe.net/repository/DEFAULT/71/562548-7b3d-40b3-9c05-18585ed94a98/1/q4dzQ2jYgxXxGzKThsxe8ruHWFg.mft rsync://rpki.ripe.net/repository/DEFAULT/q4dzQ2jYgxXxGzKThsxe8ruHWFg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:15:00:a8:8a:d5:12:16:66:38:f3:43:0e:44:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab87734368d88315f11b329386cc5ef2bb875858 Validity Not Before: Jan 2 16:23:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e127e88d29b53b4c990d8b95b63842d28aa3a19a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:e7:0c:74:b2:05:98:ec:87:ac:e5:55:0f:f3: c5:77:26:c7:97:33:8e:21:e9:2b:ca:14:be:04:2b: 1a:d5:79:95:bf:3c:d0:30:10:cc:a5:63:90:b2:07: d7:01:8c:7c:6e:c5:4f:59:6e:79:88:1c:3f:4c:36: c1:f7:5f:f1:f4:2a:bf:72:23:7a:2f:dc:14:5d:aa: 5d:0c:3d:3f:d9:e5:22:ae:dd:d7:d5:e4:96:10:0a: e0:56:ea:99:c3:50:aa:ae:07:25:00:d9:4e:c1:ff: 16:2c:10:4e:84:3c:4f:65:95:27:25:e1:4d:f1:f4: b2:06:67:f1:c9:a6:1c:49:6e:41:4c:3c:48:8b:ce: 1d:aa:b4:24:78:7f:0a:1e:2c:4f:c6:89:2e:b7:82: 28:fa:fb:51:61:ea:73:6e:26:76:20:16:8b:21:dd: bc:fb:f2:60:50:f5:7b:02:f0:2a:32:d4:83:83:ae: 96:79:c9:53:c5:85:a3:cb:2d:23:a7:30:6b:2a:41: 4e:f8:46:c8:0c:d0:5f:a8:46:d4:d6:4e:f5:2c:90: 64:e1:1f:15:d5:ee:aa:9d:47:bc:15:ae:09:07:45: 55:a3:9c:b0:9f:46:f8:86:a0:dd:27:dc:bc:7c:91: 99:18:d1:aa:d6:a5:af:15:cf:2a:47:c2:f2:14:f2: 14:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:27:E8:8D:29:B5:3B:4C:99:0D:8B:95:B6:38:42:D2:8A:A3:A1:9A X509v3 Authority Key Identifier: keyid:AB:87:73:43:68:D8:83:15:F1:1B:32:93:86:CC:5E:F2:BB:87:58:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q4dzQ2jYgxXxGzKThsxe8ruHWFg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/562548-7b3d-40b3-9c05-18585ed94a98/1/4SfojSm1O0yZDYuVtjhC0oqjoZo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/71/562548-7b3d-40b3-9c05-18585ed94a98/1/q4dzQ2jYgxXxGzKThsxe8ruHWFg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.108.28.0/22 Signature Algorithm: sha256WithRSAEncryption 1f:08:b2:94:14:03:83:90:38:8d:af:59:33:ac:60:45:2e:59: 16:59:e2:2a:69:56:18:6b:07:b2:3b:9b:35:5b:79:09:1f:66: a2:6d:2d:b2:9f:a5:eb:f0:78:b6:5f:bb:2b:75:62:bc:3c:99: 3d:b9:13:1b:eb:21:c4:17:06:bd:44:aa:a0:30:b5:a5:01:37: 56:93:2d:e2:f5:f8:e9:89:c6:9e:d5:06:6d:d0:0f:d2:3e:c9: 49:1f:be:d0:21:32:97:e7:7c:30:6f:52:42:6b:41:a8:07:62: 8d:97:3c:5a:53:a4:c1:59:6c:69:ee:c2:a4:f7:a2:e7:97:35: 70:b5:41:7a:ac:ee:f0:5d:fc:33:a2:3c:01:04:d5:76:98:60: 63:df:02:32:9d:c5:0e:b1:4b:7d:69:c7:6e:4a:87:44:ac:3d: 83:dc:9a:a8:99:de:1c:96:b5:c0:52:62:6d:25:59:2c:d5:3c: 06:56:1f:83:0e:0a:f2:61:ee:2e:3c:33:ab:9d:bd:2f:5d:78: f3:f4:ec:47:f5:7c:96:5e:29:da:51:90:75:0e:55:7c:3e:76: 56:91:f8:50:92:78:50:37:13:ea:37:62:30:a1:f5:58:b5:48: 43:40:e1:eb:51:c8:40:6d:76:1b:2b:6a:d6:03:46:a2:cb:eb: c5:c0:3e:30 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/hRUAqIrVEhZmOPNDDkR/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFiODc3MzQzNjhkODgzMTVmMTFiMzI5Mzg2Y2M1ZWYyYmI4 NzU4NTgwHhcNMjYwMTAyMTYyMzA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMTI3ZTg4ZDI5YjUzYjRjOTkwZDhiOTViNjM4NDJkMjhhYTNhMTlhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOcMdLIFmOyHrOVVD/PFdybHlzOO IekryhS+BCsa1XmVvzzQMBDMpWOQsgfXAYx8bsVPWW55iBw/TDbB91/x9Cq/ciN6 L9wUXapdDD0/2eUirt3X1eSWEArgVuqZw1CqrgclANlOwf8WLBBOhDxPZZUnJeFN 8fSyBmfxyaYcSW5BTDxIi84dqrQkeH8KHixPxokut4Io+vtRYepzbiZ2IBaLId28 +/JgUPV7AvAqMtSDg66WeclTxYWjyy0jpzBrKkFO+EbIDNBfqEbU1k71LJBk4R8V 1e6qnUe8Fa4JB0VVo5ywn0b4hqDdJ9y8fJGZGNGq1qWvFc8qR8LyFPIU4wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFOEn6I0ptTtMmQ2LlbY4QtKKo6GaMB8GA1UdIwQY MBaAFKuHc0No2IMV8Rsyk4bMXvK7h1hYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcTRkelEyallneFh4R3pLVGhzeGU4cnVIV0ZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS81NjI1NDgtN2IzZC00MGIzLTljMDUt MTg1ODVlZDk0YTk4LzEvNFNmb2pTbTFPMHlaRFl1VnRqaEMwb3Fqb1pvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MS81NjI1NDgtN2IzZC00MGIzLTljMDUtMTg1ODVlZDk0YTk4 LzEvcTRkelEyallneFh4R3pLVGhzeGU4cnVIV0ZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWwcMA0G CSqGSIb3DQEBCwUAA4IBAQAfCLKUFAODkDiNr1kzrGBFLlkWWeIqaVYYaweyO5s1 W3kJH2aibS2yn6Xr8Hi2X7srdWK8PJk9uRMb6yHEFwa9RKqgMLWlATdWky3i9fjp icae1QZt0A/SPslJH77QITKX53wwb1JCa0GoB2KNlzxaU6TBWWxp7sKk96LnlzVw tUF6rO7wXfwzojwBBNV2mGBj3wIyncUOsUt9acduSodErD2D3Jqomd4clrXAUmJt JVks1TwGVh+DDgryYe4uPDOrnb0vXXjz9OxH9XyWXinaUZB1DlV8PnZWkfhQknhQ NxPqN2IwofVYtUhDQOHrUchAbXYbK2rWA0aiy+vFwD4w -----END CERTIFICATE-----Generated at Sun Jan 25 19:39:03 2026 by rpki-client