This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/So4nEMLt4uM_XPWKwNItcfNEMcI.roa File: So4nEMLt4uM_XPWKwNItcfNEMcI.roa (raw, json) Hash identifier: pt1FKWVGrjjfbK1jA0eLfRlvAWVfWzudUlkvRWCi8y0= Subject key identifier: 4A:8E:27:10:C2:ED:E2:E3:3F:5C:F5:8A:C0:D2:2D:71:F3:44:31:C2 Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb Certificate serial: 019B7758F2A05B527DF6E7C131D2686AE4BB Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/So4nEMLt4uM_XPWKwNItcfNEMcI.roa Signing time: Thu 01 Jan 2026 02:17:56 +0000 ROA not before: Thu 01 Jan 2026 02:17:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205632 IP address blocks: 5.1.71.0/24 maxlen: 32 2a07:6fc0:4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.mft rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 14:02:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:f2:a0:5b:52:7d:f6:e7:c1:31:d2:68:6a:e4:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb Validity Not Before: Jan 1 02:17:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4a8e2710c2ede2e33f5cf58ac0d22d71f34431c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:ab:72:58:ac:e9:dc:e3:72:32:9c:c5:e5:0b: 96:c6:05:eb:12:dd:7c:e7:91:24:b0:51:9c:39:bc: 7c:68:be:31:f4:d7:6a:ca:e2:d0:43:e5:69:ac:18: a2:bb:fc:61:88:0c:8b:5b:9f:f0:27:92:3e:74:87: 6f:17:7a:92:58:25:db:96:ae:d0:82:73:56:2d:cf: a6:da:32:6e:ac:26:9d:72:55:1c:0a:b8:18:f0:09: c9:28:2f:49:1b:2c:b5:d0:c5:5c:eb:d6:bd:64:aa: 0a:0b:46:83:a7:82:05:f0:8e:7b:14:64:31:10:1a: e9:9d:72:19:16:27:de:dd:86:7a:ad:e5:12:7e:08: bb:be:ad:c9:72:0c:67:29:96:eb:fd:da:c1:50:1b: 42:47:ae:ea:f6:ae:78:7c:7a:77:ee:14:c3:ce:a0: f8:5e:d3:df:71:f3:22:ec:7b:f3:ec:a7:da:06:e5: de:24:af:6e:8e:40:2b:b4:04:dc:be:c9:61:fd:bf: 34:37:ee:56:3e:61:49:13:33:3a:9e:45:3c:e5:91: 53:28:2a:73:bc:ad:18:bc:83:35:90:a1:e7:c3:ed: d2:35:90:70:2a:28:ef:f6:00:25:7a:e2:81:fb:dc: b6:46:89:36:60:60:40:a5:80:7c:c6:41:f4:f2:1f: f8:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:8E:27:10:C2:ED:E2:E3:3F:5C:F5:8A:C0:D2:2D:71:F3:44:31:C2 X509v3 Authority Key Identifier: keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/So4nEMLt4uM_XPWKwNItcfNEMcI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.1.71.0/24 IPv6: 2a07:6fc0:4::/48 Signature Algorithm: sha256WithRSAEncryption 06:b1:b2:22:3d:b6:5a:6e:f5:ed:6c:44:c3:6f:45:2d:84:54: be:1d:98:52:f4:1e:13:73:8e:ae:be:38:40:9b:b0:f6:4d:db: 9d:c7:1a:9e:dd:e1:1b:54:dc:bc:85:e6:94:b0:26:fb:60:5a: d1:cc:1b:c0:f2:56:0c:55:d6:8d:da:50:1f:d2:14:48:1a:ed: 22:63:b6:e3:42:62:a3:25:84:23:50:ce:4d:44:93:aa:3f:b0: 0b:c3:0e:83:7e:28:33:77:49:7a:e7:67:c3:67:cd:1e:ff:a1: f4:5c:34:e8:60:9a:4d:bc:f3:b4:57:2f:3e:d4:cd:82:59:e2: db:f6:2e:f7:c8:ea:f6:55:37:d5:74:a7:eb:d3:42:c0:64:c4: 35:03:7c:99:d9:2f:35:56:f2:5c:1d:91:ac:27:38:ed:2b:15: b4:b8:67:50:41:30:d0:8f:ea:40:df:c0:9c:0b:86:21:2e:cc: 13:3a:01:f5:57:1d:73:50:45:57:69:a2:1c:63:30:2b:f7:85: 30:ea:30:02:cc:21:71:ea:c2:28:f9:cb:f5:29:7c:82:ec:1f: 28:b1:7a:d5:99:b7:2d:6f:28:34:0f:26:e2:6b:3e:0a:53:53: 7e:7f:39:bf:ec:b5:93:98:19:64:82:f1:48:0a:26:a2:2e:24: 89:08:39:43 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt3WPKgW1J99ufBMdJoauS7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi MGZhZGIwHhcNMjYwMTAxMDIxNzU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0YThlMjcxMGMyZWRlMmUzM2Y1Y2Y1OGFjMGQyMmQ3MWYzNDQzMWMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36tyWKzp3ONyMpzF5QuWxgXrEt18 55EksFGcObx8aL4x9NdqyuLQQ+VprBiiu/xhiAyLW5/wJ5I+dIdvF3qSWCXblq7Q gnNWLc+m2jJurCadclUcCrgY8AnJKC9JGyy10MVc69a9ZKoKC0aDp4IF8I57FGQx EBrpnXIZFife3YZ6reUSfgi7vq3JcgxnKZbr/drBUBtCR67q9q54fHp37hTDzqD4 XtPfcfMi7Hvz7KfaBuXeJK9ujkArtATcvslh/b80N+5WPmFJEzM6nkU85ZFTKCpz vK0YvIM1kKHnw+3SNZBwKijv9gAleuKB+9y2Rok2YGBApYB8xkH08h/4YQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFEqOJxDC7eLjP1z1isDSLXHzRDHCMB8GA1UdIwQY MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt NThiMzhmNWFjODBiLzEvU280bkVNTHQ0dU1fWFBXS3dOSXRjZk5FTWNJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQABQFHMA8E AgACMAkDBwAqB2/AAAQwDQYJKoZIhvcNAQELBQADggEBAAaxsiI9tlpu9e1sRMNv RS2EVL4dmFL0HhNzjq6+OECbsPZN253HGp7d4RtU3LyF5pSwJvtgWtHMG8DyVgxV 1o3aUB/SFEga7SJjtuNCYqMlhCNQzk1Ek6o/sAvDDoN+KDN3SXrnZ8NnzR7/ofRc NOhgmk2887RXLz7UzYJZ4tv2LvfI6vZVN9V0p+vTQsBkxDUDfJnZLzVW8lwdkawn OO0rFbS4Z1BBMNCP6kDfwJwLhiEuzBM6AfVXHXNQRVdpohxjMCv3hTDqMALMIXHq wij5y/UpfILsHyixetWZty1vKDQPJuJrPgpTU35/Ob/stZOYGWSC8UgKJqIuJIkI OUM= -----END CERTIFICATE-----Generated at Wed Jan 21 00:03:49 2026 by rpki-client