This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/SFUbqznmCnEJ3rKofq8VKf3iTTc.roa File: SFUbqznmCnEJ3rKofq8VKf3iTTc.roa (raw, json) Hash identifier: RPr3mwEf/YOEdxS9Rusypg0HUaq763lQcyOXM9sasq0= Subject key identifier: 48:55:1B:AB:39:E6:0A:71:09:DE:B2:A8:7E:AF:15:29:FD:E2:4D:37 Certificate issuer: /CN=25572e8f93b18a401cfecdf62586783858cc5f14 Certificate serial: 019B7A5B8AD0D135C886B7F71E281AFD95B6 Authority key identifier: 25:57:2E:8F:93:B1:8A:40:1C:FE:CD:F6:25:86:78:38:58:CC:5F:14 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JVcuj5OxikAc_s32JYZ4OFjMXxQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/SFUbqznmCnEJ3rKofq8VKf3iTTc.roa Signing time: Thu 01 Jan 2026 16:19:38 +0000 ROA not before: Thu 01 Jan 2026 16:19:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197164 IP address blocks: 185.114.124.0/22 maxlen: 24 192.162.228.0/23 maxlen: 24 192.162.230.0/24 maxlen: 24 2001:67c:2274::/48 maxlen: 48 2a06:6f00::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/JVcuj5OxikAc_s32JYZ4OFjMXxQ.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/JVcuj5OxikAc_s32JYZ4OFjMXxQ.mft rsync://rpki.ripe.net/repository/DEFAULT/JVcuj5OxikAc_s32JYZ4OFjMXxQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:8a:d0:d1:35:c8:86:b7:f7:1e:28:1a:fd:95:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=25572e8f93b18a401cfecdf62586783858cc5f14 Validity Not Before: Jan 1 16:19:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=48551bab39e60a7109deb2a87eaf1529fde24d37 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:47:cf:d3:38:e2:6f:a3:ee:4a:0c:09:80:db: b6:fe:1a:72:a6:71:59:b6:ef:08:97:ea:ae:d8:10: 15:ab:03:d1:69:cb:dd:b4:07:8e:bf:6f:bf:58:df: 14:3c:23:bf:03:1b:b5:6d:58:8d:41:e9:f3:2c:42: 44:bd:93:58:6c:63:3e:04:12:91:2f:00:c4:83:51: 1e:f3:f5:ef:ca:8f:6d:32:5b:9f:54:eb:8a:44:a5: 58:63:03:d4:58:9b:36:e8:d8:34:21:f2:40:02:97: 73:8a:89:25:ae:b5:87:49:f7:db:13:1c:55:ca:ec: 46:8a:49:e3:5d:2a:63:a9:18:b1:6b:32:74:4a:fe: 68:7f:3f:97:59:79:d2:a1:7f:5b:bc:b1:0d:ab:99: 84:2e:a4:33:c4:c7:6d:2d:ac:5f:5e:ca:3d:bc:3f: 5c:79:09:90:75:e3:47:1f:65:6a:5c:c8:13:8e:fe: db:d3:f6:81:f1:33:f1:05:24:f3:34:5d:0b:5f:90: cd:19:e7:b9:77:5b:50:c3:89:be:73:25:6b:eb:c4: 15:72:9e:9e:70:78:e9:c1:d3:6a:e0:26:39:c9:9f: 4a:ea:4b:7b:75:c0:aa:fd:0c:72:35:7b:e8:9c:9c: 8e:3f:9d:bf:b5:97:f4:80:67:b2:9b:53:4e:be:85: 14:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:55:1B:AB:39:E6:0A:71:09:DE:B2:A8:7E:AF:15:29:FD:E2:4D:37 X509v3 Authority Key Identifier: keyid:25:57:2E:8F:93:B1:8A:40:1C:FE:CD:F6:25:86:78:38:58:CC:5F:14 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JVcuj5OxikAc_s32JYZ4OFjMXxQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/SFUbqznmCnEJ3rKofq8VKf3iTTc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/JVcuj5OxikAc_s32JYZ4OFjMXxQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.114.124.0/22 192.162.228.0-192.162.230.255 IPv6: 2001:67c:2274::/48 2a06:6f00::/29 Signature Algorithm: sha256WithRSAEncryption 79:e3:c4:bd:35:54:f8:5b:3a:44:b4:f2:f9:34:c8:79:c2:22: fb:1a:5f:b4:f5:0b:d5:db:96:32:7f:6a:dd:60:18:a1:41:03: 8e:69:00:ca:27:54:a0:cf:45:fd:c4:87:59:3e:96:36:a7:61: d3:1f:61:38:80:5d:48:39:74:81:15:9c:48:5e:78:48:d6:cc: 86:95:ca:50:ae:7e:ca:d8:93:3f:12:58:12:03:b0:8c:24:e7: 35:97:5e:4b:eb:a3:8b:3f:4c:0e:a9:41:9f:ac:f4:5c:c7:f5: 6d:33:d9:05:18:99:67:58:e2:c0:29:19:5d:10:ce:87:15:05: 1c:cf:33:df:85:ff:cc:25:fd:81:d6:fa:2a:07:2e:8e:13:7c: b0:da:16:cd:6b:cb:27:26:49:6f:0b:e3:56:12:73:de:ee:23: ea:f2:d7:f2:d7:87:ac:43:4d:90:a5:c9:76:a0:c2:0c:fb:e2: c1:03:f8:76:db:b4:fd:83:70:48:c0:90:42:11:17:77:02:4e: a1:78:53:bc:3f:14:39:26:ab:b8:97:db:b5:bb:fa:35:d7:a7: ec:69:e0:17:ca:9e:9b:ee:f7:4d:bc:8e:22:42:5e:8f:65:73: 3d:e1:6b:3e:4e:3f:5f:6d:62:8e:c4:36:88:3d:44:5a:43:13: f5:dc:d7:2b -----BEGIN CERTIFICATE----- MIIFIzCCBAugAwIBAgISAZt6W4rQ0TXIhrf3Higa/ZW2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI1NTcyZThmOTNiMThhNDAxY2ZlY2RmNjI1ODY3ODM4NThj YzVmMTQwHhcNMjYwMTAxMTYxOTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ODU1MWJhYjM5ZTYwYTcxMDlkZWIyYTg3ZWFmMTUyOWZkZTI0ZDM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEfP0zjib6PuSgwJgNu2/hpypnFZ tu8Il+qu2BAVqwPRacvdtAeOv2+/WN8UPCO/Axu1bViNQenzLEJEvZNYbGM+BBKR LwDEg1Ee8/Xvyo9tMlufVOuKRKVYYwPUWJs26Ng0IfJAApdzioklrrWHSffbExxV yuxGiknjXSpjqRixazJ0Sv5ofz+XWXnSoX9bvLENq5mELqQzxMdtLaxfXso9vD9c eQmQdeNHH2VqXMgTjv7b0/aB8TPxBSTzNF0LX5DNGee5d1tQw4m+cyVr68QVcp6e cHjpwdNq4CY5yZ9K6kt7dcCq/QxyNXvonJyOP52/tZf0gGeym1NOvoUUMQIDAQAB o4ICLzCCAiswHQYDVR0OBBYEFEhVG6s55gpxCd6yqH6vFSn94k03MB8GA1UdIwQY MBaAFCVXLo+TsYpAHP7N9iWGeDhYzF8UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSlZjdWo1T3hpa0FjX3MzMkpZWjRPRmpNWHhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80YjFhMzUtNGE4NC00MTRiLWIwNzMt NjZkMzVlNTI1MDM5LzEvU0ZVYnF6bm1DbkVKM3JLb2ZxOFZLZjNpVFRjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC80YjFhMzUtNGE4NC00MTRiLWIwNzMtNjZkMzVlNTI1MDM5 LzEvSlZjdWo1T3hpa0FjX3MzMkpZWjRPRmpNWHhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAaBAIAATAUAwQCuXJ8MAwD BALAouQDBADAouYwFgQCAAIwEAMHACABBnwidAMFAyoGbwAwDQYJKoZIhvcNAQEL BQADggEBAHnjxL01VPhbOkS08vk0yHnCIvsaX7T1C9XbljJ/at1gGKFBA45pAMon VKDPRf3Eh1k+ljanYdMfYTiAXUg5dIEVnEheeEjWzIaVylCufsrYkz8SWBIDsIwk 5zWXXkvro4s/TA6pQZ+s9FzH9W0z2QUYmWdY4sApGV0QzocVBRzPM9+F/8wl/YHW +ioHLo4TfLDaFs1ryycmSW8L41YSc97uI+ry1/LXh6xDTZClyXagwgz74sED+Hbb tP2DcEjAkEIRF3cCTqF4U7w/FDkmq7iX27W7+jXXp+xp4BfKnpvu9028jiJCXo9l cz3haz5OP19tYo7ENog9RFpDE/Xc1ys= -----END CERTIFICATE-----Generated at Tue Feb 10 03:12:00 2026 by rpki-client