This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/sohX7LbuAHcvqGne2pID4PK53cs.roa File: sohX7LbuAHcvqGne2pID4PK53cs.roa (raw, json) Hash identifier: pnEuUuyYA2H3GexHsPga00jBAH2t730CNd994bqMDuA= Subject key identifier: B2:88:57:EC:B6:EE:00:77:2F:A8:69:DE:DA:92:03:E0:F2:B9:DD:CB Certificate issuer: /CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7 Certificate serial: 019B7EA735155D2E22BDF5AC8E5065CA9C2B Authority key identifier: 2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/sohX7LbuAHcvqGne2pID4PK53cs.roa Signing time: Fri 02 Jan 2026 12:20:45 +0000 ROA not before: Fri 02 Jan 2026 12:20:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207986 IP address blocks: 31.130.140.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/LHHJYAXhOoSj8x7x2ZF3f0tuMac.crl rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/LHHJYAXhOoSj8x7x2ZF3f0tuMac.mft rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 06:01:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:35:15:5d:2e:22:bd:f5:ac:8e:50:65:ca:9c:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7 Validity Not Before: Jan 2 12:20:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b28857ecb6ee00772fa869deda9203e0f2b9ddcb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:0b:03:55:fd:8f:de:21:fb:df:10:2f:d8:ec: fc:fd:7d:68:c8:13:77:0e:21:95:25:f8:60:f4:d5: 5d:82:22:33:81:d8:6b:72:43:ae:5d:11:a0:4b:c2: 34:87:6e:8e:8a:92:0d:67:8f:c6:28:d3:c3:60:e5: 4e:3e:6b:4d:af:fe:02:78:8b:84:aa:81:6c:11:00: 16:c8:fc:a5:30:2d:77:87:1a:c4:18:ca:a0:ba:29: a2:54:51:27:63:4e:f2:5b:cb:46:24:1e:30:86:ba: 44:c7:13:09:11:54:3d:b9:9e:ca:ae:13:66:58:e6: 3a:28:97:bb:c4:fa:d1:04:7e:17:a6:8e:35:89:92: f4:0c:bb:0d:61:14:a9:24:ce:79:b0:b4:27:31:57: a3:49:d0:5b:ae:11:88:e6:3e:4d:c8:55:ce:9b:b7: 93:03:7d:16:4d:01:8a:45:38:72:b1:1b:b0:c8:96: 18:49:50:40:49:4b:8d:96:14:cc:2b:d8:87:59:e9: db:22:2c:b9:85:59:b5:5d:31:7a:13:1f:64:b0:54: 1b:79:0a:52:31:9f:b6:a7:37:65:16:4f:9d:bd:2f: c1:0b:51:0e:33:33:a6:79:72:9e:b2:4b:3a:c9:57: d5:05:d1:02:47:c6:b7:1e:12:ba:d6:12:ea:dd:04: 25:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:88:57:EC:B6:EE:00:77:2F:A8:69:DE:DA:92:03:E0:F2:B9:DD:CB X509v3 Authority Key Identifier: keyid:2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/sohX7LbuAHcvqGne2pID4PK53cs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/LHHJYAXhOoSj8x7x2ZF3f0tuMac.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.130.140.0/22 Signature Algorithm: sha256WithRSAEncryption 58:97:27:82:1d:f3:56:94:58:0c:c0:68:65:e7:46:76:1a:d9: 33:8b:98:43:9a:9b:11:0d:fe:d7:55:57:d0:ba:f2:95:69:ab: c6:b0:27:0e:7e:03:64:0a:04:42:7d:0f:53:9e:5d:78:e4:0d: 6f:95:f3:69:12:61:ad:85:09:9d:f4:e6:a6:75:d5:c7:11:44: 8d:bc:db:77:09:3b:49:cf:e9:04:47:8a:f2:55:76:2c:db:77: f7:7d:35:7e:e2:5b:60:55:9f:03:9f:8b:b6:95:39:c4:8c:c6: b3:06:94:fe:d0:13:5c:d3:cf:6c:58:0d:7a:2e:5e:7b:f2:f6: 75:3e:78:c5:b2:b2:27:3d:55:0f:46:ec:bd:70:9e:75:9e:75: 1f:bd:d0:aa:70:67:d3:0d:bb:30:67:08:f8:ff:d8:8c:f9:44: a9:e7:74:69:93:4e:95:6c:35:ef:0c:5b:38:20:bd:e4:ba:60: 39:e0:71:79:02:30:1e:c4:51:f5:0d:b7:11:9c:7f:71:f2:91: 72:3c:43:dc:c1:6a:61:7a:9b:86:ce:a3:8c:51:e5:7c:10:94: 70:60:71:a8:80:98:6b:c8:6c:ad:36:a5:7c:b1:52:4d:4c:f2: 9a:39:a1:89:65:e5:9a:87:3e:6a:52:41:3f:22:af:7a:bd:0e: 44:35:cc:a7 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+pzUVXS4ivfWsjlBlypwrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJjNzFjOTYwMDVlMTNhODRhM2YzMWVmMWQ5OTE3NzdmNGI2 ZTMxYTcwHhcNMjYwMTAyMTIyMDQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMjg4NTdlY2I2ZWUwMDc3MmZhODY5ZGVkYTkyMDNlMGYyYjlkZGNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQsDVf2P3iH73xAv2Oz8/X1oyBN3 DiGVJfhg9NVdgiIzgdhrckOuXRGgS8I0h26OipINZ4/GKNPDYOVOPmtNr/4CeIuE qoFsEQAWyPylMC13hxrEGMqguimiVFEnY07yW8tGJB4whrpExxMJEVQ9uZ7KrhNm WOY6KJe7xPrRBH4Xpo41iZL0DLsNYRSpJM55sLQnMVejSdBbrhGI5j5NyFXOm7eT A30WTQGKRThysRuwyJYYSVBASUuNlhTMK9iHWenbIiy5hVm1XTF6Ex9ksFQbeQpS MZ+2pzdlFk+dvS/BC1EOMzOmeXKesks6yVfVBdECR8a3HhK61hLq3QQlXwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFLKIV+y27gB3L6hp3tqSA+Dyud3LMB8GA1UdIwQY MBaAFCxxyWAF4TqEo/Me8dmRd39LbjGnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTEhISllBWGhPb1NqOHg3eDJaRjNmMHR1TWFjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mYTM1NDQtMTAyNS00ZThmLWE4ZmUt N2EyOGFmMjljZGMyLzEvc29oWDdMYnVBSGN2cUduZTJwSUQ0UEs1M2NzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZi9mYTM1NDQtMTAyNS00ZThmLWE4ZmUtN2EyOGFmMjljZGMy LzEvTEhISllBWGhPb1NqOHg3eDJaRjNmMHR1TWFjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCH4KMMA0G CSqGSIb3DQEBCwUAA4IBAQBYlyeCHfNWlFgMwGhl50Z2Gtkzi5hDmpsRDf7XVVfQ uvKVaavGsCcOfgNkCgRCfQ9Tnl145A1vlfNpEmGthQmd9OamddXHEUSNvNt3CTtJ z+kER4ryVXYs23f3fTV+4ltgVZ8Dn4u2lTnEjMazBpT+0BNc089sWA16Ll578vZ1 PnjFsrInPVUPRuy9cJ51nnUfvdCqcGfTDbswZwj4/9iM+USp53Rpk06VbDXvDFs4 IL3kumA54HF5AjAexFH1DbcRnH9x8pFyPEPcwWphepuGzqOMUeV8EJRwYHGogJhr yGytNqV8sVJNTPKaOaGJZeWahz5qUkE/Iq96vQ5ENcyn -----END CERTIFICATE-----Generated at Wed Jan 21 14:10:54 2026 by rpki-client