This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/4SontICRZepqhi2c2wljkxPah0s.roa File: 4SontICRZepqhi2c2wljkxPah0s.roa (raw, json) Hash identifier: Nimrgsb188scWuYKAZEhB2xd2ymPPPU3TB5W7QzdKF4= Subject key identifier: E1:2A:27:B4:80:91:65:EA:6A:86:2D:9C:DB:09:63:93:13:DA:87:4B Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702 Certificate serial: 019BF97284F6C28EFF3F393062E037877C42 Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/4SontICRZepqhi2c2wljkxPah0s.roa Signing time: Mon 26 Jan 2026 08:36:30 +0000 ROA not before: Mon 26 Jan 2026 08:36:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198154 IP address blocks: 85.133.195.0/24 maxlen: 24 85.133.221.0/24 maxlen: 24 85.133.225.0/24 maxlen: 24 85.133.230.0/24 maxlen: 24 85.133.248.0/24 maxlen: 24 85.133.250.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.mft rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f9:72:84:f6:c2:8e:ff:3f:39:30:62:e0:37:87:7c:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702 Validity Not Before: Jan 26 08:36:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e12a27b4809165ea6a862d9cdb09639313da874b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:3a:c5:5b:58:8a:a5:06:26:cf:56:d8:d3:0f: e2:a5:34:40:35:dc:2f:ab:fe:e9:fa:1c:a1:82:d9: 59:b2:59:54:ca:bb:ce:29:4c:bd:ac:5e:6f:68:45: 4f:31:76:24:e0:e7:7d:99:52:01:48:fb:7e:74:f6: bf:3e:b4:dd:64:4a:f6:0b:d2:f2:47:c2:69:7d:52: 78:4c:d9:4d:a7:1d:ec:11:5f:c5:8d:81:11:12:a8: e0:6e:51:c7:88:9a:f6:34:66:27:8f:1c:c5:b0:7d: de:b2:13:54:32:e3:2c:e1:1a:fe:f5:d8:87:a8:ee: 49:e3:85:3e:98:e4:c6:4b:f8:36:e5:c0:d4:68:15: 43:40:5e:95:ae:cf:da:6e:ad:e9:7a:e9:61:55:e6: 29:d1:ff:42:27:07:d8:59:df:d9:7b:2b:47:4a:c1: 71:3f:d3:3e:8f:9f:a6:5a:a1:8f:83:ef:d8:e1:ea: 7d:9e:37:11:4e:4f:3d:7c:59:3b:00:a8:38:07:2c: a0:6d:4f:2f:95:0c:52:e6:25:7f:f5:96:d2:9c:dd: 78:49:62:c5:11:a4:0d:55:99:41:10:54:f3:98:82: 17:a8:e6:85:cb:44:46:91:1f:87:39:6b:b7:2c:66: bc:cc:b6:b0:b5:65:b2:46:ec:bb:cb:53:99:5e:f5: 1e:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:2A:27:B4:80:91:65:EA:6A:86:2D:9C:DB:09:63:93:13:DA:87:4B X509v3 Authority Key Identifier: keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/4SontICRZepqhi2c2wljkxPah0s.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.133.195.0/24 85.133.221.0/24 85.133.225.0/24 85.133.230.0/24 85.133.248.0/24 85.133.250.0/24 Signature Algorithm: sha256WithRSAEncryption 89:23:dc:69:19:2f:93:bd:f1:36:cc:5a:a0:ef:05:0f:2a:59: e5:aa:d8:69:33:77:ca:b4:96:d2:b9:6d:d1:a9:20:21:70:3e: 4b:6c:a1:18:3e:85:a1:55:3f:09:ba:31:c9:57:e9:7f:98:7c: e9:0b:98:f2:21:a9:a0:34:94:2c:1a:c5:a7:45:ce:5a:de:ea: 40:eb:15:b3:37:97:9f:b3:f1:bf:21:56:ff:2e:16:ab:27:f9: 77:f3:17:ef:bc:e6:a9:c2:36:be:e5:5a:93:87:5d:94:b5:6b: 44:3a:ff:ab:5c:c8:e9:03:52:0b:49:06:7c:bd:79:a7:23:72: bc:af:f3:a3:51:9d:54:db:a7:a7:e0:67:4c:a9:cb:f8:1c:82: 27:9b:e9:2b:86:2a:8b:f5:76:98:bc:4e:58:74:73:2b:1e:21: ca:e5:68:17:ef:b6:af:81:2a:2b:ef:33:83:fa:21:b4:00:9a: 50:17:41:f7:7b:c4:02:30:cd:ed:2d:78:ed:2e:d5:04:0e:e2: f3:62:fa:64:2d:83:d5:fb:37:3a:91:4b:d2:5e:02:dc:13:61: 37:51:34:b2:78:f6:b5:11:36:43:01:f8:09:a2:82:78:99:f9: 5c:3f:41:30:a4:8e:bd:a1:c5:c7:cc:29:3d:32:f0:db:0f:82: 91:c3:68:a9 -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZv5coT2wo7/PzkwYuA3h3xCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5 NDY3MDIwHhcNMjYwMTI2MDgzNjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMTJhMjdiNDgwOTE2NWVhNmE4NjJkOWNkYjA5NjM5MzEzZGE4NzRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDrFW1iKpQYmz1bY0w/ipTRANdwv q/7p+hyhgtlZsllUyrvOKUy9rF5vaEVPMXYk4Od9mVIBSPt+dPa/PrTdZEr2C9Ly R8JpfVJ4TNlNpx3sEV/FjYEREqjgblHHiJr2NGYnjxzFsH3eshNUMuMs4Rr+9diH qO5J44U+mOTGS/g25cDUaBVDQF6Vrs/abq3peulhVeYp0f9CJwfYWd/ZeytHSsFx P9M+j5+mWqGPg+/Y4ep9njcRTk89fFk7AKg4ByygbU8vlQxS5iV/9ZbSnN14SWLF EaQNVZlBEFTzmIIXqOaFy0RGkR+HOWu3LGa8zLawtWWyRuy7y1OZXvUe9QIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFOEqJ7SAkWXqaoYtnNsJY5MT2odLMB8GA1UdIwQY MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt NWQxZmE2NmMzNjNiLzEvNFNvbnRJQ1JaZXBxaGkyYzJ3bGpreFBhaDBzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVYXDAwQA VYXdAwQAVYXhAwQAVYXmAwQAVYX4AwQAVYX6MA0GCSqGSIb3DQEBCwUAA4IBAQCJ I9xpGS+TvfE2zFqg7wUPKlnlqthpM3fKtJbSuW3RqSAhcD5LbKEYPoWhVT8JujHJ V+l/mHzpC5jyIamgNJQsGsWnRc5a3upA6xWzN5efs/G/IVb/LharJ/l38xfvvOap wja+5VqTh12UtWtEOv+rXMjpA1ILSQZ8vXmnI3K8r/OjUZ1U26en4GdMqcv4HIIn m+krhiqL9XaYvE5YdHMrHiHK5WgX77avgSor7zOD+iG0AJpQF0H3e8QCMM3tLXjt LtUEDuLzYvpkLYPV+zc6kUvSXgLcE2E3UTSyePa1ETZDAfgJooJ4mflcP0EwpI69 ocXHzCk9MvDbD4KRw2ip -----END CERTIFICATE-----Generated at Mon Jan 26 20:42:31 2026 by rpki-client