This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/AlKyY1UFKLIiSwkNxpsgmdrM60E.roa File: AlKyY1UFKLIiSwkNxpsgmdrM60E.roa (raw, json) Hash identifier: RVsM/xgSLkhzfMVV3ZGsMCowRm3BI62GEPj6ptHzyso= Subject key identifier: 02:52:B2:63:55:05:28:B2:22:4B:09:0D:C6:9B:20:99:DA:CC:EB:41 Certificate issuer: /CN=ba0d738dd28ff2549456ce66e744898372fc503d Certificate serial: 019B7E37F5665570897F16123B6AA4431A23 Authority key identifier: BA:0D:73:8D:D2:8F:F2:54:94:56:CE:66:E7:44:89:83:72:FC:50:3D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ug1zjdKP8lSUVs5m50SJg3L8UD0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/AlKyY1UFKLIiSwkNxpsgmdrM60E.roa Signing time: Fri 02 Jan 2026 10:19:15 +0000 ROA not before: Fri 02 Jan 2026 10:19:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 64407 IP address blocks: 185.66.123.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/ug1zjdKP8lSUVs5m50SJg3L8UD0.crl rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/ug1zjdKP8lSUVs5m50SJg3L8UD0.mft rsync://rpki.ripe.net/repository/DEFAULT/ug1zjdKP8lSUVs5m50SJg3L8UD0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:f5:66:55:70:89:7f:16:12:3b:6a:a4:43:1a:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ba0d738dd28ff2549456ce66e744898372fc503d Validity Not Before: Jan 2 10:19:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0252b263550528b2224b090dc69b2099dacceb41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:c0:b1:0b:4f:ee:fc:78:48:c3:fe:f2:f4:65: 8d:d7:69:ae:f9:d0:b9:5b:e7:dd:a9:1a:12:1a:6f: 3b:22:14:0f:37:64:41:a7:fd:f8:a8:78:84:53:68: cf:7a:4f:d3:c3:31:42:1a:bd:f4:f1:cc:cf:2b:6b: f5:21:9b:28:82:f3:eb:cc:f7:0c:93:7c:0d:6f:b1: 07:5b:05:4c:6a:8b:46:cc:70:8e:c7:a8:a7:13:f0: cb:b6:77:3e:10:f4:39:f7:d5:91:e1:27:e5:14:ad: 37:d2:60:ee:d9:ab:f6:bc:7d:fe:75:e8:56:4b:ec: 2b:a5:5e:c9:ef:65:a4:dc:4c:5c:43:e6:12:1c:08: 14:0d:71:a7:ec:62:0e:72:ed:5a:68:ed:34:27:46: b9:42:84:52:f9:d8:db:33:b5:86:f2:24:85:4e:54: a1:ad:0b:20:01:f8:eb:a3:b9:81:e2:6e:1b:b2:a1: cf:6c:63:bd:2b:34:f5:ad:04:90:83:cd:98:f9:9e: 94:ad:54:50:f4:da:50:ff:d7:bd:e0:09:a2:c8:1a: 31:3a:3f:72:37:6a:9e:76:c1:86:e2:e7:5d:66:8a: dc:04:a3:42:ad:ce:63:8a:c9:0c:be:66:6b:6b:26: 5f:5a:4e:cb:9d:b3:71:cb:a7:e6:f8:29:61:7d:53: fc:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:52:B2:63:55:05:28:B2:22:4B:09:0D:C6:9B:20:99:DA:CC:EB:41 X509v3 Authority Key Identifier: keyid:BA:0D:73:8D:D2:8F:F2:54:94:56:CE:66:E7:44:89:83:72:FC:50:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ug1zjdKP8lSUVs5m50SJg3L8UD0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/AlKyY1UFKLIiSwkNxpsgmdrM60E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/ug1zjdKP8lSUVs5m50SJg3L8UD0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.66.123.0/24 Signature Algorithm: sha256WithRSAEncryption a4:97:0f:a6:f2:e1:5e:48:28:bb:bd:b5:7a:2a:8e:fd:d9:4d: 37:aa:a2:5d:77:94:81:29:25:68:9a:05:f5:14:c9:cf:6c:c7: c2:28:43:22:c7:e7:6c:e6:7b:10:d5:4b:0f:1a:d5:bc:4f:3e: 8c:fa:1e:68:94:fa:a0:2e:8c:cc:c2:c7:5c:b3:e8:fc:9d:e6: 68:6e:06:3a:a3:de:78:29:7a:41:96:31:14:9e:d9:b5:c0:ff: c3:8a:16:ff:00:35:6a:7f:27:16:5f:ef:1b:7c:16:0f:df:ed: ff:ee:3f:b5:e7:17:90:9e:88:61:d8:19:6f:61:95:d9:86:30: 1b:0b:b8:d4:4b:47:a6:f2:b2:73:6e:c7:95:03:1f:3d:f9:61: 72:43:98:be:d8:ba:5b:58:f8:88:b5:1e:00:6e:9f:af:04:a5: ef:25:a5:1b:ec:b8:39:ca:ee:9a:2a:1a:6c:a1:b8:a3:cf:93: 0c:c2:6f:3b:ae:55:b5:75:ba:ac:23:bc:80:42:94:8d:c4:f1: 4f:72:12:c5:02:a0:0a:4d:af:14:c3:75:a7:ef:ff:1a:77:72: 28:81:02:e6:cc:0b:11:cb:4d:ea:9d:a9:61:43:ef:a2:ed:47: 54:02:7b:50:da:cc:6c:24:b7:99:9e:23:72:3b:17:42:a9:d3: 77:3b:35:90 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+N/VmVXCJfxYSO2qkQxojMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhMGQ3MzhkZDI4ZmYyNTQ5NDU2Y2U2NmU3NDQ4OTgzNzJm YzUwM2QwHhcNMjYwMTAyMTAxOTE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMjUyYjI2MzU1MDUyOGIyMjI0YjA5MGRjNjliMjA5OWRhY2NlYjQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8MCxC0/u/HhIw/7y9GWN12mu+dC5 W+fdqRoSGm87IhQPN2RBp/34qHiEU2jPek/TwzFCGr308czPK2v1IZsogvPrzPcM k3wNb7EHWwVMaotGzHCOx6inE/DLtnc+EPQ599WR4SflFK030mDu2av2vH3+dehW S+wrpV7J72Wk3ExcQ+YSHAgUDXGn7GIOcu1aaO00J0a5QoRS+djbM7WG8iSFTlSh rQsgAfjro7mB4m4bsqHPbGO9KzT1rQSQg82Y+Z6UrVRQ9NpQ/9e94AmiyBoxOj9y N2qedsGG4uddZorcBKNCrc5jiskMvmZrayZfWk7LnbNxy6fm+ClhfVP8gwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFAJSsmNVBSiyIksJDcabIJnazOtBMB8GA1UdIwQY MBaAFLoNc43Sj/JUlFbOZudEiYNy/FA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdWcxempkS1A4bFNVVnM1bTUwU0pnM0w4VUQwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8xY2Q3NmMtMDIwMS00NzAzLThlZDYt YmViNmRhMDM3NTVlLzEvQWxLeVkxVUZLTElpU3drTnhwc2dtZHJNNjBFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC8xY2Q3NmMtMDIwMS00NzAzLThlZDYtYmViNmRhMDM3NTVl LzEvdWcxempkS1A4bFNVVnM1bTUwU0pnM0w4VUQwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUJ7MA0G CSqGSIb3DQEBCwUAA4IBAQCklw+m8uFeSCi7vbV6Ko792U03qqJdd5SBKSVomgX1 FMnPbMfCKEMix+ds5nsQ1UsPGtW8Tz6M+h5olPqgLozMwsdcs+j8neZobgY6o954 KXpBljEUntm1wP/Dihb/ADVqfycWX+8bfBYP3+3/7j+15xeQnohh2BlvYZXZhjAb C7jUS0em8rJzbseVAx89+WFyQ5i+2LpbWPiItR4Abp+vBKXvJaUb7Lg5yu6aKhps obijz5MMwm87rlW1dbqsI7yAQpSNxPFPchLFAqAKTa8Uw3Wn7/8ad3IogQLmzAsR y03qnalhQ++i7UdUAntQ2sxsJLeZniNyOxdCqdN3OzWQ -----END CERTIFICATE-----Generated at Mon Feb 9 18:43:48 2026 by rpki-client