This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/fd7af2-5036-42ac-a3f7-d596ec14ee2e/1/ALRri6kgiQCaJnYBd8e-iNH8nUk.roa File: ALRri6kgiQCaJnYBd8e-iNH8nUk.roa (raw, json) Hash identifier: bRi9PCHK9wO56WGyzaQUXDtECAlJgx3ISDb8+1dq0Jk= Subject key identifier: 00:B4:6B:8B:A9:20:89:00:9A:26:76:01:77:C7:BE:88:D1:FC:9D:49 Certificate issuer: /CN=41c8d0241108b01f5eb708fe8bbb847d53a30f16 Certificate serial: 019B7C804EBBFD6EA3F4D9B0CBB3CC490131 Authority key identifier: 41:C8:D0:24:11:08:B0:1F:5E:B7:08:FE:8B:BB:84:7D:53:A3:0F:16 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QcjQJBEIsB9etwj-i7uEfVOjDxY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/fd7af2-5036-42ac-a3f7-d596ec14ee2e/1/ALRri6kgiQCaJnYBd8e-iNH8nUk.roa Signing time: Fri 02 Jan 2026 02:19:01 +0000 ROA not before: Fri 02 Jan 2026 02:19:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201160 IP address blocks: 185.163.32.0/24 maxlen: 24 185.163.33.0/24 maxlen: 24 185.163.34.0/24 maxlen: 24 185.163.35.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/fd7af2-5036-42ac-a3f7-d596ec14ee2e/1/QcjQJBEIsB9etwj-i7uEfVOjDxY.crl rsync://rpki.ripe.net/repository/DEFAULT/ce/fd7af2-5036-42ac-a3f7-d596ec14ee2e/1/QcjQJBEIsB9etwj-i7uEfVOjDxY.mft rsync://rpki.ripe.net/repository/DEFAULT/QcjQJBEIsB9etwj-i7uEfVOjDxY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 14:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:4e:bb:fd:6e:a3:f4:d9:b0:cb:b3:cc:49:01:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41c8d0241108b01f5eb708fe8bbb847d53a30f16 Validity Not Before: Jan 2 02:19:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=00b46b8ba92089009a26760177c7be88d1fc9d49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:31:65:bc:65:16:50:ea:84:11:ce:99:07:d5: 31:67:79:f1:78:07:64:5a:c2:60:50:9f:f2:2b:79: af:44:d2:2d:c7:1e:21:79:d6:d7:42:ef:4f:7d:b4: e5:ab:24:5f:9f:03:3b:27:29:2f:50:c6:a7:e1:97: f6:9c:b3:c6:84:ad:09:0e:dc:66:94:4a:d3:49:cc: 8c:42:d1:16:fb:cf:4e:5b:62:5d:6e:cd:b8:51:2b: 28:be:a0:01:05:04:11:9d:ec:5f:46:a4:d5:ed:5a: 3a:14:4f:a4:8f:9e:7d:c7:08:22:80:96:64:a2:e8: 77:09:d2:c6:1a:8c:e8:a8:29:8c:7c:8c:6b:68:6e: 3b:f4:65:80:9a:4b:d5:da:b6:3f:dd:62:05:11:ae: 75:2f:53:19:43:d3:11:e3:35:43:a4:18:c6:cb:b2: 4d:84:7c:d0:d3:9b:7a:da:63:ec:e1:fb:20:a2:7a: a8:34:e5:8c:1c:3a:00:92:d0:73:2c:06:fc:67:49: d5:34:18:30:cc:ac:72:a3:25:ae:c4:5c:d1:19:7c: 94:6b:9a:47:d7:f0:40:68:70:b1:be:aa:65:1a:82: 31:34:43:cb:6e:37:a5:79:0e:80:76:17:2e:58:41: 9b:c1:4e:af:10:74:2e:e6:3a:14:10:34:66:95:ca: 63:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:B4:6B:8B:A9:20:89:00:9A:26:76:01:77:C7:BE:88:D1:FC:9D:49 X509v3 Authority Key Identifier: keyid:41:C8:D0:24:11:08:B0:1F:5E:B7:08:FE:8B:BB:84:7D:53:A3:0F:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QcjQJBEIsB9etwj-i7uEfVOjDxY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/fd7af2-5036-42ac-a3f7-d596ec14ee2e/1/ALRri6kgiQCaJnYBd8e-iNH8nUk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/fd7af2-5036-42ac-a3f7-d596ec14ee2e/1/QcjQJBEIsB9etwj-i7uEfVOjDxY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.163.32.0/22 Signature Algorithm: sha256WithRSAEncryption 5d:d3:e8:c1:b3:45:b2:6c:84:14:dd:25:72:a8:db:4b:c9:16: 2e:a5:85:d2:79:d1:95:d5:48:36:6e:a0:8c:ff:14:00:c7:78: 34:50:1a:db:35:c7:a7:70:f5:86:a9:f6:1c:26:34:cf:70:f8: c1:ac:47:e1:94:15:00:c1:85:1e:97:9d:1c:e3:19:e3:83:bb: 8e:a6:bc:94:33:60:84:0a:4f:db:5b:e3:3c:24:5c:8c:48:73: cf:fa:07:c9:c7:ed:84:79:e1:15:b0:e3:5c:47:30:3d:e6:4d: bc:8b:66:bd:bf:8a:70:ee:d0:05:3b:a6:1b:49:1b:dd:33:7f: 9c:e2:1e:aa:fb:c5:69:b8:3b:57:d1:aa:14:d3:01:5d:84:c2: ad:c7:2a:28:05:b1:86:c4:01:e8:ca:f5:33:86:2c:c5:4f:ba: 37:fb:97:c8:de:2f:fb:15:45:78:21:43:f5:2a:b9:3b:45:1a: 40:f3:67:0a:7a:84:86:bd:52:1e:0c:b8:2f:d5:fd:dd:cb:52: 11:6f:d1:d2:79:43:5b:c1:3e:36:ae:7d:2e:32:e0:bb:b8:db: 5b:05:0d:bb:a0:5d:93:10:71:60:03:ce:61:4d:20:1b:7d:32: 61:16:af:9f:9b:b1:a6:c4:7f:69:c5:50:f5:cb:ed:58:8f:1a: 82:7b:d5:7c -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt8gE67/W6j9Nmwy7PMSQExMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxYzhkMDI0MTEwOGIwMWY1ZWI3MDhmZThiYmI4NDdkNTNh MzBmMTYwHhcNMjYwMTAyMDIxOTAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMGI0NmI4YmE5MjA4OTAwOWEyNjc2MDE3N2M3YmU4OGQxZmM5ZDQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDFlvGUWUOqEEc6ZB9UxZ3nxeAdk WsJgUJ/yK3mvRNItxx4hedbXQu9PfbTlqyRfnwM7JykvUMan4Zf2nLPGhK0JDtxm lErTScyMQtEW+89OW2Jdbs24USsovqABBQQRnexfRqTV7Vo6FE+kj559xwgigJZk ouh3CdLGGozoqCmMfIxraG479GWAmkvV2rY/3WIFEa51L1MZQ9MR4zVDpBjGy7JN hHzQ05t62mPs4fsgonqoNOWMHDoAktBzLAb8Z0nVNBgwzKxyoyWuxFzRGXyUa5pH 1/BAaHCxvqplGoIxNEPLbjeleQ6AdhcuWEGbwU6vEHQu5joUEDRmlcpjrQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFAC0a4upIIkAmiZ2AXfHvojR/J1JMB8GA1UdIwQY MBaAFEHI0CQRCLAfXrcI/ou7hH1Tow8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUWNqUUpCRUlzQjlldHdqLWk3dUVmVk9qRHhZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9mZDdhZjItNTAzNi00MmFjLWEzZjct ZDU5NmVjMTRlZTJlLzEvQUxScmk2a2dpUUNhSm5ZQmQ4ZS1pTkg4blVrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZS9mZDdhZjItNTAzNi00MmFjLWEzZjctZDU5NmVjMTRlZTJl LzEvUWNqUUpCRUlzQjlldHdqLWk3dUVmVk9qRHhZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaMgMA0G CSqGSIb3DQEBCwUAA4IBAQBd0+jBs0WybIQU3SVyqNtLyRYupYXSedGV1Ug2bqCM /xQAx3g0UBrbNcencPWGqfYcJjTPcPjBrEfhlBUAwYUel50c4xnjg7uOpryUM2CE Ck/bW+M8JFyMSHPP+gfJx+2EeeEVsONcRzA95k28i2a9v4pw7tAFO6YbSRvdM3+c 4h6q+8VpuDtX0aoU0wFdhMKtxyooBbGGxAHoyvUzhizFT7o3+5fI3i/7FUV4IUP1 Krk7RRpA82cKeoSGvVIeDLgv1f3dy1IRb9HSeUNbwT42rn0uMuC7uNtbBQ27oF2T EHFgA85hTSAbfTJhFq+fm7GmxH9pxVD1y+1YjxqCe9V8 -----END CERTIFICATE-----Generated at Wed Jan 21 17:16:20 2026 by rpki-client