This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/5bf30d-69eb-41a4-a90d-21b9f12d22f3/1/PKBAlxhxjbQl3V5bDnuBzljib9Q.roa File: PKBAlxhxjbQl3V5bDnuBzljib9Q.roa (raw, json) Hash identifier: eWzoIIDioxxQX7PyiTO6rBCtAXhu7H8TtLvFoqesiBg= Subject key identifier: 3C:A0:40:97:18:71:8D:B4:25:DD:5E:5B:0E:7B:81:CE:58:E2:6F:D4 Certificate issuer: /CN=6694f5b0fab5fed2df9535e2a9c029f187d55404 Certificate serial: 019B7FF1CB7F4CBA28E37AE9DC711B440FD5 Authority key identifier: 66:94:F5:B0:FA:B5:FE:D2:DF:95:35:E2:A9:C0:29:F1:87:D5:54:04 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZpT1sPq1_tLflTXiqcAp8YfVVAQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/5bf30d-69eb-41a4-a90d-21b9f12d22f3/1/PKBAlxhxjbQl3V5bDnuBzljib9Q.roa Signing time: Fri 02 Jan 2026 18:21:51 +0000 ROA not before: Fri 02 Jan 2026 18:21:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60609 IP address blocks: 185.251.204.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/5bf30d-69eb-41a4-a90d-21b9f12d22f3/1/ZpT1sPq1_tLflTXiqcAp8YfVVAQ.crl rsync://rpki.ripe.net/repository/DEFAULT/02/5bf30d-69eb-41a4-a90d-21b9f12d22f3/1/ZpT1sPq1_tLflTXiqcAp8YfVVAQ.mft rsync://rpki.ripe.net/repository/DEFAULT/ZpT1sPq1_tLflTXiqcAp8YfVVAQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 15:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f1:cb:7f:4c:ba:28:e3:7a:e9:dc:71:1b:44:0f:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6694f5b0fab5fed2df9535e2a9c029f187d55404 Validity Not Before: Jan 2 18:21:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3ca0409718718db425dd5e5b0e7b81ce58e26fd4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:07:de:27:b7:1f:c3:1e:4e:95:b4:b9:d5:69: 6a:37:a8:5d:5d:c1:b7:00:c4:9a:d9:11:ed:93:57: af:58:94:43:20:bf:a1:7c:8f:88:32:60:73:80:a8: 61:99:19:b2:5a:3b:2f:3a:27:89:00:e3:ce:6c:49: e7:a1:02:a8:4d:1f:cb:7b:b4:e9:b0:fa:9e:31:f4: 34:e8:af:58:6b:76:a1:ac:43:3d:8e:d2:f1:a0:bc: 3a:4b:c3:84:44:7e:16:e3:02:ef:7e:31:8d:78:88: f0:a9:80:84:ab:89:31:f2:fd:e7:05:2a:dc:32:eb: 0e:12:74:37:d3:b3:d4:1c:d6:0d:e0:53:3e:a6:cc: 80:dd:65:4e:e2:67:c5:2b:e4:a0:f3:9a:3d:a1:11: fd:c3:43:b0:28:33:e7:89:02:ba:bf:bb:2c:a2:ac: df:1f:86:ec:0d:ae:40:7f:1c:28:dd:b8:86:78:f9: 2f:32:bd:46:09:bc:56:ea:d7:57:50:7f:9b:90:a4: 71:4a:79:03:89:eb:76:44:fc:f4:3a:bc:07:46:29: 65:cc:72:51:40:31:db:66:e4:78:5d:79:73:8b:f4: b2:2f:d0:e2:36:aa:44:e2:59:2e:54:a6:ab:ca:1d: 6c:a9:62:52:24:94:10:3e:46:df:97:f8:99:3e:07: 84:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:A0:40:97:18:71:8D:B4:25:DD:5E:5B:0E:7B:81:CE:58:E2:6F:D4 X509v3 Authority Key Identifier: keyid:66:94:F5:B0:FA:B5:FE:D2:DF:95:35:E2:A9:C0:29:F1:87:D5:54:04 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZpT1sPq1_tLflTXiqcAp8YfVVAQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/5bf30d-69eb-41a4-a90d-21b9f12d22f3/1/PKBAlxhxjbQl3V5bDnuBzljib9Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/5bf30d-69eb-41a4-a90d-21b9f12d22f3/1/ZpT1sPq1_tLflTXiqcAp8YfVVAQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.251.204.0/22 Signature Algorithm: sha256WithRSAEncryption 34:9b:89:82:de:03:c2:6b:19:c1:51:61:fd:58:31:a1:80:30: f7:be:cf:46:26:20:81:fa:80:8a:1d:c8:7c:9f:89:41:da:55: 9d:79:32:23:f9:3c:93:4d:9a:77:99:fb:4a:81:c1:f0:a3:ce: ef:08:22:bc:68:94:49:c1:9f:98:b3:12:0f:b2:fc:9b:02:b5: e5:05:61:14:0b:56:fe:f8:e7:6b:10:34:6d:ed:11:7c:93:29: 3c:92:71:7f:b7:5e:08:b7:a1:cf:66:4a:22:dd:71:76:50:37: 64:53:d4:6a:33:fb:e6:d8:79:4c:04:f9:83:32:f2:97:d7:0a: eb:5b:b1:f0:4c:8c:15:b1:39:88:9b:26:78:0a:fc:19:9f:e2: f6:f0:9c:1f:4c:73:ac:fe:92:62:da:1f:33:85:4a:7a:8d:b9: 90:09:99:b4:b0:ae:ef:57:cb:c4:26:36:0d:8c:99:7e:e8:4f: 2c:d6:9c:b9:3f:2b:9c:27:86:10:a7:1b:fb:57:4b:73:46:95: db:eb:e7:48:7e:75:4a:ba:71:d6:49:8e:d2:af:06:b6:69:81: cf:5f:39:56:bb:c9:e2:7b:b1:0a:ff:b7:a7:6b:66:6c:c5:ef: e1:86:5d:9e:8a:6c:8f:2a:18:41:cd:90:03:85:bc:74:2f:19: f7:11:e8:2f -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/8ct/TLoo43rp3HEbRA/VMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY2OTRmNWIwZmFiNWZlZDJkZjk1MzVlMmE5YzAyOWYxODdk NTU0MDQwHhcNMjYwMTAyMTgyMTUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzY2EwNDA5NzE4NzE4ZGI0MjVkZDVlNWIwZTdiODFjZTU4ZTI2ZmQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygfeJ7cfwx5OlbS51WlqN6hdXcG3 AMSa2RHtk1evWJRDIL+hfI+IMmBzgKhhmRmyWjsvOieJAOPObEnnoQKoTR/Le7Tp sPqeMfQ06K9Ya3ahrEM9jtLxoLw6S8OERH4W4wLvfjGNeIjwqYCEq4kx8v3nBSrc MusOEnQ307PUHNYN4FM+psyA3WVO4mfFK+Sg85o9oRH9w0OwKDPniQK6v7ssoqzf H4bsDa5Afxwo3biGePkvMr1GCbxW6tdXUH+bkKRxSnkDiet2RPz0OrwHRillzHJR QDHbZuR4XXlzi/SyL9DiNqpE4lkuVKaryh1sqWJSJJQQPkbfl/iZPgeEfQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFDygQJcYcY20Jd1eWw57gc5Y4m/UMB8GA1UdIwQY MBaAFGaU9bD6tf7S35U14qnAKfGH1VQEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWnBUMXNQcTFfdExmbFRYaXFjQXA4WWZWVkFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi81YmYzMGQtNjllYi00MWE0LWE5MGQt MjFiOWYxMmQyMmYzLzEvUEtCQWx4aHhqYlFsM1Y1YkRudUJ6bGppYjlRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi81YmYzMGQtNjllYi00MWE0LWE5MGQtMjFiOWYxMmQyMmYz LzEvWnBUMXNQcTFfdExmbFRYaXFjQXA4WWZWVkFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufvMMA0G CSqGSIb3DQEBCwUAA4IBAQA0m4mC3gPCaxnBUWH9WDGhgDD3vs9GJiCB+oCKHch8 n4lB2lWdeTIj+TyTTZp3mftKgcHwo87vCCK8aJRJwZ+YsxIPsvybArXlBWEUC1b+ +OdrEDRt7RF8kyk8knF/t14It6HPZkoi3XF2UDdkU9RqM/vm2HlMBPmDMvKX1wrr W7HwTIwVsTmImyZ4CvwZn+L28JwfTHOs/pJi2h8zhUp6jbmQCZm0sK7vV8vEJjYN jJl+6E8s1py5PyucJ4YQpxv7V0tzRpXb6+dIfnVKunHWSY7Srwa2aYHPXzlWu8ni e7EK/7ena2Zsxe/hhl2eimyPKhhBzZADhbx0Lxn3Eegv -----END CERTIFICATE-----Generated at Sun Jan 25 23:50:12 2026 by rpki-client