This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/9d8b82-47ae-4e12-9a4d-782fe7092010/1/gefx2fr_MDXtvtuWxylmxEbY_9I.roa File: gefx2fr_MDXtvtuWxylmxEbY_9I.roa (raw, json) Hash identifier: DoV6a6Zcce+W+t7QXHihpVY0/SyCf2V+1wNo94geZZ0= Subject key identifier: 81:E7:F1:D9:FA:FF:30:35:ED:BE:DB:96:C7:29:66:C4:46:D8:FF:D2 Certificate issuer: /CN=abf587571c0c698458c385b15d60c7f08c70b6fe Certificate serial: 019B7C12F393F890650DD968ED1447C8F02F Authority key identifier: AB:F5:87:57:1C:0C:69:84:58:C3:85:B1:5D:60:C7:F0:8C:70:B6:FE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q_WHVxwMaYRYw4WxXWDH8Ixwtv4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/9d8b82-47ae-4e12-9a4d-782fe7092010/1/gefx2fr_MDXtvtuWxylmxEbY_9I.roa Signing time: Fri 02 Jan 2026 00:19:34 +0000 ROA not before: Fri 02 Jan 2026 00:19:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200984 IP address blocks: 2.58.184.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/9d8b82-47ae-4e12-9a4d-782fe7092010/1/q_WHVxwMaYRYw4WxXWDH8Ixwtv4.crl rsync://rpki.ripe.net/repository/DEFAULT/02/9d8b82-47ae-4e12-9a4d-782fe7092010/1/q_WHVxwMaYRYw4WxXWDH8Ixwtv4.mft rsync://rpki.ripe.net/repository/DEFAULT/q_WHVxwMaYRYw4WxXWDH8Ixwtv4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:00:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:f3:93:f8:90:65:0d:d9:68:ed:14:47:c8:f0:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=abf587571c0c698458c385b15d60c7f08c70b6fe Validity Not Before: Jan 2 00:19:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=81e7f1d9faff3035edbedb96c72966c446d8ffd2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:59:d7:92:49:24:02:3c:07:52:2e:08:57:fc: 8a:68:95:8c:69:a5:ec:9a:22:2a:14:76:5d:dc:1b: 77:d8:ab:00:92:01:ff:1d:87:e7:3f:3b:88:7a:e8: 35:41:e2:fc:da:4c:ee:9f:c3:4f:77:96:fd:ce:24: 9f:4d:8d:83:f0:bf:d2:2c:d7:95:96:86:9d:d4:25: 61:a3:7c:62:2b:56:07:de:98:81:da:7e:da:37:18: 7b:36:36:89:e9:22:25:3d:b7:bc:09:d5:69:b7:77: 39:4a:db:82:29:1d:b3:fc:d0:6a:25:0f:42:dd:94: 4c:4d:5c:c2:78:22:d5:25:fe:9c:aa:41:8e:ed:55: e3:ae:db:8d:00:59:45:60:06:de:88:81:61:42:b2: 74:ce:4c:0b:47:5d:62:23:c1:6c:c4:eb:73:9c:ea: 98:65:c2:0b:90:27:3f:4f:12:d1:34:91:ba:64:4b: ab:5c:3f:68:5a:a3:cf:c7:fe:8a:0c:47:d3:37:d8: 26:d5:96:90:d6:9f:e4:be:ae:08:b2:e7:20:a2:c1: 00:80:9c:99:03:aa:b0:d4:f4:b6:38:63:ad:08:1e: 77:c2:f2:fb:be:8b:84:83:71:4f:ef:e6:3f:3c:3c: f7:40:6a:2f:bb:94:37:1b:15:6e:62:4a:a8:20:6f: 70:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:E7:F1:D9:FA:FF:30:35:ED:BE:DB:96:C7:29:66:C4:46:D8:FF:D2 X509v3 Authority Key Identifier: keyid:AB:F5:87:57:1C:0C:69:84:58:C3:85:B1:5D:60:C7:F0:8C:70:B6:FE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q_WHVxwMaYRYw4WxXWDH8Ixwtv4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/9d8b82-47ae-4e12-9a4d-782fe7092010/1/gefx2fr_MDXtvtuWxylmxEbY_9I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/9d8b82-47ae-4e12-9a4d-782fe7092010/1/q_WHVxwMaYRYw4WxXWDH8Ixwtv4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.58.184.0/22 Signature Algorithm: sha256WithRSAEncryption ac:60:8e:5a:a4:29:5f:fc:9e:10:2c:3a:c3:4b:5c:15:36:df: 97:66:30:41:a1:b2:76:37:83:9c:df:88:63:c5:44:02:c7:d3: 74:23:a8:51:d9:2e:cb:8b:23:43:4f:f4:49:9e:4c:4a:b4:68: 7e:fc:bb:dc:ef:a7:34:9c:dc:88:a6:32:fc:13:2c:7f:b0:64: 0e:88:ed:03:ea:c0:18:ac:b4:88:36:16:d4:39:62:5c:c5:34: 34:55:ab:9e:22:8e:23:19:4e:2b:b4:ac:1c:24:2f:c6:42:d7: 2b:e6:cf:66:d1:1d:4f:93:4d:0d:ba:12:c6:dc:b9:db:d0:13: 8f:31:f8:f4:b3:ab:46:0e:1c:1e:66:a2:5c:50:b6:f2:ba:cd: 98:81:8f:98:4f:7c:b8:e8:ee:b5:ff:11:87:96:f0:41:86:a2: 80:3f:6f:7a:5c:46:1d:5f:0c:ba:55:45:4c:12:4d:7e:79:c5: 1d:ce:a5:f3:5c:69:51:06:d0:48:ee:38:2f:3b:92:65:1e:32: 49:a5:11:ad:f0:ef:82:d4:7a:ac:91:9c:72:bb:71:35:12:97: ab:b8:d9:a5:07:d8:f7:31:02:ac:e9:9c:8e:8b:6a:31:69:2e: f3:4b:b8:b5:55:2a:2b:d3:26:32:f6:f0:9f:f3:62:5d:a4:95: e4:9f:fc:97 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt8EvOT+JBlDdlo7RRHyPAvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFiZjU4NzU3MWMwYzY5ODQ1OGMzODViMTVkNjBjN2YwOGM3 MGI2ZmUwHhcNMjYwMTAyMDAxOTM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4MWU3ZjFkOWZhZmYzMDM1ZWRiZWRiOTZjNzI5NjZjNDQ2ZDhmZmQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFnXkkkkAjwHUi4IV/yKaJWMaaXs miIqFHZd3Bt32KsAkgH/HYfnPzuIeug1QeL82kzun8NPd5b9ziSfTY2D8L/SLNeV load1CVho3xiK1YH3piB2n7aNxh7NjaJ6SIlPbe8CdVpt3c5StuCKR2z/NBqJQ9C 3ZRMTVzCeCLVJf6cqkGO7VXjrtuNAFlFYAbeiIFhQrJ0zkwLR11iI8FsxOtznOqY ZcILkCc/TxLRNJG6ZEurXD9oWqPPx/6KDEfTN9gm1ZaQ1p/kvq4IsucgosEAgJyZ A6qw1PS2OGOtCB53wvL7vouEg3FP7+Y/PDz3QGovu5Q3GxVuYkqoIG9wrwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFIHn8dn6/zA17b7blscpZsRG2P/SMB8GA1UdIwQY MBaAFKv1h1ccDGmEWMOFsV1gx/CMcLb+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcV9XSFZ4d01hWVJZdzRXeFhXREg4SXh3dHY0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi85ZDhiODItNDdhZS00ZTEyLTlhNGQt NzgyZmU3MDkyMDEwLzEvZ2VmeDJmcl9NRFh0dnR1V3h5bG14RWJZXzlJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi85ZDhiODItNDdhZS00ZTEyLTlhNGQtNzgyZmU3MDkyMDEw LzEvcV9XSFZ4d01hWVJZdzRXeFhXREg4SXh3dHY0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjq4MA0G CSqGSIb3DQEBCwUAA4IBAQCsYI5apClf/J4QLDrDS1wVNt+XZjBBobJ2N4Oc34hj xUQCx9N0I6hR2S7LiyNDT/RJnkxKtGh+/Lvc76c0nNyIpjL8Eyx/sGQOiO0D6sAY rLSINhbUOWJcxTQ0VaueIo4jGU4rtKwcJC/GQtcr5s9m0R1Pk00NuhLG3Lnb0BOP Mfj0s6tGDhweZqJcULbyus2YgY+YT3y46O61/xGHlvBBhqKAP296XEYdXwy6VUVM Ek1+ecUdzqXzXGlRBtBI7jgvO5JlHjJJpRGt8O+C1HqskZxyu3E1EperuNmlB9j3 MQKs6ZyOi2oxaS7zS7i1VSor0yYy9vCf82JdpJXkn/yX -----END CERTIFICATE-----Generated at Mon Feb 9 19:54:23 2026 by rpki-client