This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/a04956-7462-49eb-a9db-dc6be8ce5fb2/1/2FrN58Szgu73eOaW5wzREjA1APU.roa File: 2FrN58Szgu73eOaW5wzREjA1APU.roa (raw, json) Hash identifier: eg4laZvDlSkpaWdKinkI+Xun4MLQfCIFg3SA+VvwdzM= Subject key identifier: D8:5A:CD:E7:C4:B3:82:EE:F7:78:E6:96:E7:0C:D1:12:30:35:00:F5 Certificate issuer: /CN=c8593923257b20eda4aa4bc3c4a0c30d8490ea56 Certificate serial: 019B7EA75A9C67173CEF6CBE441D1CC65BBC Authority key identifier: C8:59:39:23:25:7B:20:ED:A4:AA:4B:C3:C4:A0:C3:0D:84:90:EA:56 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yFk5IyV7IO2kqkvDxKDDDYSQ6lY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/a04956-7462-49eb-a9db-dc6be8ce5fb2/1/2FrN58Szgu73eOaW5wzREjA1APU.roa Signing time: Fri 02 Jan 2026 12:20:55 +0000 ROA not before: Fri 02 Jan 2026 12:20:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43809 IP address blocks: 83.171.228.0/22 maxlen: 22 95.128.112.0/21 maxlen: 24 185.8.80.0/22 maxlen: 24 185.184.92.0/22 maxlen: 24 185.215.8.0/22 maxlen: 24 195.88.130.0/23 maxlen: 23 2a02:d900::/29 maxlen: 29 2a0a:9c40::/29 maxlen: 29 2a0f:10c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/a04956-7462-49eb-a9db-dc6be8ce5fb2/1/yFk5IyV7IO2kqkvDxKDDDYSQ6lY.crl rsync://rpki.ripe.net/repository/DEFAULT/88/a04956-7462-49eb-a9db-dc6be8ce5fb2/1/yFk5IyV7IO2kqkvDxKDDDYSQ6lY.mft rsync://rpki.ripe.net/repository/DEFAULT/yFk5IyV7IO2kqkvDxKDDDYSQ6lY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:5a:9c:67:17:3c:ef:6c:be:44:1d:1c:c6:5b:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c8593923257b20eda4aa4bc3c4a0c30d8490ea56 Validity Not Before: Jan 2 12:20:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d85acde7c4b382eef778e696e70cd112303500f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:cb:32:e2:79:93:67:e0:02:bc:59:0e:87:37: c6:64:1d:8f:03:7a:c2:47:95:af:b7:65:4c:8c:18: f8:8a:d4:fe:1d:46:40:99:c3:31:26:81:89:4f:8e: ff:87:e5:e6:2e:f3:bc:40:88:4e:06:5c:e6:85:5e: 68:8e:f0:7a:45:2a:5e:0d:9b:eb:86:47:6b:82:55: 3e:8c:70:cd:fb:0e:7d:e9:9e:b1:4f:6e:aa:26:62: 00:92:25:ef:cb:98:f1:08:60:7b:65:b5:71:a5:a5: 4e:d9:6c:7f:44:97:cb:e0:47:5d:bc:15:e0:3b:da: 26:0a:33:57:65:f8:32:cb:78:d4:a4:66:5d:e6:d2: 10:9c:28:0c:ca:da:dc:11:6a:65:4d:55:9c:64:61: d1:24:0a:97:75:a7:22:f7:55:15:e3:cb:aa:59:85: 95:b0:49:68:5a:6f:32:89:fc:0f:23:a1:09:a4:09: 08:1d:c4:5d:10:96:50:26:b5:27:75:db:c2:79:20: 7a:33:91:2c:03:aa:61:c1:e4:4c:a5:53:d0:79:e2: 7c:0a:ab:69:bc:6e:27:5d:83:04:d0:61:95:de:44: 9a:85:43:b7:3b:0b:08:4f:41:36:32:87:7e:44:a2: 0b:ad:fa:e9:ec:6b:b2:ab:75:dc:41:ae:19:4c:f5: a1:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:5A:CD:E7:C4:B3:82:EE:F7:78:E6:96:E7:0C:D1:12:30:35:00:F5 X509v3 Authority Key Identifier: keyid:C8:59:39:23:25:7B:20:ED:A4:AA:4B:C3:C4:A0:C3:0D:84:90:EA:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yFk5IyV7IO2kqkvDxKDDDYSQ6lY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/a04956-7462-49eb-a9db-dc6be8ce5fb2/1/2FrN58Szgu73eOaW5wzREjA1APU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/88/a04956-7462-49eb-a9db-dc6be8ce5fb2/1/yFk5IyV7IO2kqkvDxKDDDYSQ6lY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 83.171.228.0/22 95.128.112.0/21 185.8.80.0/22 185.184.92.0/22 185.215.8.0/22 195.88.130.0/23 IPv6: 2a02:d900::/29 2a0a:9c40::/29 2a0f:10c0::/29 Signature Algorithm: sha256WithRSAEncryption 2a:d3:db:13:52:00:06:70:11:f4:06:28:bb:87:62:2c:08:7e: 49:1f:cb:22:f5:d0:73:10:8d:eb:3a:b9:5a:26:29:01:91:d1: 6e:09:70:d5:23:7c:a8:1a:0d:77:ce:25:78:4e:00:70:6a:bc: 6f:d4:1b:8a:c4:23:67:f7:6d:b1:93:6e:b8:2e:ca:48:ee:1f: 6a:dc:94:61:00:02:0a:81:1f:aa:71:d7:1f:a6:31:a0:af:62: 2d:88:a8:14:90:99:95:f7:8f:5a:c3:19:83:25:dd:02:df:e8: 3d:8d:54:d8:e7:55:58:ee:72:89:76:0a:58:07:3a:d5:7f:b8: bc:95:93:85:0e:c8:e3:ee:4a:fd:74:c6:31:b6:d0:d9:49:d1: 0e:cd:ce:6e:18:d1:24:0c:09:c0:68:4d:90:55:70:e3:c2:d2: 10:ed:56:da:40:5b:9f:ab:fb:c1:cf:fe:95:0b:03:be:8f:d1: 27:e5:a3:d3:99:0f:2d:a0:ce:84:59:50:35:c0:05:c6:ef:86: 9b:cb:dc:3e:4a:2d:40:c7:6b:9c:40:2e:09:ac:c0:ec:56:8c: 5f:cb:90:56:d3:cf:70:f5:52:af:94:7c:fe:82:ac:d6:a8:b5: 2a:a2:89:ca:a3:49:3e:f8:c7:ed:5c:6d:46:be:22:3b:6d:2d: bb:b4:c2:9b -----BEGIN CERTIFICATE----- MIIFODCCBCCgAwIBAgISAZt+p1qcZxc872y+RB0cxlu8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4NTkzOTIzMjU3YjIwZWRhNGFhNGJjM2M0YTBjMzBkODQ5 MGVhNTYwHhcNMjYwMTAyMTIyMDU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkODVhY2RlN2M0YjM4MmVlZjc3OGU2OTZlNzBjZDExMjMwMzUwMGY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcsy4nmTZ+ACvFkOhzfGZB2PA3rC R5Wvt2VMjBj4itT+HUZAmcMxJoGJT47/h+XmLvO8QIhOBlzmhV5ojvB6RSpeDZvr hkdrglU+jHDN+w596Z6xT26qJmIAkiXvy5jxCGB7ZbVxpaVO2Wx/RJfL4EddvBXg O9omCjNXZfgyy3jUpGZd5tIQnCgMytrcEWplTVWcZGHRJAqXdaci91UV48uqWYWV sEloWm8yifwPI6EJpAkIHcRdEJZQJrUnddvCeSB6M5EsA6phweRMpVPQeeJ8Cqtp vG4nXYME0GGV3kSahUO3OwsIT0E2Mod+RKILrfrp7Guyq3XcQa4ZTPWhKwIDAQAB o4ICRDCCAkAwHQYDVR0OBBYEFNhazefEs4Lu93jmlucM0RIwNQD1MB8GA1UdIwQY MBaAFMhZOSMleyDtpKpLw8Sgww2EkOpWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveUZrNUl5VjdJTzJrcWt2RHhLREREWVNRNmxZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9hMDQ5NTYtNzQ2Mi00OWViLWE5ZGIt ZGM2YmU4Y2U1ZmIyLzEvMkZyTjU4U3pndTczZU9hVzV3elJFakExQVBVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OC9hMDQ5NTYtNzQ2Mi00OWViLWE5ZGItZGM2YmU4Y2U1ZmIy LzEveUZrNUl5VjdJTzJrcWt2RHhLREREWVNRNmxZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQCU6vkAwQD X4BwAwQCuQhQAwQCubhcAwQCudcIAwQBw1iCMBsEAgACMBUDBQMqAtkAAwUDKgqc QAMFAyoPEMAwDQYJKoZIhvcNAQELBQADggEBACrT2xNSAAZwEfQGKLuHYiwIfkkf yyL10HMQjes6uVomKQGR0W4JcNUjfKgaDXfOJXhOAHBqvG/UG4rEI2f3bbGTbrgu ykjuH2rclGEAAgqBH6px1x+mMaCvYi2IqBSQmZX3j1rDGYMl3QLf6D2NVNjnVVju col2ClgHOtV/uLyVk4UOyOPuSv10xjG20NlJ0Q7Nzm4Y0SQMCcBoTZBVcOPC0hDt VtpAW5+r+8HP/pULA76P0Sflo9OZDy2gzoRZUDXABcbvhpvL3D5KLUDHa5xALgms wOxWjF/LkFbTz3D1Uq+UfP6CrNaotSqiicqjST74x+1cbUa+IjttLbu0wps= -----END CERTIFICATE-----Generated at Mon Feb 9 23:55:01 2026 by rpki-client