This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/2_-FI-AoJnOM9FRj9JIZ87TxIGU.roa File: 2_-FI-AoJnOM9FRj9JIZ87TxIGU.roa (raw, json) Hash identifier: fYqLfLAgXXv2j6Hlh2bmzcVErlr45q7qc3mJo6wcwjY= Subject key identifier: DB:FF:85:23:E0:28:26:73:8C:F4:54:63:F4:92:19:F3:B4:F1:20:65 Certificate issuer: /CN=6991c56f11a7171c6153239769f557beba10182d Certificate serial: 019B77C6F8169ACA7BE1A52291946CE781D0 Authority key identifier: 69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/2_-FI-AoJnOM9FRj9JIZ87TxIGU.roa Signing time: Thu 01 Jan 2026 04:18:06 +0000 ROA not before: Thu 01 Jan 2026 04:18:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204487 IP address blocks: 95.164.13.0/24 maxlen: 24 95.164.52.0/24 maxlen: 24 95.164.94.0/24 maxlen: 24 95.164.122.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.mft rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 09:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:f8:16:9a:ca:7b:e1:a5:22:91:94:6c:e7:81:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6991c56f11a7171c6153239769f557beba10182d Validity Not Before: Jan 1 04:18:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dbff8523e02826738cf45463f49219f3b4f12065 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:b4:48:08:ab:03:0d:5d:25:c3:d3:3b:b5:e5: 5e:75:70:17:03:44:53:a7:b5:3d:f7:8a:3f:09:e4: fb:7a:d2:b9:3d:1d:9a:7d:55:29:38:15:ba:21:13: 0a:03:75:23:da:fc:09:51:87:26:be:48:4c:32:18: 03:4a:d0:4a:58:14:a8:ec:38:00:93:f5:e3:f8:bb: a0:c1:4c:ba:9c:28:eb:ac:8c:e2:77:2d:62:a5:06: 16:83:09:1e:13:1a:ba:cd:d3:f9:4c:e0:06:bf:2b: bf:c1:1d:ce:f5:67:80:f7:59:44:3a:f4:60:11:d5: ab:07:8a:17:27:b9:70:e0:d4:ab:23:0a:34:97:90: 70:8b:6f:09:da:5c:39:61:92:70:fc:dd:a2:22:ed: 72:4f:81:de:2e:38:ff:9d:31:b1:69:fb:3d:0b:d5: 33:0c:83:68:6a:e4:e0:04:29:2b:29:c7:8a:7e:19: 55:d4:9b:7a:43:99:11:6f:29:77:77:9b:dc:fa:d0: e9:bc:6f:cf:2d:6e:86:6d:0b:71:2d:25:38:60:19: 82:bb:5c:f6:87:ca:d2:c9:ad:99:de:65:99:95:22: 15:3a:d9:be:b2:af:fb:d0:0c:70:b1:9a:42:58:77: d0:69:90:df:cb:32:17:28:0b:1e:85:0f:ec:09:22: 70:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:FF:85:23:E0:28:26:73:8C:F4:54:63:F4:92:19:F3:B4:F1:20:65 X509v3 Authority Key Identifier: keyid:69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/2_-FI-AoJnOM9FRj9JIZ87TxIGU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 95.164.13.0/24 95.164.52.0/24 95.164.94.0/24 95.164.122.0/24 Signature Algorithm: sha256WithRSAEncryption a3:63:cd:6a:4b:7c:bc:a5:96:13:07:23:b5:82:6d:54:49:fb: 04:b5:c3:10:90:47:98:62:c1:cc:16:87:41:df:95:14:96:33: 2e:cc:b1:8b:e4:83:5c:dc:9a:86:69:b3:2a:c9:65:9a:76:50: f3:a1:9e:3b:71:b9:dc:c0:ea:e4:6e:0a:fa:a5:89:0e:0b:99: e6:79:38:a0:9f:71:e9:f3:9a:a2:2c:8b:a3:21:59:a0:d7:fd: 01:fd:df:ed:14:40:07:a6:a6:d8:d1:2f:0f:c5:29:e3:be:9f: 8c:f0:17:4a:3a:6a:23:a1:ed:91:00:8d:84:63:24:2b:3e:c6: 00:00:3a:90:e0:c8:de:05:27:2a:ce:47:c0:4d:45:c5:99:83: 8c:8d:2f:41:69:f4:63:9b:c1:12:c4:80:9b:74:37:94:30:54: 22:9e:9b:1f:e1:28:28:d5:22:a2:2b:53:7f:63:ce:41:e5:67: 65:95:db:db:af:04:a5:df:1c:e2:e1:5c:dc:a0:6b:d2:d0:2b: 30:0b:3f:86:49:c4:e0:26:80:6d:50:27:11:b1:a8:14:95:93: 11:dc:29:5a:1b:a4:17:4e:a7:58:54:fb:c3:f0:1a:92:da:6e: df:a0:1a:b1:d8:28:95:15:08:ba:11:a8:01:bb:12:27:3d:d1: fd:06:36:52 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt3xvgWmsp74aUikZRs54HQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY5OTFjNTZmMTFhNzE3MWM2MTUzMjM5NzY5ZjU1N2JlYmEx MDE4MmQwHhcNMjYwMTAxMDQxODA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYmZmODUyM2UwMjgyNjczOGNmNDU0NjNmNDkyMTlmM2I0ZjEyMDY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbRICKsDDV0lw9M7teVedXAXA0RT p7U994o/CeT7etK5PR2afVUpOBW6IRMKA3Uj2vwJUYcmvkhMMhgDStBKWBSo7DgA k/Xj+LugwUy6nCjrrIzidy1ipQYWgwkeExq6zdP5TOAGvyu/wR3O9WeA91lEOvRg EdWrB4oXJ7lw4NSrIwo0l5Bwi28J2lw5YZJw/N2iIu1yT4HeLjj/nTGxafs9C9Uz DINoauTgBCkrKceKfhlV1Jt6Q5kRbyl3d5vc+tDpvG/PLW6GbQtxLSU4YBmCu1z2 h8rSya2Z3mWZlSIVOtm+sq/70AxwsZpCWHfQaZDfyzIXKAsehQ/sCSJwzwIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFNv/hSPgKCZzjPRUY/SSGfO08SBlMB8GA1UdIwQY MBaAFGmRxW8RpxccYVMjl2n1V766EBgtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYt NjVkMTU2NzM0MGZkLzEvMl8tRkktQW9Kbk9NOUZSajlKSVo4N1R4SUdVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYtNjVkMTU2NzM0MGZk LzEvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAX6QNAwQA X6Q0AwQAX6ReAwQAX6R6MA0GCSqGSIb3DQEBCwUAA4IBAQCjY81qS3y8pZYTByO1 gm1USfsEtcMQkEeYYsHMFodB35UUljMuzLGL5INc3JqGabMqyWWadlDzoZ47cbnc wOrkbgr6pYkOC5nmeTign3Hp85qiLIujIVmg1/0B/d/tFEAHpqbY0S8PxSnjvp+M 8BdKOmojoe2RAI2EYyQrPsYAADqQ4MjeBScqzkfATUXFmYOMjS9BafRjm8ESxICb dDeUMFQinpsf4Sgo1SKiK1N/Y85B5WdlldvbrwSl3xzi4VzcoGvS0CswCz+GScTg JoBtUCcRsagUlZMR3ClaG6QXTqdYVPvD8BqS2m7foBqx2CiVFQi6EagBuxInPdH9 BjZS -----END CERTIFICATE-----Generated at Wed Jan 21 12:47:15 2026 by rpki-client