This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/yi-1H2kvkQ3h01ixDnXrllH7VcU.roa File: yi-1H2kvkQ3h01ixDnXrllH7VcU.roa (raw, json) Hash identifier: T6liJUI5zc6jyielAbU34r9I/JOXs0NIt1UkRGmeK3E= Subject key identifier: CA:2F:B5:1F:69:2F:91:0D:E1:D3:58:B1:0E:75:EB:96:51:FB:55:C5 Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce Certificate serial: 019AE0D8AF5E2CC72A755364311FE4709A30 Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/yi-1H2kvkQ3h01ixDnXrllH7VcU.roa Signing time: Tue 02 Dec 2025 20:54:48 +0000 ROA not before: Tue 02 Dec 2025 20:54:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 48207 IP address blocks: 138.249.8.0/24 maxlen: 24 138.249.20.0/24 maxlen: 24 170.168.102.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:e0:d8:af:5e:2c:c7:2a:75:53:64:31:1f:e4:70:9a:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce Validity Not Before: Dec 2 20:54:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=ca2fb51f692f910de1d358b10e75eb9651fb55c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:7f:53:51:75:75:8b:fa:43:5d:19:f2:91:07: f9:05:10:81:0f:0a:80:65:13:cc:7f:cf:9b:9a:41: da:fe:e4:88:50:6e:f0:a0:21:2e:c6:ee:10:ff:de: 7c:1a:4c:ce:6d:09:a6:01:a1:dc:5f:54:47:29:8f: 5a:7c:78:a0:6f:ca:77:bf:87:37:b8:a4:da:e0:6b: 39:67:3a:c1:99:3f:31:48:b7:50:39:b3:86:9a:88: 04:f8:94:41:33:c4:09:3f:91:b2:74:99:7f:26:94: c6:98:4f:16:d7:ae:94:24:95:a9:13:4f:8c:ba:d1: 42:05:c4:c5:62:61:90:cd:00:09:85:ec:ca:6b:ac: b9:78:bc:b4:a7:64:f9:54:12:06:08:c7:3f:7b:be: de:8a:39:a4:5e:1f:96:0c:39:9d:ed:bf:b5:b3:69: 63:0e:e6:2c:54:74:ed:9a:ab:b4:dc:d9:42:6e:4c: 35:b9:9d:e9:21:10:d1:13:8c:fc:96:52:f7:8e:bc: c4:48:de:ea:a8:cb:0a:46:b0:17:61:2e:dc:14:dd: b2:33:05:f8:14:4d:94:64:20:e6:0b:72:bc:c1:23: 89:3e:d0:0c:6b:ff:b7:e0:89:59:a0:13:05:0e:cf: 14:cb:ea:14:b2:aa:52:6b:55:62:ba:fc:1c:c2:10: 19:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:2F:B5:1F:69:2F:91:0D:E1:D3:58:B1:0E:75:EB:96:51:FB:55:C5 X509v3 Authority Key Identifier: keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/yi-1H2kvkQ3h01ixDnXrllH7VcU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.249.8.0/24 138.249.20.0/24 170.168.102.0/24 Signature Algorithm: sha256WithRSAEncryption 26:43:a7:07:69:28:47:6e:3d:d3:0b:fb:34:a4:9f:9a:9a:f1: bc:0a:3f:77:a5:6b:b4:ea:d4:d3:a1:6c:c8:55:b2:f3:8e:fc: d0:76:e8:fa:fc:5c:ac:22:95:c3:4e:4a:b0:dc:e9:13:fd:b5: 68:22:85:e1:77:6c:5d:78:51:62:20:fc:07:21:f2:84:57:a8: 08:2e:69:5d:33:74:a9:09:01:57:1c:64:20:53:71:1f:30:71: 2a:03:ca:08:16:e8:ed:05:af:8b:21:a5:0e:85:3f:0a:63:9d: 4f:fa:f5:f8:ea:bc:78:fc:e9:aa:4a:e5:bc:d4:01:a9:14:5b: 8c:a2:a9:45:dc:7d:01:f3:e5:35:4f:49:b7:44:b4:9f:95:de: 59:ee:c7:65:bc:66:bc:8b:0e:4f:51:cc:d1:a6:95:01:a6:e2: b7:83:c7:df:e8:cb:73:5c:bd:aa:9c:de:20:53:12:58:dd:c4: 64:93:41:8e:fe:1e:53:5d:6f:37:16:2c:d4:f6:12:4d:24:8f: 81:4e:2d:38:04:49:5a:1f:34:76:1a:be:ff:65:5f:85:b6:03: 84:17:ac:4e:b6:5b:51:96:9c:f1:cb:c0:97:8c:d8:6f:20:b3: 2e:3d:2a:71:cc:93:dd:a9:7f:4f:4f:3a:8e:2e:8b:e5:02:56: 78:32:9b:8a -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZrg2K9eLMcqdVNkMR/kcJowMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh MGYwY2UwHhcNMjUxMjAyMjA1NDQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYTJmYjUxZjY5MmY5MTBkZTFkMzU4YjEwZTc1ZWI5NjUxZmI1NWM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2H9TUXV1i/pDXRnykQf5BRCBDwqA ZRPMf8+bmkHa/uSIUG7woCEuxu4Q/958GkzObQmmAaHcX1RHKY9afHigb8p3v4c3 uKTa4Gs5ZzrBmT8xSLdQObOGmogE+JRBM8QJP5GydJl/JpTGmE8W166UJJWpE0+M utFCBcTFYmGQzQAJhezKa6y5eLy0p2T5VBIGCMc/e77eijmkXh+WDDmd7b+1s2lj DuYsVHTtmqu03NlCbkw1uZ3pIRDRE4z8llL3jrzESN7qqMsKRrAXYS7cFN2yMwX4 FE2UZCDmC3K8wSOJPtAMa/+34IlZoBMFDs8Uy+oUsqpSa1ViuvwcwhAZhwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFMovtR9pL5EN4dNYsQ5165ZR+1XFMB8GA1UdIwQY MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et YTY2N2JiNzY1MDYwLzEveWktMUgya3ZrUTNoMDFpeERuWHJsbEg3VmNVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAivkIAwQA ivkUAwQAqqhmMA0GCSqGSIb3DQEBCwUAA4IBAQAmQ6cHaShHbj3TC/s0pJ+amvG8 Cj93pWu06tTToWzIVbLzjvzQduj6/FysIpXDTkqw3OkT/bVoIoXhd2xdeFFiIPwH IfKEV6gILmldM3SpCQFXHGQgU3EfMHEqA8oIFujtBa+LIaUOhT8KY51P+vX46rx4 /OmqSuW81AGpFFuMoqlF3H0B8+U1T0m3RLSfld5Z7sdlvGa8iw5PUczRppUBpuK3 g8ff6MtzXL2qnN4gUxJY3cRkk0GO/h5TXW83FizU9hJNJI+BTi04BElaHzR2Gr7/ ZV+FtgOEF6xOtltRlpzxy8CXjNhvILMuPSpxzJPdqX9PTzqOLovlAlZ4MpuK -----END CERTIFICATE-----Generated at Sat Dec 6 08:04:30 2025 by rpki-client