This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/y-pn8RraONHwfEgvYCmy9KpUOY0.roa File: y-pn8RraONHwfEgvYCmy9KpUOY0.roa (raw, json) Hash identifier: zmcX/epZylhylzX1wyhHHsMXLsM0/FpkS0XcD4y5qRg= Subject key identifier: CB:EA:67:F1:1A:DA:38:D1:F0:7C:48:2F:60:29:B2:F4:AA:54:39:8D Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c Certificate serial: 019A971A5915CF4ECA372C61FB4AF831411D Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/y-pn8RraONHwfEgvYCmy9KpUOY0.roa Signing time: Tue 18 Nov 2025 13:14:37 +0000 ROA not before: Tue 18 Nov 2025 13:14:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 42846 IP address blocks: 31.192.212.0/24 maxlen: 24 31.192.214.0/24 maxlen: 24 89.252.134.0/24 maxlen: 24 89.252.137.0/24 maxlen: 24 89.252.138.0/24 maxlen: 24 89.252.151.0/24 maxlen: 24 89.252.152.0/24 maxlen: 24 89.252.159.0/24 maxlen: 24 159.253.37.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.mft rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:97:1a:59:15:cf:4e:ca:37:2c:61:fb:4a:f8:31:41:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c Validity Not Before: Nov 18 13:14:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=cbea67f11ada38d1f07c482f6029b2f4aa54398d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:43:ba:16:16:04:83:46:f0:28:0c:bd:3f:dc: 7d:62:7d:67:aa:90:29:72:0f:df:10:f7:4b:78:7a: 8f:f4:0a:76:d9:79:43:e7:44:55:77:31:9d:04:38: 30:ba:ae:4f:89:27:2d:89:55:42:ce:d9:1f:90:21: e5:0a:8f:a9:dc:ea:d0:38:e4:11:d7:57:bb:07:6a: 60:eb:ea:23:9e:db:ca:66:00:61:bf:82:09:3d:ba: 01:81:03:9a:c5:ae:33:c0:31:c8:57:c3:4b:f1:05: 68:ce:1e:72:2b:de:78:32:c9:4a:2e:b6:fa:ef:c5: e4:e2:2d:32:0e:58:fc:09:7a:61:c5:9e:65:0a:36: 27:d1:bc:02:2f:c8:5d:0d:d4:dd:71:a5:70:74:c0: cc:4a:2b:85:47:97:87:32:e1:80:5b:03:3b:75:ab: 55:ab:da:85:1e:ae:5e:e4:a9:15:30:8c:1f:a0:bb: c5:5d:23:3b:ca:ca:36:3b:fc:46:ae:56:74:d5:df: 7e:1a:66:b2:72:f8:47:de:52:4a:72:37:ec:c6:2e: cb:b8:88:eb:72:5a:91:a6:ff:88:02:2e:63:f5:de: a9:e1:41:f7:21:83:01:85:0a:cb:99:87:65:35:5c: eb:ca:b7:9e:0b:6c:be:9b:80:4b:78:11:3f:17:f4: 2e:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:EA:67:F1:1A:DA:38:D1:F0:7C:48:2F:60:29:B2:F4:AA:54:39:8D X509v3 Authority Key Identifier: keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/y-pn8RraONHwfEgvYCmy9KpUOY0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.192.212.0/24 31.192.214.0/24 89.252.134.0/24 89.252.137.0-89.252.138.255 89.252.151.0-89.252.152.255 89.252.159.0/24 159.253.37.0/24 Signature Algorithm: sha256WithRSAEncryption 51:72:0a:42:d2:ac:06:93:74:53:e3:fd:0a:aa:ed:c5:b8:95: 08:8f:fa:dc:d1:e7:fd:08:54:f3:7b:2c:fb:c2:37:25:03:ee: 0c:b1:f0:77:d5:78:3a:64:d1:6f:4b:60:98:be:9b:bb:36:2c: f5:15:a4:1f:bd:d9:fc:44:7a:12:4f:4e:8e:b7:8f:09:49:34: 60:fd:f6:18:08:ec:67:fb:25:93:c0:ae:ff:78:b1:e8:25:82: fa:fe:37:47:b7:1f:40:09:45:73:1d:8e:b0:cc:12:eb:0a:d6: cb:fb:dc:76:17:c9:92:86:04:86:62:10:bb:7e:14:3c:f3:05: 52:7e:f8:b9:80:b4:45:8e:4a:c8:48:18:2b:51:31:a6:bf:b3: 1e:d8:e7:d4:8c:cf:c4:aa:06:d1:72:c1:62:16:61:11:30:6f: 3f:57:a7:72:75:8c:50:af:53:51:48:a2:05:f7:68:df:ad:d6: e6:1a:79:ec:42:d2:77:36:4c:51:e2:55:db:72:92:7e:86:96: f0:b3:8f:47:4a:3c:62:a0:7b:57:c7:40:2e:7f:48:9a:fa:ef: 41:26:f2:d3:bc:67:06:1f:2e:d3:62:0b:1d:61:57:31:e4:9b: 38:9b:65:f4:02:9b:fb:6c:b2:c0:b2:6a:6d:9b:cd:0e:d7:71: d8:23:d7:ab -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgISAZqXGlkVz07KNyxh+0r4MUEdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky MDVmM2MwHhcNMjUxMTE4MTMxNDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYmVhNjdmMTFhZGEzOGQxZjA3YzQ4MmY2MDI5YjJmNGFhNTQzOThkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkO6FhYEg0bwKAy9P9x9Yn1nqpAp cg/fEPdLeHqP9Ap22XlD50RVdzGdBDgwuq5PiSctiVVCztkfkCHlCo+p3OrQOOQR 11e7B2pg6+ojntvKZgBhv4IJPboBgQOaxa4zwDHIV8NL8QVozh5yK954MslKLrb6 78Xk4i0yDlj8CXphxZ5lCjYn0bwCL8hdDdTdcaVwdMDMSiuFR5eHMuGAWwM7datV q9qFHq5e5KkVMIwfoLvFXSM7yso2O/xGrlZ01d9+GmaycvhH3lJKcjfsxi7LuIjr clqRpv+IAi5j9d6p4UH3IYMBhQrLmYdlNVzryreeC2y+m4BLeBE/F/QuWwIDAQAB o4ICPTCCAjkwHQYDVR0OBBYEFMvqZ/Ea2jjR8HxIL2ApsvSqVDmNMB8GA1UdIwQY MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt ZWQzZTM4Zjk1NzdmLzEveS1wbjhScmFPTkh3ZkVndllDbXk5S3BVT1kwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQAH8DUAwQA H8DWAwQAWfyGMAwDBABZ/IkDBABZ/IowDAMEAFn8lwMEAFn8mAMEAFn8nwMEAJ/9 JTANBgkqhkiG9w0BAQsFAAOCAQEAUXIKQtKsBpN0U+P9CqrtxbiVCI/63NHn/QhU 83ss+8I3JQPuDLHwd9V4OmTRb0tgmL6buzYs9RWkH73Z/ER6Ek9OjrePCUk0YP32 GAjsZ/slk8Cu/3ix6CWC+v43R7cfQAlFcx2OsMwS6wrWy/vcdhfJkoYEhmIQu34U PPMFUn74uYC0RY5KyEgYK1Expr+zHtjn1IzPxKoG0XLBYhZhETBvP1encnWMUK9T UUiiBfdo363W5hp57ELSdzZMUeJV23KSfoaW8LOPR0o8YqB7V8dALn9ImvrvQSby 07xnBh8u02ILHWFXMeSbOJtl9AKb+2yywLJqbZvNDtdx2CPXqw== -----END CERTIFICATE-----Generated at Sat Dec 6 16:35:45 2025 by rpki-client