This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/YxBRayM-vhxtM1AqEKC9omjhyDU.roa File: YxBRayM-vhxtM1AqEKC9omjhyDU.roa (raw, json) Hash identifier: 8x1ScjX7HuUH81sXw9Xe7zT6ZtsS32sBRkIQuP2YYkc= Subject key identifier: 63:10:51:6B:23:3E:BE:1C:6D:33:50:2A:10:A0:BD:A2:68:E1:C8:35 Certificate issuer: /CN=ba67bff7bad1eb8384b585df7bef1206f7f19f7e Certificate serial: 019AB53316203BFFFE6ED04BACE83C696228 Authority key identifier: BA:67:BF:F7:BA:D1:EB:83:84:B5:85:DF:7B:EF:12:06:F7:F1:9F:7E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ume_97rR64OEtYXfe-8SBvfxn34.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/YxBRayM-vhxtM1AqEKC9omjhyDU.roa Signing time: Mon 24 Nov 2025 09:30:15 +0000 ROA not before: Mon 24 Nov 2025 09:30:15 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 49581 IP address blocks: 209.131.67.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/ume_97rR64OEtYXfe-8SBvfxn34.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/ume_97rR64OEtYXfe-8SBvfxn34.mft rsync://rpki.ripe.net/repository/DEFAULT/ume_97rR64OEtYXfe-8SBvfxn34.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:b5:33:16:20:3b:ff:fe:6e:d0:4b:ac:e8:3c:69:62:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ba67bff7bad1eb8384b585df7bef1206f7f19f7e Validity Not Before: Nov 24 09:30:15 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=6310516b233ebe1c6d33502a10a0bda268e1c835 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:10:c9:b3:40:89:82:96:2e:6f:16:8e:ef:d9: 32:50:c3:30:34:c9:47:5e:fb:c4:ae:01:48:91:fc: 49:f1:be:67:ca:cd:31:d0:30:5c:8d:d2:5f:6c:6d: ae:18:3a:9f:85:03:86:0b:46:db:c9:c8:2f:96:16: 8f:2e:e6:a3:bf:9d:d1:2c:92:ac:0a:66:e0:0e:45: b0:53:e8:cb:16:ab:e3:a9:fe:ec:fb:bd:2f:8a:dc: 2c:82:f6:1a:40:3e:69:c0:18:95:0f:e2:af:a2:28: 7c:21:23:63:f3:6e:d6:b0:c7:d3:28:9d:ba:02:0a: b4:e1:74:c6:68:f5:37:f9:3a:a1:55:f9:b9:bd:6d: 81:5e:67:e0:4d:78:9b:24:7c:ff:41:f2:55:79:ce: ce:da:0a:e8:15:11:8e:1b:f0:a1:ee:a4:a9:16:b4: 52:87:f8:a7:a5:c9:36:7e:48:ee:64:89:54:ba:a5: 1f:22:ec:d0:96:b9:ce:36:92:ed:0b:67:93:f6:9c: b0:38:de:80:b9:b9:51:b1:a7:40:4c:55:ec:40:9a: 87:2c:aa:b7:68:aa:06:f5:e6:8f:35:6a:7e:bf:0a: 41:70:52:41:1b:72:4d:9c:45:0a:9e:82:ae:2e:c9: 8f:c3:bf:50:e2:a3:1f:28:75:59:29:bb:2f:1b:e0: 82:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:10:51:6B:23:3E:BE:1C:6D:33:50:2A:10:A0:BD:A2:68:E1:C8:35 X509v3 Authority Key Identifier: keyid:BA:67:BF:F7:BA:D1:EB:83:84:B5:85:DF:7B:EF:12:06:F7:F1:9F:7E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ume_97rR64OEtYXfe-8SBvfxn34.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/YxBRayM-vhxtM1AqEKC9omjhyDU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/ume_97rR64OEtYXfe-8SBvfxn34.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 209.131.67.0/24 Signature Algorithm: sha256WithRSAEncryption 2f:e7:8b:5f:46:08:d4:26:0b:39:21:22:45:3d:80:41:0f:7d: ca:49:14:a0:f1:17:30:83:f3:ae:2d:82:0c:e2:9b:91:cf:6a: 30:b6:fd:5f:a1:9c:d6:fc:f6:b3:d9:4a:f4:f4:73:96:82:e8: fe:86:67:9d:94:f6:a2:2e:8b:ad:0f:5b:7a:5f:35:66:5e:89: 14:30:52:fc:62:9d:16:90:88:da:01:b5:33:f5:fd:54:10:54: 47:1c:41:10:b4:1a:e1:f3:68:bd:38:08:b1:95:74:b1:c7:7f: a0:92:9c:81:42:8c:ba:1f:b9:97:9d:2d:2a:f9:66:dd:ac:77: 2b:34:f2:e9:ff:a9:df:89:e7:0f:32:08:78:69:ea:86:24:cb: 9e:9a:7e:b4:1e:df:36:4c:cb:5f:f7:35:4d:ac:da:e4:85:86: 5e:2a:04:72:5c:13:da:6b:ee:0e:08:77:7f:8a:3e:1d:25:0c: 3b:7d:fb:c3:c1:d5:eb:0b:83:cf:ce:d8:a7:19:2a:48:2d:8e: d0:96:e5:42:84:52:c7:19:8a:ea:7c:4c:e9:2c:c8:99:5e:31: 7b:c5:59:c7:f1:37:91:fe:ef:ce:de:5f:bd:95:8f:c6:4d:75: 77:ba:81:6b:ac:4a:79:08:68:4b:39:8f:83:43:45:af:1b:af: 29:7d:67:b7 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZq1MxYgO//+btBLrOg8aWIoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhNjdiZmY3YmFkMWViODM4NGI1ODVkZjdiZWYxMjA2Zjdm MTlmN2UwHhcNMjUxMTI0MDkzMDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MzEwNTE2YjIzM2ViZTFjNmQzMzUwMmExMGEwYmRhMjY4ZTFjODM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BDJs0CJgpYubxaO79kyUMMwNMlH XvvErgFIkfxJ8b5nys0x0DBcjdJfbG2uGDqfhQOGC0bbycgvlhaPLuajv53RLJKs CmbgDkWwU+jLFqvjqf7s+70vitwsgvYaQD5pwBiVD+Kvoih8ISNj827WsMfTKJ26 Agq04XTGaPU3+TqhVfm5vW2BXmfgTXibJHz/QfJVec7O2groFRGOG/Ch7qSpFrRS h/inpck2fkjuZIlUuqUfIuzQlrnONpLtC2eT9pywON6AublRsadATFXsQJqHLKq3 aKoG9eaPNWp+vwpBcFJBG3JNnEUKnoKuLsmPw79Q4qMfKHVZKbsvG+CCIwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFGMQUWsjPr4cbTNQKhCgvaJo4cg1MB8GA1UdIwQY MBaAFLpnv/e60euDhLWF33vvEgb38Z9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdW1lXzk3clI2NE9FdFlYZmUtOFNCdmZ4bjM0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80YTI0NGQtNTFkMS00MTQzLWI2YWYt ZGE0NTM4MDIyYWM3LzEvWXhCUmF5TS12aHh0TTFBcUVLQzlvbWpoeURVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Zi80YTI0NGQtNTFkMS00MTQzLWI2YWYtZGE0NTM4MDIyYWM3 LzEvdW1lXzk3clI2NE9FdFlYZmUtOFNCdmZ4bjM0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA0YNDMA0G CSqGSIb3DQEBCwUAA4IBAQAv54tfRgjUJgs5ISJFPYBBD33KSRSg8Rcwg/OuLYIM 4puRz2owtv1foZzW/Paz2Ur09HOWguj+hmedlPaiLoutD1t6XzVmXokUMFL8Yp0W kIjaAbUz9f1UEFRHHEEQtBrh82i9OAixlXSxx3+gkpyBQoy6H7mXnS0q+WbdrHcr NPLp/6nfiecPMgh4aeqGJMuemn60Ht82TMtf9zVNrNrkhYZeKgRyXBPaa+4OCHd/ ij4dJQw7ffvDwdXrC4PPztinGSpILY7QluVChFLHGYrqfEzpLMiZXjF7xVnH8TeR /u/O3l+9lY/GTXV3uoFrrEp5CGhLOY+DQ0WvG68pfWe3 -----END CERTIFICATE-----Generated at Sun Dec 7 06:44:39 2025 by rpki-client