This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11c924e5-b5a4-4e39-bd9b-3aa04634212a.roa File: 11c924e5-b5a4-4e39-bd9b-3aa04634212a.roa (raw, json) Hash identifier: H6rJcHqaJ6TBaXXxFObta3hu8VRT5g51/nhyqEHwyp8= Subject key identifier: 42:58:55:7E:51:81:4F:C2:AD:0D:6B:D2:15:33:68:67:8F:0B:C5:9B Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2FC3479D389DEF5D64E30C2D82D766E8AA288629 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11c924e5-b5a4-4e39-bd9b-3aa04634212a.roa Signing time: Sat 29 Nov 2025 03:10:10 +0000 ROA not before: Sat 29 Nov 2025 03:10:10 +0000 ROA not after: Fri 27 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 46.137.64.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:c3:47:9d:38:9d:ef:5d:64:e3:0c:2d:82:d7:66:e8:aa:28:86:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 29 03:10:10 2025 GMT Not After : Feb 27 23:59:59 2026 GMT Subject: serialNumber=6e877ceb7fc88bbdbf6a93fca2b4ff528f405595f5fccca131989559578226bb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:8a:67:3b:a7:20:3a:41:60:f9:63:74:c3:04: a2:2f:fa:9c:91:86:ac:52:7c:79:54:5a:9e:2d:f7: 9f:f5:b6:05:d3:d4:5c:e2:7e:fd:df:88:72:d0:6b: 40:bb:f2:c0:b5:c6:ba:3f:2c:4f:55:e4:5d:ec:89: f3:7e:23:b0:a4:b0:70:49:36:46:f8:fd:e4:1e:e6: e2:ae:c1:ad:06:94:4c:28:7b:0d:48:fe:6e:3d:cd: e1:3d:31:da:cf:4d:ae:57:ff:8b:2c:2d:33:17:b9: 59:c0:d3:67:ed:5b:62:49:e1:bb:99:b3:59:66:c3: d2:6b:71:3c:c8:9c:b1:ce:e8:69:e2:e7:d6:b5:7d: f3:71:ea:b9:e6:f0:a4:88:82:32:3b:e9:be:0b:6d: aa:56:d7:7c:d2:68:9c:29:f9:1b:d7:5a:7b:47:83: 46:18:e8:36:5b:6c:f0:b9:cd:57:ce:f3:e0:e8:f1: 70:17:d4:e5:24:a1:75:d8:d7:0b:06:8c:c7:84:28: bb:00:00:e7:55:d6:bd:f9:0f:7e:f8:d9:a4:bf:7c: 13:37:f4:5f:e1:e7:5a:00:9b:55:b8:0e:31:f4:a8: 4b:fe:1c:48:1a:fb:02:93:e2:20:fd:53:b8:d5:07: dc:13:3f:41:cc:ae:90:d8:7f:01:ef:4e:c2:35:e9: f0:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:58:55:7E:51:81:4F:C2:AD:0D:6B:D2:15:33:68:67:8F:0B:C5:9B X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11c924e5-b5a4-4e39-bd9b-3aa04634212a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.137.64.0/21 Signature Algorithm: sha256WithRSAEncryption 25:62:77:31:d8:69:0b:aa:02:4d:dc:52:40:31:84:57:cd:69: 21:f2:f5:12:87:c0:cd:d1:2c:81:89:64:32:26:3f:b7:e3:b2: a5:ea:22:b5:ac:cd:84:2c:e4:be:b9:d2:7a:1a:ae:3f:b5:2e: f1:bb:fc:4c:c6:dd:f8:1e:fb:52:01:da:de:92:94:2b:6e:40: f4:07:69:d2:7d:c7:a3:13:db:8a:1f:5e:bc:85:23:48:89:dd: 5d:38:12:d7:0a:06:5f:dc:83:eb:16:d4:b8:cd:f9:2c:03:77: 0a:5a:d1:8e:cc:e1:38:0d:fb:05:e6:93:39:0a:c3:a8:ae:b6: 0b:c3:36:92:9b:47:ab:af:8f:57:f2:1a:f8:d4:78:02:6e:aa: b0:21:0d:b0:f9:e0:28:45:81:89:40:91:24:51:61:aa:f9:b6: 88:a5:2e:c5:46:ec:f9:de:e0:52:5a:2d:6e:10:97:2d:26:ae: e0:c6:d0:a1:5f:d2:cb:c3:26:c0:9c:31:c9:96:bb:1e:45:f3: 7c:3a:e8:15:ad:a8:46:b2:96:7a:45:0c:a0:51:c8:08:6f:af: 93:c2:f3:db:70:00:3a:f5:38:f4:d4:8f:51:f8:07:42:76:73: 6c:92:68:9f:23:fb:e2:6a:20:2e:aa:52:ee:1a:ed:a3:ed:41: b8:a1:40:8a -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUL8NHnTid711k4wwtgtdm6KoohikwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjkwMzEwMTBaFw0yNjAyMjcyMzU5NTlaMHoxSTBHBgNV BAUTQDZlODc3Y2ViN2ZjODhiYmRiZjZhOTNmY2EyYjRmZjUyOGY0MDU1OTVmNWZj Y2NhMTMxOTg5NTU5NTc4MjI2YmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKaKZzunIDpBYPljdMMEoi/6nJGGrFJ8eVRani33n/W2BdPUXOJ+/d+IctBr QLvywLXGuj8sT1XkXeyJ834jsKSwcEk2Rvj95B7m4q7BrQaUTCh7DUj+bj3N4T0x 2s9Nrlf/iywtMxe5WcDTZ+1bYknhu5mzWWbD0mtxPMicsc7oaeLn1rV983Hquebw pIiCMjvpvgttqlbXfNJonCn5G9dae0eDRhjoNlts8LnNV87z4OjxcBfU5SShddjX CwaMx4QouwAA51XWvfkPfvjZpL98Ezf0X+HnWgCbVbgOMfSoS/4cSBr7ApPiIP1T uNUH3BM/QcyukNh/Ae9OwjXp8NUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRCWFV+ UYFPwq0Na9IVM2hnjwvFmzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MTFjOTI0ZTUtYjVhNC00ZTM5LWJkOWItM2FhMDQ2MzQyMTJhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JQDAN BgkqhkiG9w0BAQsFAAOCAQEAJWJ3MdhpC6oCTdxSQDGEV81pIfL1EofAzdEsgYlk MiY/t+OypeoitazNhCzkvrnSehquP7Uu8bv8TMbd+B77UgHa3pKUK25A9Adp0n3H oxPbih9evIUjSIndXTgS1woGX9yD6xbUuM35LAN3ClrRjszhOA37BeaTOQrDqK62 C8M2kptHq6+PV/Ia+NR4Am6qsCENsPngKEWBiUCRJFFhqvm2iKUuxUbs+d7gUlot bhCXLSau4MbQoV/Sy8MmwJwxyZa7HkXzfDroFa2oRrKWekUMoFHICG+vk8Lz23AA OvU49NSPUfgHQnZzbJJonyP74mogLqpS7hrto+1BuKFAig== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:41 2025 by rpki-client