This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19bd833c-9eac-4b19-b264-a191d9c1b939.roa File: 19bd833c-9eac-4b19-b264-a191d9c1b939.roa (raw, json) Hash identifier: 4t0rJeWJoYTNWdjn081smSsYcL6knvJvT0qCp4XeH5w= Subject key identifier: 2B:1E:80:34:0E:E0:85:B4:A3:C2:C8:35:80:85:C2:5D:D5:FC:71:DC Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 41364CAF6C0DE891331DA213EC8CBE179B41044C Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19bd833c-9eac-4b19-b264-a191d9c1b939.roa Signing time: Sat 29 Nov 2025 03:10:47 +0000 ROA not before: Sat 29 Nov 2025 03:10:47 +0000 ROA not after: Fri 27 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 46.51.216.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:36:4c:af:6c:0d:e8:91:33:1d:a2:13:ec:8c:be:17:9b:41:04:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 29 03:10:47 2025 GMT Not After : Feb 27 23:59:59 2026 GMT Subject: serialNumber=c3eb0b5b3c61da1331bd9184c083a87c234873d3220064dd4f62a8f99759c7ec, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:b7:90:62:eb:3a:9a:b9:99:e3:7c:ee:5f:c9: 70:89:bb:62:83:24:e5:28:7f:4d:90:08:7f:4f:f9: 59:a5:1e:26:0f:a3:a5:d9:5e:d5:6f:3a:84:5e:65: 1b:f3:7b:10:fb:e6:23:a7:40:12:1e:53:85:d3:b6: e8:da:63:71:64:d4:29:ce:a6:a3:6f:3e:4f:71:35: 1c:74:49:6d:eb:d1:7d:72:42:60:a9:bb:83:62:49: 6f:5c:96:6b:e5:76:3f:25:d6:b7:a2:11:f2:8f:71: 15:fb:b5:87:53:87:1b:33:54:5a:fd:12:ec:5d:d0: a1:5c:4e:51:29:d7:0a:12:ee:dc:0a:e0:55:ce:1a: 4c:1f:2f:6c:d8:5c:b7:85:46:b8:99:4b:e1:f7:2a: a9:05:7e:c0:08:c7:64:18:47:63:a5:fb:aa:e5:83: aa:a4:e2:20:0f:cb:90:5f:23:a6:b0:91:08:f6:98: ea:b9:11:14:45:44:39:c5:7f:09:8e:b3:48:3e:04: a5:b0:be:a2:fd:cb:b8:bc:fe:3f:13:0e:0c:a7:a0: 67:28:14:c2:6d:af:66:1b:11:75:5d:0d:ec:c3:f7: 2c:31:64:5e:98:3c:15:24:96:15:13:25:c5:11:f5: 26:41:ae:f3:2e:43:6a:79:f5:40:40:3d:dd:59:8d: dd:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:1E:80:34:0E:E0:85:B4:A3:C2:C8:35:80:85:C2:5D:D5:FC:71:DC X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19bd833c-9eac-4b19-b264-a191d9c1b939.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.51.216.0/21 Signature Algorithm: sha256WithRSAEncryption 6b:f6:76:bb:18:9b:4a:77:d2:53:5f:2d:9d:40:f3:84:70:01: 5c:d2:47:fb:cf:f5:72:8d:d4:f3:50:aa:11:34:84:38:4a:37: e4:5f:0f:a4:ee:33:87:13:4b:70:df:e5:88:6e:49:38:ae:ad: 58:59:a3:c1:34:57:b7:02:2e:8a:20:ee:86:5b:c0:0f:26:87: 95:33:34:1d:02:5d:58:7e:fc:2f:fa:9e:74:a2:c2:8b:ba:41: d6:35:9b:2d:58:2e:ae:e1:e9:26:5b:e7:76:cd:73:df:b8:4c: 00:91:c6:94:e2:e7:41:a6:1f:5d:13:52:17:0d:17:61:da:7e: c5:40:e9:08:87:01:4e:11:ef:be:cb:34:32:24:66:e2:68:7a: ee:71:43:a4:03:57:83:12:ff:80:df:20:df:05:7a:c5:33:3e: 05:72:4f:38:f1:96:ac:d6:2e:10:75:24:4a:9c:78:ea:9a:87: fe:6a:84:1b:be:d1:f3:b3:57:66:f3:94:a5:ef:fb:bf:2a:09: 24:28:c6:94:25:3f:68:c4:3e:67:8b:5d:75:8a:d9:6e:22:9c: 99:eb:2d:cc:b1:da:db:63:22:c0:ec:d6:e2:f2:ff:71:8c:65: f7:28:c7:60:b8:50:cc:e0:50:f7:d9:ee:37:e9:c7:01:6b:57: c4:f0:2f:18 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUQTZMr2wN6JEzHaIT7Iy+F5tBBEwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjkwMzEwNDdaFw0yNjAyMjcyMzU5NTlaMHoxSTBHBgNV BAUTQGMzZWIwYjViM2M2MWRhMTMzMWJkOTE4NGMwODNhODdjMjM0ODczZDMyMjAw NjRkZDRmNjJhOGY5OTc1OWM3ZWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANS3kGLrOpq5meN87l/JcIm7YoMk5Sh/TZAIf0/5WaUeJg+jpdle1W86hF5l G/N7EPvmI6dAEh5ThdO26NpjcWTUKc6mo28+T3E1HHRJbevRfXJCYKm7g2JJb1yW a+V2PyXWt6IR8o9xFfu1h1OHGzNUWv0S7F3QoVxOUSnXChLu3ArgVc4aTB8vbNhc t4VGuJlL4fcqqQV+wAjHZBhHY6X7quWDqqTiIA/LkF8jprCRCPaY6rkRFEVEOcV/ CY6zSD4EpbC+ov3LuLz+PxMODKegZygUwm2vZhsRdV0N7MP3LDFkXpg8FSSWFRMl xRH1JkGu8y5Dann1QEA93VmN3acCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQrHoA0 DuCFtKPCyDWAhcJd1fxx3DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MTliZDgzM2MtOWVhYy00YjE5LWIyNjQtYTE5MWQ5YzFiOTM5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4z2DAN BgkqhkiG9w0BAQsFAAOCAQEAa/Z2uxibSnfSU18tnUDzhHABXNJH+8/1co3U81Cq ETSEOEo35F8PpO4zhxNLcN/liG5JOK6tWFmjwTRXtwIuiiDuhlvADyaHlTM0HQJd WH78L/qedKLCi7pB1jWbLVguruHpJlvnds1z37hMAJHGlOLnQaYfXRNSFw0XYdp+ xUDpCIcBThHvvss0MiRm4mh67nFDpANXgxL/gN8g3wV6xTM+BXJPOPGWrNYuEHUk Spx46pqH/mqEG77R87NXZvOUpe/7vyoJJCjGlCU/aMQ+Z4tddYrZbiKcmestzLHa 22MiwOzW4vL/cYxl9yjHYLhQzOBQ99nuN+nHAWtXxPAvGA== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:29 2025 by rpki-client