This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27619839-e7af-4103-a7dd-056323333518.roa File: 27619839-e7af-4103-a7dd-056323333518.roa (raw, json) Hash identifier: fnd9dtW6GwI2YhAdfxx+rPqnaPv2D4h+rgH8Swcnn9I= Subject key identifier: 1F:4B:D9:C0:6C:A9:7B:88:89:D9:24:5A:15:F0:87:67:D9:D4:62:20 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 69ABA1EB004A0D873E231DB3DD24A999683667B8 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27619839-e7af-4103-a7dd-056323333518.roa Signing time: Tue 02 Dec 2025 01:51:29 +0000 ROA not before: Tue 02 Dec 2025 01:51:29 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 176.32.88.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:ab:a1:eb:00:4a:0d:87:3e:23:1d:b3:dd:24:a9:99:68:36:67:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 2 01:51:29 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=b98140b9dfbf26c3a68778a593a3d47e1e1d5194042407b4b8f4396c7a058039, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:a5:95:b6:78:74:80:e0:02:25:b3:15:70:74: 44:2f:05:00:e3:35:9c:09:2f:92:18:38:49:c2:69: df:db:36:bb:8c:6b:97:9d:95:58:ed:b8:14:4a:01: c7:3f:4e:78:aa:c6:5a:87:bc:f7:fe:96:bc:11:bb: 4a:83:d3:91:cc:29:d5:cc:a6:5a:d2:d2:76:7f:74: 4f:27:7f:17:71:a0:f7:84:66:28:06:8e:1f:8c:fd: 6f:4a:70:76:33:70:73:0d:29:cc:41:83:7d:85:b1: db:64:97:63:e8:83:a8:cf:10:6c:bc:2e:55:e8:1f: 9f:dd:a3:8c:30:6d:98:b3:7f:f0:0a:ce:21:57:0a: 28:83:80:11:95:91:5a:2f:a4:e7:3b:95:0f:7d:2a: 5d:b1:ed:64:11:28:47:6a:13:68:ab:40:db:74:d7: ac:03:8e:74:9e:5f:38:fd:d9:0e:de:92:90:5e:aa: db:e1:98:2a:4f:66:f6:ee:0e:50:d2:04:a3:54:e2: 62:74:b4:ad:59:71:c7:09:77:33:09:19:3f:8b:17: 6b:7c:10:f3:b9:76:2e:fa:52:db:db:05:d6:c5:2b: 95:d0:b8:dd:d2:8c:44:02:0e:ff:c9:05:2e:90:25: bb:72:ba:08:31:1f:5b:88:b1:c7:b7:2f:70:41:68: d0:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:4B:D9:C0:6C:A9:7B:88:89:D9:24:5A:15:F0:87:67:D9:D4:62:20 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27619839-e7af-4103-a7dd-056323333518.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.32.88.0/21 Signature Algorithm: sha256WithRSAEncryption 8f:48:21:e6:fc:df:06:30:cc:66:f6:8a:57:0f:64:a6:eb:7f: f8:44:1c:8f:58:45:ef:e2:6c:bf:13:e6:c7:57:92:f8:3b:3d: e4:74:fa:0a:e9:4a:96:36:11:70:4e:f7:3d:50:f7:c5:2e:82: 5a:78:a7:00:60:6d:e5:50:a9:fd:1e:c4:38:42:1b:59:b4:bc: 80:9f:a8:72:00:a4:2b:ff:3a:6e:ba:21:c8:83:31:b6:f7:68: 93:64:3b:57:3f:fa:52:29:5d:a3:04:2f:f5:a9:4e:17:11:51: 12:24:79:11:1c:9b:9e:d2:79:e3:75:f3:33:6e:c2:b8:7c:95: ac:65:8d:9d:2e:bc:3b:b4:45:6a:fa:eb:48:19:65:d7:48:de: 85:0b:e8:c2:19:7a:77:94:1a:8b:c9:05:1e:46:a4:03:91:38: e6:7f:85:b9:10:a6:f9:41:0c:94:a1:96:f1:65:93:0f:8e:df: fd:8e:64:7b:d2:c0:cb:b9:5f:ba:39:84:bb:82:42:c4:15:bc: cc:bb:b1:c9:01:e8:e6:a2:17:ee:db:2a:2a:26:f5:a1:42:83: fb:25:58:10:50:57:7a:a9:0a:ae:69:63:be:32:62:8b:89:e3: c8:b8:dc:f7:7d:09:34:88:be:9d:a3:02:7c:85:cb:22:77:53: f5:c8:c2:7e -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUaauh6wBKDYc+Ix2z3SSpmWg2Z7gwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDIwMTUxMjlaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGI5ODE0MGI5ZGZiZjI2YzNhNjg3NzhhNTkzYTNkNDdlMWUxZDUxOTQwNDI0 MDdiNGI4ZjQzOTZjN2EwNTgwMzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJOllbZ4dIDgAiWzFXB0RC8FAOM1nAkvkhg4ScJp39s2u4xrl52VWO24FEoB xz9OeKrGWoe89/6WvBG7SoPTkcwp1cymWtLSdn90Tyd/F3Gg94RmKAaOH4z9b0pw djNwcw0pzEGDfYWx22SXY+iDqM8QbLwuVegfn92jjDBtmLN/8ArOIVcKKIOAEZWR Wi+k5zuVD30qXbHtZBEoR2oTaKtA23TXrAOOdJ5fOP3ZDt6SkF6q2+GYKk9m9u4O UNIEo1TiYnS0rVlxxwl3MwkZP4sXa3wQ87l2LvpS29sF1sUrldC43dKMRAIO/8kF LpAlu3K6CDEfW4ixx7cvcEFo0IECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQfS9nA bKl7iInZJFoV8Idn2dRiIDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Mjc2MTk4MzktZTdhZi00MTAzLWE3ZGQtMDU2MzIzMzMzNTE4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgWDAN BgkqhkiG9w0BAQsFAAOCAQEAj0gh5vzfBjDMZvaKVw9kput/+EQcj1hF7+JsvxPm x1eS+Ds95HT6CulKljYRcE73PVD3xS6CWninAGBt5VCp/R7EOEIbWbS8gJ+ocgCk K/86brohyIMxtvdok2Q7Vz/6UildowQv9alOFxFREiR5ERybntJ543XzM27CuHyV rGWNnS68O7RFavrrSBll10jehQvowhl6d5Qai8kFHkakA5E45n+FuRCm+UEMlKGW 8WWTD47f/Y5ke9LAy7lfujmEu4JCxBW8zLuxyQHo5qIX7tsqKib1oUKD+yVYEFBX eqkKrmljvjJii4njyLjc930JNIi+naMCfIXLIndT9cjCfg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:52:32 2025 by rpki-client