This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/296e983c-f59b-4a15-a74d-56b2bff88779.roa File: 296e983c-f59b-4a15-a74d-56b2bff88779.roa (raw, json) Hash identifier: KMZKESm6sDH9Xu6DACyQeZh5Ey87fysNJWWsfWGaEQQ= Subject key identifier: BA:D0:CE:E4:9D:11:52:B8:CC:09:E0:AE:D1:CA:D6:E9:E7:93:CE:93 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2BE645E4197F81548F09C07C0F4EC6611963663B Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/296e983c-f59b-4a15-a74d-56b2bff88779.roa Signing time: Tue 02 Dec 2025 01:50:07 +0000 ROA not before: Tue 02 Dec 2025 01:50:07 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 176.34.48.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:e6:45:e4:19:7f:81:54:8f:09:c0:7c:0f:4e:c6:61:19:63:66:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 2 01:50:07 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=ee9f6f2867e06b5226ca3dda8490c1a5760380ead60ef54b80cfaebdbe761ca3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:37:e2:28:f8:ec:ed:47:6b:1b:21:71:4d:28: 62:97:e3:21:29:dd:5d:a9:3a:98:a2:6e:10:3e:77: 7b:c0:fd:ac:ef:c7:f4:f2:27:4c:35:63:53:14:d6: 84:cf:c3:06:d5:25:d4:71:75:15:bd:7d:8b:41:c4: df:de:ae:db:e8:d7:96:66:c1:96:0c:63:2c:35:32: 85:77:9d:20:5b:73:f4:9b:3a:47:a9:b5:7f:68:67: b4:2e:06:e3:33:a2:e8:77:6f:7f:d6:03:b4:a0:34: 6d:a2:d9:61:3b:c5:4c:03:a4:e6:69:ca:2e:da:07: 67:08:73:34:18:3b:39:91:4f:a1:07:5a:f8:dd:10: b5:f0:5c:3c:5f:39:a0:f0:51:e4:ce:96:2e:06:be: a9:5c:fe:5c:f8:98:a8:25:14:56:d2:96:b3:d4:f8: 7c:cf:fa:c8:04:21:d4:70:9d:b5:57:93:f9:d1:b4: 50:6d:c2:65:89:ac:97:cc:a7:e6:72:d6:95:c4:0a: 2d:a6:be:c9:73:80:46:29:c5:eb:0f:08:55:5b:c0: fe:13:1d:4a:bc:21:39:12:ed:29:45:c0:42:2f:24: 28:8c:8b:45:37:13:f8:b3:09:87:28:d3:84:29:10: 81:b4:b6:dd:0a:eb:82:4f:8b:4a:e6:62:c2:ed:12: 0a:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:D0:CE:E4:9D:11:52:B8:CC:09:E0:AE:D1:CA:D6:E9:E7:93:CE:93 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/296e983c-f59b-4a15-a74d-56b2bff88779.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.34.48.0/20 Signature Algorithm: sha256WithRSAEncryption 5b:f7:6c:2c:91:69:44:4b:ca:1e:89:2f:72:59:da:68:64:94: f0:35:ee:df:bf:b8:6f:ef:29:f4:44:ea:27:52:36:0b:38:6b: 72:d2:64:e4:22:36:df:a6:42:ff:cf:1a:45:b9:05:56:68:45: cc:7f:82:e4:f8:f2:a2:27:5c:b0:ac:34:2d:0d:31:fa:e1:75: 57:e9:be:97:70:ac:62:63:64:18:90:cb:5a:c7:c0:bd:61:4c: a0:af:71:6c:c8:f3:62:e1:55:f5:ac:c7:ea:39:48:3e:19:9c: 6b:62:44:4d:9b:c5:5d:e6:98:bc:c5:89:4d:08:59:04:18:05: 2d:53:c4:84:b0:43:ef:72:80:f1:48:d2:ab:fd:40:ea:ae:1f: 67:87:42:2c:81:14:a3:26:c6:b9:86:d4:32:1f:8c:e4:21:4f: e9:8e:2f:29:f8:77:81:a1:25:9c:4d:23:ac:dd:27:64:83:a0: 61:8c:65:3e:20:d6:df:ed:2b:c2:7d:1f:73:b5:6f:bc:d2:f1: 28:c2:2d:a4:01:bd:1d:1d:81:93:27:fb:8a:7a:9d:67:51:16: a5:61:68:54:9a:38:53:83:7a:e6:78:57:e8:e9:fa:a7:10:ca: 79:e3:c4:27:32:a2:07:16:ae:d9:92:a2:69:17:d9:cd:66:e3: 8a:df:c2:d6 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUK+ZF5Bl/gVSPCcB8D07GYRljZjswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDIwMTUwMDdaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGVlOWY2ZjI4NjdlMDZiNTIyNmNhM2RkYTg0OTBjMWE1NzYwMzgwZWFkNjBl ZjU0YjgwY2ZhZWJkYmU3NjFjYTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAI834ij47O1HaxshcU0oYpfjISndXak6mKJuED53e8D9rO/H9PInTDVjUxTW hM/DBtUl1HF1Fb19i0HE396u2+jXlmbBlgxjLDUyhXedIFtz9Js6R6m1f2hntC4G 4zOi6Hdvf9YDtKA0baLZYTvFTAOk5mnKLtoHZwhzNBg7OZFPoQda+N0QtfBcPF85 oPBR5M6WLga+qVz+XPiYqCUUVtKWs9T4fM/6yAQh1HCdtVeT+dG0UG3CZYmsl8yn 5nLWlcQKLaa+yXOARinF6w8IVVvA/hMdSrwhORLtKUXAQi8kKIyLRTcT+LMJhyjT hCkQgbS23Qrrgk+LSuZiwu0SCocCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS60M7k nRFSuMwJ4K7Rytbp55POkzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Mjk2ZTk4M2MtZjU5Yi00YTE1LWE3NGQtNTZiMmJmZjg4Nzc5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAiMDAN BgkqhkiG9w0BAQsFAAOCAQEAW/dsLJFpREvKHokvclnaaGSU8DXu37+4b+8p9ETq J1I2CzhrctJk5CI236ZC/88aRbkFVmhFzH+C5PjyoidcsKw0LQ0x+uF1V+m+l3Cs YmNkGJDLWsfAvWFMoK9xbMjzYuFV9azH6jlIPhmca2JETZvFXeaYvMWJTQhZBBgF LVPEhLBD73KA8UjSq/1A6q4fZ4dCLIEUoybGuYbUMh+M5CFP6Y4vKfh3gaElnE0j rN0nZIOgYYxlPiDW3+0rwn0fc7VvvNLxKMItpAG9HR2Bkyf7inqdZ1EWpWFoVJo4 U4N65nhX6On6pxDKeePEJzKiBxau2ZKiaRfZzWbjit/C1g== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:44 2025 by rpki-client