This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa File: 332d3a7e-56bb-435c-b479-a81f23cb0414.roa (raw, json) Hash identifier: gekze3oz7Z7W+ITCEBSwO30eoMqkWs5okumlooC3G9I= Subject key identifier: A3:57:10:CC:6E:B1:69:CE:B8:E4:3A:C8:E5:88:F6:4F:E1:58:DC:03 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 7A341D23A52B49DADBFAC89CD6C1B3D73C0725AE Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa Signing time: Sat 15 Nov 2025 06:30:52 +0000 ROA not before: Sat 15 Nov 2025 06:30:52 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 79.125.28.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:34:1d:23:a5:2b:49:da:db:fa:c8:9c:d6:c1:b3:d7:3c:07:25:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:30:52 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=e60094b3e35e020fc59eea1ddeac6d6fe0b151af66da77c6a641036bb189bdaa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:25:f3:4c:24:99:b0:cd:ee:bc:76:36:a9:87: a4:0e:c8:47:47:2e:ce:5f:9e:d3:d8:54:45:e3:92: c8:10:44:72:63:88:3a:90:f0:d8:6b:1b:9e:c6:aa: 9c:5f:42:e5:c8:d3:5c:5a:b4:ea:57:c0:cc:8e:db: ce:8f:3e:8d:8c:e0:f0:0e:6e:a4:78:c3:01:b5:3b: eb:1b:79:73:53:57:26:67:1a:67:06:ea:91:6d:00: 14:9c:9d:87:88:78:06:9a:98:c4:53:78:5d:40:57: 0e:0d:ab:b4:47:bf:26:30:5e:99:4c:1d:a5:56:66: bc:e7:b8:82:15:e2:84:0d:cf:0b:7e:e1:61:9d:ec: 5d:e7:b0:5f:a3:1f:20:84:a1:e2:97:09:a7:d4:ad: ac:54:78:e0:06:72:e1:f9:b7:3f:f2:52:81:7b:a7: 42:72:30:c6:ea:e7:3e:aa:0c:2b:0f:e2:76:2a:1b: ea:dc:6e:6c:45:59:d6:3e:88:9d:70:c0:49:64:20: ba:a9:7a:50:bb:be:72:3a:1c:85:bd:c5:8b:97:30: b3:1d:bf:f9:4b:98:f1:ea:9b:d9:99:b9:53:42:8b: 80:ed:bd:56:e3:e6:0b:aa:e3:f0:7e:af:bb:34:b7: 26:e1:f0:b7:c6:28:43:72:d0:c1:68:4e:a6:30:dc: 57:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:57:10:CC:6E:B1:69:CE:B8:E4:3A:C8:E5:88:F6:4F:E1:58:DC:03 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 79.125.28.0/22 Signature Algorithm: sha256WithRSAEncryption b9:26:5b:2e:02:c5:c6:fe:1a:0b:2f:2a:43:a2:54:09:5a:1c: 45:a2:7b:83:98:c8:d3:39:a5:73:06:b5:96:fc:da:1a:f0:91: 93:c3:59:ef:88:e7:c9:0e:6a:d1:f1:1c:9c:b3:d1:6f:b7:dd: 3b:9c:e4:4e:a7:fa:a4:fc:57:07:0a:cb:6c:4b:d2:6a:3b:0e: be:10:26:09:dd:e0:ec:aa:fb:c0:db:2d:8a:33:5d:45:c7:7b: e5:4b:20:b9:cf:66:c9:93:c0:00:17:9b:9b:9a:c5:ff:21:38: 64:25:7d:b6:43:6c:ce:bb:71:d4:62:21:f4:d0:5f:51:24:e2: 2b:3a:c3:05:5c:ee:52:31:46:bc:91:83:f4:92:b6:1d:2e:b3: 26:28:82:d8:a8:78:c4:92:a7:31:84:6a:fc:a9:36:49:c6:df: de:99:6d:c5:e0:ea:ab:bc:9b:2c:ab:40:41:cf:ae:11:1a:6f: 71:75:45:14:95:e5:e6:30:cc:8a:30:bb:53:a1:83:dc:1f:5a: 05:dc:d7:f6:d1:05:84:a7:b5:22:d7:66:da:6b:a6:6e:81:d2: ef:df:fe:19:aa:f3:d3:55:e3:7b:31:8f:b4:60:0e:53:dd:2d: 2a:83:0f:49:4b:50:b1:a3:1c:dc:f3:05:fb:ff:e1:f2:8c:ba: 2a:b6:a8:c5 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUejQdI6UrSdrb+sic1sGz1zwHJa4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjMwNTJaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGU2MDA5NGIzZTM1ZTAyMGZjNTllZWExZGRlYWM2ZDZmZTBiMTUxYWY2NmRh NzdjNmE2NDEwMzZiYjE4OWJkYWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKol80wkmbDN7rx2NqmHpA7IR0cuzl+e09hUReOSyBBEcmOIOpDw2Gsbnsaq nF9C5cjTXFq06lfAzI7bzo8+jYzg8A5upHjDAbU76xt5c1NXJmcaZwbqkW0AFJyd h4h4BpqYxFN4XUBXDg2rtEe/JjBemUwdpVZmvOe4ghXihA3PC37hYZ3sXeewX6Mf IISh4pcJp9StrFR44AZy4fm3P/JSgXunQnIwxurnPqoMKw/idiob6txubEVZ1j6I nXDASWQguql6ULu+cjochb3Fi5cwsx2/+UuY8eqb2Zm5U0KLgO29VuPmC6rj8H6v uzS3JuHwt8YoQ3LQwWhOpjDcV90CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSjVxDM brFpzrjkOsjliPZP4VjcAzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MzMyZDNhN2UtNTZiYi00MzVjLWI0NzktYTgxZjIzY2IwNDE0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk99HDAN BgkqhkiG9w0BAQsFAAOCAQEAuSZbLgLFxv4aCy8qQ6JUCVocRaJ7g5jI0zmlcwa1 lvzaGvCRk8NZ74jnyQ5q0fEcnLPRb7fdO5zkTqf6pPxXBwrLbEvSajsOvhAmCd3g 7Kr7wNstijNdRcd75Usguc9myZPAABebm5rF/yE4ZCV9tkNszrtx1GIh9NBfUSTi KzrDBVzuUjFGvJGD9JK2HS6zJiiC2Kh4xJKnMYRq/Kk2Scbf3pltxeDqq7ybLKtA Qc+uERpvcXVFFJXl5jDMijC7U6GD3B9aBdzX9tEFhKe1Itdm2mumboHS79/+Garz 01XjezGPtGAOU90tKoMPSUtQsaMc3PMF+//h8oy6KraoxQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:37 2025 by rpki-client