This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fbae76-0646-43e5-826f-114b4990545e.roa File: 35fbae76-0646-43e5-826f-114b4990545e.roa (raw, json) Hash identifier: x2nTGwk35piQr+w1TFqrWwZVv0ZpAZnWGJUvoZjGebo= Subject key identifier: 40:6F:09:8F:97:91:3C:6B:2F:66:02:20:FF:12:43:B9:56:87:7E:D6 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 4942E79E59CAE0A6FA930717AE60D47BD3881F50 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fbae76-0646-43e5-826f-114b4990545e.roa Signing time: Sat 29 Nov 2025 03:00:25 +0000 ROA not before: Sat 29 Nov 2025 03:00:25 +0000 ROA not after: Fri 27 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 46.51.168.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:42:e7:9e:59:ca:e0:a6:fa:93:07:17:ae:60:d4:7b:d3:88:1f:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 29 03:00:25 2025 GMT Not After : Feb 27 23:59:59 2026 GMT Subject: serialNumber=551d55979d16d6ddcf7634ce7208df96dda4e7b6c7fcaa10df8f344deb4ae559, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:5e:47:0c:b2:c7:8a:8d:a0:e3:ac:bb:2b:ba: 92:50:a4:09:5b:69:f0:6b:1e:b7:6c:78:ae:02:52: ba:97:52:23:45:83:65:c9:95:2b:58:9f:ad:67:f1: 85:ac:b2:3b:39:f7:a4:62:34:f4:65:8c:86:7a:cb: 02:6f:85:25:eb:8f:67:b7:22:cb:be:9a:79:2a:0d: b6:af:51:49:14:2e:06:02:e8:f5:81:22:28:4d:a0: e7:a6:f7:af:ba:c8:9b:72:27:4f:9c:ad:a5:69:d6: 3e:01:14:02:9c:6d:93:dd:8d:e1:24:62:11:e9:18: ad:19:95:4d:a2:16:9e:8c:8d:53:b5:2d:2d:74:85: f2:27:71:46:96:7e:75:a7:1e:88:f6:5a:e8:cb:b4: 42:65:8f:01:c7:5b:35:10:e9:15:4b:27:75:ae:3c: 10:67:c6:c0:de:fa:ce:58:c5:fd:4e:a2:e3:64:40: 06:74:8d:f4:63:15:49:27:b2:46:09:d3:e9:ac:f3: 8b:4e:0e:8e:c3:0a:18:c9:48:f1:29:a3:fc:0f:26: ab:6b:65:e9:4f:00:1e:08:9e:cc:8b:15:7a:d5:d3: 14:45:42:01:99:32:42:8a:d8:1a:db:6f:89:fb:ff: 2c:73:2a:17:0c:25:1d:3b:70:fa:e7:d0:6d:e9:03: 5b:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:6F:09:8F:97:91:3C:6B:2F:66:02:20:FF:12:43:B9:56:87:7E:D6 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fbae76-0646-43e5-826f-114b4990545e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.51.168.0/21 Signature Algorithm: sha256WithRSAEncryption 98:b5:20:b5:4f:be:2f:83:a6:b6:93:38:c2:4b:c7:e5:28:5d: 71:5e:4d:67:41:67:1a:0d:48:d7:94:2e:46:d7:c2:0e:3e:18: 1f:43:91:65:32:67:2c:c1:b0:3a:72:10:9e:df:3f:0a:36:cb: 44:11:f1:8b:bb:c9:3a:db:f4:c1:dc:60:6c:03:7b:b8:28:c9: 83:5b:63:f0:0c:85:f9:9c:23:a7:6b:3d:52:01:99:d2:c1:48: 26:54:07:39:be:44:08:a2:fc:50:ce:9d:1e:ad:7f:84:b1:c7: 28:00:ed:83:57:7e:66:d0:09:a1:04:51:fa:ed:07:a1:11:b9: e3:0e:86:6b:da:c5:fa:66:bf:17:c2:28:94:ae:65:d4:c8:fd: cb:6e:4f:5c:dd:88:a3:ed:84:d0:21:79:2e:cc:7c:20:45:85: 9b:fb:87:f8:fa:e8:a7:31:83:f5:9a:03:ec:11:b3:aa:ad:a8: bf:f7:10:06:60:1b:28:d8:9c:5c:53:14:a5:dd:59:17:1a:f5: fe:75:c5:f6:83:7f:9f:cd:da:ff:1e:96:19:24:f2:5a:c2:6a: 96:0c:c5:a6:c7:3c:cb:4a:7b:54:ca:5e:4e:44:06:bb:b0:51: 82:73:06:fd:86:0a:61:2c:8c:1d:52:b0:6a:8a:eb:97:14:e8: 56:7d:fa:8d -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUSULnnlnK4Kb6kwcXrmDUe9OIH1AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjkwMzAwMjVaFw0yNjAyMjcyMzU5NTlaMHoxSTBHBgNV BAUTQDU1MWQ1NTk3OWQxNmQ2ZGRjZjc2MzRjZTcyMDhkZjk2ZGRhNGU3YjZjN2Zj YWExMGRmOGYzNDRkZWI0YWU1NTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMheRwyyx4qNoOOsuyu6klCkCVtp8Gset2x4rgJSupdSI0WDZcmVK1ifrWfx hayyOzn3pGI09GWMhnrLAm+FJeuPZ7ciy76aeSoNtq9RSRQuBgLo9YEiKE2g56b3 r7rIm3InT5ytpWnWPgEUApxtk92N4SRiEekYrRmVTaIWnoyNU7UtLXSF8idxRpZ+ daceiPZa6Mu0QmWPAcdbNRDpFUsnda48EGfGwN76zljF/U6i42RABnSN9GMVSSey RgnT6azzi04OjsMKGMlI8Smj/A8mq2tl6U8AHgiezIsVetXTFEVCAZkyQorYGttv ifv/LHMqFwwlHTtw+ufQbekDWykCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRAbwmP l5E8ay9mAiD/EkO5Vod+1jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MzVmYmFlNzYtMDY0Ni00M2U1LTgyNmYtMTE0YjQ5OTA1NDVlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4zqDAN BgkqhkiG9w0BAQsFAAOCAQEAmLUgtU++L4OmtpM4wkvH5ShdcV5NZ0FnGg1I15Qu RtfCDj4YH0ORZTJnLMGwOnIQnt8/CjbLRBHxi7vJOtv0wdxgbAN7uCjJg1tj8AyF +Zwjp2s9UgGZ0sFIJlQHOb5ECKL8UM6dHq1/hLHHKADtg1d+ZtAJoQRR+u0HoRG5 4w6Ga9rF+ma/F8IolK5l1Mj9y25PXN2Io+2E0CF5Lsx8IEWFm/uH+PropzGD9ZoD 7BGzqq2ov/cQBmAbKNicXFMUpd1ZFxr1/nXF9oN/n83a/x6WGSTyWsJqlgzFpsc8 y0p7VMpeTkQGu7BRgnMG/YYKYSyMHVKwaorrlxToVn36jQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:33 2025 by rpki-client