This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42fc7c20-224c-4e3b-8c6c-851926d0e396.roa File: 42fc7c20-224c-4e3b-8c6c-851926d0e396.roa (raw, json) Hash identifier: Q2Am318LB52sBcNpPykRSwluq3azw5IK9oymNxApWTk= Subject key identifier: 34:B8:88:0E:12:AA:97:EB:83:A1:ED:78:1E:CC:E2:84:F8:1D:43:4F Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1C79EC0C6F4B718509CDAE957E34E0F30A1E93E1 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42fc7c20-224c-4e3b-8c6c-851926d0e396.roa Signing time: Tue 25 Nov 2025 20:00:05 +0000 ROA not before: Tue 25 Nov 2025 20:00:05 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d032:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:79:ec:0c:6f:4b:71:85:09:cd:ae:95:7e:34:e0:f3:0a:1e:93:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 25 20:00:05 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=1fe72287c9da2d0864f66bfd93f4e508e8a1be18ca36b47d9a818f5028b4c44b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:e4:99:1d:15:4b:fa:f3:c4:a6:29:df:4b:d4: 04:c6:ec:a3:11:55:6e:0b:1f:27:7c:61:45:32:aa: 49:68:cb:60:6d:ce:52:9d:39:3e:ae:13:86:ab:9a: b2:b6:4e:46:0f:d9:d3:e2:cd:c7:40:43:d7:9c:0d: a5:c8:19:06:a6:4c:2f:58:c7:ae:ea:a1:49:c0:e7: ce:73:25:31:8a:9d:b4:b8:6f:21:44:0e:a3:96:d0: 2e:a5:56:b4:6c:9f:d7:f6:9c:43:0e:4d:28:5c:76: 04:06:51:f2:34:b7:d5:06:4c:c9:ce:12:b2:47:2b: c9:2f:a2:5a:82:cd:54:da:86:2c:b3:ec:0f:9f:d6: df:07:ce:da:8c:1f:95:43:51:91:71:71:35:aa:7d: 50:d6:e6:ec:59:d4:86:1c:00:bc:77:bb:34:b3:3d: 8a:67:b1:e9:79:44:9c:12:60:e7:1f:15:ac:e6:09: 15:39:42:23:0b:02:1b:a2:1c:58:cb:27:67:96:8b: 4d:93:48:70:ea:b4:31:41:04:c8:55:d9:dd:ed:50: 92:61:99:46:48:40:0b:ee:43:40:99:06:0f:c9:00: 48:40:e0:ee:27:74:e8:99:e3:e5:46:51:ca:a3:6c: de:37:23:6e:25:36:45:ea:01:47:12:d7:45:4c:8b: 70:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:B8:88:0E:12:AA:97:EB:83:A1:ED:78:1E:CC:E2:84:F8:1D:43:4F X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42fc7c20-224c-4e3b-8c6c-851926d0e396.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d032:c000::/40 Signature Algorithm: sha256WithRSAEncryption 96:f6:c1:3e:5b:c7:b4:2a:3e:5d:f3:5c:0d:1a:2a:55:64:e4: 9e:e0:9b:e5:06:39:ea:0b:99:4c:07:c1:67:86:ab:e8:54:4d: b8:30:87:6c:6d:8a:3b:5b:66:c8:c2:32:58:cf:0c:e8:5b:8a: 89:d3:0e:af:6f:77:0b:75:c5:9c:52:a7:0a:a1:e4:65:72:75: 4e:42:be:f6:56:80:e7:48:0b:76:3e:62:2d:38:9f:9a:6e:c5: ca:d6:69:51:2c:80:9e:56:ad:2f:2c:97:ee:27:cb:cf:27:ac: b3:a4:72:a1:72:31:c2:89:db:99:2a:9c:2f:68:7b:15:cf:cc: 48:ca:65:82:77:29:37:47:85:3d:d5:7a:b5:34:33:79:cc:aa: 7f:63:6c:e1:01:09:15:57:b0:c7:19:da:5e:66:4f:3f:19:e4: 41:87:36:8b:40:8f:d1:9d:25:ce:8a:4c:2a:1a:3f:b6:08:43: f9:73:be:63:36:c5:88:fe:57:0c:76:b9:9d:d1:4b:5a:ea:1b: 08:05:46:92:53:c7:2f:a3:81:9f:f6:a6:db:a8:86:6a:87:a7: 5e:cf:45:73:12:75:e8:9f:21:b8:60:30:be:ed:28:4b:7e:95: 6e:01:a7:a5:35:9a:e1:dc:4a:87:4b:d1:f6:bd:ce:4e:ec:0b: de:78:1e:6e -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUHHnsDG9LcYUJza6VfjTg8woek+EwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjUyMDAwMDVaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQDFmZTcyMjg3YzlkYTJkMDg2NGY2NmJmZDkzZjRlNTA4ZThhMWJlMThjYTM2 YjQ3ZDlhODE4ZjUwMjhiNGM0NGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALrkmR0VS/rzxKYp30vUBMbsoxFVbgsfJ3xhRTKqSWjLYG3OUp05Pq4Thqua srZORg/Z0+LNx0BD15wNpcgZBqZML1jHruqhScDnznMlMYqdtLhvIUQOo5bQLqVW tGyf1/acQw5NKFx2BAZR8jS31QZMyc4SskcryS+iWoLNVNqGLLPsD5/W3wfO2owf lUNRkXFxNap9UNbm7FnUhhwAvHe7NLM9imex6XlEnBJg5x8VrOYJFTlCIwsCG6Ic WMsnZ5aLTZNIcOq0MUEEyFXZ3e1QkmGZRkhAC+5DQJkGD8kASEDg7id06Jnj5UZR yqNs3jcjbiU2ReoBRxLXRUyLcIsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ0uIgO EqqX64Oh7XgezOKE+B1DTzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NDJmYzdjMjAtMjI0Yy00ZTNiLThjNmMtODUxOTI2ZDBlMzk2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DLA MA0GCSqGSIb3DQEBCwUAA4IBAQCW9sE+W8e0Kj5d81wNGipVZOSe4JvlBjnqC5lM B8FnhqvoVE24MIdsbYo7W2bIwjJYzwzoW4qJ0w6vb3cLdcWcUqcKoeRlcnVOQr72 VoDnSAt2PmItOJ+absXK1mlRLICeVq0vLJfuJ8vPJ6yzpHKhcjHCiduZKpwvaHsV z8xIymWCdyk3R4U91Xq1NDN5zKp/Y2zhAQkVV7DHGdpeZk8/GeRBhzaLQI/RnSXO ikwqGj+2CEP5c75jNsWI/lcMdrmd0Uta6hsIBUaSU8cvo4Gf9qbbqIZqh6dez0Vz EnXonyG4YDC+7ShLfpVuAaelNZrh3EqHS9H2vc5O7AveeB5u -----END CERTIFICATE-----Generated at Sat Dec 6 09:51:10 2025 by rpki-client