This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cdfefba-9573-485f-8040-202e038ebf78.roa File: 4cdfefba-9573-485f-8040-202e038ebf78.roa (raw, json) Hash identifier: r5DCt7oQzWM0DFbBUNhRuA+5+K/LBgAth12atJLIjns= Subject key identifier: 4A:EF:C8:E0:50:3C:65:AC:AA:D4:9F:AD:E9:00:4B:AC:6C:C5:75:26 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2FAEA5B54E0BF72A221EB2C5A9284F64D6A51BA5 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cdfefba-9573-485f-8040-202e038ebf78.roa Signing time: Sat 15 Nov 2025 05:41:25 +0000 ROA not before: Sat 15 Nov 2025 05:41:25 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 79.125.8.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:ae:a5:b5:4e:0b:f7:2a:22:1e:b2:c5:a9:28:4f:64:d6:a5:1b:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:41:25 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=77423ed84765dc4fe1e184f138cd7379bfa80bf563d810c656688abb3b09c751, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:24:7c:22:b3:f0:a4:67:13:55:3f:b8:70:e5: 5f:e1:71:7b:c7:56:83:a1:65:cb:cb:5c:dc:0c:7e: 16:2b:98:cc:38:07:dd:59:8f:71:cf:13:87:41:3a: 4a:5f:93:f7:dd:30:1e:06:97:c5:6e:8e:48:4a:db: 75:0f:67:c8:4c:6d:2b:29:84:40:d0:ff:38:58:0e: cf:5a:bf:9c:56:1a:bc:f3:e4:eb:60:b7:07:a0:24: f4:47:8a:e1:d2:6f:9e:3b:2f:6f:ff:e8:e7:fa:ca: 05:12:a2:53:53:93:52:b4:94:fd:4c:de:7f:0c:39: 8b:6a:0a:2e:fa:44:da:bb:7e:57:41:fb:d1:ac:2e: 03:64:e0:99:85:b6:a4:50:79:a5:22:5b:f9:fa:88: 4e:fc:7e:ad:c5:11:8e:cf:40:7f:d3:2a:da:94:5c: 93:68:9e:a5:e6:17:65:cd:cb:5b:5e:73:f2:d2:62: 74:a6:4a:10:7a:8e:71:dd:38:92:f2:24:a0:ad:1d: 60:b8:9e:de:38:e8:9d:ce:cb:a2:76:c0:2c:1b:cb: 11:4a:2a:0a:bd:e1:d5:a6:29:ec:28:41:d2:5d:83: ef:aa:62:29:ab:8d:07:b6:c4:da:7d:3f:53:ef:3c: b2:70:f3:ea:02:08:1a:8f:c6:36:73:71:b3:10:54: 06:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:EF:C8:E0:50:3C:65:AC:AA:D4:9F:AD:E9:00:4B:AC:6C:C5:75:26 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cdfefba-9573-485f-8040-202e038ebf78.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 79.125.8.0/21 Signature Algorithm: sha256WithRSAEncryption c9:ea:90:d5:f7:02:a1:c8:55:d0:98:f3:6d:f1:5e:e3:89:70: c2:ee:04:73:72:55:ad:2b:fe:32:ab:46:a7:29:02:50:29:5c: 2f:17:9d:db:63:8b:11:df:87:1d:9f:66:7e:63:65:6a:7b:f8: d1:12:cf:01:94:09:df:34:1a:0f:d4:3a:5e:70:d1:ac:21:93: 23:2f:c5:08:cc:95:bb:0e:26:09:0b:6f:86:2c:4e:5c:32:6d: 51:f5:ba:98:8f:bc:79:26:c8:5b:f7:a5:a1:99:e4:7e:b4:fa: 73:10:00:30:64:26:83:0b:6d:1a:62:93:b3:81:a8:69:3f:a1: 2c:1c:1e:1b:43:cd:17:bf:05:22:5d:ad:f7:99:31:55:7c:3c: 7c:08:20:56:c6:f3:3f:76:62:03:ce:61:49:10:f3:ec:54:2b: b3:47:f3:16:f5:3d:5f:2e:bc:03:6a:3c:21:9b:b3:ba:57:47: 0a:1f:9e:bb:d0:bc:bd:0b:9d:fd:2a:ef:95:41:4d:b0:12:8c: 5d:dc:eb:d0:5d:d9:b7:75:7f:21:de:17:63:85:87:e7:0f:00: cf:e3:07:f5:c4:50:39:57:89:d9:5f:5c:c8:99:72:23:ba:9f: 9a:75:62:ec:ef:ef:12:f3:ba:65:26:40:ba:24:4a:e0:3a:f4: e7:73:7d:b7 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUL66ltU4L9yoiHrLFqShPZNalG6UwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTQxMjVaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDc3NDIzZWQ4NDc2NWRjNGZlMWUxODRmMTM4Y2Q3Mzc5YmZhODBiZjU2M2Q4 MTBjNjU2Njg4YWJiM2IwOWM3NTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALUkfCKz8KRnE1U/uHDlX+Fxe8dWg6Fly8tc3Ax+FiuYzDgH3VmPcc8Th0E6 Sl+T990wHgaXxW6OSErbdQ9nyExtKymEQND/OFgOz1q/nFYavPPk62C3B6Ak9EeK 4dJvnjsvb//o5/rKBRKiU1OTUrSU/Uzefww5i2oKLvpE2rt+V0H70awuA2TgmYW2 pFB5pSJb+fqITvx+rcURjs9Af9Mq2pRck2iepeYXZc3LW15z8tJidKZKEHqOcd04 kvIkoK0dYLie3jjonc7LonbALBvLEUoqCr3h1aYp7ChB0l2D76piKauNB7bE2n0/ U+88snDz6gIIGo/GNnNxsxBUBm8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRK78jg UDxlrKrUn63pAEusbMV1JjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NGNkZmVmYmEtOTU3My00ODVmLTgwNDAtMjAyZTAzOGViZjc4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA099CDAN BgkqhkiG9w0BAQsFAAOCAQEAyeqQ1fcCochV0JjzbfFe44lwwu4Ec3JVrSv+MqtG pykCUClcLxed22OLEd+HHZ9mfmNlanv40RLPAZQJ3zQaD9Q6XnDRrCGTIy/FCMyV uw4mCQtvhixOXDJtUfW6mI+8eSbIW/eloZnkfrT6cxAAMGQmgwttGmKTs4GoaT+h LBweG0PNF78FIl2t95kxVXw8fAggVsbzP3ZiA85hSRDz7FQrs0fzFvU9Xy68A2o8 IZuzuldHCh+eu9C8vQud/SrvlUFNsBKMXdzr0F3Zt3V/Id4XY4WH5w8Az+MH9cRQ OVeJ2V9cyJlyI7qfmnVi7O/vEvO6ZSZAuiRK4Dr053N9tw== -----END CERTIFICATE-----Generated at Sat Dec 6 10:53:19 2025 by rpki-client