This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/51a1ea71-75af-4bc7-8c05-1b2e3a562792.roa File: 51a1ea71-75af-4bc7-8c05-1b2e3a562792.roa (raw, json) Hash identifier: CBIBJJbMsrOaY8KF3c3O9G1htHy/ZOBZpjI1ZYE7FH0= Subject key identifier: BF:36:3F:51:7E:1E:75:3C:AF:68:15:72:C4:E1:B3:10:42:E7:7C:FE Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 0C6F6F61093C22E79951C86FFF232FF1C45971D1 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/51a1ea71-75af-4bc7-8c05-1b2e3a562792.roa Signing time: Wed 10 Dec 2025 06:21:27 +0000 ROA not before: Wed 10 Dec 2025 06:21:27 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:80d0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:6f:6f:61:09:3c:22:e7:99:51:c8:6f:ff:23:2f:f1:c4:59:71:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:21:27 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=d6896a372b974f8008a544bcc9ffacffda6cd70b7fb4108abbcac7ae0d9b1545, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:24:b4:77:da:c9:42:60:44:20:21:2f:cf:af: 44:0a:45:9f:ce:3e:54:d3:7e:81:47:aa:a8:0c:e1: d2:26:49:88:c1:ed:c3:81:1f:ea:1d:a3:03:42:42: 37:6c:14:46:10:3d:40:ec:99:6d:04:30:61:0b:23: f5:5f:47:ef:5e:73:f9:0c:f5:1a:86:54:1b:e3:59: 86:f1:87:36:ea:93:a5:b7:0a:21:b2:db:fd:b5:af: 0a:42:22:69:a6:d7:5f:14:e3:6e:48:97:c5:b8:21: 99:cb:50:5c:d3:04:c9:7a:0b:6b:9a:df:f7:64:97: 9c:72:37:d9:e3:04:76:47:5b:1a:9d:9a:54:9c:76: 6f:b5:88:2f:2e:ac:5e:ef:16:63:21:93:72:ac:7a: 05:fc:f9:67:21:15:16:f5:02:fd:b8:94:79:c1:ac: d0:7e:d3:1f:88:a6:66:fb:f4:63:9b:62:e7:fa:50: bc:80:a1:a0:10:c9:5b:29:10:0f:ed:22:df:80:8a: f7:b8:ad:8b:67:22:53:38:32:36:07:78:75:c5:f5: ed:20:13:ef:9f:73:ee:6d:e2:22:da:8d:40:25:10: 62:be:4c:d8:1e:31:cb:7f:df:a6:d5:66:ba:83:37: 7f:c6:cd:10:72:27:8f:65:e9:fe:e5:bc:fa:f7:6e: 8f:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:36:3F:51:7E:1E:75:3C:AF:68:15:72:C4:E1:B3:10:42:E7:7C:FE X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/51a1ea71-75af-4bc7-8c05-1b2e3a562792.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:80d0::/48 Signature Algorithm: sha256WithRSAEncryption b7:62:9b:54:78:6b:15:6c:72:3e:d2:e3:b9:1b:40:e2:d1:c0: d2:10:8f:a8:19:11:4e:0f:57:4e:9c:ef:ab:75:81:00:5d:46: f4:02:56:21:6b:fe:20:6d:8f:42:1c:1c:10:6d:8f:e0:e3:9f: 19:6b:36:70:25:91:47:c7:cc:8d:cc:d6:e9:f9:0d:b7:47:d0: c8:b2:62:9b:26:34:a4:27:86:52:b9:23:eb:f4:f8:56:98:31: bf:d1:02:9f:a8:9c:5b:75:da:c2:ef:7f:ba:c4:7b:81:52:fb: a2:ad:5e:72:98:ec:79:da:12:30:4c:d6:db:7b:36:68:85:60: 97:8f:ed:c7:db:2e:ee:9c:20:7e:8e:ec:89:ce:54:a1:70:d0: 8a:13:25:1e:bf:2f:42:a8:16:4f:08:80:e9:8a:3b:2a:54:be: 38:c5:a2:b8:56:3b:f6:f4:63:7c:ff:d1:75:25:fc:65:99:a9: 01:55:3d:32:f8:78:9e:42:5a:5f:0a:2f:6d:86:22:b9:b0:01: 83:65:1c:30:fc:31:4c:ca:c6:b8:08:20:27:e2:4a:c7:62:3a: 11:6f:e7:37:7d:9a:fb:79:61:85:3d:af:8a:ce:c8:36:2e:bd: 91:1e:c6:a7:e8:f1:6d:88:5c:2c:15:98:7e:94:45:88:a4:c3: 7f:9f:c2:70 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUDG9vYQk8IueZUchv/yMv8cRZcdEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIxMjdaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGQ2ODk2YTM3MmI5NzRmODAwOGE1NDRiY2M5ZmZhY2ZmZGE2Y2Q3MGI3ZmI0 MTA4YWJiY2FjN2FlMGQ5YjE1NDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANUktHfayUJgRCAhL8+vRApFn84+VNN+gUeqqAzh0iZJiMHtw4Ef6h2jA0JC N2wURhA9QOyZbQQwYQsj9V9H715z+Qz1GoZUG+NZhvGHNuqTpbcKIbLb/bWvCkIi aabXXxTjbkiXxbghmctQXNMEyXoLa5rf92SXnHI32eMEdkdbGp2aVJx2b7WILy6s Xu8WYyGTcqx6Bfz5ZyEVFvUC/biUecGs0H7TH4imZvv0Y5ti5/pQvIChoBDJWykQ D+0i34CK97iti2ciUzgyNgd4dcX17SAT759z7m3iItqNQCUQYr5M2B4xy3/fptVm uoM3f8bNEHInj2Xp/uW8+vduj1ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS/Nj9R fh51PK9oFXLE4bMQQud8/jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NTFhMWVhNzEtNzVhZi00YmM3LThjMDUtMWIyZTNhNTYyNzkyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A 0DANBgkqhkiG9w0BAQsFAAOCAQEAt2KbVHhrFWxyPtLjuRtA4tHA0hCPqBkRTg9X Tpzvq3WBAF1G9AJWIWv+IG2PQhwcEG2P4OOfGWs2cCWRR8fMjczW6fkNt0fQyLJi myY0pCeGUrkj6/T4Vpgxv9ECn6icW3Xawu9/usR7gVL7oq1ecpjsedoSMEzW23s2 aIVgl4/tx9su7pwgfo7sic5UoXDQihMlHr8vQqgWTwiA6Yo7KlS+OMWiuFY79vRj fP/RdSX8ZZmpAVU9Mvh4nkJaXwovbYYiubABg2UcMPwxTMrGuAggJ+JKx2I6EW/n N32a+3lhhT2vis7INi69kR7Gp+jxbYhcLBWYfpRFiKTDf5/CcA== -----END CERTIFICATE-----Generated at Mon Dec 15 15:30:28 2025 by rpki-client