This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5326a6e7-9660-4ae8-a80a-996863be862e.roa File: 5326a6e7-9660-4ae8-a80a-996863be862e.roa (raw, json) Hash identifier: wniwfK1bI4JNmbhRcnQtWlZHVwREGbzmq4P2thYh0nE= Subject key identifier: E5:7A:E6:D8:A0:FB:51:06:4C:0A:E9:CB:E5:5B:90:A7:57:A2:9D:35 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 38428E8D3CFC56E5B4B847A01462272CB73CB0FE Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5326a6e7-9660-4ae8-a80a-996863be862e.roa Signing time: Sun 16 Nov 2025 00:00:06 +0000 ROA not before: Sun 16 Nov 2025 00:00:06 +0000 ROA not after: Sun 21 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 79.125.64.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:42:8e:8d:3c:fc:56:e5:b4:b8:47:a0:14:62:27:2c:b7:3c:b0:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 16 00:00:06 2025 GMT Not After : Dec 21 23:59:59 2025 GMT Subject: serialNumber=bf5ee5c91b6d621c4fc89933f24f00c161d3df1eebfa810ef4b8e69fc1a1dc30, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:4f:b5:0e:b6:3e:08:e5:c9:91:3c:bb:70:b5: 31:a0:6b:f2:99:cf:73:ad:b1:1b:a2:9c:5d:c7:32: a3:aa:0a:26:ac:bf:dd:ab:fb:4d:80:0a:1c:94:fa: 29:51:9d:ac:d1:6c:83:b8:ec:38:49:d1:39:cc:20: 0a:7f:06:7d:69:8c:5c:8f:ac:aa:2a:9c:dc:5a:e1: bf:fe:39:09:d4:bf:2e:b0:03:dc:07:e4:59:62:06: 28:72:a6:69:32:d3:07:ea:d2:f7:54:61:6e:a6:e8: c9:2b:f1:de:89:86:a1:8d:24:e6:6f:08:1a:a9:38: 40:6f:59:8b:a5:14:e1:02:ca:c8:8d:2a:a0:bf:b2: 8c:87:b7:9c:b0:16:6f:44:9d:62:ce:68:a1:8c:8f: 5e:16:cf:ad:d3:30:18:64:6d:bc:cb:ab:c0:92:a4: b4:d6:fd:c3:54:3e:f8:81:34:70:66:a5:7c:87:f0: 28:86:b8:e9:66:ba:09:99:a3:27:65:15:af:db:43: a6:ac:9c:22:f4:8d:19:ad:60:71:3b:90:f9:7a:8f: 16:f1:d2:24:ff:fa:5f:fe:10:7c:0e:fc:06:15:99: bf:1a:eb:a8:b5:45:96:d8:4b:3b:de:a5:ba:b8:e7: 5b:27:ab:a4:3d:07:8b:5e:2a:f4:41:f6:d0:f4:e2: 53:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:7A:E6:D8:A0:FB:51:06:4C:0A:E9:CB:E5:5B:90:A7:57:A2:9D:35 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5326a6e7-9660-4ae8-a80a-996863be862e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 79.125.64.0/19 Signature Algorithm: sha256WithRSAEncryption c2:25:54:95:9b:cf:14:e9:07:b3:d0:45:c8:17:ae:2c:2d:ce: 3a:3e:21:92:e5:15:2b:a6:d4:06:e5:48:c9:fa:34:2a:cb:5f: 76:7e:bb:33:36:76:15:90:3a:25:a3:a3:7b:c3:23:e8:8c:dc: 2b:34:64:49:9a:c5:97:72:b7:95:ca:3a:2c:be:a3:4e:f3:dc: 57:08:90:19:27:48:39:2f:95:96:d2:66:2e:d2:70:29:df:16: 9e:4f:9e:91:a3:18:f0:c0:06:f0:fd:28:61:17:e6:15:4a:cd: ca:d9:3d:32:cd:70:e0:c4:f7:18:fb:e1:2e:e5:1b:cc:65:bc: be:10:7c:ef:9e:e1:1f:91:23:26:6e:51:11:6a:7c:19:dd:ef: 25:7b:c9:8a:fe:3b:07:e1:eb:bf:4c:a4:fc:7d:aa:35:00:e7: 31:4e:82:15:23:d0:bc:38:21:23:e0:5f:94:c0:6c:1e:b8:8c: 44:7e:a9:99:a7:ab:f1:7d:58:e2:90:7c:40:a3:f0:1d:06:18: 55:08:a3:bf:bb:03:84:6e:f9:9a:06:da:90:64:1d:3a:fe:7c: a2:72:0e:3f:c0:83:d9:ea:14:84:82:32:70:d6:74:ff:37:6d: 71:03:cf:c3:1b:95:19:48:e0:4f:7b:34:c2:26:e1:e8:69:86: 9b:26:a1:21 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUOEKOjTz8VuW0uEegFGInLLc8sP4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTYwMDAwMDZaFw0yNTEyMjEyMzU5NTlaMHoxSTBHBgNV BAUTQGJmNWVlNWM5MWI2ZDYyMWM0ZmM4OTkzM2YyNGYwMGMxNjFkM2RmMWVlYmZh ODEwZWY0YjhlNjlmYzFhMWRjMzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMBPtQ62PgjlyZE8u3C1MaBr8pnPc62xG6KcXccyo6oKJqy/3av7TYAKHJT6 KVGdrNFsg7jsOEnROcwgCn8GfWmMXI+sqiqc3Frhv/45CdS/LrAD3AfkWWIGKHKm aTLTB+rS91RhbqboySvx3omGoY0k5m8IGqk4QG9Zi6UU4QLKyI0qoL+yjIe3nLAW b0SdYs5ooYyPXhbPrdMwGGRtvMurwJKktNb9w1Q++IE0cGalfIfwKIa46Wa6CZmj J2UVr9tDpqycIvSNGa1gcTuQ+XqPFvHSJP/6X/4QfA78BhWZvxrrqLVFlthLO96l urjnWyerpD0Hi14q9EH20PTiUwsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTleubY oPtRBkwK6cvlW5CnV6KdNTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NTMyNmE2ZTctOTY2MC00YWU4LWE4MGEtOTk2ODYzYmU4NjJlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBU99QDAN BgkqhkiG9w0BAQsFAAOCAQEAwiVUlZvPFOkHs9BFyBeuLC3OOj4hkuUVK6bUBuVI yfo0Kstfdn67MzZ2FZA6JaOje8Mj6IzcKzRkSZrFl3K3lco6LL6jTvPcVwiQGSdI OS+VltJmLtJwKd8Wnk+ekaMY8MAG8P0oYRfmFUrNytk9Ms1w4MT3GPvhLuUbzGW8 vhB8757hH5EjJm5REWp8Gd3vJXvJiv47B+Hrv0yk/H2qNQDnMU6CFSPQvDghI+Bf lMBsHriMRH6pmaer8X1Y4pB8QKPwHQYYVQijv7sDhG75mgbakGQdOv58onIOP8CD 2eoUhIIycNZ0/zdtcQPPwxuVGUjgT3s0wibh6GmGmyahIQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:56 2025 by rpki-client