This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6236cad2-ab49-4574-b740-7b70c27fae87.roa File: 6236cad2-ab49-4574-b740-7b70c27fae87.roa (raw, json) Hash identifier: t4mgctQPiG2kUeHBeg/igvbWuMjuZ92/TeXXABxTQl4= Subject key identifier: 1F:70:BA:E4:F6:A3:BB:37:2B:5D:1B:2A:F6:C4:A4:FF:81:F5:58:F4 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3126092ABB819AFE179CCCD7E60FD817D22D3EF2 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6236cad2-ab49-4574-b740-7b70c27fae87.roa Signing time: Sat 15 Nov 2025 06:00:33 +0000 ROA not before: Sat 15 Nov 2025 06:00:33 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d010:8400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:26:09:2a:bb:81:9a:fe:17:9c:cc:d7:e6:0f:d8:17:d2:2d:3e:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:00:33 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=e425e7c8d8f79af9bff83386dc9079f8a1b49edf48e4af9a03fe59d49580b4ed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:a7:e8:a2:1c:9c:b8:fc:b7:8d:7a:05:54:cb: f2:34:d8:0b:b8:ec:f9:35:d3:25:17:aa:fb:4d:31: 21:6a:1b:dc:73:0c:07:da:1e:85:14:fa:6a:a3:9d: 61:83:b1:4f:ba:e1:7d:59:e5:eb:77:07:a0:a3:a7: f8:52:b3:65:7c:c1:b2:7c:92:03:fc:ba:75:57:3a: 26:f3:21:6e:08:27:05:26:66:92:61:48:61:ce:a7: 0a:74:21:2b:1d:d1:be:61:60:c5:e7:db:7a:17:e6: f3:c7:8f:ad:d2:f0:8b:7f:76:78:ae:db:cc:1b:7f: fe:e2:92:b0:37:d9:4a:e8:57:52:fd:03:b6:25:7d: d0:ae:13:70:cf:b7:15:aa:ac:e8:f8:ad:dc:0b:6e: 28:f4:58:f5:08:b7:1c:6e:ce:ec:e4:ac:95:c9:af: e3:f8:aa:d9:65:ef:2d:d9:4a:6e:22:69:5a:ee:a4: f8:a2:3f:34:9c:78:f8:dd:2a:e4:68:f3:38:db:cc: 70:b1:54:d8:4d:bd:35:aa:b9:ca:ca:ce:bb:c2:cc: ee:ee:af:ec:bc:df:07:ea:7f:bd:ef:63:9e:2b:d0: ec:31:68:32:3f:36:9c:ca:04:7c:ff:0d:09:66:56: 2d:02:8d:6c:ad:57:9e:63:fc:f4:71:93:34:2c:a3: e9:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:70:BA:E4:F6:A3:BB:37:2B:5D:1B:2A:F6:C4:A4:FF:81:F5:58:F4 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6236cad2-ab49-4574-b740-7b70c27fae87.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d010:8400::/38 Signature Algorithm: sha256WithRSAEncryption 93:6e:69:ab:98:72:79:8f:fe:37:ab:59:da:79:3f:21:82:37: ee:08:ac:87:31:09:9a:8e:55:4d:a0:d8:dd:1b:c0:4e:4f:49: 84:7b:01:cf:3f:ca:32:30:19:c0:da:55:7b:51:f5:7f:01:92: 0d:1e:0e:7c:43:0e:58:96:7d:bc:e4:05:0b:c3:04:0f:29:8d: dc:33:ca:14:65:4a:de:13:52:f8:20:46:60:29:18:88:d9:e3: 0e:54:e3:53:5a:0d:cd:51:31:60:33:ec:7b:6d:18:dc:de:19: 51:4a:08:2d:61:d0:a8:86:8a:9d:3b:ab:8c:7c:a4:1e:21:11: 25:26:45:7e:2b:f2:32:37:ce:48:4e:9a:dd:2b:8b:7b:8d:d5: 07:71:dd:c7:c7:ce:0e:bf:ba:79:e7:b1:69:d6:dd:7e:f1:cc: ce:e7:b3:2d:ff:07:4a:ab:66:48:55:b8:3e:e3:2c:3b:0f:83: 2b:59:ba:44:d1:3c:e4:7d:9f:5f:0c:39:b0:e0:32:ab:6c:ae: b9:12:b2:b3:4a:2d:66:b8:7a:03:47:f9:d4:61:52:e9:2a:2c: 44:7e:d4:65:a2:a2:72:b0:ee:43:df:a0:44:1c:97:35:ae:6f: 0b:5a:ad:72:da:32:2d:ef:ff:16:31:d3:cc:4f:d6:d8:2c:a7: 39:ea:8b:9c -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUMSYJKruBmv4XnMzX5g/YF9ItPvIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjAwMzNaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGU0MjVlN2M4ZDhmNzlhZjliZmY4MzM4NmRjOTA3OWY4YTFiNDllZGY0OGU0 YWY5YTAzZmU1OWQ0OTU4MGI0ZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALqn6KIcnLj8t416BVTL8jTYC7js+TXTJReq+00xIWob3HMMB9oehRT6aqOd YYOxT7rhfVnl63cHoKOn+FKzZXzBsnySA/y6dVc6JvMhbggnBSZmkmFIYc6nCnQh Kx3RvmFgxefbehfm88ePrdLwi392eK7bzBt//uKSsDfZSuhXUv0DtiV90K4TcM+3 Faqs6Pit3AtuKPRY9Qi3HG7O7OSslcmv4/iq2WXvLdlKbiJpWu6k+KI/NJx4+N0q 5GjzONvMcLFU2E29Naq5ysrOu8LM7u6v7LzfB+p/ve9jnivQ7DFoMj82nMoEfP8N CWZWLQKNbK1XnmP89HGTNCyj6YECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQfcLrk 9qO7NytdGyr2xKT/gfVY9DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NjIzNmNhZDItYWI0OS00NTc0LWI3NDAtN2I3MGMyN2ZhZTg3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BCE MA0GCSqGSIb3DQEBCwUAA4IBAQCTbmmrmHJ5j/43q1naeT8hgjfuCKyHMQmajlVN oNjdG8BOT0mEewHPP8oyMBnA2lV7UfV/AZINHg58Qw5Yln285AULwwQPKY3cM8oU ZUreE1L4IEZgKRiI2eMOVONTWg3NUTFgM+x7bRjc3hlRSggtYdCohoqdO6uMfKQe IRElJkV+K/IyN85ITprdK4t7jdUHcd3Hx84Ov7p557Fp1t1+8czO57Mt/wdKq2ZI Vbg+4yw7D4MrWbpE0TzkfZ9fDDmw4DKrbK65ErKzSi1muHoDR/nUYVLpKixEftRl oqJysO5D36BEHJc1rm8LWq1y2jIt7/8WMdPMT9bYLKc56ouc -----END CERTIFICATE-----Generated at Sat Dec 6 17:31:39 2025 by rpki-client