This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa File: 9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa (raw, json) Hash identifier: bSutfhzf0odEgtbwxUvlmEybnULXQqMZwCCOk7XHKf0= Subject key identifier: 3B:3F:23:7D:58:18:CD:97:59:79:9D:C7:DD:ED:D5:41:02:2D:DE:BD Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 4C7FBD15917ACE64CA29E3EA955BAF2C6ABD1F80 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa Signing time: Sat 29 Nov 2025 03:00:09 +0000 ROA not before: Sat 29 Nov 2025 03:00:09 +0000 ROA not after: Fri 27 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 46.137.192.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:7f:bd:15:91:7a:ce:64:ca:29:e3:ea:95:5b:af:2c:6a:bd:1f:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 29 03:00:09 2025 GMT Not After : Feb 27 23:59:59 2026 GMT Subject: serialNumber=9e6f525c85c5219abf8f954ec28e87c7f6d4233c64ea83086ff451da84ee749d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:64:83:60:d9:9f:31:e6:5c:da:b9:e5:9f:60: f5:5a:af:72:2b:8f:fd:2c:e6:7d:3e:1e:70:12:4f: b0:5e:02:a6:b3:d7:e9:cc:0c:8d:c1:73:a1:8d:7c: 9c:a2:3b:c9:75:83:10:3e:83:94:16:96:c5:40:89: 49:08:14:9e:7e:99:ee:df:39:66:bc:68:ae:7c:33: 30:3f:10:69:6e:7e:60:9c:cd:ab:b8:9c:a1:0e:de: 34:31:b2:1d:43:e5:24:0d:d5:1f:d7:e2:1a:aa:85: 18:12:61:b9:11:33:15:b5:ce:bc:16:f9:a8:99:7b: 7d:2e:8b:bc:79:bc:5a:0f:02:1e:90:53:dc:b8:4f: 6e:c1:ca:c7:1f:80:f2:60:9f:c8:0a:d0:39:24:c0: 49:52:20:82:88:2d:90:73:34:67:11:df:7a:9f:cb: c1:22:4b:86:a3:f2:6b:af:ab:19:cf:5e:94:f4:98: 5c:2c:d4:7d:8b:b0:51:53:d7:5d:1b:08:7c:ab:45: 4a:84:5b:d9:ba:58:19:28:8b:dd:7a:9f:8f:52:54: cb:61:ca:7d:ca:eb:ec:a2:34:b1:eb:ad:8c:62:6b: 22:98:9b:47:dd:1c:2b:56:a1:ae:b5:8d:fb:ce:3b: 92:23:8d:ab:1f:ff:14:0f:c1:bb:6b:4b:2c:ae:ef: b5:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:3F:23:7D:58:18:CD:97:59:79:9D:C7:DD:ED:D5:41:02:2D:DE:BD X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.137.192.0/21 Signature Algorithm: sha256WithRSAEncryption 03:ed:2a:c0:04:c2:8a:8e:34:31:3b:0b:50:2f:0b:e1:33:c0: 58:91:44:90:1c:bb:1b:fd:05:35:69:cc:d8:3e:2f:bf:b6:74: 9d:92:9e:c9:21:b3:08:f8:5a:cb:38:1d:8d:b9:cf:17:5e:74: dd:bc:a0:20:d5:c6:f0:5b:69:a8:67:c9:67:ea:dc:d0:fc:f2: 4b:ee:82:46:65:dd:b6:12:18:37:ac:27:30:57:a0:a1:c9:3a: 32:d5:c0:53:7f:e4:2d:96:1f:9b:3a:33:2e:50:de:d7:a1:64: 77:56:a6:69:b3:f9:83:35:42:51:1b:a0:3e:e1:69:d0:5a:b8: 5a:67:53:d5:e7:ea:f8:38:95:73:6d:a2:37:af:14:72:74:d1: e7:bf:d6:78:17:44:5a:fe:b9:61:61:b2:3b:98:13:8e:1c:70: 5a:73:47:62:1a:39:59:8c:57:a4:39:a2:5e:82:65:cc:c0:51: 17:93:50:13:ce:d6:03:a6:d4:28:4a:76:15:f7:e0:31:af:6c: fa:23:5a:67:45:07:d0:e9:60:42:12:43:ab:6d:cb:bf:64:99: 58:5c:39:4f:04:65:97:fc:ef:cd:56:f3:95:6e:1b:d6:8f:4a: 68:09:9e:9d:36:fa:16:b5:8c:f6:a3:7d:7f:d3:93:73:f9:20: bc:f7:7c:b3 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUTH+9FZF6zmTKKePqlVuvLGq9H4AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjkwMzAwMDlaFw0yNjAyMjcyMzU5NTlaMHoxSTBHBgNV BAUTQDllNmY1MjVjODVjNTIxOWFiZjhmOTU0ZWMyOGU4N2M3ZjZkNDIzM2M2NGVh ODMwODZmZjQ1MWRhODRlZTc0OWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMhkg2DZnzHmXNq55Z9g9VqvciuP/SzmfT4ecBJPsF4CprPX6cwMjcFzoY18 nKI7yXWDED6DlBaWxUCJSQgUnn6Z7t85ZrxornwzMD8QaW5+YJzNq7icoQ7eNDGy HUPlJA3VH9fiGqqFGBJhuREzFbXOvBb5qJl7fS6LvHm8Wg8CHpBT3LhPbsHKxx+A 8mCfyArQOSTASVIggogtkHM0ZxHfep/LwSJLhqPya6+rGc9elPSYXCzUfYuwUVPX XRsIfKtFSoRb2bpYGSiL3Xqfj1JUy2HKfcrr7KI0seutjGJrIpibR90cK1ahrrWN +847kiONqx//FA/Bu2tLLK7vtccCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ7PyN9 WBjNl1l5ncfd7dVBAi3evTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OTgzNGExMmEtYTVkOS00Y2FhLWFlMDktYjFlMzMyMzU5NmJkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JwDAN BgkqhkiG9w0BAQsFAAOCAQEAA+0qwATCio40MTsLUC8L4TPAWJFEkBy7G/0FNWnM 2D4vv7Z0nZKeySGzCPhayzgdjbnPF1503bygINXG8FtpqGfJZ+rc0PzyS+6CRmXd thIYN6wnMFegock6MtXAU3/kLZYfmzozLlDe16Fkd1amabP5gzVCURugPuFp0Fq4 WmdT1efq+DiVc22iN68UcnTR57/WeBdEWv65YWGyO5gTjhxwWnNHYho5WYxXpDmi XoJlzMBRF5NQE87WA6bUKEp2FffgMa9s+iNaZ0UH0OlgQhJDq23Lv2SZWFw5TwRl l/zvzVbzlW4b1o9KaAmenTb6FrWM9qN9f9OTc/kgvPd8sw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:56 2025 by rpki-client