This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa File: 995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa (raw, json) Hash identifier: mCDeGkd6Dr99eACwpI4kSH3+PFm74Kv9cmQtwCv2cLg= Subject key identifier: 45:73:A3:20:2E:16:72:94:6A:91:69:23:3A:06:8F:91:46:BC:B9:8B Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1AE41963C235D6FCAA0007747B2A378E57FCDAB0 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa Signing time: Tue 02 Dec 2025 01:50:47 +0000 ROA not before: Tue 02 Dec 2025 01:50:47 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 176.34.16.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:e4:19:63:c2:35:d6:fc:aa:00:07:74:7b:2a:37:8e:57:fc:da:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 2 01:50:47 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=3d15715665af09d824f46a959cae61f1787934253fd86695266dfe1235b488a0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:18:87:0a:bb:5c:8c:d4:72:e5:7f:e9:3c:e2: 8f:01:b7:1f:ee:c4:10:0c:db:5b:5d:68:27:bd:c7: 65:f0:d9:8c:b0:3c:e2:ce:39:51:f2:39:15:d6:ab: d2:12:d3:2e:93:4e:c6:7d:55:c6:00:91:bc:74:8c: da:6e:f4:a2:0d:45:eb:ca:f1:dc:43:21:7a:bb:db: 04:b0:cd:90:c4:b9:a4:07:32:48:2a:4f:db:22:1d: b7:92:89:90:b2:79:48:fd:fc:62:7f:50:14:81:58: 6c:61:5d:b7:3f:3c:c9:30:14:ca:97:78:d4:1b:b2: 45:f9:46:cf:61:62:46:e4:a4:31:63:95:32:69:95: 94:e1:5a:ea:ad:45:83:93:0a:9b:a7:3c:cb:53:fd: 7b:1c:83:33:0e:2e:e9:8d:96:d1:7e:49:48:1b:79: a9:c3:8c:39:f5:01:95:e2:96:4f:70:e0:f7:8d:6d: 2b:09:fc:a5:6b:90:67:35:2e:19:4c:4f:d8:11:3c: 31:de:e4:3e:ae:74:33:4e:ef:dc:54:7b:ec:c1:99: ab:9f:d9:10:31:93:b6:38:48:55:30:3f:67:aa:c6: a6:f4:ae:10:1e:27:ab:b2:0d:79:cd:6e:5d:a2:dc: 85:8b:e7:e2:41:7c:2a:4d:ec:92:f3:86:08:a2:c6: 98:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:73:A3:20:2E:16:72:94:6A:91:69:23:3A:06:8F:91:46:BC:B9:8B X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.34.16.0/22 Signature Algorithm: sha256WithRSAEncryption c4:08:16:d9:ad:e2:9e:b2:b0:85:6e:dd:7d:16:5c:14:43:d7: ba:dc:d3:b5:eb:62:68:45:18:94:95:3e:17:0b:27:d4:6e:da: 32:43:16:64:d2:ae:f4:16:3f:db:33:09:81:49:14:98:af:b7: ef:a5:8a:0b:28:20:eb:93:cc:0e:dd:e7:a8:68:73:64:b8:01: e2:d8:38:f2:bf:3d:3c:2b:6f:c2:12:f2:b5:94:e7:16:54:da: e7:c5:39:0e:89:08:26:92:e9:ac:76:fe:c8:d1:88:d0:6d:7b: 58:aa:b2:54:12:59:9e:fb:23:4b:6c:1b:47:f0:a0:be:19:cc: 2c:2f:1a:73:bc:0c:7a:20:b5:62:51:61:14:e4:9c:6e:53:16: b6:17:75:96:74:b1:89:bd:1d:8f:09:1e:02:e3:ff:b7:05:73: 88:ad:0c:7f:2a:7b:60:f2:6e:2a:8b:57:e5:aa:54:18:c6:dc: 26:6c:bb:8e:fc:a0:c4:c6:cd:56:44:a6:3d:97:0c:d2:b0:1f: 1e:34:14:28:4b:72:56:cd:ac:ed:b1:08:3e:dd:44:0d:f7:e3: 8b:6f:c0:e2:7a:14:b9:90:5f:33:a7:13:da:e2:da:c9:60:b0: 82:bc:a4:d2:6e:d2:e2:a1:8f:31:81:ce:6b:5a:cc:9f:f6:db: 05:b5:dc:9e -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUGuQZY8I11vyqAAd0eyo3jlf82rAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDIwMTUwNDdaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDNkMTU3MTU2NjVhZjA5ZDgyNGY0NmE5NTljYWU2MWYxNzg3OTM0MjUzZmQ4 NjY5NTI2NmRmZTEyMzViNDg4YTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKsYhwq7XIzUcuV/6TzijwG3H+7EEAzbW11oJ73HZfDZjLA84s45UfI5Fdar 0hLTLpNOxn1VxgCRvHSM2m70og1F68rx3EMhervbBLDNkMS5pAcySCpP2yIdt5KJ kLJ5SP38Yn9QFIFYbGFdtz88yTAUypd41BuyRflGz2FiRuSkMWOVMmmVlOFa6q1F g5MKm6c8y1P9exyDMw4u6Y2W0X5JSBt5qcOMOfUBleKWT3Dg941tKwn8pWuQZzUu GUxP2BE8Md7kPq50M07v3FR77MGZq5/ZEDGTtjhIVTA/Z6rGpvSuEB4nq7INec1u XaLchYvn4kF8Kk3skvOGCKLGmBsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRFc6Mg LhZylGqRaSM6Bo+RRry5izAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OTk1ZDRmOGQtMGJjZC00YjMwLTlkYmUtNDJiY2RiZWIwNDY0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiEDAN BgkqhkiG9w0BAQsFAAOCAQEAxAgW2a3inrKwhW7dfRZcFEPXutzTtetiaEUYlJU+ Fwsn1G7aMkMWZNKu9BY/2zMJgUkUmK+376WKCygg65PMDt3nqGhzZLgB4tg48r89 PCtvwhLytZTnFlTa58U5DokIJpLprHb+yNGI0G17WKqyVBJZnvsjS2wbR/CgvhnM LC8ac7wMeiC1YlFhFOScblMWthd1lnSxib0djwkeAuP/twVziK0Mfyp7YPJuKotX 5apUGMbcJmy7jvygxMbNVkSmPZcM0rAfHjQUKEtyVs2s7bEIPt1EDffji2/A4noU uZBfM6cT2uLayWCwgryk0m7S4qGPMYHOa1rMn/bbBbXcng== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:20 2025 by rpki-client