This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa File: a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa (raw, json) Hash identifier: BHL7IrmzYm6P/CgCklxUc8y0PvMCwVXyrl3QAXrjlh8= Subject key identifier: 6B:84:F5:C3:BB:CC:84:29:D1:AA:06:CF:CC:3C:6A:F7:C6:A2:98:6C Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1B7BC3BA13972700DC102151F24260E1DA4F795B Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa Signing time: Tue 02 Dec 2025 01:51:02 +0000 ROA not before: Tue 02 Dec 2025 01:51:02 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 176.34.0.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:7b:c3:ba:13:97:27:00:dc:10:21:51:f2:42:60:e1:da:4f:79:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 2 01:51:02 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=2cebaa394dc0669a937bd82924c9a809f7a3f59d57ed337fb5255bd3bc198da1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:61:de:a8:ce:e8:2d:fa:fe:2f:74:ed:dd:3a: 75:db:14:9e:22:ec:f4:a0:d0:bd:30:de:56:c1:e9: ea:97:d2:bd:32:d9:8e:bb:c7:8e:83:34:10:e9:bb: 4f:75:1d:aa:0d:83:b8:75:d6:d4:d4:01:9d:a6:91: 0b:a0:e6:9b:5b:0a:b3:75:4c:3e:5f:4b:06:11:04: 8a:0e:ee:60:31:66:7e:4c:ff:a8:53:5e:cb:83:93: c4:1e:2e:da:d0:a2:b3:21:ec:5c:be:29:5d:b8:23: d4:78:28:1e:28:e7:5e:61:9f:ae:ed:40:fd:59:42: 97:0f:ca:4f:34:34:c8:0f:8a:e1:ae:06:6a:54:32: 43:ad:b9:40:44:d7:b5:d0:c7:a9:4b:7b:be:1f:94: 55:f8:40:b1:57:74:fb:0c:e2:2b:38:ce:44:80:ef: 9b:0f:8e:df:f8:a2:80:ad:c2:38:57:ba:ad:6f:3d: da:54:36:7a:e0:23:91:24:77:ce:14:a9:ad:7a:a3: e0:6b:ad:22:7a:22:f0:f4:8c:71:e1:54:b9:5a:31: bc:51:13:df:8e:e5:73:82:56:b6:89:89:6f:48:f3: e6:e9:59:06:ce:ef:b1:68:bb:17:b7:b3:ad:76:ad: d7:e3:de:31:fc:9f:39:04:86:82:4e:0d:24:26:ed: 5d:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:84:F5:C3:BB:CC:84:29:D1:AA:06:CF:CC:3C:6A:F7:C6:A2:98:6C X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.34.0.0/20 Signature Algorithm: sha256WithRSAEncryption 2a:e5:96:e2:4b:9f:5c:51:0e:d5:f0:3b:ab:23:a8:06:04:d8: dd:c1:97:fb:25:c6:35:e5:2f:23:21:ba:19:22:fd:2c:4c:01: fa:ed:1e:ae:85:dc:9b:4d:5b:f8:69:4d:e9:26:60:b2:be:e6: 5e:f3:c8:3b:71:17:8b:8e:ce:8c:07:07:34:36:32:82:56:6e: e9:f1:6a:78:74:fb:48:a7:13:7b:f5:95:d2:9d:8c:b2:0c:b2: ea:20:61:9b:74:53:04:af:f1:b3:93:97:75:cb:da:e8:d3:61: 66:f6:68:40:31:db:29:4e:6b:9a:7d:a5:28:3e:42:b3:22:50: 0a:9e:e9:63:dd:0b:9c:e4:c4:8e:94:02:53:f8:90:b7:c7:56: 5d:a1:3c:81:d1:33:1c:42:9e:14:d3:dc:9e:31:34:81:c8:d7: f2:12:48:46:b9:7d:7f:37:3e:8f:bd:6e:b4:8b:93:c1:44:1c: 72:f6:3a:b6:2f:66:1b:3b:b7:ac:96:98:49:08:44:49:8c:23: 0c:35:95:78:1f:07:d1:c2:52:3b:f9:a3:66:e3:5d:26:90:e6: f9:8d:59:7d:8a:5a:57:5f:77:f5:1f:0b:52:2b:49:4b:75:64: a6:6c:ad:b0:de:30:54:22:4d:4a:08:ba:16:31:a7:bb:e0:02: a6:92:29:ce -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUG3vDuhOXJwDcECFR8kJg4dpPeVswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDIwMTUxMDJaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDJjZWJhYTM5NGRjMDY2OWE5MzdiZDgyOTI0YzlhODA5ZjdhM2Y1OWQ1N2Vk MzM3ZmI1MjU1YmQzYmMxOThkYTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALhh3qjO6C36/i907d06ddsUniLs9KDQvTDeVsHp6pfSvTLZjrvHjoM0EOm7 T3Udqg2DuHXW1NQBnaaRC6Dmm1sKs3VMPl9LBhEEig7uYDFmfkz/qFNey4OTxB4u 2tCisyHsXL4pXbgj1HgoHijnXmGfru1A/VlClw/KTzQ0yA+K4a4GalQyQ625QETX tdDHqUt7vh+UVfhAsVd0+wziKzjORIDvmw+O3/iigK3COFe6rW892lQ2euAjkSR3 zhSprXqj4GutInoi8PSMceFUuVoxvFET347lc4JWtomJb0jz5ulZBs7vsWi7F7ez rXat1+PeMfyfOQSGgk4NJCbtXVUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRrhPXD u8yEKdGqBs/MPGr3xqKYbDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YTI2MGZlM2MtYTkwMS00ZjVhLWI1MGEtNzliOWExZTFmOGQ5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAiADAN BgkqhkiG9w0BAQsFAAOCAQEAKuWW4kufXFEO1fA7qyOoBgTY3cGX+yXGNeUvIyG6 GSL9LEwB+u0eroXcm01b+GlN6SZgsr7mXvPIO3EXi47OjAcHNDYyglZu6fFqeHT7 SKcTe/WV0p2Msgyy6iBhm3RTBK/xs5OXdcva6NNhZvZoQDHbKU5rmn2lKD5CsyJQ Cp7pY90LnOTEjpQCU/iQt8dWXaE8gdEzHEKeFNPcnjE0gcjX8hJIRrl9fzc+j71u tIuTwUQccvY6ti9mGzu3rJaYSQhESYwjDDWVeB8H0cJSO/mjZuNdJpDm+Y1ZfYpa V1939R8LUitJS3VkpmytsN4wVCJNSgi6FjGnu+ACppIpzg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:56 2025 by rpki-client