This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa File: a472a17f-cded-45fb-a444-3393023f0b36.roa (raw, json) Hash identifier: VXJXLmgoiolnZrBzhqoUxmMiJnuR/lbvUU5Kdeu/ujQ= Subject key identifier: A7:DE:8A:45:94:38:5F:2D:0E:1F:A7:C8:07:2E:E5:48:2A:07:93:86 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 0DEDC27CFAC2A5D4B1E15CAA2D0F7CA29968E323 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa Signing time: Sat 29 Nov 2025 03:10:04 +0000 ROA not before: Sat 29 Nov 2025 03:10:04 +0000 ROA not after: Fri 27 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 46.51.208.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:ed:c2:7c:fa:c2:a5:d4:b1:e1:5c:aa:2d:0f:7c:a2:99:68:e3:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 29 03:10:04 2025 GMT Not After : Feb 27 23:59:59 2026 GMT Subject: serialNumber=c98083efdd2c23ef066aa591129fddf00933d6bdae86a6930b4a362ba1585504, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:26:56:3b:04:78:98:ad:53:47:db:d4:2d:3f: cd:6d:60:83:e2:4e:60:ed:bd:5e:7d:74:2e:65:22: c3:bb:11:8e:88:d1:27:68:1b:ea:3d:c4:f0:87:dd: cd:0b:a9:aa:1d:b3:51:73:6c:78:9d:7c:52:4c:c0: 01:f9:ff:99:cc:3e:df:a1:de:8c:f6:35:31:42:ef: ff:29:fc:3d:bb:c2:c6:0d:f2:9a:2b:51:28:b7:a9: 82:f6:c0:e3:95:ec:e5:fb:96:06:9c:68:21:2a:f2: 47:e4:8a:b4:5c:d3:26:bc:7b:cf:7a:f3:a0:fc:f2: 32:78:50:22:7a:70:23:9d:54:dd:75:2a:dd:6e:80: dc:1c:44:8b:84:45:89:68:86:4d:75:b7:e6:8e:0e: f6:13:97:10:90:36:ac:1a:43:6d:4e:68:3e:b2:3e: 6d:47:11:8d:ed:b3:29:68:03:d0:99:62:c6:5e:92: dd:9d:5f:c8:ba:6d:10:22:60:07:02:c0:09:bb:2b: a1:09:a4:f9:27:3f:ea:a6:64:df:c4:7d:46:e6:78: 57:cb:48:dc:8f:5b:a4:97:c0:d2:86:ae:a9:71:62: 53:c6:8b:46:30:b8:ca:5a:b0:f9:20:94:14:c2:36: ee:01:ce:66:b6:03:b2:ef:87:11:79:2f:6f:b5:02: 77:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:DE:8A:45:94:38:5F:2D:0E:1F:A7:C8:07:2E:E5:48:2A:07:93:86 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.51.208.0/22 Signature Algorithm: sha256WithRSAEncryption 16:4a:db:84:7e:4a:80:5b:5e:85:ae:45:ab:48:5a:a5:4c:83: f6:e4:d4:79:f2:83:93:73:f1:79:3e:1e:1c:8c:78:a7:2c:5c: 2a:22:8e:f9:88:44:36:67:f2:2f:6a:84:e3:39:c5:42:47:3d: 0e:29:42:91:11:70:d1:1f:c1:c8:b6:c3:f4:f4:6e:42:23:29: d0:2a:f0:dd:43:0e:ea:b4:fc:f3:2e:1b:3e:3a:56:27:33:02: 45:de:4a:91:15:ee:aa:36:16:36:9a:1d:74:de:af:52:c7:2c: 7e:a5:bd:3d:9e:a8:8a:06:d7:56:72:14:29:51:d6:f8:0a:d9: 05:a8:af:c6:a8:3f:b2:d8:03:76:53:4e:8d:90:68:93:b9:f1: c2:84:38:07:1d:83:de:b7:9b:18:90:db:be:89:f6:d9:fa:dc: 28:da:69:48:d9:34:21:8b:dc:31:c4:f7:0d:30:68:99:12:c0: c6:eb:ed:af:9e:af:ff:b3:02:4d:f1:bd:91:b4:7e:bd:e1:4d: f7:1e:63:8f:e3:ca:e4:66:d8:9d:73:b5:2d:8a:73:7f:45:1f: 08:34:e5:9a:20:bd:41:db:6c:70:a1:d1:51:53:47:2b:17:96: 6d:12:45:b7:6d:05:0b:4a:db:d7:9b:b4:9e:51:2d:dd:b2:4a: b7:4f:67:91 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUDe3CfPrCpdSx4VyqLQ98oplo4yMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjkwMzEwMDRaFw0yNjAyMjcyMzU5NTlaMHoxSTBHBgNV BAUTQGM5ODA4M2VmZGQyYzIzZWYwNjZhYTU5MTEyOWZkZGYwMDkzM2Q2YmRhZTg2 YTY5MzBiNGEzNjJiYTE1ODU1MDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMYmVjsEeJitU0fb1C0/zW1gg+JOYO29Xn10LmUiw7sRjojRJ2gb6j3E8Ifd zQupqh2zUXNseJ18UkzAAfn/mcw+36HejPY1MULv/yn8PbvCxg3ymitRKLepgvbA 45Xs5fuWBpxoISryR+SKtFzTJrx7z3rzoPzyMnhQInpwI51U3XUq3W6A3BxEi4RF iWiGTXW35o4O9hOXEJA2rBpDbU5oPrI+bUcRje2zKWgD0Jlixl6S3Z1fyLptECJg BwLACbsroQmk+Sc/6qZk38R9RuZ4V8tI3I9bpJfA0oauqXFiU8aLRjC4ylqw+SCU FMI27gHOZrYDsu+HEXkvb7UCd6ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSn3opF lDhfLQ4fp8gHLuVIKgeThjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YTQ3MmExN2YtY2RlZC00NWZiLWE0NDQtMzM5MzAyM2YwYjM2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi4z0DAN BgkqhkiG9w0BAQsFAAOCAQEAFkrbhH5KgFteha5Fq0hapUyD9uTUefKDk3PxeT4e HIx4pyxcKiKO+YhENmfyL2qE4znFQkc9DilCkRFw0R/ByLbD9PRuQiMp0Crw3UMO 6rT88y4bPjpWJzMCRd5KkRXuqjYWNpoddN6vUscsfqW9PZ6oigbXVnIUKVHW+ArZ Baivxqg/stgDdlNOjZBok7nxwoQ4Bx2D3rebGJDbvon22frcKNppSNk0IYvcMcT3 DTBomRLAxuvtr56v/7MCTfG9kbR+veFN9x5jj+PK5GbYnXO1LYpzf0UfCDTlmiC9 QdtscKHRUVNHKxeWbRJFt20FC0rb15u0nlEt3bJKt09nkQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:58 2025 by rpki-client