This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa File: a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa (raw, json) Hash identifier: KdfC9uFRXIW9lrXI0cuV2pBhBuoJK3Qk0SQw0NZ/WFM= Subject key identifier: 73:35:41:D2:48:2F:CE:5E:2E:D9:B7:17:EF:2A:BB:3A:D3:13:C9:15 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 66FCF4A392CDBC0123A4652B17E71C75B379B102 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa Signing time: Tue 02 Dec 2025 01:51:28 +0000 ROA not before: Tue 02 Dec 2025 01:51:28 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d076:2000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:fc:f4:a3:92:cd:bc:01:23:a4:65:2b:17:e7:1c:75:b3:79:b1:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 2 01:51:28 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=f59d7328f6008bfde409fc2fadc903153cb4b28d1b8673ae2b1e1734a8902913, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:38:80:00:6d:fb:b4:28:14:d6:fa:59:61:77: 73:cb:64:ce:2a:c1:40:2c:18:79:a2:7b:b7:31:22: 09:40:ba:f5:02:56:17:1d:6a:e8:e6:f5:3e:ec:29: 1d:fe:6b:49:5e:28:b1:c8:ab:59:f5:4d:6c:27:e3: 75:1e:45:e8:19:17:57:18:41:28:e4:8d:a0:c5:c0: f6:4f:6d:c7:3c:97:2f:28:cb:46:d8:0a:5a:66:4c: 4c:a9:bb:5f:a6:80:3f:0d:5e:82:06:d6:a0:99:7a: 82:93:fb:7c:70:de:28:37:4f:15:9e:0c:96:2f:94: d5:34:f3:37:c8:af:b2:4c:95:f3:47:5b:82:9e:84: 38:d3:1a:47:01:e4:71:e1:a1:a1:b9:d1:f6:fe:0d: 56:0c:53:32:d4:9e:60:62:f4:23:cf:e6:ba:9e:7b: b0:83:c7:a2:9a:9e:4e:70:67:fc:3c:bd:c1:49:3a: 34:3d:85:56:a4:b4:83:a1:8c:cd:6e:ea:d9:2f:10: 9f:6c:3f:ae:ad:f8:ee:05:ba:f7:30:00:d0:4a:40: c1:1e:5a:89:25:82:73:4c:45:3c:77:05:46:a3:4c: ee:12:c4:61:c7:22:c4:13:37:d0:4e:72:06:cd:f3: 79:e7:c2:a7:44:c3:b1:b2:a9:cb:fd:be:29:2e:4a: 2e:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:35:41:D2:48:2F:CE:5E:2E:D9:B7:17:EF:2A:BB:3A:D3:13:C9:15 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d076:2000::/48 Signature Algorithm: sha256WithRSAEncryption 9c:aa:a5:93:9e:48:03:1f:84:c3:95:51:61:21:9e:1d:20:97: 43:a5:0b:74:b8:98:68:5c:ff:d1:45:7e:18:f2:99:32:5a:a4: 29:4d:87:2f:60:95:9e:a1:82:c7:d1:b6:04:b3:cd:b2:13:9f: 7f:48:8b:81:fd:1b:96:19:ec:81:00:74:90:14:3a:7f:57:b2: 3d:34:c3:9b:e9:2c:f2:f3:32:2a:6a:ee:4a:ad:9e:a5:ff:fe: 63:da:fd:b4:f2:25:33:25:ea:5f:a5:c0:7f:36:51:78:a6:d3: b6:f0:52:87:45:ed:29:a0:53:7b:86:7d:ae:af:5d:c8:34:52: 93:4c:36:8a:10:13:96:96:e4:c6:58:40:31:0e:97:b5:23:64: 98:30:ce:75:6b:88:38:be:aa:4b:70:c3:ac:d2:5a:39:b8:f1: 34:22:fc:79:ea:8c:94:e6:a3:86:1b:8c:5f:4b:fd:cf:1d:0c: 73:f0:9e:46:80:bf:9b:df:5d:9e:6f:22:54:8e:99:c6:a5:75: c9:07:68:9c:85:f6:d9:0c:dc:6a:8c:ad:88:c5:f7:3c:04:06: d4:7e:f8:ea:54:72:fa:a4:bb:bd:95:e6:a3:a5:f3:5a:91:86: 64:ad:86:bc:c3:af:c3:22:96:18:cc:17:69:8b:a8:79:65:26: b1:01:d1:dd -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUZvz0o5LNvAEjpGUrF+ccdbN5sQIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDIwMTUxMjhaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGY1OWQ3MzI4ZjYwMDhiZmRlNDA5ZmMyZmFkYzkwMzE1M2NiNGIyOGQxYjg2 NzNhZTJiMWUxNzM0YTg5MDI5MTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALA4gABt+7QoFNb6WWF3c8tkzirBQCwYeaJ7tzEiCUC69QJWFx1q6Ob1Puwp Hf5rSV4oscirWfVNbCfjdR5F6BkXVxhBKOSNoMXA9k9txzyXLyjLRtgKWmZMTKm7 X6aAPw1eggbWoJl6gpP7fHDeKDdPFZ4Mli+U1TTzN8ivskyV80dbgp6EONMaRwHk ceGhobnR9v4NVgxTMtSeYGL0I8/mup57sIPHopqeTnBn/Dy9wUk6ND2FVqS0g6GM zW7q2S8Qn2w/rq347gW69zAA0EpAwR5aiSWCc0xFPHcFRqNM7hLEYccixBM30E5y Bs3zeefCp0TDsbKpy/2+KS5KLoUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRzNUHS SC/OXi7ZtxfvKrs60xPJFTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YTc5NzVhYmUtMGNkOC00NTkwLWI1OGItNzAzZmE1ZjRiZGZkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HYg ADANBgkqhkiG9w0BAQsFAAOCAQEAnKqlk55IAx+Ew5VRYSGeHSCXQ6ULdLiYaFz/ 0UV+GPKZMlqkKU2HL2CVnqGCx9G2BLPNshOff0iLgf0blhnsgQB0kBQ6f1eyPTTD m+ks8vMyKmruSq2epf/+Y9r9tPIlMyXqX6XAfzZReKbTtvBSh0XtKaBTe4Z9rq9d yDRSk0w2ihATlpbkxlhAMQ6XtSNkmDDOdWuIOL6qS3DDrNJaObjxNCL8eeqMlOaj hhuMX0v9zx0Mc/CeRoC/m99dnm8iVI6ZxqV1yQdonIX22QzcaoytiMX3PAQG1H74 6lRy+qS7vZXmo6XzWpGGZK2GvMOvwyKWGMwXaYuoeWUmsQHR3Q== -----END CERTIFICATE-----Generated at Sat Dec 6 22:36:51 2025 by rpki-client