This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa79bb18-b74d-4cc3-ba05-20af0f9435b1.roa File: aa79bb18-b74d-4cc3-ba05-20af0f9435b1.roa (raw, json) Hash identifier: NdVKo/TQ6SJXDL2cKnxSrDuSTcGQFyXd3KLWEpQ2Ht4= Subject key identifier: 26:66:EE:E6:89:D9:97:33:8B:14:AE:3F:72:F1:A4:76:19:FD:DC:94 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 213D9B1BC35043A5EE828A0E5FBF510277D66D25 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa79bb18-b74d-4cc3-ba05-20af0f9435b1.roa Signing time: Tue 02 Dec 2025 01:50:11 +0000 ROA not before: Tue 02 Dec 2025 01:50:11 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 176.34.144.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:3d:9b:1b:c3:50:43:a5:ee:82:8a:0e:5f:bf:51:02:77:d6:6d:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 2 01:50:11 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=1123942bbf3ab46da1493ae40be7de674bda53e5861199cf73a1fadfa064199e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:8e:f3:75:45:f5:c4:4c:0c:79:3c:b3:10:c7: 5f:24:7c:68:e6:a7:01:9f:f9:25:e0:df:46:17:af: 1a:1c:f6:fb:96:f9:25:af:d4:61:b7:fe:d0:34:11: 66:ff:d2:24:cc:0d:fe:e7:df:1b:af:90:ea:c2:0d: e6:c7:77:2c:6c:50:b1:b0:da:d9:3b:77:4e:6d:33: db:60:c9:55:4e:ba:f4:e8:8b:fd:33:0f:37:dc:4f: 9e:07:7b:49:75:e4:f8:9b:f4:8c:72:62:4f:2b:ec: 61:4e:8d:3f:f4:ea:dc:7c:05:74:ca:25:32:97:59: 60:93:cf:a0:44:11:d0:71:ec:2c:8a:9a:b8:70:2d: 64:22:9e:df:d7:c4:77:1c:fb:ce:22:c6:16:ef:d4: 33:e2:38:4c:06:08:35:36:25:19:ef:8f:e1:3e:e6: 46:c4:d7:b4:73:ea:1f:96:a5:9f:79:c0:19:eb:ea: 3a:da:47:b4:d3:99:fb:54:8e:7b:ef:ca:d3:fd:29: 33:c9:0d:fa:32:59:e3:96:b9:79:f9:06:c5:29:41: 28:2d:7d:aa:f0:28:11:63:e7:cc:16:2b:8d:c2:65: b4:03:8b:16:d3:9d:24:78:96:34:a7:5c:fc:46:78: 9f:9c:c2:fd:ff:48:64:db:49:59:e9:0e:91:1d:be: 77:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:66:EE:E6:89:D9:97:33:8B:14:AE:3F:72:F1:A4:76:19:FD:DC:94 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa79bb18-b74d-4cc3-ba05-20af0f9435b1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.34.144.0/20 Signature Algorithm: sha256WithRSAEncryption 44:b3:cb:5c:86:3e:ea:28:93:e5:b4:b5:b0:ba:ea:13:74:75: 21:bb:08:9a:6e:49:0a:0b:38:24:0e:f1:3b:fa:ab:7a:20:7f: b9:0d:9f:85:bc:e7:a3:88:51:ef:63:85:c7:c1:e3:64:75:57: 83:0d:6f:8f:49:6d:db:55:b6:b2:61:2e:27:df:f3:22:dd:8e: 6f:e4:7e:32:23:e5:58:9e:82:bb:8a:b8:c8:7b:b4:84:2c:e3: 1b:64:4f:57:07:bd:c2:25:08:a0:c7:3e:03:31:0e:05:08:cf: 8c:8d:02:8a:b6:24:ae:02:e9:e9:7c:17:15:97:08:01:de:02: 3e:9b:04:20:e4:a8:ff:f1:6c:b9:f0:b1:90:55:44:8b:89:1a: 71:93:fc:fc:59:0c:ac:92:a1:7a:09:b6:4a:90:e5:95:13:05: bd:b0:8d:01:5d:1c:04:23:40:21:92:97:33:fb:46:6a:dd:6d: b6:12:43:3f:a3:4d:fd:dc:c7:bf:99:a8:1e:59:ac:84:88:23: ca:c8:06:5c:a6:6c:e0:91:12:84:5e:0b:fc:d7:fc:0b:54:81: 3b:d3:03:08:54:ba:73:01:fe:45:9f:bc:b9:82:d9:34:77:1c: 25:c0:9a:0e:75:0c:be:e5:d1:15:81:31:7d:16:b2:98:0e:e3: e7:2e:4d:c1 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUIT2bG8NQQ6XugooOX79RAnfWbSUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDIwMTUwMTFaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDExMjM5NDJiYmYzYWI0NmRhMTQ5M2FlNDBiZTdkZTY3NGJkYTUzZTU4NjEx OTljZjczYTFmYWRmYTA2NDE5OWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK6O83VF9cRMDHk8sxDHXyR8aOanAZ/5JeDfRhevGhz2+5b5Ja/UYbf+0DQR Zv/SJMwN/uffG6+Q6sIN5sd3LGxQsbDa2Tt3Tm0z22DJVU669OiL/TMPN9xPngd7 SXXk+Jv0jHJiTyvsYU6NP/Tq3HwFdMolMpdZYJPPoEQR0HHsLIqauHAtZCKe39fE dxz7ziLGFu/UM+I4TAYINTYlGe+P4T7mRsTXtHPqH5aln3nAGevqOtpHtNOZ+1SO e+/K0/0pM8kN+jJZ45a5efkGxSlBKC19qvAoEWPnzBYrjcJltAOLFtOdJHiWNKdc /EZ4n5zC/f9IZNtJWekOkR2+d/kCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQmZu7m idmXM4sUrj9y8aR2Gf3clDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YWE3OWJiMTgtYjc0ZC00Y2MzLWJhMDUtMjBhZjBmOTQzNWIxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAikDAN BgkqhkiG9w0BAQsFAAOCAQEARLPLXIY+6iiT5bS1sLrqE3R1IbsImm5JCgs4JA7x O/qreiB/uQ2fhbzno4hR72OFx8HjZHVXgw1vj0lt21W2smEuJ9/zIt2Ob+R+MiPl WJ6Cu4q4yHu0hCzjG2RPVwe9wiUIoMc+AzEOBQjPjI0CirYkrgLp6XwXFZcIAd4C PpsEIOSo//FsufCxkFVEi4kacZP8/FkMrJKhegm2SpDllRMFvbCNAV0cBCNAIZKX M/tGat1tthJDP6NN/dzHv5moHlmshIgjysgGXKZs4JEShF4L/Nf8C1SBO9MDCFS6 cwH+RZ+8uYLZNHccJcCaDnUMvuXRFYExfRaymA7j5y5NwQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:15 2025 by rpki-client