This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1697edb-eb6c-486d-a5cc-c22724b14f96.roa File: b1697edb-eb6c-486d-a5cc-c22724b14f96.roa (raw, json) Hash identifier: oru8zTcFa8seMKTUAI0NALA+K/M5zQFVrsD4URznPNI= Subject key identifier: 25:41:9B:04:86:1A:24:D0:6C:A2:DD:A8:94:AE:92:82:BC:64:23:84 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 447A7724BE8B609EAFC711348249E8D08B4ADBBF Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1697edb-eb6c-486d-a5cc-c22724b14f96.roa Signing time: Sat 29 Nov 2025 03:00:41 +0000 ROA not before: Sat 29 Nov 2025 03:00:41 +0000 ROA not after: Fri 27 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 46.137.170.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:7a:77:24:be:8b:60:9e:af:c7:11:34:82:49:e8:d0:8b:4a:db:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 29 03:00:41 2025 GMT Not After : Feb 27 23:59:59 2026 GMT Subject: serialNumber=cb127637ccde3a5572ad00d94631af8d6a8f5355fd06621be0a800f9e4c88d2a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:af:1d:ed:79:47:8f:2b:0d:46:62:d8:e7:a4: 9f:b2:f3:36:2f:ae:f3:56:a5:c0:0d:e6:f0:1a:05: 0f:38:ae:ca:af:56:0b:6d:9d:cc:ce:07:25:46:5e: 25:bb:8a:ee:b8:ba:01:f7:53:e5:c7:57:c0:90:fa: 18:9c:4d:08:d3:41:48:24:bf:bc:56:37:b7:fd:00: ff:e5:3d:6f:f2:2e:50:6c:03:62:c8:c1:30:dc:36: 3f:b6:f1:f4:f5:eb:df:2d:d3:65:0b:9a:57:f1:a6: 96:aa:19:a6:55:9f:b2:45:0f:fb:bf:25:9e:a2:65: cc:27:18:08:86:49:d2:5c:f5:a0:69:23:c4:6a:db: 22:48:db:c4:12:67:90:94:21:d9:3c:dc:c2:d6:67: 9e:ce:38:3c:b0:2c:d6:5e:a6:0c:88:05:fe:0a:a0: 9b:29:03:df:fd:60:79:fe:57:10:8d:f5:2b:09:c6: 79:11:8b:bb:9a:27:4b:98:cf:a5:8c:76:58:1f:79: f0:c4:1f:92:10:62:bc:ca:e1:58:d7:30:fd:9e:8c: 98:cb:07:95:03:b1:71:b8:9e:57:98:31:e2:e0:24: 2a:d3:df:86:8c:76:d1:f3:05:ac:fe:2f:4d:c4:f9: 41:85:ea:79:af:5d:9e:a1:53:3b:b6:37:99:8c:c0: 01:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:41:9B:04:86:1A:24:D0:6C:A2:DD:A8:94:AE:92:82:BC:64:23:84 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1697edb-eb6c-486d-a5cc-c22724b14f96.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.137.170.0/24 Signature Algorithm: sha256WithRSAEncryption b5:ba:8a:7b:45:0f:d6:6d:75:a0:18:16:10:08:5a:a5:66:b4: 9c:20:fc:d2:73:ad:b7:d4:62:05:2f:c1:65:17:d1:3e:70:fb: 2a:42:a4:b2:71:bc:02:8a:eb:5e:90:2f:b0:64:7b:dc:f3:ad: e0:7e:17:38:b0:57:5f:30:58:35:b1:7d:21:a7:1b:36:cc:8e: c5:a0:83:78:f2:0c:80:8b:b7:06:9d:ec:ae:ae:ad:5f:c6:e4: 26:c8:0f:c5:58:d4:78:d4:04:a6:ee:c7:35:fc:2c:1d:5b:2f: 94:06:92:ba:c6:1f:1c:2c:f8:18:75:47:77:07:03:2b:e2:85: 99:00:a7:fe:c6:d0:fd:31:56:0e:52:8a:af:0e:2e:ca:3c:ef: 62:ed:95:1f:8b:82:34:b4:23:ff:58:8b:92:2b:54:45:69:41: f7:30:95:c2:18:b2:c6:ee:67:83:e4:28:f7:da:ce:80:82:eb: 6d:08:2f:34:75:0a:67:a2:fb:31:14:cf:47:eb:2e:45:75:d2: fe:8e:64:16:15:74:38:d2:66:58:5c:f4:08:fd:c6:66:8d:18: 3e:14:29:c2:a9:2b:8c:12:92:47:7c:76:fc:0d:e8:e2:66:87: 3c:97:5c:70:b6:31:6a:b1:36:37:be:68:6e:62:17:3e:63:cb: 3f:e9:ba:48 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIURHp3JL6LYJ6vxxE0gkno0ItK278wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjkwMzAwNDFaFw0yNjAyMjcyMzU5NTlaMHoxSTBHBgNV BAUTQGNiMTI3NjM3Y2NkZTNhNTU3MmFkMDBkOTQ2MzFhZjhkNmE4ZjUzNTVmZDA2 NjIxYmUwYTgwMGY5ZTRjODhkMmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANCvHe15R48rDUZi2Oekn7LzNi+u81alwA3m8BoFDziuyq9WC22dzM4HJUZe JbuK7ri6AfdT5cdXwJD6GJxNCNNBSCS/vFY3t/0A/+U9b/IuUGwDYsjBMNw2P7bx 9PXr3y3TZQuaV/GmlqoZplWfskUP+78lnqJlzCcYCIZJ0lz1oGkjxGrbIkjbxBJn kJQh2TzcwtZnns44PLAs1l6mDIgF/gqgmykD3/1gef5XEI31KwnGeRGLu5onS5jP pYx2WB958MQfkhBivMrhWNcw/Z6MmMsHlQOxcbieV5gx4uAkKtPfhox20fMFrP4v TcT5QYXqea9dnqFTO7Y3mYzAAfECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQlQZsE hhok0Gyi3aiUrpKCvGQjhDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YjE2OTdlZGItZWI2Yy00ODZkLWE1Y2MtYzIyNzI0YjE0Zjk2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC6JqjAN BgkqhkiG9w0BAQsFAAOCAQEAtbqKe0UP1m11oBgWEAhapWa0nCD80nOtt9RiBS/B ZRfRPnD7KkKksnG8AorrXpAvsGR73POt4H4XOLBXXzBYNbF9IacbNsyOxaCDePIM gIu3Bp3srq6tX8bkJsgPxVjUeNQEpu7HNfwsHVsvlAaSusYfHCz4GHVHdwcDK+KF mQCn/sbQ/TFWDlKKrw4uyjzvYu2VH4uCNLQj/1iLkitURWlB9zCVwhiyxu5ng+Qo 99rOgILrbQgvNHUKZ6L7MRTPR+suRXXS/o5kFhV0ONJmWFz0CP3GZo0YPhQpwqkr jBKSR3x2/A3o4maHPJdccLYxarE2N75obmIXPmPLP+m6SA== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:58 2025 by rpki-client