This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2048b1c-363b-4b59-9d56-dc72187194a3.roa File: b2048b1c-363b-4b59-9d56-dc72187194a3.roa (raw, json) Hash identifier: aZKCZixv8YHbaqbeLeLvaSApXwp69srzfBZlBJ7H7A0= Subject key identifier: 26:65:66:C7:12:FF:35:6C:A0:52:9E:0C:55:FA:FA:86:42:12:43:BB Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1BACE5EBB3F982E1508266F981948837BD2E5BBC Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2048b1c-363b-4b59-9d56-dc72187194a3.roa Signing time: Tue 02 Dec 2025 02:00:07 +0000 ROA not before: Tue 02 Dec 2025 02:00:07 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 176.34.20.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:ac:e5:eb:b3:f9:82:e1:50:82:66:f9:81:94:88:37:bd:2e:5b:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 2 02:00:07 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=39215d658b72e4678129f4bbef1824488beaa213c65e83f262ed9837b083a972, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:c9:fa:3c:ec:06:cf:5a:93:9f:e8:06:5f:08: bf:86:6a:de:80:fc:77:d0:19:9f:c4:6b:6f:7c:75: 6c:85:33:38:a0:d9:c0:ca:cb:7c:e1:4b:fa:bd:f9: 9e:35:59:cc:dd:c4:04:63:98:35:b0:73:56:5b:a0: 22:c5:f5:c1:69:47:75:ff:1d:c3:7d:7c:9e:1e:32: 5c:4e:84:2c:24:96:ad:6c:44:c7:5d:11:7b:83:fd: e3:b7:cb:9b:18:f6:14:f4:a1:ad:a1:73:53:a7:16: 7c:3a:ec:8e:77:34:ff:6d:18:dc:e1:c3:30:37:32: 1c:5f:8e:62:73:d5:8e:21:9a:f3:58:46:a8:52:6e: ee:0b:32:87:51:2e:af:fa:3b:f2:56:f0:b3:f6:84: 42:fe:f7:92:87:1d:be:4a:98:01:e4:06:46:1d:52: 2a:b4:de:23:81:20:25:36:30:c9:fd:32:b7:9d:56: 82:6b:45:6d:52:a7:f6:92:b0:02:24:e8:b1:fa:87: 7a:3a:91:a0:ab:4e:f1:b7:13:fe:fb:61:b7:0a:79: cc:3a:a6:0f:3c:6d:ba:03:73:4b:02:67:45:58:35: 09:7e:8d:86:f1:2b:5e:ac:1c:b5:ae:be:38:1b:1f: 17:03:b2:24:ef:c2:f1:07:1c:08:74:16:bc:54:2e: b4:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:65:66:C7:12:FF:35:6C:A0:52:9E:0C:55:FA:FA:86:42:12:43:BB X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2048b1c-363b-4b59-9d56-dc72187194a3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.34.20.0/22 Signature Algorithm: sha256WithRSAEncryption 1b:b4:14:46:96:c1:6f:56:73:d8:76:3c:3f:c2:14:bf:4d:ef: 18:31:1a:ff:2e:a5:76:46:d4:70:be:5e:d6:48:7a:a5:4c:70: 1e:40:15:c5:d4:36:59:5f:ca:92:d5:91:7a:d8:7d:bb:87:33: b8:63:10:e4:a4:f5:61:1f:52:fc:66:47:e1:cd:4f:d2:03:03: 50:a2:98:5b:86:c9:74:87:55:96:88:48:aa:cf:f7:58:e2:fc: a1:30:a5:1a:10:17:87:39:f8:75:4d:0d:66:7c:6a:96:88:41: 04:25:0c:a3:28:31:72:dd:e4:6b:80:ed:2b:21:06:10:fa:9a: 6f:50:5f:82:c9:ad:53:17:2c:1c:54:63:2d:8f:6c:8f:56:29: 9d:c6:60:73:a9:a8:00:3f:d0:eb:6c:ed:c6:a2:70:dc:00:5f: ba:d8:d2:20:b2:15:13:a8:85:a2:ad:45:f7:22:a9:7b:9e:7a: 05:e4:70:20:af:8e:17:a9:e4:de:0f:2b:d2:11:46:84:c1:11: 5f:63:41:2a:e8:f8:54:72:b7:0d:90:54:12:fa:69:78:a9:8d: 12:83:de:ae:0a:e5:e5:7a:44:da:12:d6:06:eb:56:7c:bb:2d: 48:8c:3d:5f:a9:b9:29:21:12:b5:19:5a:fe:61:58:2b:ce:dd: ec:fb:79:2b -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUG6zl67P5guFQgmb5gZSIN70uW7wwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDIwMjAwMDdaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDM5MjE1ZDY1OGI3MmU0Njc4MTI5ZjRiYmVmMTgyNDQ4OGJlYWEyMTNjNjVl ODNmMjYyZWQ5ODM3YjA4M2E5NzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK3J+jzsBs9ak5/oBl8Iv4Zq3oD8d9AZn8Rrb3x1bIUzOKDZwMrLfOFL+r35 njVZzN3EBGOYNbBzVlugIsX1wWlHdf8dw318nh4yXE6ELCSWrWxEx10Re4P947fL mxj2FPShraFzU6cWfDrsjnc0/20Y3OHDMDcyHF+OYnPVjiGa81hGqFJu7gsyh1Eu r/o78lbws/aEQv73kocdvkqYAeQGRh1SKrTeI4EgJTYwyf0yt51WgmtFbVKn9pKw AiTosfqHejqRoKtO8bcT/vthtwp5zDqmDzxtugNzSwJnRVg1CX6NhvErXqwcta6+ OBsfFwOyJO/C8QccCHQWvFQutGUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQmZWbH Ev81bKBSngxV+vqGQhJDuzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YjIwNDhiMWMtMzYzYi00YjU5LTlkNTYtZGM3MjE4NzE5NGEzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiFDAN BgkqhkiG9w0BAQsFAAOCAQEAG7QURpbBb1Zz2HY8P8IUv03vGDEa/y6ldkbUcL5e 1kh6pUxwHkAVxdQ2WV/KktWReth9u4czuGMQ5KT1YR9S/GZH4c1P0gMDUKKYW4bJ dIdVlohIqs/3WOL8oTClGhAXhzn4dU0NZnxqlohBBCUMoygxct3ka4DtKyEGEPqa b1BfgsmtUxcsHFRjLY9sj1YpncZgc6moAD/Q62ztxqJw3ABfutjSILIVE6iFoq1F 9yKpe556BeRwIK+OF6nk3g8r0hFGhMERX2NBKuj4VHK3DZBUEvppeKmNEoPergrl 5XpE2hLWButWfLstSIw9X6m5KSEStRla/mFYK87d7Pt5Kw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:34 2025 by rpki-client