This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa File: b2928b95-2f30-4b39-bb79-f70b43a46278.roa (raw, json) Hash identifier: cqcZGR7hySNiYbJazGGJihx5+Y3IOv2r9RiYnTVuhks= Subject key identifier: 49:E2:36:01:1C:15:02:B3:AC:8C:5F:D6:B4:F5:A2:04:57:B1:EF:22 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5E17218DE81B829EAC589DE9C48A3AD60D04B9DD Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa Signing time: Tue 02 Dec 2025 01:51:28 +0000 ROA not before: Tue 02 Dec 2025 01:51:28 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 176.32.84.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:17:21:8d:e8:1b:82:9e:ac:58:9d:e9:c4:8a:3a:d6:0d:04:b9:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 2 01:51:28 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=8f1fa0635751150ea42b481b87d77969a78087e4c0a5f05ed99d5ccf82f0d87f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:3f:6c:de:50:5c:4d:9f:ba:43:10:a3:84:55: af:99:34:ba:a1:22:65:77:2b:4b:2a:de:e7:ef:b4: e4:aa:ec:91:18:07:51:27:69:33:aa:0a:11:b4:63: 1d:da:1d:7b:1d:a4:68:38:02:58:45:10:14:b5:cb: 48:b4:c1:2d:92:5f:c8:d0:9a:19:2d:ca:26:77:2a: 22:a1:a4:12:99:44:f0:15:02:fa:bb:76:19:b6:cf: 10:55:42:06:93:62:0f:6a:df:ca:01:54:32:f0:09: e4:90:a2:00:84:0c:53:08:19:4c:b1:87:58:8d:49: e6:d3:c6:3c:e1:c7:89:a9:c6:be:3b:37:40:94:a3: 1c:98:75:93:4a:60:93:f9:38:73:fc:c8:ab:5e:30: fc:55:3e:b5:38:06:f7:9a:e0:ed:c1:12:09:b6:bb: 86:b1:40:fb:44:4d:59:4a:64:15:b7:56:13:06:cc: e4:6d:99:fe:81:0c:84:22:f0:39:1e:a9:92:db:97: 88:c1:85:b3:de:97:0d:51:72:40:4d:4d:f3:a1:c3: 1f:93:cd:7e:38:ff:84:15:67:91:53:28:0e:ca:52: 85:cb:82:79:34:e1:ba:41:b8:af:f3:d4:b5:c6:4a: 09:05:38:fe:f6:7b:16:31:0f:6a:f9:95:6f:f9:da: 10:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:E2:36:01:1C:15:02:B3:AC:8C:5F:D6:B4:F5:A2:04:57:B1:EF:22 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.32.84.0/22 Signature Algorithm: sha256WithRSAEncryption b5:38:31:00:65:e9:f3:24:a9:44:29:21:63:ab:41:5a:96:42: f5:67:29:f7:9b:8d:f7:88:ed:94:b0:87:72:87:8f:e7:6d:d9: 1d:fd:3f:bf:5a:c7:01:35:71:d6:c5:17:18:b3:cf:cb:f8:6d: 93:b6:19:94:e9:f0:93:8d:1f:6a:ff:0b:e7:fe:d7:01:cd:a2: 42:c8:a4:ed:a7:b1:dc:de:e8:c9:1e:0d:55:5c:44:03:d1:34: e4:66:b0:cc:54:27:ab:7f:dc:2f:7c:7d:9d:5e:d2:a7:be:36: ae:84:e8:a5:33:9e:95:f9:01:ec:a9:8b:06:1f:7f:92:97:50: 86:ba:71:b9:e0:7b:39:93:77:d8:b6:db:0c:98:6c:8d:d6:37: a0:dd:e6:9f:6e:ff:3a:68:40:b5:ef:60:99:7c:ca:6e:93:a5: c6:34:be:fa:21:53:07:c9:fa:bd:ca:4a:47:81:3b:2b:86:86: 5d:b7:f6:c7:18:8a:1b:80:65:ad:84:75:00:e3:ad:93:13:ec: 72:c0:8d:bd:bf:11:45:57:57:56:e0:bb:7a:19:b3:f8:6b:37: a6:32:70:65:3f:ac:94:77:0b:b0:f2:3a:8a:84:ab:8e:78:9d: 56:6f:84:69:66:24:f5:5e:6b:a9:62:0a:0a:c7:eb:6a:4f:e5: 6d:21:23:ff -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUXhchjegbgp6sWJ3pxIo61g0Eud0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDIwMTUxMjhaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDhmMWZhMDYzNTc1MTE1MGVhNDJiNDgxYjg3ZDc3OTY5YTc4MDg3ZTRjMGE1 ZjA1ZWQ5OWQ1Y2NmODJmMGQ4N2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK0/bN5QXE2fukMQo4RVr5k0uqEiZXcrSyre5++05KrskRgHUSdpM6oKEbRj Hdodex2kaDgCWEUQFLXLSLTBLZJfyNCaGS3KJncqIqGkEplE8BUC+rt2GbbPEFVC BpNiD2rfygFUMvAJ5JCiAIQMUwgZTLGHWI1J5tPGPOHHianGvjs3QJSjHJh1k0pg k/k4c/zIq14w/FU+tTgG95rg7cESCba7hrFA+0RNWUpkFbdWEwbM5G2Z/oEMhCLw OR6pktuXiMGFs96XDVFyQE1N86HDH5PNfjj/hBVnkVMoDspShcuCeTThukG4r/PU tcZKCQU4/vZ7FjEPavmVb/naEM0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRJ4jYB HBUCs6yMX9a09aIEV7HvIjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YjI5MjhiOTUtMmYzMC00YjM5LWJiNzktZjcwYjQzYTQ2Mjc4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAgVDAN BgkqhkiG9w0BAQsFAAOCAQEAtTgxAGXp8ySpRCkhY6tBWpZC9Wcp95uN94jtlLCH coeP523ZHf0/v1rHATVx1sUXGLPPy/htk7YZlOnwk40fav8L5/7XAc2iQsik7aex 3N7oyR4NVVxEA9E05GawzFQnq3/cL3x9nV7Sp742roTopTOelfkB7KmLBh9/kpdQ hrpxueB7OZN32LbbDJhsjdY3oN3mn27/OmhAte9gmXzKbpOlxjS++iFTB8n6vcpK R4E7K4aGXbf2xxiKG4BlrYR1AOOtkxPscsCNvb8RRVdXVuC7ehmz+Gs3pjJwZT+s lHcLsPI6ioSrjnidVm+EaWYk9V5rqWIKCsfrak/lbSEj/w== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:23 2025 by rpki-client