This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf0cf493-d65d-4886-a341-bcbb40fbf10b.roa File: bf0cf493-d65d-4886-a341-bcbb40fbf10b.roa (raw, json) Hash identifier: UYQcF9hWMpsz4W+v4E1lsGUplaYqxrlXRAwhDBAdtx0= Subject key identifier: 29:BE:73:E8:0B:7E:98:E7:6F:8D:C8:29:47:0E:0B:F8:D8:DA:CA:65 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 7241E3CD53FC079F289042BAB1E5BDE92039E028 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf0cf493-d65d-4886-a341-bcbb40fbf10b.roa Signing time: Tue 02 Dec 2025 01:51:06 +0000 ROA not before: Tue 02 Dec 2025 01:51:06 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d074:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:41:e3:cd:53:fc:07:9f:28:90:42:ba:b1:e5:bd:e9:20:39:e0:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 2 01:51:06 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=b12fdda38a78f859d10a82853fac7ed2bc1d92268ed97d7c1e68fe54a8c799ed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:9c:43:08:84:f0:a1:34:30:32:47:b8:e2:d9: 30:25:9e:7c:10:cf:5b:ea:8f:f1:ed:7d:b6:cb:3f: 4e:4f:34:ee:7b:77:12:56:22:31:e4:d2:12:97:45: 0a:4e:0a:9c:97:8c:6d:0c:d8:8e:0c:cd:3a:6b:84: bb:79:b3:a3:e6:31:ac:9b:85:c6:ff:2d:54:93:d5: ee:15:81:d6:7c:8f:ae:57:b2:eb:e8:29:e1:dd:11: 2b:85:05:9b:20:91:eb:1f:7d:3d:da:e8:32:85:bd: 91:b8:26:aa:c9:1c:16:84:85:24:58:ac:23:39:7e: 8c:18:f7:85:d1:5e:2f:0e:7b:92:04:fd:6b:09:b7: 29:4a:43:d5:ef:d9:b2:dc:ed:20:99:ec:f3:df:de: 38:4e:e6:96:89:df:23:75:7e:d0:f4:36:04:63:f2: e9:6e:77:41:4a:0a:09:9b:68:95:14:36:38:7f:c7: 85:2d:38:12:92:6f:0f:f3:38:87:62:8a:f4:f8:87: d2:be:c9:4f:aa:c6:d4:62:f9:9b:6c:aa:c4:88:79: b0:8d:9b:03:19:6f:9a:c1:38:56:38:59:e0:20:0a: 7e:2c:5f:ed:84:da:00:75:f2:eb:e5:fd:2f:dc:ee: df:66:2f:a1:4f:22:76:7a:54:28:e6:87:6c:01:e2: cc:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:BE:73:E8:0B:7E:98:E7:6F:8D:C8:29:47:0E:0B:F8:D8:DA:CA:65 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf0cf493-d65d-4886-a341-bcbb40fbf10b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d074:4000::/40 Signature Algorithm: sha256WithRSAEncryption a0:c4:7e:0f:1a:17:48:5d:98:24:d3:25:72:8c:fe:a4:46:4d: 8f:ed:b1:03:d1:f6:39:12:5b:7c:45:3d:37:51:89:46:85:8e: 90:6c:c2:7b:c4:cc:9e:06:97:94:1a:94:b9:24:9c:cd:ee:88: f6:a4:f9:54:a7:c5:e8:6b:f9:a5:f5:95:0f:0b:69:1e:6f:c1: 65:20:96:34:16:4c:a5:f0:31:33:2d:79:dd:a4:b2:55:90:a2: c3:d1:2e:f2:32:fc:dc:ad:af:2e:53:6d:f0:9d:cf:64:46:64: 23:55:bc:9a:48:c7:39:9d:ad:fa:57:4d:81:69:0c:c5:d7:a2: 4a:1c:84:3f:83:dd:6b:86:5e:01:d7:de:26:6e:40:db:22:86: e6:7f:09:cd:00:99:56:08:81:9b:bc:03:58:cf:8b:12:df:af: 75:06:a5:9f:8b:b8:2a:0b:af:68:6f:32:9d:63:48:40:61:52: d9:2f:30:d0:04:d8:6a:a1:4c:bb:e4:60:2a:1f:b0:3f:c5:52: 0c:24:2b:a3:5c:95:06:a7:0a:5e:3f:c5:06:af:13:fc:5c:cf: e0:42:14:fa:ab:33:ea:68:4f:3a:5f:3d:6f:32:e7:f6:aa:9f: 04:6a:ab:34:df:97:49:4b:af:e6:8c:50:00:2f:5e:cd:25:9e: 14:58:c0:50 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUckHjzVP8B58okEK6seW96SA54CgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDIwMTUxMDZaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGIxMmZkZGEzOGE3OGY4NTlkMTBhODI4NTNmYWM3ZWQyYmMxZDkyMjY4ZWQ5 N2Q3YzFlNjhmZTU0YThjNzk5ZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOmcQwiE8KE0MDJHuOLZMCWefBDPW+qP8e19tss/Tk807nt3ElYiMeTSEpdF Ck4KnJeMbQzYjgzNOmuEu3mzo+YxrJuFxv8tVJPV7hWB1nyPrley6+gp4d0RK4UF myCR6x99PdroMoW9kbgmqskcFoSFJFisIzl+jBj3hdFeLw57kgT9awm3KUpD1e/Z stztIJns89/eOE7mlonfI3V+0PQ2BGPy6W53QUoKCZtolRQ2OH/HhS04EpJvD/M4 h2KK9PiH0r7JT6rG1GL5m2yqxIh5sI2bAxlvmsE4VjhZ4CAKfixf7YTaAHXy6+X9 L9zu32YvoU8idnpUKOaHbAHizLcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQpvnPo C36Y52+NyClHDgv42NrKZTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YmYwY2Y0OTMtZDY1ZC00ODg2LWEzNDEtYmNiYjQwZmJmMTBiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HRA MA0GCSqGSIb3DQEBCwUAA4IBAQCgxH4PGhdIXZgk0yVyjP6kRk2P7bED0fY5Elt8 RT03UYlGhY6QbMJ7xMyeBpeUGpS5JJzN7oj2pPlUp8Xoa/ml9ZUPC2keb8FlIJY0 Fkyl8DEzLXndpLJVkKLD0S7yMvzcra8uU23wnc9kRmQjVbyaSMc5na36V02BaQzF 16JKHIQ/g91rhl4B194mbkDbIobmfwnNAJlWCIGbvANYz4sS3691BqWfi7gqC69o bzKdY0hAYVLZLzDQBNhqoUy75GAqH7A/xVIMJCujXJUGpwpeP8UGrxP8XM/gQhT6 qzPqaE86Xz1vMuf2qp8Eaqs035dJS6/mjFAAL17NJZ4UWMBQ -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:26 2025 by rpki-client