This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bfae711e-b0c4-404f-be1f-a99990818ac6.roa File: bfae711e-b0c4-404f-be1f-a99990818ac6.roa (raw, json) Hash identifier: RPE4/DI1Y1fqnsLPS63RRBlvVpfQ4/IYqpNAIQBEZvo= Subject key identifier: 3C:34:4F:39:6D:CE:CB:C5:DB:0C:41:68:1F:00:08:C8:2A:47:7A:85 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 56F92CCA4375E8ED285429D07C8697ED128B22FF Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bfae711e-b0c4-404f-be1f-a99990818ac6.roa Signing time: Sat 15 Nov 2025 06:30:51 +0000 ROA not before: Sat 15 Nov 2025 06:30:51 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 79.125.0.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:f9:2c:ca:43:75:e8:ed:28:54:29:d0:7c:86:97:ed:12:8b:22:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:30:51 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=ba8f70714e6f066ace6e6d66d61636bc6338fecd6325339a6bed8c0d05dee254, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:21:90:9f:eb:29:c1:d6:60:f1:e9:22:e4:7f: ab:1b:96:dd:f5:2b:d5:02:63:0c:5c:ae:7f:0a:1c: 8d:86:a9:87:55:5c:ef:83:a7:ab:7e:f4:d6:a6:96: 28:2d:53:da:8f:57:5c:7b:88:82:eb:71:d8:68:f8: 09:44:1b:c0:c8:31:00:f9:3d:2e:98:8b:ea:4a:96: f6:6c:ae:d1:3c:c3:8c:67:b3:81:f1:ce:e6:7c:73: fa:4c:ca:67:65:d5:d9:90:e7:ce:d0:f3:1e:a6:cb: 99:51:ce:6b:5d:dd:7b:da:66:b4:30:77:8f:7c:51: ce:8d:6a:77:bd:76:3e:d1:b6:4c:9b:69:de:89:6f: ce:9b:2c:60:77:35:b3:7f:df:2f:fe:7a:82:18:7f: 00:e6:d5:6d:37:c6:24:55:bc:c8:d3:9d:7d:65:73: d6:20:5c:44:35:c6:e8:03:4c:ba:ab:95:4a:a8:90: 27:d3:48:9a:c7:d3:91:90:a0:ee:2e:10:e3:ae:43: 91:13:88:67:8b:99:c4:1b:b3:45:72:df:f2:62:81: f3:e2:5c:c9:bf:7c:4a:db:2f:7a:92:ca:0a:dd:7e: fb:9c:c0:67:58:4e:7d:9b:9e:5c:55:aa:3b:24:93: 48:5e:a0:4c:5e:d8:19:4f:6a:03:b4:02:24:9e:a0: c0:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:34:4F:39:6D:CE:CB:C5:DB:0C:41:68:1F:00:08:C8:2A:47:7A:85 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bfae711e-b0c4-404f-be1f-a99990818ac6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 79.125.0.0/23 Signature Algorithm: sha256WithRSAEncryption 00:78:7e:70:99:c9:d2:91:49:01:8c:50:19:c8:74:27:7a:fc: f9:db:c3:00:2e:73:91:f3:ac:dc:66:e6:fa:c0:49:0b:c1:33: ca:f2:b6:46:fe:45:cc:13:4a:83:e4:dc:88:1e:ef:11:cf:3a: 98:1a:a6:0b:4d:45:cc:31:6f:c4:76:22:33:bf:01:72:55:0b: fc:42:46:62:fc:7b:e5:0f:ba:22:d6:e7:22:5f:ee:4e:a3:df: 4c:20:a4:1b:a4:e5:b0:78:9f:86:bf:9b:3f:40:88:47:e9:80: be:60:2c:f6:d4:ca:c8:de:90:da:49:e3:dd:52:8e:57:ab:e7: 6b:2d:0a:04:70:c9:5f:8f:7a:ee:bd:f9:b7:02:f3:6f:3f:b9: 08:15:fb:30:7b:aa:85:17:e4:d2:cf:07:3a:78:43:4f:6e:3d: 2e:bf:aa:44:a9:e5:a2:a3:c9:6a:0b:2e:06:52:9f:d7:2b:5d: 24:a8:df:17:f2:a0:ca:38:30:1f:47:56:1c:f1:c8:cf:42:da: f8:6e:0d:b5:33:5e:a5:21:15:a0:ee:05:86:67:8d:84:e8:6a: bd:f2:0f:7d:08:d3:09:1f:d0:95:d6:b9:75:31:a5:31:6b:c2: 82:56:7b:3a:16:a8:ef:75:02:ea:35:d6:89:39:0f:5f:2c:58: 00:b5:6a:cc -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUVvksykN16O0oVCnQfIaX7RKLIv8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjMwNTFaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGJhOGY3MDcxNGU2ZjA2NmFjZTZlNmQ2NmQ2MTYzNmJjNjMzOGZlY2Q2MzI1 MzM5YTZiZWQ4YzBkMDVkZWUyNTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALchkJ/rKcHWYPHpIuR/qxuW3fUr1QJjDFyufwocjYaph1Vc74Onq3701qaW KC1T2o9XXHuIgutx2Gj4CUQbwMgxAPk9LpiL6kqW9myu0TzDjGezgfHO5nxz+kzK Z2XV2ZDnztDzHqbLmVHOa13de9pmtDB3j3xRzo1qd712PtG2TJtp3olvzpssYHc1 s3/fL/56ghh/AObVbTfGJFW8yNOdfWVz1iBcRDXG6ANMuquVSqiQJ9NImsfTkZCg 7i4Q465DkROIZ4uZxBuzRXLf8mKB8+Jcyb98StsvepLKCt1++5zAZ1hOfZueXFWq OySTSF6gTF7YGU9qA7QCJJ6gwE0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ8NE85 bc7LxdsMQWgfAAjIKkd6hTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YmZhZTcxMWUtYjBjNC00MDRmLWJlMWYtYTk5OTkwODE4YWM2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAU99ADAN BgkqhkiG9w0BAQsFAAOCAQEAAHh+cJnJ0pFJAYxQGch0J3r8+dvDAC5zkfOs3Gbm +sBJC8EzyvK2Rv5FzBNKg+TciB7vEc86mBqmC01FzDFvxHYiM78BclUL/EJGYvx7 5Q+6ItbnIl/uTqPfTCCkG6TlsHifhr+bP0CIR+mAvmAs9tTKyN6Q2knj3VKOV6vn ay0KBHDJX4967r35twLzbz+5CBX7MHuqhRfk0s8HOnhDT249Lr+qRKnloqPJagsu BlKf1ytdJKjfF/KgyjgwH0dWHPHIz0La+G4NtTNepSEVoO4FhmeNhOhqvfIPfQjT CR/Qlda5dTGlMWvCglZ7Ohao73UC6jXWiTkPXyxYALVqzA== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:55 2025 by rpki-client