This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bfae711e-b0c4-404f-be1f-a99990818ac6.roa File: bfae711e-b0c4-404f-be1f-a99990818ac6.roa (raw, json) Hash identifier: VxmAbVXsj7um+xB8NSU2y1AsP5QE8ezo1fWxXE6VWl0= Subject key identifier: 08:73:57:86:4C:8D:7C:CE:98:C6:58:FD:F4:8B:6E:82:CB:87:00:40 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 0BD25915DBC7F530EAE522A9AABC1F7CB33E1B42 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bfae711e-b0c4-404f-be1f-a99990818ac6.roa Signing time: Wed 10 Dec 2025 06:20:59 +0000 ROA not before: Wed 10 Dec 2025 06:20:59 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 79.125.0.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:d2:59:15:db:c7:f5:30:ea:e5:22:a9:aa:bc:1f:7c:b3:3e:1b:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:20:59 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=5fb740d9fd416014e878aad2f27a2edc0038c317f5c85b00bb537c1f18abfd74, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:85:14:a5:c0:94:20:9f:f4:41:78:44:35:ef:51: 05:55:35:32:97:b9:75:6a:e4:5d:e8:18:2b:b3:53: d0:78:56:76:7b:a5:88:48:d2:ed:e5:0a:b0:f9:76: 40:97:d6:66:9a:b2:e8:2d:c4:44:02:db:e0:d3:b3: fb:c8:f0:45:69:65:ec:ea:87:4e:01:f9:a2:d1:66: 6c:59:b0:0c:44:43:ac:ac:43:40:19:99:b4:38:a2: 62:fc:25:8a:51:39:54:e1:3b:e6:5a:61:2c:74:a7: 4e:fc:ee:59:87:38:e6:5b:f2:46:d9:54:bf:be:3d: 9f:17:3e:ce:30:be:00:f2:55:6f:73:58:7f:53:87: c6:15:9d:d0:97:fd:41:a9:f1:7c:3b:76:2d:83:5d: 20:01:60:94:6e:3c:72:44:9f:bc:db:fb:3e:17:c1: 36:e8:fc:73:06:8c:e5:10:24:94:e3:8b:65:52:9b: 5d:65:28:01:b2:7b:e5:c3:3e:10:bd:3c:60:33:e6: 1b:9d:08:7a:a8:e2:1c:c4:84:68:12:71:e6:bc:c4: 6e:8a:54:9d:42:23:3f:7d:f1:94:af:c6:63:78:bb: 6a:97:c1:73:2a:6d:68:a8:e4:eb:09:0a:ed:1f:ce: 16:f8:1c:21:db:72:a6:ef:1d:0d:82:09:f4:86:a0: 80:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:73:57:86:4C:8D:7C:CE:98:C6:58:FD:F4:8B:6E:82:CB:87:00:40 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bfae711e-b0c4-404f-be1f-a99990818ac6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 79.125.0.0/23 Signature Algorithm: sha256WithRSAEncryption bb:0f:2a:9c:2e:e0:e2:c4:36:18:e4:0e:fb:56:6b:79:03:f9: 68:d7:dc:38:fe:b5:4f:0b:a4:39:49:18:3b:41:80:32:c2:d3: 36:9d:81:fd:8a:f1:2e:3e:97:d1:a6:ce:af:36:ac:09:17:68: 67:f3:f4:8b:5d:42:45:ab:1d:b3:f0:be:a9:8e:2b:c5:f2:46: 91:9b:1c:ae:9b:31:57:46:ed:0e:89:36:3b:c6:28:a4:14:c2: 7e:1a:31:62:00:50:39:9f:a4:3d:d5:5f:ab:2f:65:33:6f:b3: 76:c1:f5:04:7c:99:15:3b:a0:a6:64:c3:ca:5b:c9:49:5e:7a: fc:96:31:0e:a4:59:4f:16:bb:a9:2b:87:f6:7b:d8:9b:94:ca: fb:4e:b2:ab:cc:67:f4:92:92:96:52:bf:e3:68:59:7e:59:dd: 37:70:f5:a6:eb:67:82:6e:ee:d3:d9:8c:47:d1:59:d8:30:41: 04:17:9b:94:0e:4b:2e:23:4a:cb:05:39:5a:43:86:65:38:73: f9:48:c6:f6:7d:f6:59:f8:71:ab:ab:8b:63:34:a0:84:01:91: b8:0b:3d:cc:7f:a2:e8:f1:4d:84:c9:81:9b:33:8f:eb:f2:42: 0b:98:3d:7f:c9:0d:1d:32:da:11:86:71:49:18:45:eb:6a:81: d3:60:86:82 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUC9JZFdvH9TDq5SKpqrwffLM+G0IwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIwNTlaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDVmYjc0MGQ5ZmQ0MTYwMTRlODc4YWFkMmYyN2EyZWRjMDAzOGMzMTdmNWM4 NWIwMGJiNTM3YzFmMThhYmZkNzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIUUpcCUIJ/0QXhENe9RBVU1Mpe5dWrkXegYK7NT0HhWdnuliEjS7eUKsPl2 QJfWZpqy6C3ERALb4NOz+8jwRWll7OqHTgH5otFmbFmwDERDrKxDQBmZtDiiYvwl ilE5VOE75lphLHSnTvzuWYc45lvyRtlUv749nxc+zjC+APJVb3NYf1OHxhWd0Jf9 QanxfDt2LYNdIAFglG48ckSfvNv7PhfBNuj8cwaM5RAklOOLZVKbXWUoAbJ75cM+ EL08YDPmG50IeqjiHMSEaBJx5rzEbopUnUIjP33xlK/GY3i7apfBcyptaKjk6wkK 7R/OFvgcIdtypu8dDYIJ9IaggIMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQIc1eG TI18zpjGWP30i26Cy4cAQDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YmZhZTcxMWUtYjBjNC00MDRmLWJlMWYtYTk5OTkwODE4YWM2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAU99ADAN BgkqhkiG9w0BAQsFAAOCAQEAuw8qnC7g4sQ2GOQO+1ZreQP5aNfcOP61TwukOUkY O0GAMsLTNp2B/YrxLj6X0abOrzasCRdoZ/P0i11CRasds/C+qY4rxfJGkZscrpsx V0btDok2O8YopBTCfhoxYgBQOZ+kPdVfqy9lM2+zdsH1BHyZFTugpmTDylvJSV56 /JYxDqRZTxa7qSuH9nvYm5TK+06yq8xn9JKSllK/42hZflndN3D1putngm7u09mM R9FZ2DBBBBeblA5LLiNKywU5WkOGZThz+UjG9n32Wfhxq6uLYzSghAGRuAs9zH+i 6PFNhMmBmzOP6/JCC5g9f8kNHTLaEYZxSRhF62qB02CGgg== -----END CERTIFICATE-----Generated at Mon Dec 15 15:28:59 2025 by rpki-client