This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa File: cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa (raw, json) Hash identifier: KPMlfOHF046Xpw6ElRy3M2N0ayDGSoKE+hA7jx+sG9w= Subject key identifier: 30:C7:D5:6A:99:5D:3A:34:51:11:91:D1:EA:F8:1C:45:A8:CB:51:BB Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 29C29FEB19C73A8ACE58DBA01FEE6D60504E5B03 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa Signing time: Sat 15 Nov 2025 06:30:38 +0000 ROA not before: Sat 15 Nov 2025 06:30:38 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d032:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:c2:9f:eb:19:c7:3a:8a:ce:58:db:a0:1f:ee:6d:60:50:4e:5b:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:30:38 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=6a23feccaba756056455df4163a2bd262b76d9f799433872bd52df91d18871a3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:c2:53:0b:4d:b6:37:5d:bd:d6:1c:a0:a6:3c: 92:64:08:0a:d6:b0:c4:91:0f:6a:33:8c:be:5e:5f: 18:35:d4:e4:11:e6:57:ff:7f:12:7f:08:d8:a3:af: e9:74:d9:1b:7a:cd:38:cc:b9:c4:bd:6c:85:cb:de: 09:24:ff:48:74:89:65:db:9f:9a:d5:9f:cd:52:14: c5:06:9a:36:f9:9c:5b:16:e8:35:d2:12:a1:03:41: 44:03:18:5a:d5:c1:42:40:cd:6a:b5:9b:87:f1:a0: 72:2d:d7:80:34:c8:65:0f:02:7c:cf:ed:5c:4b:8b: 5c:1a:a4:df:3c:75:e3:43:1b:72:93:5e:f8:7a:a2: d3:c5:a1:8f:62:d4:58:86:de:f0:a3:66:97:c2:44: c7:4a:dc:9c:d1:33:b4:49:ea:42:92:09:81:c2:88: c5:a8:27:64:06:c7:bb:2e:7f:7b:c1:f0:2c:8d:dc: 0f:f2:22:5b:1a:eb:39:f4:22:b4:46:30:48:03:fc: 19:df:e4:43:59:cc:1f:53:21:54:65:25:4f:79:7a: e1:57:1c:50:48:e3:9d:42:3d:54:59:ed:e0:44:8f: c4:f9:dc:c2:3b:0c:b3:81:54:4a:cf:59:78:7c:25: 65:a8:d0:60:e7:86:b0:77:fe:2f:1f:2a:b6:b9:a4: 1c:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:C7:D5:6A:99:5D:3A:34:51:11:91:D1:EA:F8:1C:45:A8:CB:51:BB X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d032:a000::/40 Signature Algorithm: sha256WithRSAEncryption 55:b0:e0:28:4a:28:14:8e:79:ce:f0:bc:d5:f4:7d:d9:63:64: 8e:c4:36:81:8a:d2:10:aa:74:e6:08:6b:28:f0:d0:c4:b3:6e: 27:48:94:7c:b1:36:56:83:79:ac:2c:3f:e7:65:ac:96:4a:4c: b2:43:ad:50:82:3e:2a:c6:aa:5d:97:ef:eb:ea:29:ba:7b:6b: d7:e7:4c:ab:9b:fa:cf:1b:0d:1d:8c:1a:6a:c6:39:e1:e8:95: c4:b3:39:4e:47:3d:b0:7a:72:55:69:b9:70:8e:ff:6f:0a:c8: 3d:42:56:af:49:1b:5f:9e:52:4d:bd:23:a2:e1:ec:71:02:4b: a2:7e:00:82:a8:c3:71:08:24:f6:38:1b:52:fe:b1:06:cd:2b: b3:f1:aa:63:a3:36:f8:dd:ca:94:9a:8d:25:09:08:4a:46:4a: 7a:06:5d:f4:8e:b9:76:06:ec:75:89:a9:7c:85:40:15:fe:a6: 36:b3:8a:da:01:a6:0e:82:ad:1f:1d:ae:f9:04:6e:8f:cd:f4: 5b:9f:d0:69:af:65:bd:0d:ff:fa:6c:6a:43:19:fd:53:32:cf: f0:c9:1d:79:81:b0:17:16:f9:9a:a3:47:f4:b0:54:e5:bf:98: 9c:fc:22:32:c3:e7:50:b4:aa:d7:3a:b6:8d:eb:7d:c9:d0:2b: 71:7c:2c:40 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUKcKf6xnHOorOWNugH+5tYFBOWwMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjMwMzhaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDZhMjNmZWNjYWJhNzU2MDU2NDU1ZGY0MTYzYTJiZDI2MmI3NmQ5Zjc5OTQz Mzg3MmJkNTJkZjkxZDE4ODcxYTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN/CUwtNtjddvdYcoKY8kmQICtawxJEPajOMvl5fGDXU5BHmV/9/En8I2KOv 6XTZG3rNOMy5xL1shcveCST/SHSJZdufmtWfzVIUxQaaNvmcWxboNdISoQNBRAMY WtXBQkDNarWbh/Ggci3XgDTIZQ8CfM/tXEuLXBqk3zx140MbcpNe+Hqi08Whj2LU WIbe8KNml8JEx0rcnNEztEnqQpIJgcKIxagnZAbHuy5/e8HwLI3cD/IiWxrrOfQi tEYwSAP8Gd/kQ1nMH1MhVGUlT3l64VccUEjjnUI9VFnt4ESPxPncwjsMs4FUSs9Z eHwlZajQYOeGsHf+Lx8qtrmkHFUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQwx9Vq mV06NFERkdHq+BxFqMtRuzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2I0YTczZTEtYmU2Yi00Y2JhLWIxMzAtYTIyYmIzOWNmNjcxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DKg MA0GCSqGSIb3DQEBCwUAA4IBAQBVsOAoSigUjnnO8LzV9H3ZY2SOxDaBitIQqnTm CGso8NDEs24nSJR8sTZWg3msLD/nZayWSkyyQ61Qgj4qxqpdl+/r6im6e2vX50yr m/rPGw0djBpqxjnh6JXEszlORz2wenJVablwjv9vCsg9QlavSRtfnlJNvSOi4exx AkuifgCCqMNxCCT2OBtS/rEGzSuz8apjozb43cqUmo0lCQhKRkp6Bl30jrl2Bux1 ial8hUAV/qY2s4raAaYOgq0fHa75BG6PzfRbn9Bpr2W9Df/6bGpDGf1TMs/wyR15 gbAXFvmao0f0sFTlv5ic/CIyw+dQtKrXOraN633J0CtxfCxA -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:56 2025 by rpki-client