This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cdc11efb-9ca2-4459-b55a-43b03e67b183.roa File: cdc11efb-9ca2-4459-b55a-43b03e67b183.roa (raw, json) Hash identifier: AhBXXeunxhLK2q3eJpmc+2mg+zj+9LAAUutGTkfpqx4= Subject key identifier: ED:43:F7:0D:C5:0C:42:27:D8:6C:D1:54:84:37:D4:3C:59:61:FD:E4 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 52B66E3E70D9CCF97F9259C15B7E36B471E090CF Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cdc11efb-9ca2-4459-b55a-43b03e67b183.roa Signing time: Tue 02 Dec 2025 02:00:08 +0000 ROA not before: Tue 02 Dec 2025 02:00:08 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 176.32.64.0/18 maxlen: 18 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:b6:6e:3e:70:d9:cc:f9:7f:92:59:c1:5b:7e:36:b4:71:e0:90:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 2 02:00:08 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=3953fc047865a3594c948c12a7a03a2dedd085b27729ea08fff773ef3d1bd0f8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:af:bc:12:d3:5f:c1:60:2d:fb:50:dc:ef:42: 4d:3b:cb:4a:49:0e:23:89:f6:3c:4e:02:45:60:f5: 8e:cc:b0:c8:32:c5:65:00:a6:f7:b5:47:aa:8e:43: cf:a1:bf:d2:b2:92:54:58:28:57:a2:c4:97:3d:a8: 90:19:d0:9a:c2:ab:71:bf:e4:cd:ff:95:18:1a:ab: 94:98:53:15:04:14:40:20:cb:98:b1:aa:07:35:85: cf:5a:52:28:67:e2:d9:e2:35:e7:b0:6b:a4:0d:aa: 94:1a:0e:ea:6c:13:46:1d:5b:84:29:ec:03:3e:f7: 5c:14:b8:14:c1:48:5c:50:fb:94:2a:95:c3:24:75: d9:38:56:79:5e:de:67:4a:44:5b:81:ab:a2:84:d4: c5:05:dd:df:0e:59:3f:a4:c1:a9:3b:91:12:21:db: b1:07:42:b2:ff:fd:af:12:3b:7d:46:ff:30:a1:e6: b1:8f:92:0f:e1:68:06:64:2a:b3:7c:d1:7b:4f:c4: e4:7f:72:42:72:24:cf:d8:ae:49:78:28:53:0a:81: 23:22:21:82:8c:c4:d9:cc:bd:aa:9d:25:be:b6:c1: 86:39:bb:27:bf:1f:68:23:bf:4f:69:78:d5:1e:9a: d4:1c:4c:ba:f4:a3:5f:ad:79:1e:81:2f:08:bc:a0: 5f:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:43:F7:0D:C5:0C:42:27:D8:6C:D1:54:84:37:D4:3C:59:61:FD:E4 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cdc11efb-9ca2-4459-b55a-43b03e67b183.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.32.64.0/18 Signature Algorithm: sha256WithRSAEncryption ca:55:25:b2:e8:58:c4:22:71:91:9a:80:f1:d7:6c:73:00:ed: d4:d6:c2:fc:22:8e:ea:b5:06:c2:e5:9a:a5:a7:e9:d2:ef:a1: 5f:b4:4f:07:93:fe:c3:b1:3e:d1:95:1a:ac:22:0f:2b:83:30: 3d:b3:64:c5:cd:49:da:33:bc:07:67:37:0b:df:50:ff:60:5d: f6:5e:23:c2:38:cc:d1:e6:68:6d:af:01:cf:b8:43:00:2f:b1: cc:57:25:8b:f4:e0:f9:b1:e4:c5:64:cb:6f:43:ba:09:9a:66: a1:b8:07:79:0a:5b:19:8c:82:53:e0:1a:80:8e:d0:80:31:1b: c8:1d:4e:a3:30:03:c7:35:1c:ac:c8:1b:c2:d0:74:0a:b6:1b: 04:ce:5c:88:49:e9:e5:a7:ef:b3:95:66:45:9e:be:70:1e:30: 70:54:fe:4a:3a:76:4f:8c:44:2d:b2:35:29:5f:03:18:c1:2f: e8:89:c7:76:b0:d8:0f:7b:fd:14:24:6d:fd:1f:80:4d:9b:59: 16:5c:0b:24:87:d3:2f:01:21:cc:b5:6f:ad:09:0a:bc:21:82: b7:78:9d:78:d7:25:a6:39:1a:3b:cc:8b:78:b6:28:0c:1a:1b: fd:16:29:3f:f3:a5:08:46:49:85:c7:37:5b:30:af:ea:67:0b: d5:ac:d5:75 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUUrZuPnDZzPl/klnBW342tHHgkM8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDIwMjAwMDhaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDM5NTNmYzA0Nzg2NWEzNTk0Yzk0OGMxMmE3YTAzYTJkZWRkMDg1YjI3NzI5 ZWEwOGZmZjc3M2VmM2QxYmQwZjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALOvvBLTX8FgLftQ3O9CTTvLSkkOI4n2PE4CRWD1jsywyDLFZQCm97VHqo5D z6G/0rKSVFgoV6LElz2okBnQmsKrcb/kzf+VGBqrlJhTFQQUQCDLmLGqBzWFz1pS KGfi2eI157BrpA2qlBoO6mwTRh1bhCnsAz73XBS4FMFIXFD7lCqVwyR12ThWeV7e Z0pEW4GrooTUxQXd3w5ZP6TBqTuREiHbsQdCsv/9rxI7fUb/MKHmsY+SD+FoBmQq s3zRe0/E5H9yQnIkz9iuSXgoUwqBIyIhgozE2cy9qp0lvrbBhjm7J78faCO/T2l4 1R6a1BxMuvSjX615HoEvCLygXzsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTtQ/cN xQxCJ9hs0VSEN9Q8WWH95DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2RjMTFlZmItOWNhMi00NDU5LWI1NWEtNDNiMDNlNjdiMTgzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBrAgQDAN BgkqhkiG9w0BAQsFAAOCAQEAylUlsuhYxCJxkZqA8ddscwDt1NbC/CKO6rUGwuWa pafp0u+hX7RPB5P+w7E+0ZUarCIPK4MwPbNkxc1J2jO8B2c3C99Q/2Bd9l4jwjjM 0eZoba8Bz7hDAC+xzFcli/Tg+bHkxWTLb0O6CZpmobgHeQpbGYyCU+AagI7QgDEb yB1OozADxzUcrMgbwtB0CrYbBM5ciEnp5afvs5VmRZ6+cB4wcFT+Sjp2T4xELbI1 KV8DGMEv6InHdrDYD3v9FCRt/R+ATZtZFlwLJIfTLwEhzLVvrQkKvCGCt3ideNcl pjkaO8yLeLYoDBob/RYpP/OlCEZJhcc3WzCv6mcL1azVdQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:20 2025 by rpki-client