This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed0f44c7-c286-45c9-9156-5644f580ab41.roa File: ed0f44c7-c286-45c9-9156-5644f580ab41.roa (raw, json) Hash identifier: okcSFuScesX+3/sWKfTMPB9YOk1MYzUWetAxUtO6bQ8= Subject key identifier: E3:A4:87:F8:0D:FC:95:6A:9F:5C:A1:AD:7C:29:E4:95:D4:87:AE:EC Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 67698144006803FB11CD357856A5E85BDB63259C Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed0f44c7-c286-45c9-9156-5644f580ab41.roa Signing time: Sat 15 Nov 2025 06:10:23 +0000 ROA not before: Sat 15 Nov 2025 06:10:23 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d058:b000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:69:81:44:00:68:03:fb:11:cd:35:78:56:a5:e8:5b:db:63:25:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:10:23 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=04b6ffdc594cc3d6e13764ed0c7542daf9196259a36738207150f0a70a4a3926, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:36:57:b8:71:9a:ee:52:6d:3f:e6:88:51:5d: 05:8f:a9:5c:6f:1d:50:a7:4c:87:96:35:86:fa:81: 23:bb:83:0e:3d:0b:0e:58:94:bd:a9:73:26:5c:2d: 91:f2:f2:e8:84:da:d5:cc:1d:89:8e:cf:2c:04:8c: 20:e5:71:10:2b:33:a4:1a:a2:32:50:d1:45:d8:a0: dd:42:fc:e0:e0:6b:53:f7:96:22:d1:e9:82:b4:6c: be:3b:ca:9a:8b:21:a0:f1:b5:9f:f6:38:d3:22:9d: 28:36:79:26:2d:6e:ab:0b:10:2b:86:64:96:06:ea: db:a5:27:d6:54:d0:6f:03:a9:bc:25:c0:2d:5a:8b: 8d:a5:38:4a:06:4a:8d:1a:99:a6:b4:be:04:05:d8: a6:27:5f:78:fc:5b:d6:6d:c9:c3:1c:ef:48:a6:88: 02:ef:90:8b:55:c5:ae:92:fe:17:89:cb:61:60:3b: c6:52:a9:ab:eb:0f:4c:ce:67:5d:dc:07:3b:7d:de: e6:1a:c5:63:34:73:cb:0f:9c:31:20:ff:04:8c:29: f5:59:01:75:22:ec:0e:9b:db:5f:3b:5d:d9:6c:c0: f0:ab:d3:f8:c1:90:e5:39:5c:d0:63:49:7d:1a:d7: 12:67:b3:48:4e:68:73:69:7d:a0:ab:48:7f:36:c8: b7:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:A4:87:F8:0D:FC:95:6A:9F:5C:A1:AD:7C:29:E4:95:D4:87:AE:EC X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed0f44c7-c286-45c9-9156-5644f580ab41.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d058:b000::/40 Signature Algorithm: sha256WithRSAEncryption 44:32:8d:9d:c0:82:cb:5b:f5:8b:bf:d1:a8:f0:97:1a:94:31: 1b:2f:67:6b:25:9e:5d:a2:06:27:b3:b1:0b:f4:6f:f1:c6:5e: 93:ff:c8:0d:10:ec:59:a7:8f:48:46:d1:f4:b3:f6:15:26:51: 0d:ab:fc:16:39:fd:b2:8f:05:71:0c:d8:fa:c0:0e:4a:d0:12: ec:f0:09:36:78:5c:a2:48:80:9f:07:7b:32:9c:47:ec:76:72: a7:38:76:ba:d2:02:cb:9b:94:19:d8:09:db:2e:e0:50:74:96: 72:d2:77:7b:2f:50:33:cc:d7:9b:44:e1:1d:61:21:e6:0a:b9: f4:bd:14:54:50:67:2d:1e:6b:7c:f9:a6:ef:66:6b:0b:87:73: f5:c3:7b:64:3d:4b:e4:eb:01:a1:03:dc:8c:2b:70:46:2c:4e: e6:c4:ea:97:69:ea:20:b8:29:f0:e4:3e:50:73:90:01:c5:0e: c0:f9:8a:5c:bb:a1:63:06:12:d1:41:84:4b:9c:dd:fd:89:3a: 22:84:41:6b:ba:85:2a:c1:d7:25:00:35:19:6f:a8:d7:1f:03: 93:73:c4:dc:c3:22:a0:b7:89:56:9a:72:44:50:c9:34:e9:3a: a8:1b:1d:46:3e:db:0f:d2:e7:98:20:9e:6f:ba:5d:c1:54:c5: 94:ed:e7:4a -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUZ2mBRABoA/sRzTV4VqXoW9tjJZwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjEwMjNaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDA0YjZmZmRjNTk0Y2MzZDZlMTM3NjRlZDBjNzU0MmRhZjkxOTYyNTlhMzY3 MzgyMDcxNTBmMGE3MGE0YTM5MjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALs2V7hxmu5SbT/miFFdBY+pXG8dUKdMh5Y1hvqBI7uDDj0LDliUvalzJlwt kfLy6ITa1cwdiY7PLASMIOVxECszpBqiMlDRRdig3UL84OBrU/eWItHpgrRsvjvK moshoPG1n/Y40yKdKDZ5Ji1uqwsQK4Zklgbq26Un1lTQbwOpvCXALVqLjaU4SgZK jRqZprS+BAXYpidfePxb1m3JwxzvSKaIAu+Qi1XFrpL+F4nLYWA7xlKpq+sPTM5n XdwHO33e5hrFYzRzyw+cMSD/BIwp9VkBdSLsDpvbXztd2WzA8KvT+MGQ5Tlc0GNJ fRrXEmezSE5oc2l9oKtIfzbItxcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTjpIf4 DfyVap9coa18KeSV1Ieu7DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZWQwZjQ0YzctYzI4Ni00NWM5LTkxNTYtNTY0NGY1ODBhYjQxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fiw MA0GCSqGSIb3DQEBCwUAA4IBAQBEMo2dwILLW/WLv9Go8JcalDEbL2drJZ5dogYn s7EL9G/xxl6T/8gNEOxZp49IRtH0s/YVJlENq/wWOf2yjwVxDNj6wA5K0BLs8Ak2 eFyiSICfB3synEfsdnKnOHa60gLLm5QZ2AnbLuBQdJZy0nd7L1AzzNebROEdYSHm Crn0vRRUUGctHmt8+abvZmsLh3P1w3tkPUvk6wGhA9yMK3BGLE7mxOqXaeoguCnw 5D5Qc5ABxQ7A+Ypcu6FjBhLRQYRLnN39iToihEFruoUqwdclADUZb6jXHwOTc8Tc wyKgt4lWmnJEUMk06TqoGx1GPtsP0ueYIJ5vul3BVMWU7edK -----END CERTIFICATE-----Generated at Sat Dec 6 12:45:35 2025 by rpki-client