This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa File: 332d3a7e-56bb-435c-b479-a81f23cb0414.roa (raw, json) Hash identifier: LAtuJouo3nYg6nEqtOru67Q4yvcU+QiIwmDgsMgnf7A= Subject key identifier: 4A:2B:F6:69:9D:19:D4:43:6F:15:20:5E:21:9F:17:7F:B5:47:32:70 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 23F3C6A1E1047C864DD0E3BFFBB74AC916481396 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa Signing time: Wed 10 Dec 2025 06:21:00 +0000 ROA not before: Wed 10 Dec 2025 06:21:00 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 79.125.28.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:f3:c6:a1:e1:04:7c:86:4d:d0:e3:bf:fb:b7:4a:c9:16:48:13:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:21:00 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=3f7f70c065f4d885c92e140a0fe6548ee172a06c66433331b89182f6ea1c0a8a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:6f:45:cc:36:15:de:ea:46:58:81:17:66:12: 8b:5f:32:b4:1a:00:f0:78:84:59:cc:7a:22:43:e1: 02:95:0f:64:f5:9d:4d:4e:3f:6b:e2:a6:1b:ab:cb: 3a:6e:7b:c4:c7:79:ef:27:9b:0c:b1:12:19:1d:dc: 49:be:4c:e6:e7:ac:47:ac:a9:82:af:94:9a:a6:cd: 29:d8:d1:42:f6:79:75:c0:46:45:84:6f:37:5d:07: 7f:78:d6:a9:8c:80:ef:d4:50:43:e5:db:62:07:84: 94:24:10:66:c7:82:18:dd:94:a6:fa:9d:ff:dc:83: ef:62:e9:be:f7:64:32:48:6d:ab:cd:fa:e6:8b:17: a6:f5:6d:f1:66:55:4f:87:71:8a:0f:d8:1b:22:2f: af:83:80:0b:a7:29:be:ef:a6:b0:dd:27:d1:50:a9: de:9e:51:a3:b1:e8:0c:a5:56:9e:1e:c6:7f:83:ee: 0a:33:ab:48:e0:a5:f3:30:05:ca:2c:fc:ba:0d:f8: 47:b6:cd:fd:65:69:ba:cf:75:9d:af:bb:bb:32:f4: b1:09:b7:22:2f:d1:df:64:27:a4:43:bd:34:8d:b7: a6:d0:1d:d2:73:9b:ad:c2:e1:52:77:28:8c:21:7f: 92:4c:13:1a:1f:2e:47:52:37:c9:86:33:da:a9:f2: 1d:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:2B:F6:69:9D:19:D4:43:6F:15:20:5E:21:9F:17:7F:B5:47:32:70 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 79.125.28.0/22 Signature Algorithm: sha256WithRSAEncryption a6:cc:26:e9:a2:20:8b:ec:56:29:e9:b4:c1:2d:a7:8c:43:78: d0:c2:f1:c6:f7:df:cc:4a:08:5a:10:6c:89:40:b7:7e:d9:59: 57:2c:56:9b:00:b0:fe:a0:1c:20:cd:c1:ed:b5:81:d8:09:91: a5:f3:2b:3b:6e:1d:9d:09:ea:03:70:0c:08:b3:12:5c:62:c6: b2:03:7a:b8:86:72:d9:dc:85:40:5c:34:97:da:26:a8:20:a4: cf:1e:99:2e:39:4e:5e:75:e5:75:18:15:ba:bc:09:31:df:c7: c4:1d:32:26:1f:85:3e:bc:14:7b:40:60:88:04:d5:6e:d7:aa: fd:56:65:20:79:82:30:82:93:96:a4:9c:63:fb:4f:0f:92:36: a6:12:04:82:d0:57:88:7e:e2:2a:84:a8:f2:a9:fa:47:8a:b4: a7:b8:cf:7e:bb:24:df:26:67:6d:38:99:71:7e:2f:8c:e3:3d: d5:77:18:bb:71:27:33:6f:ed:f6:d0:ba:47:b6:56:70:fe:89: 8d:e4:b9:71:e6:8c:eb:77:c5:bb:52:3e:d7:f7:fa:b2:54:1a: 65:f1:a6:83:6a:18:8c:6c:c6:64:15:a2:33:d8:36:5e:cc:d1: ed:41:62:eb:62:2e:4c:d1:9a:48:84:0a:23:a7:b2:a0:f9:16: ef:1d:37:47 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUI/PGoeEEfIZN0OO/+7dKyRZIE5YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIxMDBaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDNmN2Y3MGMwNjVmNGQ4ODVjOTJlMTQwYTBmZTY1NDhlZTE3MmEwNmM2NjQz MzMzMWI4OTE4MmY2ZWExYzBhOGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL9vRcw2Fd7qRliBF2YSi18ytBoA8HiEWcx6IkPhApUPZPWdTU4/a+KmG6vL Om57xMd57yebDLESGR3cSb5M5uesR6ypgq+UmqbNKdjRQvZ5dcBGRYRvN10Hf3jW qYyA79RQQ+XbYgeElCQQZseCGN2Upvqd/9yD72LpvvdkMkhtq8365osXpvVt8WZV T4dxig/YGyIvr4OAC6cpvu+msN0n0VCp3p5Ro7HoDKVWnh7Gf4PuCjOrSOCl8zAF yiz8ug34R7bN/WVpus91na+7uzL0sQm3Ii/R32QnpEO9NI23ptAd0nObrcLhUnco jCF/kkwTGh8uR1I3yYYz2qnyHasCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRKK/Zp nRnUQ28VIF4hnxd/tUcycDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MzMyZDNhN2UtNTZiYi00MzVjLWI0NzktYTgxZjIzY2IwNDE0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk99HDAN BgkqhkiG9w0BAQsFAAOCAQEApswm6aIgi+xWKem0wS2njEN40MLxxvffzEoIWhBs iUC3ftlZVyxWmwCw/qAcIM3B7bWB2AmRpfMrO24dnQnqA3AMCLMSXGLGsgN6uIZy 2dyFQFw0l9omqCCkzx6ZLjlOXnXldRgVurwJMd/HxB0yJh+FPrwUe0BgiATVbteq /VZlIHmCMIKTlqScY/tPD5I2phIEgtBXiH7iKoSo8qn6R4q0p7jPfrsk3yZnbTiZ cX4vjOM91XcYu3EnM2/t9tC6R7ZWcP6JjeS5ceaM63fFu1I+1/f6slQaZfGmg2oY jGzGZBWiM9g2XszR7UFi62IuTNGaSIQKI6eyoPkW7x03Rw== -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:35 2026 by rpki-client