This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/595250c3-e9f2-4e23-9779-87c47497f520.roa File: 595250c3-e9f2-4e23-9779-87c47497f520.roa (raw, json) Hash identifier: 6sBCUlN3e1Dx5n7uLrY2OJeK0/Fs0v58fPOQaZ58Fa8= Subject key identifier: 66:AA:18:8C:DC:31:2D:C4:F7:A6:9C:01:14:A8:2B:CD:CD:99:3F:DD Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 39985093B7E7E22765D4CDC7E68ACD00B107D54C Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/595250c3-e9f2-4e23-9779-87c47497f520.roa Signing time: Wed 10 Dec 2025 05:41:00 +0000 ROA not before: Wed 10 Dec 2025 05:41:00 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d078:5000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 18:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:98:50:93:b7:e7:e2:27:65:d4:cd:c7:e6:8a:cd:00:b1:07:d5:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:41:00 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=064ed42a270b615dcf4f7cf1ecd286ec932dc7f809fd18335e15d46060320006, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:4f:30:f6:5c:17:1c:c0:8b:87:95:66:3b:2a: d8:52:0f:3d:30:76:f5:bf:8a:a2:02:95:b7:22:69: 09:7e:61:55:3b:09:b0:40:32:2f:f5:d2:75:30:97: f7:0f:45:38:55:88:9b:81:e8:fa:d0:75:66:ff:3d: 7a:db:ac:90:ef:e8:9b:cb:23:d0:59:ff:19:f7:40: 4a:a5:d6:06:17:99:bc:3e:df:81:cd:1f:de:bc:a1: 89:8c:26:47:d0:b1:25:15:7c:ce:b4:c8:d7:a3:b3: 1f:88:29:56:3e:04:3f:d9:76:ed:aa:25:34:90:60: 5b:d8:f5:ab:ed:bc:f9:95:b3:de:26:34:fb:9a:9e: 63:8c:1e:28:c5:73:5d:4b:d7:e1:8c:79:6a:e4:fa: 1a:43:87:72:0f:33:e2:7f:cf:d4:4f:85:59:4c:af: bd:98:d5:54:cc:34:c1:72:12:2b:4d:8b:1d:f4:50: b0:43:e4:e5:4c:23:d5:27:e9:85:1a:af:6d:45:0e: 4e:4f:80:14:ca:93:b2:02:b3:29:a3:c8:10:51:96: ff:61:8b:58:a6:1c:03:c5:ac:37:68:88:24:63:32: d8:c2:c3:be:c9:7c:bf:e9:43:83:76:e1:20:24:25: ec:c7:ab:39:06:97:4a:05:05:45:a3:da:d8:1a:c1: ae:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:AA:18:8C:DC:31:2D:C4:F7:A6:9C:01:14:A8:2B:CD:CD:99:3F:DD X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/595250c3-e9f2-4e23-9779-87c47497f520.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d078:5000::/40 Signature Algorithm: sha256WithRSAEncryption 64:12:c7:5f:d2:d5:70:ba:16:23:83:ba:7d:05:0d:ab:1e:0e: 0f:a3:d8:97:4a:40:b8:d6:cb:9d:d0:50:5f:c3:a5:d6:43:5d: 5f:dd:a5:5a:46:3c:4f:e1:7c:5b:80:8d:39:4a:4d:2a:c7:cc: 95:d8:13:cb:98:1d:4f:c9:86:b8:52:95:e8:d9:7b:30:6a:76: 67:25:ac:57:c5:e5:8c:e6:4e:07:af:73:a2:39:a2:ee:4a:9f: 1a:f4:f5:69:aa:de:4f:c2:92:af:58:3e:06:0e:60:24:6a:cc: 4c:2a:46:1d:9f:66:aa:aa:5f:96:18:3f:5a:e6:4e:1d:be:a5: 80:68:00:cf:d6:5b:87:8b:ed:c2:d9:68:fb:bb:eb:07:17:f2: 1a:83:de:68:1b:1d:f8:bd:32:a4:43:3d:b7:32:55:5a:d0:ab: 25:23:c9:27:46:c2:e9:7d:99:25:dc:e2:f2:22:9c:38:0d:15: 97:bf:22:65:3c:99:d8:43:72:d2:98:bc:98:50:fc:bb:0a:b8: 79:f9:e8:ac:95:3d:c6:1d:e0:85:f2:82:5f:79:a6:58:1d:ca: 1e:a5:6c:25:83:f9:21:3b:71:8f:e6:72:3f:da:2f:1d:68:00: af:3e:44:45:78:8f:fb:73:16:9b:a1:ae:bc:1e:15:5b:47:c2: d7:9b:12:05 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUOZhQk7fn4idl1M3H5orNALEH1UwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTQxMDBaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDA2NGVkNDJhMjcwYjYxNWRjZjRmN2NmMWVjZDI4NmVjOTMyZGM3ZjgwOWZk MTgzMzVlMTVkNDYwNjAzMjAwMDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANFPMPZcFxzAi4eVZjsq2FIPPTB29b+KogKVtyJpCX5hVTsJsEAyL/XSdTCX 9w9FOFWIm4Ho+tB1Zv89etuskO/om8sj0Fn/GfdASqXWBheZvD7fgc0f3ryhiYwm R9CxJRV8zrTI16OzH4gpVj4EP9l27aolNJBgW9j1q+28+ZWz3iY0+5qeY4weKMVz XUvX4Yx5auT6GkOHcg8z4n/P1E+FWUyvvZjVVMw0wXISK02LHfRQsEPk5Uwj1Sfp hRqvbUUOTk+AFMqTsgKzKaPIEFGW/2GLWKYcA8WsN2iIJGMy2MLDvsl8v+lDg3bh ICQl7MerOQaXSgUFRaPa2BrBriUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRmqhiM 3DEtxPemnAEUqCvNzZk/3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NTk1MjUwYzMtZTlmMi00ZTIzLTk3NzktODdjNDc0OTdmNTIwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HhQ MA0GCSqGSIb3DQEBCwUAA4IBAQBkEsdf0tVwuhYjg7p9BQ2rHg4Po9iXSkC41sud 0FBfw6XWQ11f3aVaRjxP4XxbgI05Sk0qx8yV2BPLmB1PyYa4UpXo2XswanZnJaxX xeWM5k4Hr3OiOaLuSp8a9PVpqt5PwpKvWD4GDmAkasxMKkYdn2aqql+WGD9a5k4d vqWAaADP1luHi+3C2Wj7u+sHF/Iag95oGx34vTKkQz23MlVa0KslI8knRsLpfZkl 3OLyIpw4DRWXvyJlPJnYQ3LSmLyYUPy7Crh5+eislT3GHeCF8oJfeaZYHcoepWwl g/khO3GP5nI/2i8daACvPkRFeI/7cxaboa68HhVbR8LXmxIF -----END CERTIFICATE-----Generated at Thu Dec 25 03:12:26 2025 by rpki-client