This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa File: 5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa (raw, json) Hash identifier: 0IfZSUiBCIbZg7abft9ey4z5Smqed+fW4fNWhoaJqlM= Subject key identifier: 96:BA:6F:3E:D0:2A:C1:0B:41:2A:4D:A1:BD:04:D1:84:E3:03:F8:D1 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 23F148F328E243BB09DD72F8DC24FF580D4F7C81 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa Signing time: Wed 10 Dec 2025 06:21:30 +0000 ROA not before: Wed 10 Dec 2025 06:21:30 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d025:1000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:f1:48:f3:28:e2:43:bb:09:dd:72:f8:dc:24:ff:58:0d:4f:7c:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:21:30 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=6c94fc267e7aa5a78c8fe436fe8b0d1c7b73336e9a092c885385763713b913f3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:48:37:83:a2:9e:04:81:bc:91:48:85:21:b5: 5d:d3:e0:14:6b:97:fd:3f:0f:e3:df:18:16:af:0a: 1b:f4:20:90:08:0c:63:e1:76:3e:8d:36:d0:a0:c0: 10:67:8e:41:da:3d:4a:1d:cf:46:f8:bf:61:15:60: b1:89:6a:09:63:70:3e:ae:e7:c4:db:67:ae:ab:83: 51:df:f0:ab:d2:cb:77:98:80:e8:c2:da:63:c8:ed: 96:f1:a4:a7:dd:6e:e2:ba:bd:41:03:36:b4:6a:9e: 9d:a9:e3:1e:76:5f:fb:0a:27:7c:ae:c2:2a:c5:3e: 05:a6:3f:11:b1:6d:17:dc:48:cb:5f:da:f4:85:bb: b7:dd:51:2f:fd:86:54:53:e8:51:5a:d9:d6:9a:31: 02:0a:07:18:c1:30:77:14:e5:73:00:97:48:24:21: b0:31:b8:eb:db:07:41:cd:b6:00:bf:0f:ae:64:43: 2b:47:33:5a:73:f8:59:eb:5e:e6:4e:bd:d1:d9:14: 94:59:0a:f3:29:16:c5:3a:32:40:2f:f1:fc:3d:15: ad:9f:2a:e3:62:1b:92:10:ca:ad:5e:ac:c0:70:bf: 87:d9:6b:bb:1e:0f:89:fd:db:03:88:b6:63:2a:5d: c8:a8:e8:22:df:00:7d:ae:5e:99:c0:36:65:1a:8a: 87:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:BA:6F:3E:D0:2A:C1:0B:41:2A:4D:A1:BD:04:D1:84:E3:03:F8:D1 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d025:1000::/36 Signature Algorithm: sha256WithRSAEncryption 61:11:d7:cd:69:07:2f:fe:16:5b:c1:b3:e3:02:cb:38:aa:ab: d5:71:da:99:0d:3b:9c:ba:05:50:a6:72:de:84:49:8e:f0:5f: 8b:55:3e:fe:0d:93:ee:a6:0b:14:12:f9:f4:d1:a3:4e:fa:6c: fd:62:ab:02:df:ce:4b:b6:44:8f:c9:33:d5:a2:39:7d:ff:b0: 6d:c9:9c:39:e7:0d:09:93:e3:fa:69:38:ce:24:9a:4a:55:18: c0:ef:06:3d:5f:8d:1d:5b:fc:55:16:37:56:74:ff:f4:9c:c3: 8e:78:b3:89:ec:5c:68:8e:63:01:78:e8:1d:f0:3e:91:30:56: 19:e7:d9:9d:08:56:3e:63:c0:ce:79:43:64:4f:4d:2d:73:41: 29:3e:b3:10:59:3c:96:3d:f2:d2:ed:d1:3f:92:0a:a9:dd:5b: 85:78:6c:42:b2:fa:95:78:20:cc:47:30:de:5e:96:73:ca:3a: 2b:59:e7:1d:11:5f:69:40:7d:3b:f0:78:05:dc:8c:93:b7:0f: a7:a7:63:fc:6f:94:6a:2a:36:e4:88:4a:d1:5a:72:6c:21:06: 43:76:9c:3e:69:38:a9:af:3a:97:d0:90:dc:9c:96:bf:73:83: 9c:3a:21:99:6a:34:42:ca:23:65:28:23:b4:bf:64:b6:63:e8: 28:42:a7:04 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUI/FI8yjiQ7sJ3XL43CT/WA1PfIEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIxMzBaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDZjOTRmYzI2N2U3YWE1YTc4YzhmZTQzNmZlOGIwZDFjN2I3MzMzNmU5YTA5 MmM4ODUzODU3NjM3MTNiOTEzZjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMZIN4OingSBvJFIhSG1XdPgFGuX/T8P498YFq8KG/QgkAgMY+F2Po020KDA EGeOQdo9Sh3PRvi/YRVgsYlqCWNwPq7nxNtnrquDUd/wq9LLd5iA6MLaY8jtlvGk p91u4rq9QQM2tGqenanjHnZf+wonfK7CKsU+BaY/EbFtF9xIy1/a9IW7t91RL/2G VFPoUVrZ1poxAgoHGMEwdxTlcwCXSCQhsDG469sHQc22AL8PrmRDK0czWnP4Wete 5k690dkUlFkK8ykWxToyQC/x/D0VrZ8q42IbkhDKrV6swHC/h9lrux4Pif3bA4i2 YypdyKjoIt8Afa5emcA2ZRqKhz8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSWum8+ 0CrBC0EqTaG9BNGE4wP40TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NWE1ODVlOWQtOGJmMC00YmMxLWFkN2ItYjZjM2UwYmY5YjkzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CUQ MA0GCSqGSIb3DQEBCwUAA4IBAQBhEdfNaQcv/hZbwbPjAss4qqvVcdqZDTucugVQ pnLehEmO8F+LVT7+DZPupgsUEvn00aNO+mz9YqsC385LtkSPyTPVojl9/7BtyZw5 5w0Jk+P6aTjOJJpKVRjA7wY9X40dW/xVFjdWdP/0nMOOeLOJ7FxojmMBeOgd8D6R MFYZ59mdCFY+Y8DOeUNkT00tc0EpPrMQWTyWPfLS7dE/kgqp3VuFeGxCsvqVeCDM RzDeXpZzyjorWecdEV9pQH078HgF3IyTtw+np2P8b5RqKjbkiErRWnJsIQZDdpw+ aTiprzqX0JDcnJa/c4OcOiGZajRCyiNlKCO0v2S2Y+goQqcE -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:57 2026 by rpki-client