This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b940c44-168e-4976-b17d-778e9341611b.roa File: 8b940c44-168e-4976-b17d-778e9341611b.roa (raw, json) Hash identifier: OWOcl22MDRRvN+HYeJu2gczj0R80rnzWX4fy5LBVFqY= Subject key identifier: 23:D7:17:29:FA:69:0B:D1:55:9B:8F:17:29:FE:E7:90:89:91:57:0B Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 31215DCCC2AA595224D7F653AF46382A87584F49 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b940c44-168e-4976-b17d-778e9341611b.roa Signing time: Wed 10 Dec 2025 06:30:10 +0000 ROA not before: Wed 10 Dec 2025 06:30:10 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:1080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:21:5d:cc:c2:aa:59:52:24:d7:f6:53:af:46:38:2a:87:58:4f:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:30:10 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=6ee7a561df819aa57888ef003d78b3d3d855ec0e1d0ca79e13c48a5f1bae5d78, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:df:03:e5:65:29:df:7a:39:34:20:f6:65:4d: 15:35:4b:74:2e:51:a1:81:41:88:ba:be:a7:38:4a: a1:de:bd:c9:d7:1c:0b:00:9e:c4:67:85:2a:08:45: 03:d2:fc:21:7e:77:5d:16:2b:14:0f:5c:3f:63:57: 95:7a:f5:45:7b:e5:96:67:e5:f0:71:19:1f:31:b8: cf:ad:fa:4f:16:56:96:f5:9f:dd:0c:c9:a7:28:a7: 65:74:ce:fa:9e:87:46:9f:f4:9e:3a:64:3d:f4:5c: 06:22:4c:8d:84:2c:4b:b2:de:5f:a7:ee:34:80:e7: f9:9b:b8:c5:a2:c0:cf:b1:3d:5d:d7:cb:4f:6d:4e: 7f:25:bd:07:97:7c:bc:71:0d:03:ee:49:2c:d6:94: 5d:63:7f:68:fe:43:7e:24:b8:38:1c:ad:64:3e:ef: 30:47:f4:b8:3c:2b:fa:84:93:4a:ec:f9:cf:c2:a9: 05:5b:b9:35:22:e7:5d:56:03:0e:de:aa:7b:7a:06: 37:e1:09:02:25:83:e6:2b:93:02:47:c5:12:da:70: 38:62:49:31:e3:0d:91:dd:77:5d:8f:a2:f3:f0:60: 93:53:77:70:29:eb:ef:c5:2b:88:b2:25:53:75:33: 7c:33:54:9b:0b:13:36:c8:1b:d3:d6:49:71:c6:24: 12:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:D7:17:29:FA:69:0B:D1:55:9B:8F:17:29:FE:E7:90:89:91:57:0B X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b940c44-168e-4976-b17d-778e9341611b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:1080::/48 Signature Algorithm: sha256WithRSAEncryption ae:e0:15:6e:2d:02:5b:a2:33:34:93:a7:17:50:0b:65:6e:d5: ad:73:37:c8:df:4f:57:31:5b:da:c1:11:90:45:12:15:80:83: e5:d4:bf:89:cb:ae:e6:60:82:6a:75:02:d4:b7:bd:cb:67:6b: 57:bb:46:9c:a4:8f:08:11:03:a8:1b:3f:6d:bc:f1:a9:24:37: a5:3f:45:c9:20:00:66:a5:e9:eb:13:ee:ec:32:09:92:3b:15: 9c:3b:52:81:45:4a:fc:3f:98:9b:b3:e0:f1:3e:7e:0f:0f:3d: 77:43:b1:19:20:89:82:bf:1f:fa:01:04:b6:c2:0b:fb:0b:a9: 0e:b1:bf:61:e3:4b:bb:40:81:1f:9a:8d:97:6d:1f:d1:7d:40: 02:20:1d:77:d9:6f:ea:56:e7:df:56:b9:cf:c0:ce:a0:52:f5: dc:84:7a:6d:67:c5:44:1c:28:eb:b8:ea:bc:2d:7c:af:6f:9f: 6a:be:5d:34:9b:b9:ea:a5:f7:39:50:79:23:d7:01:90:f2:0c: 84:f5:d5:fc:65:3a:4e:32:b4:f8:4f:9f:ba:04:97:4a:c5:5e: 28:95:ed:a7:47:3e:6f:2c:43:cf:8a:ec:8c:d3:c0:45:7f:6b: 29:9f:35:b4:cb:44:77:54:c0:52:b6:62:47:fb:43:1b:f0:f8: e3:5a:f5:c7 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUMSFdzMKqWVIk1/ZTr0Y4KodYT0kwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjMwMTBaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDZlZTdhNTYxZGY4MTlhYTU3ODg4ZWYwMDNkNzhiM2QzZDg1NWVjMGUxZDBj YTc5ZTEzYzQ4YTVmMWJhZTVkNzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANXfA+VlKd96OTQg9mVNFTVLdC5RoYFBiLq+pzhKod69ydccCwCexGeFKghF A9L8IX53XRYrFA9cP2NXlXr1RXvllmfl8HEZHzG4z636TxZWlvWf3QzJpyinZXTO +p6HRp/0njpkPfRcBiJMjYQsS7LeX6fuNIDn+Zu4xaLAz7E9XdfLT21OfyW9B5d8 vHENA+5JLNaUXWN/aP5DfiS4OBytZD7vMEf0uDwr+oSTSuz5z8KpBVu5NSLnXVYD Dt6qe3oGN+EJAiWD5iuTAkfFEtpwOGJJMeMNkd13XY+i8/Bgk1N3cCnr78UriLIl U3UzfDNUmwsTNsgb09ZJccYkEt0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQj1xcp +mkL0VWbjxcp/ueQiZFXCzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OGI5NDBjNDQtMTY4ZS00OTc2LWIxN2QtNzc4ZTkzNDE2MTFiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAQ gDANBgkqhkiG9w0BAQsFAAOCAQEAruAVbi0CW6IzNJOnF1ALZW7VrXM3yN9PVzFb 2sERkEUSFYCD5dS/icuu5mCCanUC1Le9y2drV7tGnKSPCBEDqBs/bbzxqSQ3pT9F ySAAZqXp6xPu7DIJkjsVnDtSgUVK/D+Ym7Pg8T5+Dw89d0OxGSCJgr8f+gEEtsIL +wupDrG/YeNLu0CBH5qNl20f0X1AAiAdd9lv6lbn31a5z8DOoFL13IR6bWfFRBwo 67jqvC18r2+far5dNJu56qX3OVB5I9cBkPIMhPXV/GU6TjK0+E+fugSXSsVeKJXt p0c+byxDz4rsjNPARX9rKZ81tMtEd1TAUrZiR/tDG/D441r1xw== -----END CERTIFICATE-----Generated at Fri Jan 2 09:29:26 2026 by rpki-client