This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa File: be1170a3-5a68-4c9c-8b51-b7efde64b945.roa (raw, json) Hash identifier: GCW7uMiZrRFrQqm0OWdEJd5fUo6vgc1wkMXym7fKSac= Subject key identifier: 18:3D:AE:0F:B9:B9:14:FF:32:3E:AD:8C:50:EB:E7:2A:13:58:33:52 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3E73F90E2DDCE3F60A5E187294A480CDAA0D300B Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa Signing time: Wed 10 Dec 2025 05:20:05 +0000 ROA not before: Wed 10 Dec 2025 05:20:05 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d071:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 23:03:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:73:f9:0e:2d:dc:e3:f6:0a:5e:18:72:94:a4:80:cd:aa:0d:30:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:20:05 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=a0825d8ca192dc256736e86ca49042c84d7e21ade7130c949e777ae6823c04c6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:02:ab:d3:87:38:05:d3:31:28:c6:b2:96:32: 40:16:3e:d4:30:0f:19:ad:0a:64:fe:64:e3:9c:e2: 8d:cd:fc:0f:6b:7b:b4:0d:86:33:70:87:8f:fa:8e: 3f:c0:65:6c:0d:e8:e4:76:bf:66:37:9d:84:63:75: db:24:ac:6d:96:96:7c:a5:0f:9f:d8:63:c7:74:b0: 08:28:34:4f:e1:a2:82:f7:0b:1d:aa:4e:5b:2e:9e: 6e:b1:70:70:b8:43:bf:93:a1:12:4d:71:ec:1e:86: c6:6c:e7:fc:51:28:8e:2f:02:44:63:b7:3f:61:27: bf:7b:fe:1e:f0:c1:18:42:01:66:14:e1:b9:6e:71: 4b:55:5f:5a:a1:6c:a8:7e:03:91:ed:dc:e4:f6:11: c5:92:ea:c5:6e:cd:ef:cf:81:56:52:aa:dd:ef:7c: b6:b4:42:ba:c6:13:1a:be:39:d4:e7:93:c0:fb:67: 75:93:ba:d9:d1:4a:07:34:7c:4e:42:fe:a5:37:4b: 82:34:bf:3c:3c:aa:4a:40:46:8a:31:65:ac:f6:4b: 6a:47:7e:ad:70:74:67:86:af:90:68:b9:12:e2:3c: 04:52:fd:31:07:0f:b1:fd:94:2c:8c:c8:d7:58:c9: 5a:2a:a8:86:d0:7b:db:ff:e7:ca:27:e8:5b:2c:f0: 2d:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:3D:AE:0F:B9:B9:14:FF:32:3E:AD:8C:50:EB:E7:2A:13:58:33:52 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d071:6000::/40 Signature Algorithm: sha256WithRSAEncryption 32:99:f9:9e:f0:96:e9:c6:17:a8:ac:a8:32:08:8f:e9:ef:6d: b9:60:07:58:6b:11:7e:77:38:67:e4:4e:b0:ff:0d:98:5f:26: 73:07:30:cd:1c:92:53:eb:2b:bd:57:2d:3c:84:7e:9b:43:d3: e6:0a:3c:6a:7d:bd:8b:d6:f5:30:a6:4d:3e:6f:6d:0f:0d:59: 37:14:6a:41:9a:ea:df:5b:d8:34:4a:c8:30:d1:74:7e:3b:aa: e4:e6:08:fa:c3:59:60:74:0f:53:2e:84:be:27:61:35:e6:38: a1:e6:f5:e0:86:9e:b0:5b:64:c5:f4:53:8e:66:73:a6:59:6d: c5:a4:9d:61:0f:c6:7b:fa:90:81:73:a2:f7:86:06:5f:03:6b: 57:e4:d8:c1:95:cd:95:1c:84:0e:85:a8:c3:7f:6c:52:cf:07: a7:23:cb:61:83:38:be:fe:3b:99:c4:a8:b9:b6:54:74:30:9f: fb:12:59:7a:f5:16:a8:eb:5c:a0:98:90:77:23:95:8f:90:58: 89:88:3a:2e:30:27:ae:46:64:f7:ab:4a:9e:0c:2f:35:1a:e9: 3e:11:b1:72:6e:74:63:c8:4e:66:eb:cc:c5:05:23:ef:8e:fa: f1:c2:e0:b0:83:e0:08:04:9d:34:b2:b7:21:59:c8:da:c8:49: 28:7d:66:87 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUPnP5Di3c4/YKXhhylKSAzaoNMAswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTIwMDVaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGEwODI1ZDhjYTE5MmRjMjU2NzM2ZTg2Y2E0OTA0MmM4NGQ3ZTIxYWRlNzEz MGM5NDllNzc3YWU2ODIzYzA0YzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMYCq9OHOAXTMSjGspYyQBY+1DAPGa0KZP5k45zijc38D2t7tA2GM3CHj/qO P8BlbA3o5Ha/ZjedhGN12ySsbZaWfKUPn9hjx3SwCCg0T+GigvcLHapOWy6ebrFw cLhDv5OhEk1x7B6Gxmzn/FEoji8CRGO3P2Env3v+HvDBGEIBZhThuW5xS1VfWqFs qH4Dke3c5PYRxZLqxW7N78+BVlKq3e98trRCusYTGr451OeTwPtndZO62dFKBzR8 TkL+pTdLgjS/PDyqSkBGijFlrPZLakd+rXB0Z4avkGi5EuI8BFL9MQcPsf2ULIzI 11jJWiqohtB72//nyifoWyzwLVECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQYPa4P ubkU/zI+rYxQ6+cqE1gzUjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YmUxMTcwYTMtNWE2OC00YzljLThiNTEtYjdlZmRlNjRiOTQ1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFg MA0GCSqGSIb3DQEBCwUAA4IBAQAymfme8JbpxheorKgyCI/p7225YAdYaxF+dzhn 5E6w/w2YXyZzBzDNHJJT6yu9Vy08hH6bQ9PmCjxqfb2L1vUwpk0+b20PDVk3FGpB murfW9g0Ssgw0XR+O6rk5gj6w1lgdA9TLoS+J2E15jih5vXghp6wW2TF9FOOZnOm WW3FpJ1hD8Z7+pCBc6L3hgZfA2tX5NjBlc2VHIQOhajDf2xSzwenI8thgzi+/juZ xKi5tlR0MJ/7Ell69Rao61ygmJB3I5WPkFiJiDouMCeuRmT3q0qeDC81Guk+EbFy bnRjyE5m68zFBSPvjvrxwuCwg+AIBJ00srchWcjayEkofWaH -----END CERTIFICATE-----Generated at Tue Dec 23 05:49:39 2025 by rpki-client