This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa File: cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa (raw, json) Hash identifier: Oe34Rh7dGUEGzvX6F1LN/TUqkVohMWJDrc6bRb5lQzQ= Subject key identifier: 07:E3:BB:E8:36:C8:0F:8B:B4:BB:BD:1B:2C:52:4C:3C:0F:2C:1E:95 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 6CAD4120462AC699CF3AD9308B96E56020182812 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa Signing time: Wed 10 Dec 2025 06:30:48 +0000 ROA not before: Wed 10 Dec 2025 06:30:48 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d032:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:ad:41:20:46:2a:c6:99:cf:3a:d9:30:8b:96:e5:60:20:18:28:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:30:48 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=9eb6e6b54ad56c76c1c8ecbadac859546684b2b4d15228eb7d183a435c90e22d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:45:93:53:d1:ac:f6:ce:5d:20:c8:ca:1b:fc: ac:85:85:aa:72:e1:06:e4:67:a2:91:ee:73:a3:0f: 4d:f6:f4:a4:77:d4:0e:40:66:63:e4:c6:03:39:2b: 62:85:04:e4:37:1f:49:2d:a0:40:64:27:fe:31:24: 05:dc:3c:eb:68:4c:36:c4:65:19:b2:09:f3:80:72: 3e:be:00:10:06:61:05:b8:89:3d:f0:bc:a7:64:38: 60:39:ff:71:af:77:55:ac:97:44:8f:06:de:01:0c: fc:c7:b5:c5:ad:15:c4:9a:0f:e3:98:36:81:2e:ce: bb:4b:48:78:60:42:b0:1d:0f:ea:d8:97:f1:ae:67: 1d:87:2f:de:6a:b1:00:fc:be:ac:01:3c:20:68:44: 1e:23:47:ef:c2:65:12:37:d7:bd:a0:d9:0a:e0:c6: 17:cc:a2:f9:f4:52:40:92:ce:90:11:34:e0:de:47: ee:cf:9a:68:b1:a4:29:0e:f4:f9:d4:aa:64:0b:22: c3:78:68:c2:47:bb:17:c6:f2:0b:2e:52:0e:e5:df: 82:87:58:a3:05:f6:72:05:7e:54:d1:18:7d:3b:a7: 10:82:58:4a:b5:23:b9:cd:b4:f0:e1:db:f0:0b:cb: 94:84:0e:dc:59:ba:47:cb:38:bb:6c:84:1d:84:48: 2c:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:E3:BB:E8:36:C8:0F:8B:B4:BB:BD:1B:2C:52:4C:3C:0F:2C:1E:95 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d032:a000::/40 Signature Algorithm: sha256WithRSAEncryption 3a:68:ce:64:16:53:42:ec:96:a5:8b:e0:aa:f2:43:d7:29:34: bf:21:0d:3f:db:8f:fd:4d:39:a6:4e:8f:a4:76:9a:c4:a0:14: 1a:70:41:58:58:2a:81:b5:f4:89:21:5c:1c:ee:65:4c:58:8e: e8:0c:25:a1:15:83:e0:c4:8f:95:d9:16:4c:52:d0:55:a5:06: 77:b1:ed:48:2a:17:b7:82:1f:c9:59:f8:2d:c4:e8:2f:c4:e8: 3d:ce:24:d0:e0:93:da:ac:db:95:07:a7:23:82:63:68:16:31: 02:38:27:9e:a6:3d:a3:fd:44:19:9b:81:96:9a:1d:25:36:7d: 50:c7:16:1f:eb:e7:a3:f9:3e:cc:77:46:95:b1:74:f4:cd:a3: ba:05:29:4c:09:86:5a:ee:34:ea:28:aa:7b:e1:a3:ae:b7:13: 95:be:2e:da:67:1d:12:c4:f4:c5:6b:f4:9c:36:98:23:73:55: df:de:5f:d9:6f:5d:e0:36:6b:75:41:2f:1b:28:af:ef:90:64: cd:4a:5f:cd:67:f3:49:8b:03:a2:86:2d:8f:ab:60:56:41:41: 2b:72:ff:7a:fa:df:6a:f7:72:69:db:d5:f2:7a:51:a7:5b:2b: 4c:c6:23:8e:6d:8e:1b:bc:d8:e4:b7:e7:f8:99:7d:de:01:22: 2d:a0:1e:82 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUbK1BIEYqxpnPOtkwi5blYCAYKBIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjMwNDhaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDllYjZlNmI1NGFkNTZjNzZjMWM4ZWNiYWRhYzg1OTU0NjY4NGIyYjRkMTUy MjhlYjdkMTgzYTQzNWM5MGUyMmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALtFk1PRrPbOXSDIyhv8rIWFqnLhBuRnopHuc6MPTfb0pHfUDkBmY+TGAzkr YoUE5DcfSS2gQGQn/jEkBdw862hMNsRlGbIJ84ByPr4AEAZhBbiJPfC8p2Q4YDn/ ca93VayXRI8G3gEM/Me1xa0VxJoP45g2gS7Ou0tIeGBCsB0P6tiX8a5nHYcv3mqx APy+rAE8IGhEHiNH78JlEjfXvaDZCuDGF8yi+fRSQJLOkBE04N5H7s+aaLGkKQ70 +dSqZAsiw3howke7F8byCy5SDuXfgodYowX2cgV+VNEYfTunEIJYSrUjuc208OHb 8AvLlIQO3Fm6R8s4u2yEHYRILEUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQH47vo NsgPi7S7vRssUkw8DywelTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2I0YTczZTEtYmU2Yi00Y2JhLWIxMzAtYTIyYmIzOWNmNjcxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DKg MA0GCSqGSIb3DQEBCwUAA4IBAQA6aM5kFlNC7Jali+Cq8kPXKTS/IQ0/24/9TTmm To+kdprEoBQacEFYWCqBtfSJIVwc7mVMWI7oDCWhFYPgxI+V2RZMUtBVpQZ3se1I Khe3gh/JWfgtxOgvxOg9ziTQ4JParNuVB6cjgmNoFjECOCeepj2j/UQZm4GWmh0l Nn1QxxYf6+ej+T7Md0aVsXT0zaO6BSlMCYZa7jTqKKp74aOutxOVvi7aZx0SxPTF a/ScNpgjc1Xf3l/Zb13gNmt1QS8bKK/vkGTNSl/NZ/NJiwOihi2Pq2BWQUErcv96 +t9q93Jp29XyelGnWytMxiOObY4bvNjkt+f4mX3eASItoB6C -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:31 2026 by rpki-client