This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec82a459-cf20-418a-8b9d-03c08dc90b73.roa File: ec82a459-cf20-418a-8b9d-03c08dc90b73.roa (raw, json) Hash identifier: WvCiHpn2hCV9+0ytbXHwrwDj00z4nzjxfkx7us13Emo= Subject key identifier: 68:7C:FA:DE:EC:B8:F7:DA:BD:77:3D:86:15:93:CE:50:5D:6F:B8:74 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 72AAF3CFAB1F9A20F7BB17932C71016CB142063B Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec82a459-cf20-418a-8b9d-03c08dc90b73.roa Signing time: Wed 10 Dec 2025 05:30:11 +0000 ROA not before: Wed 10 Dec 2025 05:30:11 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 79.125.3.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:aa:f3:cf:ab:1f:9a:20:f7:bb:17:93:2c:71:01:6c:b1:42:06:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:30:11 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=9fff325cb6ac03f438f99163efee5c69648d2eec3975e0b7ef202e31b5667746, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:05:2c:13:10:0d:c9:4b:7b:c8:98:01:52:35: 79:ed:cd:0f:c3:32:50:06:7a:a4:9d:97:76:11:a8: 20:af:e2:a9:c8:7c:b9:cf:da:4e:13:99:fc:1c:49: 0f:ff:de:ec:31:7b:d2:e3:87:7e:c0:ea:60:c4:f5: 8a:77:6c:93:4c:66:2b:c6:a3:02:28:da:ba:15:4c: 85:c0:ac:d3:58:1e:45:0b:e3:c9:58:37:62:17:0e: 9c:84:5d:02:47:43:21:ec:38:2e:63:c2:ca:9e:5a: 47:60:84:51:9a:ca:0d:4a:3d:cb:31:e3:2c:0c:8a: 41:ce:ba:60:78:04:dd:4c:a5:52:1f:bc:72:d1:09: d2:4e:cc:47:a8:8e:46:c9:50:a7:c7:de:49:5d:95: 16:ca:77:ca:4e:c9:27:fb:e7:11:4e:6e:7d:d9:7b: fa:5c:10:47:35:07:bf:62:18:e1:44:ad:07:f7:f9: b3:10:88:77:c7:89:5d:ff:f9:d4:3d:86:e3:04:ca: f6:d8:f6:92:76:19:4b:cb:52:e4:a7:21:33:f7:60: 50:54:e8:5d:5f:fc:06:79:9c:53:1b:48:f3:85:02: 69:f7:4e:5f:c2:7c:96:28:57:5f:f2:e3:7c:e3:6f: 5b:f7:da:ec:b0:e1:16:3c:19:9f:27:2a:6b:ea:90: 2f:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:7C:FA:DE:EC:B8:F7:DA:BD:77:3D:86:15:93:CE:50:5D:6F:B8:74 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec82a459-cf20-418a-8b9d-03c08dc90b73.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 79.125.3.0/24 Signature Algorithm: sha256WithRSAEncryption 77:29:00:e6:53:15:86:a6:87:98:83:b6:44:b7:e4:c2:5c:98: eb:c2:87:8d:4f:a8:43:35:72:b3:58:d4:35:03:18:ee:40:96: ea:bb:ec:0e:17:10:8a:cb:1f:b3:a4:88:ff:ec:2f:c8:0e:0c: 13:a6:bd:3c:b1:a1:f3:71:04:9e:be:b1:ae:e9:4c:cc:33:9a: 59:00:61:ef:a3:4c:5f:e5:11:e0:6f:80:64:4f:b6:44:93:0f: bb:c0:68:2c:d2:0c:1e:af:45:8c:d1:c7:3a:e3:8e:01:2b:ce: e7:e3:2e:48:de:44:4f:f9:d2:bd:3d:5a:b0:83:e5:48:4b:4e: 32:ad:72:6b:19:78:2e:27:29:f8:c7:3d:15:c7:ef:ce:ca:73: 8b:0f:73:37:56:c4:75:f7:94:ad:3f:97:1b:73:62:05:5a:f8: 80:77:ed:b6:99:a5:77:b1:8e:a5:d3:f3:b9:14:31:0a:b9:da: b2:1f:54:57:a0:fe:7a:7c:97:73:c5:a3:1b:ad:87:01:d1:86: 18:84:10:2f:75:7e:94:14:43:a9:2f:28:18:ad:0f:58:80:ce: 5b:4c:fc:a7:d3:57:c2:3e:36:61:48:2d:b4:d4:03:72:97:58: 11:6a:3c:d4:53:95:d5:f0:fa:ef:13:e7:d4:d0:15:87:03:07: b5:39:d0:1e -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUcqrzz6sfmiD3uxeTLHEBbLFCBjswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTMwMTFaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDlmZmYzMjVjYjZhYzAzZjQzOGY5OTE2M2VmZWU1YzY5NjQ4ZDJlZWMzOTc1 ZTBiN2VmMjAyZTMxYjU2Njc3NDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMAFLBMQDclLe8iYAVI1ee3ND8MyUAZ6pJ2XdhGoIK/iqch8uc/aThOZ/BxJ D//e7DF70uOHfsDqYMT1indsk0xmK8ajAijauhVMhcCs01geRQvjyVg3YhcOnIRd AkdDIew4LmPCyp5aR2CEUZrKDUo9yzHjLAyKQc66YHgE3UylUh+8ctEJ0k7MR6iO RslQp8feSV2VFsp3yk7JJ/vnEU5ufdl7+lwQRzUHv2IY4UStB/f5sxCId8eJXf/5 1D2G4wTK9tj2knYZS8tS5KchM/dgUFToXV/8BnmcUxtI84UCafdOX8J8lihXX/Lj fONvW/fa7LDhFjwZnycqa+qQL9MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRofPre 7Lj32r13PYYVk85QXW+4dDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZWM4MmE0NTktY2YyMC00MThhLThiOWQtMDNjMDhkYzkwYjczLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE99AzAN BgkqhkiG9w0BAQsFAAOCAQEAdykA5lMVhqaHmIO2RLfkwlyY68KHjU+oQzVys1jU NQMY7kCW6rvsDhcQissfs6SI/+wvyA4ME6a9PLGh83EEnr6xrulMzDOaWQBh76NM X+UR4G+AZE+2RJMPu8BoLNIMHq9FjNHHOuOOASvO5+MuSN5ET/nSvT1asIPlSEtO Mq1yaxl4Licp+Mc9Fcfvzspziw9zN1bEdfeUrT+XG3NiBVr4gHfttpmld7GOpdPz uRQxCrnash9UV6D+enyXc8WjG62HAdGGGIQQL3V+lBRDqS8oGK0PWIDOW0z8p9NX wj42YUgttNQDcpdYEWo81FOV1fD67xPn1NAVhwMHtTnQHg== -----END CERTIFICATE-----Generated at Fri Jan 2 12:22:21 2026 by rpki-client