This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa File: 7dbe70b9-8807-4382-b0db-753dfbe69012.roa (raw, json) Hash identifier: F4I/wSmEFUBtXc5PLzcUxbD8u64vvdIeZvZ/b1HaY48= Subject key identifier: 54:A4:D3:5A:9D:D1:51:15:C0:6E:AD:8F:C8:EA:D7:B7:59:43:EF:A5 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1B6779C26F0F0334C8BEAC084FBD586C1D4C22DC Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa Signing time: Wed 10 Dec 2025 06:30:13 +0000 ROA not before: Wed 10 Dec 2025 06:30:13 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d01b::/37 maxlen: 37 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:67:79:c2:6f:0f:03:34:c8:be:ac:08:4f:bd:58:6c:1d:4c:22:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:30:13 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=73523609b9da4d2e5168a69cc8d3766b622aab649636f87eb28978ef264ca538, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:7b:d6:1c:7f:a5:07:91:2b:6b:2b:4a:93:43: ad:f6:0f:26:4a:f4:88:ad:ec:56:bb:b2:23:5e:db: 16:62:7c:70:57:86:b0:cb:3a:05:7d:47:35:7d:08: 2c:e3:a4:32:72:f5:87:76:e6:ef:a1:03:c7:cd:f4: 15:0d:f5:8b:26:8e:ff:88:b7:7c:e7:80:2b:f3:f3: 82:1c:29:d4:20:45:3b:e7:93:56:f1:19:ef:22:91: 9c:50:89:27:2e:b7:0d:5c:79:99:2a:b0:c1:85:ea: 13:79:e1:b7:c2:42:83:80:e7:27:6d:c1:94:6a:40: 6c:03:f1:21:84:fe:38:f2:45:7f:fd:42:fc:37:c7: 13:e1:b3:9b:dc:e2:e4:c3:57:f1:e2:60:b2:81:a8: d3:87:a2:38:e9:26:bc:6d:a2:79:d4:bc:ef:4a:65: 52:c3:76:a2:fe:35:cc:e2:94:16:21:ae:8f:6d:e1: f7:5d:05:68:a9:6e:9e:5f:31:a0:13:66:45:f9:50: 23:ed:fd:ec:f9:7a:70:44:a9:05:8e:8a:66:70:41: c6:4b:13:1f:32:8b:f6:0b:7c:a3:1c:2c:b5:e7:f4: 58:a9:6a:64:23:9f:02:71:4e:f8:71:59:da:40:01: 02:92:c8:11:c8:10:45:6e:e0:bf:5e:ad:c0:6b:8b: fe:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:A4:D3:5A:9D:D1:51:15:C0:6E:AD:8F:C8:EA:D7:B7:59:43:EF:A5 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d01b::/37 Signature Algorithm: sha256WithRSAEncryption 05:db:1e:5e:e5:dc:10:ff:b2:a2:f0:fd:db:e6:90:84:c5:f6: 71:57:4b:b3:38:c4:11:79:a1:65:5f:99:f7:a4:46:79:b0:6a: 2d:32:f5:8e:5b:6a:8b:74:ef:3e:60:a7:d6:e9:6e:dc:ce:36: f0:a4:25:03:61:a7:84:8b:ea:d8:99:a7:1f:ae:c5:b6:93:31: 7c:04:50:d9:4a:dd:e3:14:ce:d2:0e:1c:09:3e:62:eb:52:cf: c2:4e:c7:3a:b0:18:9f:d8:21:58:81:32:17:7f:28:d7:67:3e: 67:53:1a:66:9c:e3:87:c9:7f:3a:f8:d1:84:48:c5:b2:5b:37: b3:5c:55:d6:06:a6:58:43:b9:02:23:19:55:09:49:f3:d1:cb: d9:c0:78:7d:63:f0:51:2c:89:4f:60:5d:8c:01:86:8c:5d:74: cc:3f:46:82:ed:28:60:f3:8d:0d:de:9c:ee:f7:d4:41:a9:e8: f9:58:77:ee:dc:1e:fa:93:f5:ad:3c:2a:aa:da:fd:94:9b:75: 04:87:d9:dd:5e:26:9d:9f:29:b6:9e:93:2d:2b:df:ef:6e:f2: a4:de:3f:85:ac:69:bb:a5:e4:e8:f9:98:7c:62:91:77:c9:e5: b5:d4:bd:ac:6f:21:73:d3:08:a1:31:97:68:fa:c9:01:cb:a0: d5:ef:51:4f -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUG2d5wm8PAzTIvqwIT71YbB1MItwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjMwMTNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDczNTIzNjA5YjlkYTRkMmU1MTY4YTY5Y2M4ZDM3NjZiNjIyYWFiNjQ5NjM2 Zjg3ZWIyODk3OGVmMjY0Y2E1MzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM571hx/pQeRK2srSpNDrfYPJkr0iK3sVruyI17bFmJ8cFeGsMs6BX1HNX0I LOOkMnL1h3bm76EDx830FQ31iyaO/4i3fOeAK/Pzghwp1CBFO+eTVvEZ7yKRnFCJ Jy63DVx5mSqwwYXqE3nht8JCg4DnJ23BlGpAbAPxIYT+OPJFf/1C/DfHE+Gzm9zi 5MNX8eJgsoGo04eiOOkmvG2iedS870plUsN2ov41zOKUFiGuj23h910FaKlunl8x oBNmRflQI+397Pl6cESpBY6KZnBBxksTHzKL9gt8oxwstef0WKlqZCOfAnFO+HFZ 2kABApLIEcgQRW7gv16twGuL/jcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRUpNNa ndFRFcBurY/I6te3WUPvpTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv N2RiZTcwYjktODgwNy00MzgyLWIwZGItNzUzZGZiZTY5MDEyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0BsA MA0GCSqGSIb3DQEBCwUAA4IBAQAF2x5e5dwQ/7Ki8P3b5pCExfZxV0uzOMQReaFl X5n3pEZ5sGotMvWOW2qLdO8+YKfW6W7czjbwpCUDYaeEi+rYmacfrsW2kzF8BFDZ St3jFM7SDhwJPmLrUs/CTsc6sBif2CFYgTIXfyjXZz5nUxpmnOOHyX86+NGESMWy WzezXFXWBqZYQ7kCIxlVCUnz0cvZwHh9Y/BRLIlPYF2MAYaMXXTMP0aC7Shg840N 3pzu99RBqej5WHfu3B76k/WtPCqq2v2Um3UEh9ndXiadnym2npMtK9/vbvKk3j+F rGm7peTo+Zh8YpF3yeW11L2sbyFz0wihMZdo+skBy6DV71FP -----END CERTIFICATE-----Generated at Tue Dec 16 09:42:07 2025 by rpki-client