This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cc0c357c-70c7-4a71-a34e-bf6fd8a1dc77.roa File: cc0c357c-70c7-4a71-a34e-bf6fd8a1dc77.roa (raw, json) Hash identifier: LRAHYn8pxyx40ouC0prNlTSokbSLe08XeH+JmoQ+6R4= Subject key identifier: 9C:BE:33:5A:29:31:1B:A6:1A:A6:B5:3F:7B:40:29:B9:6F:48:65:A0 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5E505C8729CEBCEB33B4397EE1DE646C2EC25837 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cc0c357c-70c7-4a71-a34e-bf6fd8a1dc77.roa Signing time: Mon 08 Dec 2025 02:10:23 +0000 ROA not before: Mon 08 Dec 2025 02:10:23 +0000 ROA not after: Sun 08 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06f:840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:50:5c:87:29:ce:bc:eb:33:b4:39:7e:e1:de:64:6c:2e:c2:58:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 8 02:10:23 2025 GMT Not After : Mar 8 23:59:59 2026 GMT Subject: serialNumber=da959c2533258444cda137f9e6cab589e28ee85e8bd2407f796d1e94a891253f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:53:fa:66:c4:ac:5b:ca:62:0f:87:57:d4:1d: 05:7c:da:8b:b2:f8:4a:24:26:87:4a:38:6e:8c:c3: 9f:68:c8:b1:ff:6d:df:77:8d:3b:95:fc:6c:1f:80: d2:59:dc:e8:9b:e3:28:a5:fb:30:df:c8:80:fa:7c: 77:39:0d:e6:76:5f:4b:ca:c8:1f:06:84:bb:5a:c6: 0a:2d:f7:a0:ab:fa:33:41:f6:c2:2e:c5:a6:07:1e: a1:e3:93:81:ae:a0:ef:05:ee:b0:a6:71:bd:cf:0c: 7c:c1:d8:c4:f2:24:1f:d6:6b:fc:47:60:14:73:a4: 42:a2:ad:60:b0:73:a5:17:5c:c2:89:8d:eb:42:ab: e9:2a:30:57:94:32:e2:ac:cf:0e:97:81:35:fa:3b: 5f:b0:35:2d:0c:73:ff:6d:fa:74:0d:1c:57:08:ea: 8e:75:fc:80:22:de:04:9a:37:3a:77:71:70:cd:bc: 92:3f:55:23:a7:a8:96:43:d9:3a:9c:af:ff:43:ee: d5:ab:3a:0d:40:9a:a0:92:71:6e:6a:a5:b2:0e:e7: 92:ec:c4:3e:f1:ed:96:9c:03:e9:39:f9:2d:f3:25: dd:6e:a3:82:6e:f4:78:55:e4:1b:81:ff:64:d4:77: 18:18:e6:71:b1:bd:7f:7f:68:29:46:1e:c0:fc:22: 7a:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:BE:33:5A:29:31:1B:A6:1A:A6:B5:3F:7B:40:29:B9:6F:48:65:A0 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cc0c357c-70c7-4a71-a34e-bf6fd8a1dc77.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06f:840::/48 Signature Algorithm: sha256WithRSAEncryption 15:8f:8e:0b:72:e7:70:d4:88:15:23:f3:0e:63:7e:c6:5e:55: 74:9b:73:c6:60:a1:3d:84:5b:13:d2:80:eb:31:75:4f:a2:1c: 38:5e:f4:8f:e7:a1:fd:28:40:7d:a8:5a:4c:56:97:36:44:b2: b4:45:51:fb:4e:8e:b1:1b:6d:98:1c:63:2c:9a:81:11:62:53: 96:5c:71:39:09:fc:ac:e6:19:b6:0d:df:86:64:59:f5:3f:1d: 80:88:62:c8:8f:ec:55:1d:17:99:e5:da:7b:db:ee:5c:57:c7: 60:74:df:db:d8:ff:fc:5b:de:6e:ba:fe:1f:5f:43:50:3c:ca: 59:56:c0:80:80:bb:b7:59:44:11:9c:e5:e4:06:51:1b:fa:dd: bd:f1:d8:29:09:c5:b9:9e:9c:ef:25:e4:55:93:54:7f:88:4f: 0b:2e:58:39:a5:d3:8b:1c:86:79:88:aa:01:00:e9:b6:b7:af: 5a:18:58:fb:b8:87:bc:39:89:25:02:9c:f2:e5:0d:86:43:e3: 0f:c1:fe:71:d6:ae:bd:0a:25:ff:b3:e8:73:19:23:24:89:48: c1:50:ae:19:5c:b9:ca:ac:a5:ed:1a:f1:e1:c6:4e:83:52:6c: c8:2e:d0:d8:3f:c9:0f:bf:32:37:0d:36:b0:51:86:89:33:15: fd:3e:7b:a5 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUXlBchynOvOsztDl+4d5kbC7CWDcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDgwMjEwMjNaFw0yNjAzMDgyMzU5NTlaMHoxSTBHBgNV BAUTQGRhOTU5YzI1MzMyNTg0NDRjZGExMzdmOWU2Y2FiNTg5ZTI4ZWU4NWU4YmQy NDA3Zjc5NmQxZTk0YTg5MTI1M2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKdT+mbErFvKYg+HV9QdBXzai7L4SiQmh0o4bozDn2jIsf9t33eNO5X8bB+A 0lnc6JvjKKX7MN/IgPp8dzkN5nZfS8rIHwaEu1rGCi33oKv6M0H2wi7FpgceoeOT ga6g7wXusKZxvc8MfMHYxPIkH9Zr/EdgFHOkQqKtYLBzpRdcwomN60Kr6SowV5Qy 4qzPDpeBNfo7X7A1LQxz/236dA0cVwjqjnX8gCLeBJo3OndxcM28kj9VI6eolkPZ Opyv/0Pu1as6DUCaoJJxbmqlsg7nkuzEPvHtlpwD6Tn5LfMl3W6jgm70eFXkG4H/ ZNR3GBjmcbG9f39oKUYewPwiepMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBScvjNa KTEbphqmtT97QCm5b0hloDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2MwYzM1N2MtNzBjNy00YTcxLWEzNGUtYmY2ZmQ4YTFkYzc3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G8I QDANBgkqhkiG9w0BAQsFAAOCAQEAFY+OC3LncNSIFSPzDmN+xl5VdJtzxmChPYRb E9KA6zF1T6IcOF70j+eh/ShAfahaTFaXNkSytEVR+06OsRttmBxjLJqBEWJTllxx OQn8rOYZtg3fhmRZ9T8dgIhiyI/sVR0XmeXae9vuXFfHYHTf29j//Fvebrr+H19D UDzKWVbAgIC7t1lEEZzl5AZRG/rdvfHYKQnFuZ6c7yXkVZNUf4hPCy5YOaXTixyG eYiqAQDptrevWhhY+7iHvDmJJQKc8uUNhkPjD8H+cdauvQol/7PocxkjJIlIwVCu GVy5yqyl7Rrx4cZOg1JsyC7Q2D/JD78yNw02sFGGiTMV/T57pQ== -----END CERTIFICATE-----Generated at Mon Dec 15 19:47:20 2025 by rpki-client