This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa File: db2d9177-e3d4-459e-980d-b68f027facc9.roa (raw, json) Hash identifier: fL5rScSIPt7bW0vuVSL12p2cK0zHyGt1kGq+I0qxt5c= Subject key identifier: AE:68:DA:88:4D:E1:B2:D7:08:7A:CA:88:3E:72:98:9D:A6:A5:F2:34 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 24F7380EEE6141E4CAF9112535AA7910C4A12144 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa Signing time: Wed 10 Dec 2025 06:01:01 +0000 ROA not before: Wed 10 Dec 2025 06:01:01 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 14618 IP address blocks: 176.32.96.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:f7:38:0e:ee:61:41:e4:ca:f9:11:25:35:aa:79:10:c4:a1:21:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:01:01 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=4d70a75691ef26d1554e2c5bd5603a6bbec1e34057badc21b22a575496f461c6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:87:47:37:23:88:1e:c1:b9:46:3a:4d:f3:61: 08:a3:f5:c6:85:43:3e:0d:83:3c:c3:6d:71:f3:93: 04:60:2d:7c:2f:86:2a:76:b5:2c:7c:a9:3a:79:78: 9a:a7:93:f6:03:cb:fc:3c:3d:e6:d9:b7:96:ae:1f: 33:05:f9:43:88:9d:d2:ad:2d:f8:e1:d8:b4:34:20: 01:b0:44:6d:0a:3c:06:5d:a6:29:03:a2:dd:aa:34: ec:41:5f:c7:5f:03:94:b9:c0:60:74:66:ff:38:29: 36:df:fb:6b:9a:da:07:0b:4e:a8:55:c9:1e:f0:43: 84:d2:f1:f0:bb:f8:17:62:ab:54:c8:5a:be:42:05: f3:c9:43:08:17:ff:2c:a2:e6:68:2d:b8:12:c1:93: e1:6a:90:ef:4a:a3:f5:71:5a:b0:9f:1b:9c:4b:99: 3c:42:9c:32:ef:59:bf:9d:ba:a4:c5:ad:a6:f7:f5: 64:12:2e:f5:cb:58:6c:ac:94:3c:09:f9:cb:96:d6: 49:82:74:e8:b2:c8:f8:05:f9:f9:8e:62:03:16:d0: be:fa:df:2c:43:2d:10:6a:b5:01:79:04:ac:d0:37: 31:04:46:60:83:47:dc:6b:e0:6e:4f:9e:97:f4:2a: 6f:5e:e2:2e:6d:a1:b2:09:e7:fc:3e:52:a9:75:2d: ff:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:68:DA:88:4D:E1:B2:D7:08:7A:CA:88:3E:72:98:9D:A6:A5:F2:34 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.32.96.0/21 Signature Algorithm: sha256WithRSAEncryption 42:c7:2c:0b:3c:cc:1a:de:12:8a:0c:f7:2b:9a:d2:20:8f:e0: 8b:ea:cd:6e:4e:b0:9c:cf:10:fc:00:7d:1d:0a:58:2b:b3:74: b1:8f:03:fd:87:be:02:f3:14:0c:53:1c:5b:9b:4f:7d:13:92: fa:d7:0f:3a:c5:36:fe:bf:47:e6:9e:61:72:a0:09:36:f2:33: c9:43:07:d7:c1:48:13:09:6d:5e:19:42:4f:1b:82:74:34:90: da:2b:c7:e5:e1:06:61:3a:e9:89:de:2c:9b:be:0e:3d:e4:a5: a3:47:26:55:c6:1e:dc:98:92:31:25:f7:fd:bc:06:20:40:5f: a5:3e:a1:be:76:69:72:96:d8:e5:e8:4f:0d:67:14:d6:c7:c9: 0b:dd:08:a0:95:6b:1d:11:d8:66:da:ed:df:6f:f9:a9:a7:e0: 9f:03:06:8b:4f:c5:97:8c:e0:cd:34:46:c4:77:11:9a:e9:df: 7f:4b:ab:da:be:37:d7:5e:92:be:21:90:4f:74:1d:de:10:6d: 46:d0:cd:4c:2b:b0:c9:c6:04:86:78:c3:c6:df:a8:7e:a7:ae: 58:b2:c2:f0:39:83:97:43:86:e8:8c:60:32:ec:52:89:af:42: fb:38:ff:f6:d0:57:d2:0f:e2:4e:8f:fe:20:0e:42:08:8b:85: ce:45:22:16 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUJPc4Du5hQeTK+RElNap5EMShIUQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjAxMDFaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDRkNzBhNzU2OTFlZjI2ZDE1NTRlMmM1YmQ1NjAzYTZiYmVjMWUzNDA1N2Jh ZGMyMWIyMmE1NzU0OTZmNDYxYzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOqHRzcjiB7BuUY6TfNhCKP1xoVDPg2DPMNtcfOTBGAtfC+GKna1LHypOnl4 mqeT9gPL/Dw95tm3lq4fMwX5Q4id0q0t+OHYtDQgAbBEbQo8Bl2mKQOi3ao07EFf x18DlLnAYHRm/zgpNt/7a5raBwtOqFXJHvBDhNLx8Lv4F2KrVMhavkIF88lDCBf/ LKLmaC24EsGT4WqQ70qj9XFasJ8bnEuZPEKcMu9Zv526pMWtpvf1ZBIu9ctYbKyU PAn5y5bWSYJ06LLI+AX5+Y5iAxbQvvrfLEMtEGq1AXkErNA3MQRGYINH3Gvgbk+e l/Qqb17iLm2hsgnn/D5SqXUt/x0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSuaNqI TeGy1wh6yog+cpidpqXyNDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZGIyZDkxNzctZTNkNC00NTllLTk4MGQtYjY4ZjAyN2ZhY2M5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgYDAN BgkqhkiG9w0BAQsFAAOCAQEAQscsCzzMGt4Sigz3K5rSII/gi+rNbk6wnM8Q/AB9 HQpYK7N0sY8D/Ye+AvMUDFMcW5tPfROS+tcPOsU2/r9H5p5hcqAJNvIzyUMH18FI EwltXhlCTxuCdDSQ2ivH5eEGYTrpid4sm74OPeSlo0cmVcYe3JiSMSX3/bwGIEBf pT6hvnZpcpbY5ehPDWcU1sfJC90IoJVrHRHYZtrt32/5qafgnwMGi0/Fl4zgzTRG xHcRmunff0ur2r43116SviGQT3Qd3hBtRtDNTCuwycYEhnjDxt+ofqeuWLLC8DmD l0OG6IxgMuxSia9C+zj/9tBX0g/iTo/+IA5CCIuFzkUiFg== -----END CERTIFICATE-----Generated at Tue Dec 16 09:42:38 2025 by rpki-client