This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/012c9415-fd75-453f-91b6-b57a394d548d.roa File: 012c9415-fd75-453f-91b6-b57a394d548d.roa (raw, json) Hash identifier: mfZ29+SeI4f2uM/vi6F0HBdtbqrKIsyZK8EBN1RWIWw= Subject key identifier: 2B:B9:F7:8A:A5:83:6C:B1:43:D7:6A:20:D4:99:8D:22:F3:BB:AF:33 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1753F1388F441EDE7A3DC8FEE205FBDF2C8DB5D3 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/012c9415-fd75-453f-91b6-b57a394d548d.roa Signing time: Sat 06 Dec 2025 00:40:09 +0000 ROA not before: Sat 06 Dec 2025 00:40:09 +0000 ROA not after: Fri 06 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d035:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:53:f1:38:8f:44:1e:de:7a:3d:c8:fe:e2:05:fb:df:2c:8d:b5:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 6 00:40:09 2025 GMT Not After : Mar 6 23:59:59 2026 GMT Subject: serialNumber=13ed656d60143eca34d5a44be6ccf43619e65fc4c5a5843164946976cb003401, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:d3:65:e6:64:88:e5:a0:24:97:ab:7c:03:01: f7:80:00:ad:a9:07:48:fd:c5:db:2a:90:86:c1:fa: 74:08:18:43:0b:f4:31:24:ca:6b:78:48:18:f8:03: 2d:f4:11:c8:9b:11:56:15:a7:d4:48:c4:78:87:0b: 9d:83:e1:55:c6:ed:79:00:9d:41:89:88:11:26:1a: ce:8d:ab:6f:d2:68:cc:f0:e8:a3:bf:06:6b:0a:af: f4:1a:02:83:f9:a2:ff:a3:96:f5:60:b8:d6:5f:6d: 3c:28:55:50:7f:ed:09:f4:17:b2:2d:ff:8a:0b:8e: 04:2e:81:02:3f:5a:29:2d:a9:3e:6f:b5:26:da:6d: 91:92:f1:78:fb:17:ae:39:1e:bb:15:6c:ee:16:17: 50:cc:3e:a7:3f:d0:a3:ba:65:d1:de:7d:04:59:fb: 21:7b:c5:ff:20:70:25:47:a1:66:21:2f:79:32:69: c5:ee:7f:ee:95:6c:73:37:9e:ae:a8:fa:4a:e8:33: a1:ab:92:f0:7f:a0:fe:17:9b:85:b9:6d:05:a8:fe: 01:fa:b9:90:8f:fe:ea:cf:97:a2:e5:67:23:26:26: a4:93:ce:18:67:3d:84:74:24:4f:74:b3:ba:85:a8: 5f:4f:3f:29:ed:df:42:cb:d5:37:27:40:7d:fb:41: af:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:B9:F7:8A:A5:83:6C:B1:43:D7:6A:20:D4:99:8D:22:F3:BB:AF:33 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/012c9415-fd75-453f-91b6-b57a394d548d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d035:6000::/40 Signature Algorithm: sha256WithRSAEncryption bf:cd:b1:04:e6:98:21:04:70:42:45:d0:c1:ef:e3:55:06:2d: 1d:1f:b2:07:d8:1e:a1:55:ad:ac:75:cb:d0:57:6a:1a:85:f4: 45:13:a3:fe:aa:10:04:ad:78:c3:00:75:9e:86:5d:aa:40:78: 23:ff:13:13:dd:56:1a:67:3c:af:b3:48:e5:da:f4:e6:78:ae: 06:86:28:8e:65:ba:07:5f:7d:26:2f:f4:2e:29:c8:ad:70:8b: a5:08:d8:d9:4f:7c:65:06:ba:a6:c4:db:dc:33:1f:1d:70:c8: a4:92:e1:c2:50:a4:b0:d6:c0:e7:6a:88:0e:ca:5b:a8:d2:f3: 31:78:da:ce:c8:c3:4f:40:8b:a9:df:04:ef:e3:d6:49:f8:9a: 6e:67:d8:79:e1:27:8e:7a:57:ad:f9:d9:93:e0:a5:f9:89:82: cc:95:5f:7d:46:e1:bb:3b:3d:c0:a7:1c:03:f6:f2:44:7e:58: 7e:15:8b:fc:49:e2:62:41:38:9b:25:93:10:75:68:7a:e6:bd: 21:e1:e9:02:b0:0f:3e:2f:0e:1e:3c:10:fd:36:12:b4:6f:7d: 5c:4d:b7:7f:82:28:99:c3:ef:e3:08:6a:8d:37:ec:6f:6a:dc: 3a:91:9d:83:1b:c2:02:f2:dc:36:f9:a8:90:e3:86:97:a0:93: 9d:0d:ee:51 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUF1PxOI9EHt56Pcj+4gX73yyNtdMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDYwMDQwMDlaFw0yNjAzMDYyMzU5NTlaMHoxSTBHBgNV BAUTQDEzZWQ2NTZkNjAxNDNlY2EzNGQ1YTQ0YmU2Y2NmNDM2MTllNjVmYzRjNWE1 ODQzMTY0OTQ2OTc2Y2IwMDM0MDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK/TZeZkiOWgJJerfAMB94AArakHSP3F2yqQhsH6dAgYQwv0MSTKa3hIGPgD LfQRyJsRVhWn1EjEeIcLnYPhVcbteQCdQYmIESYazo2rb9JozPDoo78Gawqv9BoC g/mi/6OW9WC41l9tPChVUH/tCfQXsi3/iguOBC6BAj9aKS2pPm+1JtptkZLxePsX rjkeuxVs7hYXUMw+pz/Qo7pl0d59BFn7IXvF/yBwJUehZiEveTJpxe5/7pVsczee rqj6SugzoauS8H+g/hebhbltBaj+Afq5kI/+6s+XouVnIyYmpJPOGGc9hHQkT3Sz uoWoX08/Ke3fQsvVNydAfftBrx0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQrufeK pYNssUPXaiDUmY0i87uvMzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MDEyYzk0MTUtZmQ3NS00NTNmLTkxYjYtYjU3YTM5NGQ1NDhkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DVg MA0GCSqGSIb3DQEBCwUAA4IBAQC/zbEE5pghBHBCRdDB7+NVBi0dH7IH2B6hVa2s dcvQV2oahfRFE6P+qhAErXjDAHWehl2qQHgj/xMT3VYaZzyvs0jl2vTmeK4GhiiO ZboHX30mL/QuKcitcIulCNjZT3xlBrqmxNvcMx8dcMikkuHCUKSw1sDnaogOyluo 0vMxeNrOyMNPQIup3wTv49ZJ+JpuZ9h54SeOelet+dmT4KX5iYLMlV99RuG7Oz3A pxwD9vJEflh+FYv8SeJiQTibJZMQdWh65r0h4ekCsA8+Lw4ePBD9NhK0b31cTbd/ giiZw+/jCGqNN+xvatw6kZ2DG8IC8tw2+aiQ44aXoJOdDe5R -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:18 2025 by rpki-client