This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0934ec3d-adc9-4da3-a247-ea0ad001df47.roa File: 0934ec3d-adc9-4da3-a247-ea0ad001df47.roa (raw, json) Hash identifier: QkcEhtQpfvBNuUhMCpRNFUJ+vDSmM0nVc8j1thNGpSg= Subject key identifier: 24:D0:95:CB:87:28:F9:27:52:D1:E9:8C:EB:C7:D5:43:8B:D4:A1:DE Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5BF5446A5CBE0C796BDD5180FD363603BDDBBA54 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0934ec3d-adc9-4da3-a247-ea0ad001df47.roa Signing time: Sun 23 Nov 2025 01:30:33 +0000 ROA not before: Sun 23 Nov 2025 01:30:33 +0000 ROA not after: Sat 21 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06a:e000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:f5:44:6a:5c:be:0c:79:6b:dd:51:80:fd:36:36:03:bd:db:ba:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 23 01:30:33 2025 GMT Not After : Feb 21 23:59:59 2026 GMT Subject: serialNumber=2cda231b374967ed1b4fa2b96d64c97606b56edfad4e7d855ccc288ec2c65ac9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:8f:35:69:1b:9f:a1:68:9e:a4:06:7f:82:76: b6:15:c9:af:64:ea:3c:cb:cc:2c:99:ce:7e:6d:45: 91:8c:bb:bd:b6:97:2c:dd:7c:ce:5d:94:2a:ea:8a: cb:f8:f7:78:89:46:76:c1:e0:57:1c:b4:00:76:5d: df:a4:27:02:03:d6:85:9a:9d:e0:c1:f8:49:1f:f2: 88:6a:fa:87:85:64:37:0b:95:63:2c:65:b2:d3:f2: 23:59:78:02:a8:d4:4c:1e:30:7a:aa:95:78:d5:58: e8:46:22:1f:4b:bc:52:95:be:e8:7c:f9:eb:2c:ce: 20:8f:d7:45:07:8a:32:31:b6:07:0e:05:53:41:2d: f0:cc:bc:59:36:71:83:4d:e6:44:d4:c8:4b:b9:a9: aa:85:3d:8f:c7:23:c6:01:95:9e:55:63:c5:2b:25: 28:8c:5f:3d:b6:2f:fe:98:f0:f7:99:35:2a:3b:b4: c4:6b:6f:ce:6e:e4:4f:68:47:1e:33:39:d2:97:f7: 21:17:79:36:30:50:6d:9a:5b:74:e9:11:31:58:63: 8d:13:1b:89:d5:85:b3:79:ce:fa:ca:8c:64:b5:d1: f5:ad:db:8d:74:c4:65:5a:d6:f5:35:1d:80:2b:fb: 78:45:3f:2b:33:8d:4f:5f:f1:60:51:7e:06:4b:ea: 11:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:D0:95:CB:87:28:F9:27:52:D1:E9:8C:EB:C7:D5:43:8B:D4:A1:DE X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0934ec3d-adc9-4da3-a247-ea0ad001df47.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06a:e000::/40 Signature Algorithm: sha256WithRSAEncryption 8b:18:dc:01:0a:f6:ea:69:fe:e8:e6:2d:32:d9:a6:04:31:c8: 1f:8d:ce:eb:ef:e0:3a:9a:3d:0b:c7:e3:cd:99:7f:82:d4:a2: 7c:27:87:e2:fa:93:9e:e9:08:f2:44:0d:d6:47:f8:57:bd:bd: db:42:30:26:a3:d2:7f:f7:6b:dc:d3:54:91:5c:12:a8:0d:15: 45:7d:9a:32:d2:41:ea:3e:16:b7:0c:ce:2b:cb:95:1d:89:9c: 5b:31:69:e4:eb:bf:22:2e:ae:29:d0:f0:4f:23:ff:c9:c2:d0: 04:59:66:d5:09:86:0d:a8:c1:99:34:4f:10:90:7a:b8:31:a3: 2f:94:04:12:6f:76:70:e7:50:ef:cd:7c:4d:4a:9d:0b:77:82: 93:4f:bf:48:d0:54:e0:cc:99:56:e1:5e:19:f9:01:ed:96:5f: 4f:ad:3c:77:2e:f8:f1:7a:99:60:28:10:14:6b:10:f7:5f:8d: 6a:1f:48:8e:1d:6a:1d:ba:01:61:c7:25:2d:cf:d6:d0:e1:96: ad:1d:c4:dd:eb:e0:0f:5b:e8:1e:8c:3a:61:c0:43:32:e0:9f: 2b:7b:9e:f6:03:7f:f6:de:69:f4:fe:40:87:8c:50:39:b8:66: 66:97:2e:08:22:11:0d:15:d5:71:19:68:ff:7b:af:59:a9:a1: 25:12:5d:c4 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUW/VEaly+DHlr3VGA/TY2A73bulQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjMwMTMwMzNaFw0yNjAyMjEyMzU5NTlaMHoxSTBHBgNV BAUTQDJjZGEyMzFiMzc0OTY3ZWQxYjRmYTJiOTZkNjRjOTc2MDZiNTZlZGZhZDRl N2Q4NTVjY2MyODhlYzJjNjVhYzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALuPNWkbn6FonqQGf4J2thXJr2TqPMvMLJnOfm1FkYy7vbaXLN18zl2UKuqK y/j3eIlGdsHgVxy0AHZd36QnAgPWhZqd4MH4SR/yiGr6h4VkNwuVYyxlstPyI1l4 AqjUTB4weqqVeNVY6EYiH0u8UpW+6Hz56yzOII/XRQeKMjG2Bw4FU0Et8My8WTZx g03mRNTIS7mpqoU9j8cjxgGVnlVjxSslKIxfPbYv/pjw95k1Kju0xGtvzm7kT2hH HjM50pf3IRd5NjBQbZpbdOkRMVhjjRMbidWFs3nO+sqMZLXR9a3bjXTEZVrW9TUd gCv7eEU/KzONT1/xYFF+BkvqEdkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQk0JXL hyj5J1LR6Yzrx9VDi9Sh3jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MDkzNGVjM2QtYWRjOS00ZGEzLWEyNDctZWEwYWQwMDFkZjQ3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Grg MA0GCSqGSIb3DQEBCwUAA4IBAQCLGNwBCvbqaf7o5i0y2aYEMcgfjc7r7+A6mj0L x+PNmX+C1KJ8J4fi+pOe6QjyRA3WR/hXvb3bQjAmo9J/92vc01SRXBKoDRVFfZoy 0kHqPha3DM4ry5UdiZxbMWnk678iLq4p0PBPI//JwtAEWWbVCYYNqMGZNE8QkHq4 MaMvlAQSb3Zw51DvzXxNSp0Ld4KTT79I0FTgzJlW4V4Z+QHtll9PrTx3Lvjxeplg KBAUaxD3X41qH0iOHWodugFhxyUtz9bQ4ZatHcTd6+APW+gejDphwEMy4J8re572 A3/23mn0/kCHjFA5uGZmly4IIhENFdVxGWj/e69ZqaElEl3E -----END CERTIFICATE-----Generated at Sat Dec 6 21:51:31 2025 by rpki-client