This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ca11d15-d37b-4319-9b90-152e667f85ef.roa File: 0ca11d15-d37b-4319-9b90-152e667f85ef.roa (raw, json) Hash identifier: t0LTyINlaj6eChAOfF2LfHkPoXcSGfC5c2O2hMQM/lI= Subject key identifier: F0:8A:2D:2D:92:FB:DA:F9:86:3E:4F:F5:56:AF:E2:6B:2A:CC:DD:35 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 02287E4F4E1ABE02027EE7FF06AE635F58DCE2F2 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ca11d15-d37b-4319-9b90-152e667f85ef.roa Signing time: Tue 18 Nov 2025 00:30:15 +0000 ROA not before: Tue 18 Nov 2025 00:30:15 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06d:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:28:7e:4f:4e:1a:be:02:02:7e:e7:ff:06:ae:63:5f:58:dc:e2:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 18 00:30:15 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=de52a2c10119efc1fedb797ca3b669f09b4c62f6db9eb50d56ac52d60a93fee0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:7d:59:64:ef:fc:2d:d0:1b:50:14:7c:7f:df: d0:c1:98:85:09:e6:b5:ea:2b:8b:0a:69:36:ed:f3: 43:63:28:cf:59:be:5f:a1:1a:00:e9:64:6e:60:3c: ba:15:05:45:93:8a:97:9b:58:6e:d2:3b:60:7a:47: a4:4e:c0:6a:a7:f3:95:0c:c5:e6:49:dc:f7:fc:87: 72:b8:64:63:1b:d0:06:35:cd:e8:91:3b:30:5c:57: 88:67:c0:05:4d:55:c5:7d:a5:db:a2:c4:00:fd:b6: 7a:0c:59:fb:ce:86:19:6c:19:74:d2:f5:1e:08:88: 4c:d0:15:25:34:79:fa:a6:6e:fc:5b:ca:50:6b:42: 17:ce:e4:95:1c:a7:3e:1b:45:9f:f1:2e:77:db:6e: 8f:fa:e9:7b:20:35:9e:f0:7a:4a:5d:cf:c7:b2:12: 1c:d7:3f:55:1a:fd:e8:b6:c0:48:40:99:b3:67:f2: d0:bc:65:ae:98:82:7b:d2:97:97:06:27:ea:7c:da: db:2d:89:49:f4:7c:4f:c7:7b:ee:68:05:0a:76:05: 2a:01:ec:ee:77:7c:0a:97:b1:5e:d5:a0:bd:ea:98: ff:a3:3d:69:d2:ab:a3:25:3c:7b:9f:98:b6:86:f1: 8b:b9:98:04:f9:c3:ef:a8:e2:e5:67:1e:b3:e1:26: f9:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:8A:2D:2D:92:FB:DA:F9:86:3E:4F:F5:56:AF:E2:6B:2A:CC:DD:35 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ca11d15-d37b-4319-9b90-152e667f85ef.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06d:6000::/40 Signature Algorithm: sha256WithRSAEncryption 35:75:ca:3a:e8:83:dc:52:7e:36:10:70:c3:10:8f:6e:17:2c: 76:41:f3:66:50:f5:58:fb:ce:57:30:89:8d:71:cb:6c:09:95: e8:d5:20:69:d2:73:2b:41:1f:29:7b:ee:c1:53:64:87:bf:e0: dd:2b:a3:61:a3:6f:42:77:0a:27:ba:a4:f9:3e:6f:aa:ab:93: 86:d3:d0:2f:df:b1:05:5a:f2:df:ce:04:a0:70:9b:96:eb:f0: e9:d5:a6:24:75:a1:f3:94:34:f2:7d:3d:8a:e2:75:7a:96:f1: 0d:52:35:5c:64:ef:ba:bd:e1:ed:3d:dc:ec:34:ec:d1:5c:15: f4:5e:55:d1:98:39:29:5a:73:35:ec:a9:2b:8b:6e:a9:58:5f: 73:ae:70:e6:28:4b:27:6d:7b:64:a8:c8:53:73:19:9b:27:9d: 9e:1b:ea:59:b1:cf:0e:38:f6:f8:34:42:6f:a5:45:ba:05:86: 51:20:05:bf:92:d3:5b:c0:c8:3e:66:aa:00:3e:89:27:73:47: e1:b6:cf:c9:b4:bc:04:cb:c0:6e:1f:fe:61:2f:4a:e4:40:ed: 1a:92:90:9a:77:d5:db:d9:e0:4d:23:1c:30:85:c5:da:5b:d6: 96:22:61:c8:71:ca:aa:4a:9a:f1:b1:05:07:ea:01:31:d0:c3: 70:81:0a:46 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUAih+T04avgICfuf/Bq5jX1jc4vIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTgwMDMwMTVaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQGRlNTJhMmMxMDExOWVmYzFmZWRiNzk3Y2EzYjY2OWYwOWI0YzYyZjZkYjll YjUwZDU2YWM1MmQ2MGE5M2ZlZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKd9WWTv/C3QG1AUfH/f0MGYhQnmteoriwppNu3zQ2Moz1m+X6EaAOlkbmA8 uhUFRZOKl5tYbtI7YHpHpE7AaqfzlQzF5knc9/yHcrhkYxvQBjXN6JE7MFxXiGfA BU1VxX2l26LEAP22egxZ+86GGWwZdNL1HgiITNAVJTR5+qZu/FvKUGtCF87klRyn PhtFn/Eud9tuj/rpeyA1nvB6Sl3Px7ISHNc/VRr96LbASECZs2fy0LxlrpiCe9KX lwYn6nza2y2JSfR8T8d77mgFCnYFKgHs7nd8CpexXtWgveqY/6M9adKroyU8e5+Y tobxi7mYBPnD76ji5Wces+Em+d0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTwii0t kvva+YY+T/VWr+JrKszdNTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MGNhMTFkMTUtZDM3Yi00MzE5LTliOTAtMTUyZTY2N2Y4NWVmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G1g MA0GCSqGSIb3DQEBCwUAA4IBAQA1dco66IPcUn42EHDDEI9uFyx2QfNmUPVY+85X MImNcctsCZXo1SBp0nMrQR8pe+7BU2SHv+DdK6Nho29CdwonuqT5Pm+qq5OG09Av 37EFWvLfzgSgcJuW6/Dp1aYkdaHzlDTyfT2K4nV6lvENUjVcZO+6veHtPdzsNOzR XBX0XlXRmDkpWnM17Kkri26pWF9zrnDmKEsnbXtkqMhTcxmbJ52eG+pZsc8OOPb4 NEJvpUW6BYZRIAW/ktNbwMg+ZqoAPoknc0fhts/JtLwEy8BuH/5hL0rkQO0akpCa d9Xb2eBNIxwwhcXaW9aWImHIccqqSprxsQUH6gEx0MNwgQpG -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:53 2025 by rpki-client