This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1730fb0f-afd2-4a40-b218-7d0df2b2a1e5.roa File: 1730fb0f-afd2-4a40-b218-7d0df2b2a1e5.roa (raw, json) Hash identifier: ai1/224LGZ4x8Eip/zZDlGhWSqm+bG+nwpfty35W2kU= Subject key identifier: 2D:04:6B:F3:48:F5:C2:E9:32:2A:7E:5F:07:7D:8B:A9:43:2D:60:AA Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 25F8387EA4B9834E6D6401910E4F7EDF01D1C5FB Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1730fb0f-afd2-4a40-b218-7d0df2b2a1e5.roa Signing time: Tue 25 Nov 2025 20:10:32 +0000 ROA not before: Tue 25 Nov 2025 20:10:32 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d073:80c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:f8:38:7e:a4:b9:83:4e:6d:64:01:91:0e:4f:7e:df:01:d1:c5:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 25 20:10:32 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=ed425f37047a486ef0396b51114273b8f6af17eac11a6f0c183e3239de42fd23, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:76:11:a0:3e:8c:86:bd:b0:c2:4d:87:af:81: 32:ba:88:59:48:55:98:50:61:a1:4d:77:91:a0:69: 11:e4:b1:70:62:31:bb:e0:8b:76:d5:2f:47:f9:83: a4:20:0f:8b:61:92:00:72:29:24:9f:2c:7b:1f:e6: 33:4a:48:d1:e7:7a:3a:c5:7d:98:78:90:39:da:43: e3:42:e8:f6:61:a5:d4:68:94:48:c3:47:eb:6f:00: 88:e9:60:eb:33:13:b5:ae:15:e4:8f:e4:a1:01:56: 04:3d:98:96:28:a7:e6:f8:f2:27:e6:d2:15:3f:9b: b8:79:ca:25:e5:62:a9:35:fe:91:91:f5:4c:18:c7: 4b:cd:84:c7:3d:74:da:7e:40:03:33:e7:da:b6:67: 7b:c2:b1:8a:5c:68:f6:b5:5e:14:8c:99:b1:6c:40: 3c:22:5d:3d:74:81:a8:c4:43:c6:c3:f2:d3:c4:08: e2:ae:3e:e9:6f:e0:90:a9:51:13:8b:1c:cb:ac:bc: 6c:c2:65:40:e2:8a:38:bf:16:4f:38:f8:1e:af:3b: 39:82:04:4f:30:87:60:d6:17:37:ba:2a:45:ce:fe: 30:54:62:47:c7:a8:bd:b6:c9:06:e2:a0:12:46:1c: 39:48:65:97:bd:ff:38:e9:f9:a5:85:4e:53:92:a0: 63:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:04:6B:F3:48:F5:C2:E9:32:2A:7E:5F:07:7D:8B:A9:43:2D:60:AA X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1730fb0f-afd2-4a40-b218-7d0df2b2a1e5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d073:80c0::/46 Signature Algorithm: sha256WithRSAEncryption c4:53:69:ff:4d:16:14:3a:40:f3:4d:70:07:18:30:88:58:ff: b7:c4:5f:fc:0d:ec:07:c9:ce:4e:7a:f1:df:92:41:ae:98:18: 70:9b:1c:d6:a5:13:e3:7b:ec:6d:04:37:c6:e9:2c:8d:bd:69: 95:ad:13:58:e8:4a:24:35:b8:94:8e:35:96:f9:a7:19:c8:d8: c8:0a:38:4a:3b:bd:d2:c4:0c:b2:90:ac:53:4a:aa:cb:dd:2b: ca:4e:87:7d:5c:9d:07:08:0b:d5:1d:0b:be:cb:fb:1e:13:1f: 88:e5:c8:b2:5a:0c:a5:40:6c:c7:90:30:2b:c2:70:7b:c3:0c: a3:50:23:57:0f:14:fd:06:cc:32:93:f8:af:6c:10:df:7c:fa: d1:ee:81:18:ab:fa:84:c1:88:38:78:4f:36:ee:cd:9a:30:0f: 71:9b:6e:0c:fb:7b:24:07:a2:b9:21:68:7d:49:3a:24:9d:22: c3:a3:33:8d:6f:85:fe:c4:34:7f:5a:75:f9:fb:2b:dc:e1:c1: 59:2e:20:bf:f8:ec:2b:19:8c:c3:cd:f9:36:12:ac:7c:49:e3: 8c:94:51:64:de:d3:fb:dc:7d:68:4c:a5:b7:7e:8f:07:6c:8f: 9f:61:b2:4e:bb:8e:b8:6a:38:7d:59:52:34:cc:0a:5d:20:33: d6:13:19:a0 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUJfg4fqS5g05tZAGRDk9+3wHRxfswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjUyMDEwMzJaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQGVkNDI1ZjM3MDQ3YTQ4NmVmMDM5NmI1MTExNDI3M2I4ZjZhZjE3ZWFjMTFh NmYwYzE4M2UzMjM5ZGU0MmZkMjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN52EaA+jIa9sMJNh6+BMrqIWUhVmFBhoU13kaBpEeSxcGIxu+CLdtUvR/mD pCAPi2GSAHIpJJ8sex/mM0pI0ed6OsV9mHiQOdpD40Lo9mGl1GiUSMNH628AiOlg 6zMTta4V5I/koQFWBD2Yliin5vjyJ+bSFT+buHnKJeViqTX+kZH1TBjHS82Exz10 2n5AAzPn2rZne8Kxilxo9rVeFIyZsWxAPCJdPXSBqMRDxsPy08QI4q4+6W/gkKlR E4scy6y8bMJlQOKKOL8WTzj4Hq87OYIETzCHYNYXN7oqRc7+MFRiR8eovbbJBuKg EkYcOUhll73/OOn5pYVOU5KgYzECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQtBGvz SPXC6TIqfl8HfYupQy1gqjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MTczMGZiMGYtYWZkMi00YTQwLWIyMTgtN2QwZGYyYjJhMWU1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOA wDANBgkqhkiG9w0BAQsFAAOCAQEAxFNp/00WFDpA801wBxgwiFj/t8Rf/A3sB8nO Tnrx35JBrpgYcJsc1qUT43vsbQQ3xuksjb1pla0TWOhKJDW4lI41lvmnGcjYyAo4 Sju90sQMspCsU0qqy90ryk6HfVydBwgL1R0Lvsv7HhMfiOXIsloMpUBsx5AwK8Jw e8MMo1AjVw8U/QbMMpP4r2wQ33z60e6BGKv6hMGIOHhPNu7NmjAPcZtuDPt7JAei uSFofUk6JJ0iw6MzjW+F/sQ0f1p1+fsr3OHBWS4gv/jsKxmMw835NhKsfEnjjJRR ZN7T+9x9aEylt36PB2yPn2GyTruOuGo4fVlSNMwKXSAz1hMZoA== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:44 2025 by rpki-client