This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa File: 1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa (raw, json) Hash identifier: qbyKzhgtC5wmj5PzZAhR1jioC0ip8zjk9AHL9woI9T0= Subject key identifier: 60:59:14:63:81:0B:98:FB:EA:B3:03:CB:9A:B1:BA:DF:C3:6D:78:DE Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 01D4849BDC1D3550D5DFC4671B384EB6786F7D8A Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa Signing time: Sat 15 Nov 2025 05:40:12 +0000 ROA not before: Sat 15 Nov 2025 05:40:12 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:e000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:d4:84:9b:dc:1d:35:50:d5:df:c4:67:1b:38:4e:b6:78:6f:7d:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:40:12 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=a77bb1731ae9ac279a2effd12298038dfdaafd14f315529d74d1e96ea9e248b3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:c3:49:e3:9b:2f:e9:b5:bb:a3:ab:ac:aa:62: fa:09:94:2a:a8:de:40:e9:5e:c4:8d:ed:59:e6:90: 0b:49:bb:dc:c9:60:ce:f3:78:d0:63:b1:0a:fc:cb: 57:91:d0:7e:5d:ff:85:b4:f3:28:a5:ad:1c:7a:cb: 31:69:10:76:ec:9e:70:95:4e:4c:5d:ff:00:08:40: 36:e3:b3:09:9e:44:7a:76:91:e4:9a:c7:d5:1b:54: bb:f0:99:17:7a:d7:5d:b3:ca:4a:bc:db:99:2a:40: ad:d1:7b:68:50:0d:b8:ce:4b:89:62:3e:63:9b:ba: 3c:e1:d9:e6:d4:34:4f:51:b0:ac:c9:e3:e8:b3:ae: 8b:ed:34:bf:18:1f:f5:6e:d3:81:05:1c:34:08:1e: 9a:18:9d:7b:bc:4f:0f:52:64:c2:7c:8c:91:f3:2f: 51:4c:da:b8:b2:fb:c1:e0:eb:91:c8:c2:41:e8:61: a6:61:9b:fc:83:39:7c:a7:09:a6:6f:51:13:a3:de: 99:ac:23:a9:e9:a3:c5:9f:e5:a0:1c:a9:f2:9c:d3: 49:07:c9:9e:ef:07:f8:2e:f7:43:88:66:99:84:7a: c3:48:cc:fe:9c:b6:5d:8d:4c:a0:09:d5:02:c6:f6: 5e:a5:78:10:e6:3d:8e:b7:1c:37:d1:f0:f4:f9:c4: 98:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:59:14:63:81:0B:98:FB:EA:B3:03:CB:9A:B1:BA:DF:C3:6D:78:DE X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:e000::/40 Signature Algorithm: sha256WithRSAEncryption a7:4d:5d:9d:ab:bf:9c:0e:5e:a2:91:e4:62:27:71:4b:41:4d: 0a:48:d5:0f:95:bc:98:82:60:95:70:54:1b:5f:f3:25:93:1a: cd:9f:a9:d0:30:29:9e:5b:33:81:8d:d4:60:48:2c:a7:5a:aa: 3c:6b:36:00:6f:55:db:6f:f3:f2:f2:a8:15:eb:31:f2:3f:9f: ed:de:26:02:19:d5:b7:85:16:83:a7:c5:77:58:f3:c9:4a:01: a7:08:1b:3e:26:41:7f:80:8f:3c:8c:62:a9:83:74:0e:ae:9b: df:f1:b6:7c:1c:50:e2:b9:bf:f2:28:39:bd:44:3f:9f:df:7d: a1:a5:56:54:8a:7f:13:91:35:96:d2:ba:cc:dd:eb:21:ba:4f: 16:7c:b4:b5:5c:3f:55:11:73:6b:dd:cc:b2:1b:dd:44:af:89: 84:86:2e:a6:0a:a6:ad:9b:5d:40:c9:9b:c7:e1:97:be:e2:6f: 40:af:86:06:26:57:87:ec:c6:d7:ee:f4:73:45:27:08:09:c6: 3b:76:32:c3:b0:ba:b1:d8:79:17:6d:ea:08:bd:5a:c7:dd:0c: f2:14:1c:52:43:0e:ba:f6:11:1a:29:72:0f:ff:cf:92:cc:b5: 4b:65:69:f0:3b:dc:1c:88:1b:50:3c:5d:30:e3:bc:71:8b:3e: df:56:f9:c4 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUAdSEm9wdNVDV38RnGzhOtnhvfYowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTQwMTJaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGE3N2JiMTczMWFlOWFjMjc5YTJlZmZkMTIyOTgwMzhkZmRhYWZkMTRmMzE1 NTI5ZDc0ZDFlOTZlYTllMjQ4YjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANPDSeObL+m1u6OrrKpi+gmUKqjeQOlexI3tWeaQC0m73MlgzvN40GOxCvzL V5HQfl3/hbTzKKWtHHrLMWkQduyecJVOTF3/AAhANuOzCZ5EenaR5JrH1RtUu/CZ F3rXXbPKSrzbmSpArdF7aFANuM5LiWI+Y5u6POHZ5tQ0T1GwrMnj6LOui+00vxgf 9W7TgQUcNAgemhide7xPD1JkwnyMkfMvUUzauLL7weDrkcjCQehhpmGb/IM5fKcJ pm9RE6PemawjqemjxZ/loByp8pzTSQfJnu8H+C73Q4hmmYR6w0jM/py2XY1MoAnV Asb2XqV4EOY9jrccN9Hw9PnEmJkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRgWRRj gQuY++qzA8uasbrfw2143jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MWE4NzU3YTMtNWIwZS00NDczLTlhM2ItODc2Y2MxMzRlMmJkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ADg MA0GCSqGSIb3DQEBCwUAA4IBAQCnTV2dq7+cDl6ikeRiJ3FLQU0KSNUPlbyYgmCV cFQbX/MlkxrNn6nQMCmeWzOBjdRgSCynWqo8azYAb1Xbb/Py8qgV6zHyP5/t3iYC GdW3hRaDp8V3WPPJSgGnCBs+JkF/gI88jGKpg3QOrpvf8bZ8HFDiub/yKDm9RD+f 332hpVZUin8TkTWW0rrM3eshuk8WfLS1XD9VEXNr3cyyG91Er4mEhi6mCqatm11A yZvH4Ze+4m9Ar4YGJleH7MbX7vRzRScICcY7djLDsLqx2HkXbeoIvVrH3QzyFBxS Qw669hEaKXIP/8+SzLVLZWnwO9wciBtQPF0w47xxiz7fVvnE -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:32 2025 by rpki-client