This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a961f3a-fb71-4357-a4fc-28c4024b0441.roa File: 1a961f3a-fb71-4357-a4fc-28c4024b0441.roa (raw, json) Hash identifier: 7uOd1/SWDLv+zIqbX+BxtOxgO2bjjbLGkH+cDGqBqKw= Subject key identifier: D2:E7:45:D6:B7:2D:DC:36:04:B9:96:00:3C:C9:A1:08:36:35:F2:9B Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3E3623DD5F0A7029F7E52A47D8667E12EA59A516 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a961f3a-fb71-4357-a4fc-28c4024b0441.roa Signing time: Tue 02 Dec 2025 02:00:06 +0000 ROA not before: Tue 02 Dec 2025 02:00:06 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000::/25 maxlen: 25 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:36:23:dd:5f:0a:70:29:f7:e5:2a:47:d8:66:7e:12:ea:59:a5:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 2 02:00:06 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=e23d3c7bf3afc151de4bf5904fc61c06d4cf60a3a07686aaaf55dcd87d6e32aa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:b8:78:3b:21:41:7d:ce:f6:ea:f4:9a:ca:fd: ba:44:03:81:7a:5d:77:8a:a2:62:99:07:9f:65:8c: 08:82:eb:f2:1b:13:57:e9:ff:f0:b0:64:f9:6c:88: b8:c2:80:e9:40:3a:50:8c:41:09:99:fe:d7:b3:f2: 6e:b5:7a:e4:7b:1e:cd:f6:7c:a7:d1:b8:35:8f:0a: f1:03:84:8e:f4:1b:4b:76:02:b1:fb:3b:6b:fb:21: 40:6d:c3:f0:3b:85:b2:56:72:9d:dc:53:0c:0b:cc: 60:63:e7:9a:bb:12:88:88:92:e2:a6:14:50:6a:28: d6:a4:40:00:9f:ac:3b:f4:c3:f1:63:c0:f5:68:d8: 8f:54:30:64:91:55:65:de:35:ae:a6:96:65:dd:67: 8e:eb:bf:94:39:22:04:42:ea:19:06:5b:9b:57:a4: e8:5d:09:70:15:84:cb:b3:d8:f7:64:01:49:de:b7: 3a:d0:18:c2:c9:73:2d:6a:9a:2d:d8:7e:d0:ac:e9: 2b:05:78:f2:55:db:93:0c:4e:85:df:36:98:3b:2e: 45:9d:41:8f:a4:8c:77:3d:38:39:d1:e0:64:61:c8: 4b:d4:19:a9:f7:11:be:da:18:46:52:97:66:55:ba: 67:21:7e:13:80:3d:ba:60:6c:5e:58:3f:c7:e7:f0: ac:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:E7:45:D6:B7:2D:DC:36:04:B9:96:00:3C:C9:A1:08:36:35:F2:9B X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a961f3a-fb71-4357-a4fc-28c4024b0441.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000::/25 Signature Algorithm: sha256WithRSAEncryption b7:01:d0:93:74:55:07:ae:7b:cc:96:55:d7:1e:76:b3:ff:08: 1e:96:7c:ca:19:16:60:84:56:5b:00:94:99:e3:e9:c5:81:91: f5:b4:50:ea:98:6f:50:07:f5:d9:9d:bd:cf:f5:e6:2a:9d:ba: fb:b7:f5:16:5b:b5:cb:2b:f8:50:c5:e9:90:93:32:9a:52:0b: 1e:5d:7b:3e:6a:aa:b4:fe:c6:cf:43:39:32:e3:f3:d3:bb:84: 67:fd:33:a3:c5:55:63:6e:cf:4c:25:dc:1a:1a:df:a5:16:b5: c2:24:03:50:cb:97:cc:ba:af:6b:2a:5f:39:64:eb:5a:4c:7d: 47:77:09:85:f9:32:9b:02:41:10:ab:39:51:db:48:1c:95:65: 18:dd:4a:16:bd:9d:48:5b:52:6a:c1:c1:f5:14:73:5a:b1:2d: a3:3a:7c:ac:e3:09:7f:c6:ac:12:be:94:3b:07:80:57:ae:ec: f8:34:fc:a2:46:49:24:8b:f5:e1:36:ae:9f:95:a6:9a:c6:ad: fb:46:1d:8f:fc:4d:99:f5:5f:f0:97:aa:df:9b:d4:f0:ca:e7: e1:b3:c6:1d:81:86:91:f2:51:8e:24:7c:ef:0b:e4:af:85:3a: ba:3a:15:fa:d9:e7:c2:6d:4e:47:c5:26:95:43:95:e6:07:e8: a2:98:6a:ba -----BEGIN CERTIFICATE----- MIIFXzCCBEegAwIBAgIUPjYj3V8KcCn35SpH2GZ+EupZpRYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDIwMjAwMDZaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGUyM2QzYzdiZjNhZmMxNTFkZTRiZjU5MDRmYzYxYzA2ZDRjZjYwYTNhMDc2 ODZhYWFmNTVkY2Q4N2Q2ZTMyYWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKa4eDshQX3O9ur0msr9ukQDgXpdd4qiYpkHn2WMCILr8hsTV+n/8LBk+WyI uMKA6UA6UIxBCZn+17PybrV65HsezfZ8p9G4NY8K8QOEjvQbS3YCsfs7a/shQG3D 8DuFslZyndxTDAvMYGPnmrsSiIiS4qYUUGoo1qRAAJ+sO/TD8WPA9WjYj1QwZJFV Zd41rqaWZd1njuu/lDkiBELqGQZbm1ek6F0JcBWEy7PY92QBSd63OtAYwslzLWqa Ldh+0KzpKwV48lXbkwxOhd82mDsuRZ1Bj6SMdz04OdHgZGHIS9QZqfcRvtoYRlKX ZlW6ZyF+E4A9umBsXlg/x+fwrL0CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTS50XW ty3cNgS5lgA8yaEINjXymzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MWE5NjFmM2EtZmI3MS00MzU3LWE0ZmMtMjhjNDAyNGIwNDQxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFByoF0AAw DQYJKoZIhvcNAQELBQADggEBALcB0JN0VQeue8yWVdcedrP/CB6WfMoZFmCEVlsA lJnj6cWBkfW0UOqYb1AH9dmdvc/15iqduvu39RZbtcsr+FDF6ZCTMppSCx5dez5q qrT+xs9DOTLj89O7hGf9M6PFVWNuz0wl3Boa36UWtcIkA1DLl8y6r2sqXzlk61pM fUd3CYX5MpsCQRCrOVHbSByVZRjdSha9nUhbUmrBwfUUc1qxLaM6fKzjCX/GrBK+ lDsHgFeu7Pg0/KJGSSSL9eE2rp+VpprGrftGHY/8TZn1X/CXqt+b1PDK5+Gzxh2B hpHyUY4kfO8L5K+FOro6FfrZ58JtTkfFJpVDleYH6KKYaro= -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:55 2025 by rpki-client