This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1af8ee5d-0148-4672-a9da-a1980cfe4768.roa File: 1af8ee5d-0148-4672-a9da-a1980cfe4768.roa (raw, json) Hash identifier: OYFhFSXgSR1R6TRK1Iu+a1vNmcIGYZFih2noFZoDsSw= Subject key identifier: 95:00:A3:AE:C2:A8:18:8C:3B:94:2D:C6:20:DE:2C:D2:49:9E:78:EE Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1441ED3EB432118F161328BDA1E217489D136095 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1af8ee5d-0148-4672-a9da-a1980cfe4768.roa Signing time: Sat 15 Nov 2025 06:20:07 +0000 ROA not before: Sat 15 Nov 2025 06:20:07 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d031:8080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:41:ed:3e:b4:32:11:8f:16:13:28:bd:a1:e2:17:48:9d:13:60:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:20:07 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=38344e53867b4dafc2e46d188d6a20eb139924744b08a3c967211781d2793008, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:2e:cb:42:b0:81:80:e0:9e:e5:a5:8c:16:1e: 9f:41:6c:e1:1a:5b:b0:5f:0f:b5:0c:aa:00:20:98: 98:4e:38:7e:58:13:f0:bd:c9:df:ce:4a:87:ea:d5: b1:87:d8:62:1e:de:72:a0:11:7f:1e:0a:18:31:0c: a8:71:b1:5f:34:51:bc:46:eb:fd:8b:b0:39:5d:a1: 39:3f:0c:0f:06:30:fa:e4:67:cc:1a:bd:ea:6d:4a: 71:64:ed:7e:20:ac:da:17:6b:69:6d:ab:6c:96:6f: b9:3c:4c:b8:1a:cd:fc:7c:1f:b2:ed:11:62:ff:34: d6:63:54:79:ac:2a:e9:d6:81:16:3e:57:06:ce:9e: 02:dc:66:9f:96:23:bb:86:16:22:48:9f:33:51:4b: 38:5f:a1:cc:ee:cb:3c:64:ed:bc:c3:a4:8f:aa:10: 51:90:c9:b0:e3:28:f9:43:73:8e:80:ad:bf:7a:52: e3:e1:01:3d:17:ec:a2:03:bd:46:e2:ff:9d:ce:a6: 2a:6e:cc:54:36:1e:43:81:d3:5e:3b:f7:84:b7:3c: 78:5e:9c:3a:f9:fa:10:55:d7:bd:5a:8a:4b:75:c6: 4a:cb:c4:24:ce:6c:dd:bd:ee:02:fc:43:eb:8c:0c: 16:3f:6d:80:59:29:d7:a3:56:f6:da:3a:a7:ec:78: 80:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:00:A3:AE:C2:A8:18:8C:3B:94:2D:C6:20:DE:2C:D2:49:9E:78:EE X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1af8ee5d-0148-4672-a9da-a1980cfe4768.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d031:8080::/48 Signature Algorithm: sha256WithRSAEncryption 3c:9c:31:11:e1:c2:65:69:70:65:2f:be:bc:c1:e6:cd:2f:85: 10:09:e4:67:1d:1b:4b:c5:fb:0d:e6:f1:4b:be:04:fe:95:6e: 61:07:94:80:3f:93:cb:1d:63:82:c6:af:20:15:07:fc:f7:02: 39:71:b1:46:40:f3:1b:5b:44:b8:66:c5:47:cf:b1:39:0b:5c: fd:c4:36:bf:66:8d:f9:0d:ad:b6:75:aa:3a:15:32:5e:88:28: a0:f9:2a:23:85:55:3c:5e:bb:47:ce:51:8c:88:f8:4b:23:48: 5e:b9:18:48:14:46:60:55:43:b5:03:d8:97:c2:9b:43:aa:7b: 76:58:32:e6:ef:73:b5:a7:c8:a4:3b:08:07:45:48:67:a1:0a: 79:4f:bc:d5:04:c7:b2:4a:d1:4d:5c:93:c8:61:96:de:30:10: db:a1:86:6a:b4:2d:4d:e9:c5:33:b0:89:18:cb:fa:31:e4:51: 94:65:be:65:dd:fa:75:a1:64:71:85:d3:a6:2c:40:88:72:df: ca:a6:ff:fb:17:86:d5:53:f3:ee:f8:aa:c2:8b:60:b2:70:11: 6e:89:ed:6b:81:b6:d9:15:4d:c0:3c:b3:84:ce:7b:9a:f9:ba: 1c:f2:c1:a6:9a:be:60:54:a4:08:9c:ca:c1:48:6c:f3:3f:be: c1:2b:03:12 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUFEHtPrQyEY8WEyi9oeIXSJ0TYJUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjIwMDdaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDM4MzQ0ZTUzODY3YjRkYWZjMmU0NmQxODhkNmEyMGViMTM5OTI0NzQ0YjA4 YTNjOTY3MjExNzgxZDI3OTMwMDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN4uy0KwgYDgnuWljBYen0Fs4RpbsF8PtQyqACCYmE44flgT8L3J385Kh+rV sYfYYh7ecqARfx4KGDEMqHGxXzRRvEbr/YuwOV2hOT8MDwYw+uRnzBq96m1KcWTt fiCs2hdraW2rbJZvuTxMuBrN/Hwfsu0RYv801mNUeawq6daBFj5XBs6eAtxmn5Yj u4YWIkifM1FLOF+hzO7LPGTtvMOkj6oQUZDJsOMo+UNzjoCtv3pS4+EBPRfsogO9 RuL/nc6mKm7MVDYeQ4HTXjv3hLc8eF6cOvn6EFXXvVqKS3XGSsvEJM5s3b3uAvxD 64wMFj9tgFkp16NW9to6p+x4gJ8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSVAKOu wqgYjDuULcYg3izSSZ547jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MWFmOGVlNWQtMDE0OC00NjcyLWE5ZGEtYTE5ODBjZmU0NzY4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGA gDANBgkqhkiG9w0BAQsFAAOCAQEAPJwxEeHCZWlwZS++vMHmzS+FEAnkZx0bS8X7 DebxS74E/pVuYQeUgD+Tyx1jgsavIBUH/PcCOXGxRkDzG1tEuGbFR8+xOQtc/cQ2 v2aN+Q2ttnWqOhUyXogooPkqI4VVPF67R85RjIj4SyNIXrkYSBRGYFVDtQPYl8Kb Q6p7dlgy5u9ztafIpDsIB0VIZ6EKeU+81QTHskrRTVyTyGGW3jAQ26GGarQtTenF M7CJGMv6MeRRlGW+Zd36daFkcYXTpixAiHLfyqb/+xeG1VPz7viqwotgsnARbont a4G22RVNwDyzhM57mvm6HPLBppq+YFSkCJzKwUhs8z++wSsDEg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:49 2025 by rpki-client