This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1db7d6f9-20a2-495c-9303-96004ae64814.roa File: 1db7d6f9-20a2-495c-9303-96004ae64814.roa (raw, json) Hash identifier: sZwlXBkxbcl5wGOSKPLHLmxIfBWlmnF/zMcWpIYieTw= Subject key identifier: B9:9F:36:8C:6A:37:9A:61:1D:E2:13:3F:D8:31:F6:4D:71:27:ED:2C Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 63D1E042E9B702B48D9F4A7EB49CC1E57CEBECD1 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1db7d6f9-20a2-495c-9303-96004ae64814.roa Signing time: Thu 13 Nov 2025 02:00:43 +0000 ROA not before: Thu 13 Nov 2025 02:00:43 +0000 ROA not after: Thu 18 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06f:8c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:d1:e0:42:e9:b7:02:b4:8d:9f:4a:7e:b4:9c:c1:e5:7c:eb:ec:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 13 02:00:43 2025 GMT Not After : Dec 18 23:59:59 2025 GMT Subject: serialNumber=512569caaab61c13b50df3bd9e1bfcc6b793c050778d90f447ad1841add86028, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:66:80:76:af:3a:e9:d7:7c:68:ce:aa:c7:9e: f1:5c:70:43:fe:aa:80:ac:85:22:39:6d:e7:b1:f3: ea:84:da:e6:a4:70:15:db:46:99:29:42:34:db:b7: a0:9c:dd:96:f5:ba:b0:5b:b5:47:60:62:af:39:0f: 74:d5:55:be:5d:38:d7:b0:f7:b7:0c:c4:f6:8f:f6: 1d:f4:dc:d2:50:fa:2e:83:3b:c6:a4:06:26:cd:5e: 1e:3a:e3:8b:8d:92:96:46:51:4d:22:97:ab:99:dd: 11:d2:b4:5e:c7:e0:37:e0:3b:30:03:f0:7e:44:67: 86:86:58:76:b3:4a:b6:a5:85:61:47:85:e9:8d:07: 00:c3:98:22:a0:a1:13:e9:f3:a1:31:2b:c0:a3:61: 32:39:f0:ad:13:d5:7b:76:02:e5:29:9f:cc:e1:10: 17:ef:be:d2:62:6d:3b:6e:3c:b8:27:86:c2:1f:3b: aa:e8:e6:3a:4e:03:0c:6d:8c:00:bc:2c:61:aa:a1: 07:76:28:6e:13:ab:27:c0:0d:4d:f6:dd:8e:b7:75: a0:7b:9d:42:34:51:b3:86:82:de:b2:c3:a3:3f:da: 82:5a:8c:fb:bc:41:0c:04:28:b4:48:7c:56:c8:4a: 5b:a3:e9:0b:b7:ba:c5:45:0d:d1:1e:2a:a4:62:c4: dc:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:9F:36:8C:6A:37:9A:61:1D:E2:13:3F:D8:31:F6:4D:71:27:ED:2C X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1db7d6f9-20a2-495c-9303-96004ae64814.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06f:8c0::/48 Signature Algorithm: sha256WithRSAEncryption 4e:43:d6:66:06:34:60:34:51:17:02:9f:f6:4d:d2:7d:20:d1: 91:10:2a:d4:c4:8c:1f:4c:c5:ca:c5:ae:0e:cd:f4:64:8f:00: 8c:44:e2:2a:f5:e2:cc:6e:f3:fe:81:61:f5:cc:d7:9b:d4:ba: 37:66:98:76:8e:27:c8:d7:67:97:74:ce:90:a9:11:04:ed:93: b5:b8:4c:bc:40:a9:b4:d7:b4:9a:1e:ed:31:88:77:f4:79:f4: 12:71:d3:f8:6d:b9:c0:e2:c9:2e:9f:41:9d:23:a4:f2:ae:79: 35:e7:be:ee:28:3f:01:3b:3e:99:0e:1b:59:26:6b:76:2f:e2: 39:d6:5b:23:7a:f1:b7:23:1e:e1:2c:04:30:43:1d:53:e8:51: bc:a1:72:84:05:33:d1:71:4f:41:5a:1c:39:16:bc:c6:e6:3f: fe:94:27:6b:64:65:51:e0:c8:56:b0:3b:4a:eb:90:cb:53:b6: 3b:f1:c8:28:3b:a7:a7:e4:35:54:f2:e5:a6:71:63:6a:3c:07: df:38:ea:ed:8b:91:79:f3:f0:c2:e7:94:e6:c9:f0:20:ef:86: a7:d8:60:68:f8:4e:43:79:67:ec:e8:75:bc:38:ac:8c:fa:ae: 3c:0d:bb:02:96:b4:8c:1c:78:5a:fb:1d:31:6a:3c:41:b5:73: 07:df:7c:03 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUY9HgQum3ArSNn0p+tJzB5Xzr7NEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTMwMjAwNDNaFw0yNTEyMTgyMzU5NTlaMHoxSTBHBgNV BAUTQDUxMjU2OWNhYWFiNjFjMTNiNTBkZjNiZDllMWJmY2M2Yjc5M2MwNTA3Nzhk OTBmNDQ3YWQxODQxYWRkODYwMjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANRmgHavOunXfGjOqsee8VxwQ/6qgKyFIjlt57Hz6oTa5qRwFdtGmSlCNNu3 oJzdlvW6sFu1R2BirzkPdNVVvl0417D3twzE9o/2HfTc0lD6LoM7xqQGJs1eHjrj i42SlkZRTSKXq5ndEdK0XsfgN+A7MAPwfkRnhoZYdrNKtqWFYUeF6Y0HAMOYIqCh E+nzoTErwKNhMjnwrRPVe3YC5SmfzOEQF+++0mJtO248uCeGwh87qujmOk4DDG2M ALwsYaqhB3YobhOrJ8ANTfbdjrd1oHudQjRRs4aC3rLDoz/aglqM+7xBDAQotEh8 VshKW6PpC7e6xUUN0R4qpGLE3IkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS5nzaM ajeaYR3iEz/YMfZNcSftLDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MWRiN2Q2ZjktMjBhMi00OTVjLTkzMDMtOTYwMDRhZTY0ODE0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G8I wDANBgkqhkiG9w0BAQsFAAOCAQEATkPWZgY0YDRRFwKf9k3SfSDRkRAq1MSMH0zF ysWuDs30ZI8AjETiKvXizG7z/oFh9czXm9S6N2aYdo4nyNdnl3TOkKkRBO2TtbhM vECptNe0mh7tMYh39Hn0EnHT+G25wOLJLp9BnSOk8q55Nee+7ig/ATs+mQ4bWSZr di/iOdZbI3rxtyMe4SwEMEMdU+hRvKFyhAUz0XFPQVocORa8xuY//pQna2RlUeDI VrA7SuuQy1O2O/HIKDunp+Q1VPLlpnFjajwH3zjq7YuRefPwwueU5snwIO+Gp9hg aPhOQ3ln7Oh1vDisjPquPA27Apa0jBx4WvsdMWo8QbVzB998Aw== -----END CERTIFICATE-----Generated at Sat Dec 6 22:36:16 2025 by rpki-client