This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ec007f6-6684-43b6-8751-2e5b258a98b3.roa File: 1ec007f6-6684-43b6-8751-2e5b258a98b3.roa (raw, json) Hash identifier: pi9bpnWqRW2BTsM7vkHfzRkK+E5NwNWH9APQukDzKUA= Subject key identifier: 1E:3F:1F:B7:04:BD:D6:7D:77:8A:A4:25:91:04:B2:38:9E:CC:C2:72 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 53C426F63170966E643FD4E9B213A1BF04990267 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ec007f6-6684-43b6-8751-2e5b258a98b3.roa Signing time: Wed 10 Dec 2025 05:40:07 +0000 ROA not before: Wed 10 Dec 2025 05:40:07 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d034:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 14:30:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:c4:26:f6:31:70:96:6e:64:3f:d4:e9:b2:13:a1:bf:04:99:02:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:40:07 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=872b07388d41eaa9e60c559d97a172f3f21837cc48b85439fc48caf7482f7e58, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:a3:29:a2:67:7d:06:e3:d4:14:53:dd:0c:44: 44:86:c5:82:c9:33:9c:fe:dc:8e:0f:19:d4:2e:60: 43:5f:cf:af:8a:3c:41:da:65:e2:5a:26:39:79:4d: 62:69:07:4c:50:f0:c7:ef:c5:75:da:53:96:06:0e: 16:f6:41:63:4b:84:f7:4d:24:26:cb:da:c5:a7:d1: 69:65:c2:50:0e:a3:b4:7e:a3:c7:7b:fe:56:ab:a8: f2:d9:b6:c0:8f:2e:c3:64:14:35:3a:40:6b:5b:4f: 93:9c:11:24:25:91:63:9f:bc:21:a6:ba:5b:18:37: 16:e9:05:90:79:5f:ac:9b:30:ce:d8:4b:35:fe:7a: b8:16:3f:cf:b4:ba:c3:38:36:ef:4c:65:0e:eb:31: b1:62:a3:7d:8d:1c:f0:6c:04:d9:13:18:cc:b7:ec: 1a:c0:44:ce:a7:cd:4e:2c:1b:c3:c7:a8:d4:18:2a: 29:2f:4b:3f:37:c0:b5:f8:53:01:4e:55:f2:0e:45: ec:64:20:20:d9:8b:36:5a:c8:f8:01:2f:1c:1f:d0: 56:d0:99:63:f7:ee:cb:66:eb:d0:14:70:76:93:e0: 91:94:1b:67:80:06:e8:c5:e6:dd:73:84:ad:d7:76: e7:60:26:12:56:ba:9e:5f:c5:75:3b:66:d9:db:38: 40:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:3F:1F:B7:04:BD:D6:7D:77:8A:A4:25:91:04:B2:38:9E:CC:C2:72 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ec007f6-6684-43b6-8751-2e5b258a98b3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d034:2000::/40 Signature Algorithm: sha256WithRSAEncryption b6:83:a2:7e:e2:f0:10:1a:61:b1:09:b9:8e:33:36:e9:93:b4: fc:27:f2:6f:f2:50:9f:57:34:95:3f:e3:f4:fc:be:8a:13:09: 4b:47:02:6b:95:2a:f9:db:37:73:2a:f0:b8:23:46:01:b4:6b: 79:cd:7e:b5:ad:9e:b5:cf:5c:12:d7:7c:29:bb:d8:d1:2c:d9: 6a:d8:72:9b:88:4a:92:9d:ae:c3:54:55:f1:79:77:1e:92:e1: 5a:c6:db:69:a1:da:fb:b6:cf:36:81:38:6b:9e:f1:87:41:34: 26:55:eb:a2:2a:82:9d:50:fc:3c:5d:55:68:73:88:58:71:fc: 7d:d8:72:d4:60:a9:e5:63:07:72:16:2e:92:ec:9f:57:1d:2e: 17:da:7f:b9:02:df:28:06:e1:e7:a4:b1:34:06:17:7b:f3:3b: 62:34:5a:8d:f9:f1:cd:d3:92:d6:38:25:00:a0:5d:83:58:a0: d9:46:64:48:ac:49:49:d9:1a:17:73:f2:98:2f:84:b3:9c:50: a5:34:21:95:bc:1a:30:0c:d5:9a:8d:53:33:87:da:19:23:2e: 4f:f1:e3:b0:b6:b7:be:52:85:72:7c:b6:9a:e6:2d:54:cc:64: 92:24:4d:90:f6:89:dd:7b:c8:04:21:99:43:8e:04:44:d9:c0: 3c:db:e3:93 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUU8Qm9jFwlm5kP9TpshOhvwSZAmcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTQwMDdaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDg3MmIwNzM4OGQ0MWVhYTllNjBjNTU5ZDk3YTE3MmYzZjIxODM3Y2M0OGI4 NTQzOWZjNDhjYWY3NDgyZjdlNTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOSjKaJnfQbj1BRT3QxERIbFgskznP7cjg8Z1C5gQ1/Pr4o8Qdpl4lomOXlN YmkHTFDwx+/FddpTlgYOFvZBY0uE900kJsvaxafRaWXCUA6jtH6jx3v+Vquo8tm2 wI8uw2QUNTpAa1tPk5wRJCWRY5+8Iaa6Wxg3FukFkHlfrJswzthLNf56uBY/z7S6 wzg270xlDusxsWKjfY0c8GwE2RMYzLfsGsBEzqfNTiwbw8eo1BgqKS9LPzfAtfhT AU5V8g5F7GQgINmLNlrI+AEvHB/QVtCZY/fuy2br0BRwdpPgkZQbZ4AG6MXm3XOE rdd252AmEla6nl/FdTtm2ds4QCsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQePx+3 BL3WfXeKpCWRBLI4nszCcjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MWVjMDA3ZjYtNjY4NC00M2I2LTg3NTEtMmU1YjI1OGE5OGIzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DQg MA0GCSqGSIb3DQEBCwUAA4IBAQC2g6J+4vAQGmGxCbmOMzbpk7T8J/Jv8lCfVzSV P+P0/L6KEwlLRwJrlSr52zdzKvC4I0YBtGt5zX61rZ61z1wS13wpu9jRLNlq2HKb iEqSna7DVFXxeXcekuFaxttpodr7ts82gThrnvGHQTQmVeuiKoKdUPw8XVVoc4hY cfx92HLUYKnlYwdyFi6S7J9XHS4X2n+5At8oBuHnpLE0Bhd78ztiNFqN+fHN05LW OCUAoF2DWKDZRmRIrElJ2RoXc/KYL4SznFClNCGVvBowDNWajVMzh9oZIy5P8eOw tre+UoVyfLaa5i1UzGSSJE2Q9onde8gEIZlDjgRE2cA82+OT -----END CERTIFICATE-----Generated at Mon Dec 15 17:05:09 2025 by rpki-client