This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/207860c2-8f39-42e7-9631-e06b6a545c7d.roa File: 207860c2-8f39-42e7-9631-e06b6a545c7d.roa (raw, json) Hash identifier: VVwRaclqy1MQxFSWILK+gIgRKJM6Jcoj5+XR28AG8KA= Subject key identifier: 92:60:66:76:21:5D:47:F6:6B:75:13:E9:DE:5C:6A:81:0C:5F:E5:DD Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 54D16F7E0690CA300448E113B550A31DD5E22D23 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/207860c2-8f39-42e7-9631-e06b6a545c7d.roa Signing time: Sat 15 Nov 2025 06:00:33 +0000 ROA not before: Sat 15 Nov 2025 06:00:33 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d031:60c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:d1:6f:7e:06:90:ca:30:04:48:e1:13:b5:50:a3:1d:d5:e2:2d:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:00:33 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=d2d909782811ed223eb20e4791ed3281688f54b4dbf659b2d5e8c528e6c54157, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:20:cd:24:61:71:2e:98:02:36:55:7b:5c:58: 00:c7:d1:6b:40:c9:c1:1c:e2:2a:62:fa:67:21:77: 0e:61:80:32:cb:51:ba:93:57:3c:f7:8f:d7:5c:a0: b1:aa:f6:cd:69:b4:00:44:f6:ad:60:aa:2c:aa:20: 61:d1:e2:b6:8e:c8:38:6a:8a:f7:34:f9:c7:48:1c: 26:4d:c3:fe:94:f5:2e:34:79:0d:99:56:9e:15:0a: 3d:c2:02:6a:a8:84:c3:b2:0b:2b:4b:6a:8a:6e:ba: 81:08:89:a1:39:12:c9:99:7b:07:3a:e0:50:00:fb: 3a:aa:88:b5:91:42:07:04:48:c5:d2:b1:c7:38:8e: f9:64:0d:0b:09:52:6e:71:95:42:47:a3:27:3d:f9: a2:9e:bc:aa:a9:da:62:ea:a4:0d:71:32:c8:37:a5: 1c:76:74:7d:0a:ef:9c:ad:25:50:4c:7f:2d:81:6c: 44:f3:3d:d0:7f:04:89:d8:78:79:6e:d7:ec:3e:8e: 6f:33:d4:54:78:b3:5d:be:7e:74:9f:79:bc:df:74: d6:43:70:be:8d:fe:4e:2b:3f:be:8f:8a:b2:f8:1f: f9:b4:c9:f9:59:ca:78:dd:40:2a:38:99:2f:a5:f2: 73:9e:94:79:97:d8:9d:63:d6:6f:5f:f2:88:d9:b2: 2b:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:60:66:76:21:5D:47:F6:6B:75:13:E9:DE:5C:6A:81:0C:5F:E5:DD X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/207860c2-8f39-42e7-9631-e06b6a545c7d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d031:60c0::/48 Signature Algorithm: sha256WithRSAEncryption 7f:3a:15:f1:a9:5f:2f:df:87:59:92:cc:a7:3e:9f:c1:8e:a9: 3f:d5:9e:3c:0c:ed:dc:cb:5c:77:a8:8a:71:e2:e3:e4:a4:c9: c6:92:60:50:89:1b:b4:46:60:bd:ec:d7:4f:86:c7:bb:65:07: 68:56:f8:b0:95:1c:61:f8:88:e2:f1:51:64:be:86:80:52:c9: ed:f4:c9:d6:14:f9:f4:3d:94:22:4b:31:83:52:a7:97:43:4c: 2d:2f:5d:b5:fc:34:24:73:40:11:35:74:10:f8:27:bc:af:e4: 0e:81:6e:a5:37:b6:5e:5e:58:98:a2:b2:e3:80:29:f3:0e:98: 72:66:cc:6d:20:7d:b7:61:06:07:8b:45:ba:07:27:c7:81:93: 88:69:90:33:bc:a4:35:b2:3e:aa:6f:2c:7a:b3:53:dd:fa:6f: 2e:7a:87:ed:b4:af:98:43:63:01:dd:e7:78:fd:20:93:77:4b: 58:7f:31:e0:6e:5a:35:57:a4:a5:b9:b5:ce:13:c1:5c:a0:37: e5:59:e4:dc:9c:89:44:07:e9:08:f5:6e:d4:bb:0f:ef:39:3a: b5:ef:29:41:53:a8:ea:0f:41:64:f4:a9:51:d5:ea:3f:30:79: 1c:e8:1d:72:2b:38:84:04:6c:a3:82:58:b9:11:76:77:01:ac: 71:36:e0:d7 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUVNFvfgaQyjAESOETtVCjHdXiLSMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjAwMzNaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGQyZDkwOTc4MjgxMWVkMjIzZWIyMGU0NzkxZWQzMjgxNjg4ZjU0YjRkYmY2 NTliMmQ1ZThjNTI4ZTZjNTQxNTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALcgzSRhcS6YAjZVe1xYAMfRa0DJwRziKmL6ZyF3DmGAMstRupNXPPeP11yg sar2zWm0AET2rWCqLKogYdHito7IOGqK9zT5x0gcJk3D/pT1LjR5DZlWnhUKPcIC aqiEw7ILK0tqim66gQiJoTkSyZl7BzrgUAD7OqqItZFCBwRIxdKxxziO+WQNCwlS bnGVQkejJz35op68qqnaYuqkDXEyyDelHHZ0fQrvnK0lUEx/LYFsRPM90H8Eidh4 eW7X7D6ObzPUVHizXb5+dJ95vN901kNwvo3+Tis/vo+Ksvgf+bTJ+VnKeN1AKjiZ L6Xyc56UeZfYnWPWb1/yiNmyK/8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSSYGZ2 IV1H9mt1E+neXGqBDF/l3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MjA3ODYwYzItOGYzOS00MmU3LTk2MzEtZTA2YjZhNTQ1YzdkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFg wDANBgkqhkiG9w0BAQsFAAOCAQEAfzoV8alfL9+HWZLMpz6fwY6pP9WePAzt3Mtc d6iKceLj5KTJxpJgUIkbtEZgvezXT4bHu2UHaFb4sJUcYfiI4vFRZL6GgFLJ7fTJ 1hT59D2UIksxg1Knl0NMLS9dtfw0JHNAETV0EPgnvK/kDoFupTe2Xl5YmKKy44Ap 8w6YcmbMbSB9t2EGB4tFugcnx4GTiGmQM7ykNbI+qm8serNT3fpvLnqH7bSvmENj Ad3neP0gk3dLWH8x4G5aNVekpbm1zhPBXKA35Vnk3JyJRAfpCPVu1LsP7zk6te8p QVOo6g9BZPSpUdXqPzB5HOgdcis4hARso4JYuRF2dwGscTbg1w== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:47 2025 by rpki-client