This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/207860c2-8f39-42e7-9631-e06b6a545c7d.roa File: 207860c2-8f39-42e7-9631-e06b6a545c7d.roa (raw, json) Hash identifier: BeGKlpL0J/C255nGxwbk7T4w+ZQIpw4aCuCekV1t8MA= Subject key identifier: DB:05:3C:D9:A2:3A:85:AF:3B:95:FA:3E:5F:81:F8:20:1E:A4:8A:1E Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 072AD354B1BE51D00BE0783C73B1362142208541 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/207860c2-8f39-42e7-9631-e06b6a545c7d.roa Signing time: Wed 10 Dec 2025 05:50:56 +0000 ROA not before: Wed 10 Dec 2025 05:50:56 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d031:60c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:2a:d3:54:b1:be:51:d0:0b:e0:78:3c:73:b1:36:21:42:20:85:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:50:56 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=9a555bc68cd1ea81e8db09bcd22487f13961c1833598df11b6fd3b4956a3fb57, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:0c:3c:fc:73:0e:13:84:22:18:1c:4c:a6:04: f6:c3:0e:7a:e2:ad:8a:e1:78:2e:bf:ee:9c:50:8b: 66:d7:d4:07:74:02:1f:0e:39:86:54:66:d3:61:ea: 30:44:bb:c9:4d:63:8b:c6:82:a1:2b:76:92:99:33: e7:f3:cf:5e:4a:7c:ad:76:25:56:5a:34:11:ee:2c: 40:00:ff:b0:a7:1a:7e:3c:88:1b:ca:18:9c:ae:12: d4:10:7c:83:47:22:dd:09:aa:3a:97:75:ef:f2:07: d0:53:c7:09:01:55:ec:e7:00:78:99:1e:5b:98:ab: 7e:6d:c4:fc:02:1d:72:52:e3:11:cd:d9:d1:45:8f: 1e:b7:32:28:4e:73:48:3c:cf:51:3b:da:c6:a5:b7: 8a:9b:ff:31:e9:da:b1:30:cb:0a:e7:0d:54:d4:b3: 12:b6:ae:18:28:70:4b:68:2d:ed:0e:a5:ce:a4:40: cf:64:3e:e7:c7:8e:40:ad:cf:16:f1:b4:79:43:84: d6:44:f5:bf:48:e7:98:52:74:12:58:85:e6:b9:95: 70:77:24:dd:39:90:63:b7:2c:cd:b2:68:3a:dc:e2: 5a:dc:90:d0:c8:8f:9d:d2:75:6d:6b:10:d5:7a:73: 89:a5:ec:86:39:b0:68:89:62:1f:fe:43:a2:95:a3: c1:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:05:3C:D9:A2:3A:85:AF:3B:95:FA:3E:5F:81:F8:20:1E:A4:8A:1E X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/207860c2-8f39-42e7-9631-e06b6a545c7d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d031:60c0::/48 Signature Algorithm: sha256WithRSAEncryption 65:77:36:ab:fe:82:9d:7e:b4:81:36:28:97:d7:ec:4e:73:56: 8a:b9:6e:00:26:3d:d3:60:e0:e7:94:28:c3:b0:39:aa:e1:c5: 2f:b5:b8:56:68:31:c2:12:0c:a5:63:96:79:e2:ba:f4:83:6b: c5:b5:be:8a:9a:4c:ef:eb:9e:e6:92:c9:5c:e5:23:ac:44:b3: b1:5a:8c:13:e2:45:2d:79:10:85:70:5a:56:3d:51:dc:00:c7: 5d:11:05:24:3e:3b:b5:74:bd:b1:3e:4f:c1:e2:69:21:eb:35: 3f:e1:de:a3:57:26:2d:5f:24:24:4e:87:9c:60:69:6c:57:15: d8:c6:62:a3:60:29:79:81:47:bb:1d:b3:49:ad:6a:2d:c3:64: 8a:f4:d0:c8:09:57:1e:61:9c:24:d3:78:e8:ff:85:5e:3c:b6: 93:86:3a:3e:61:86:51:b7:68:01:3c:8a:98:55:7c:00:4b:a4: 02:36:7b:68:84:84:a4:8c:7e:85:a3:ff:53:af:db:d0:b8:43: 6f:cf:85:fc:06:fe:ae:ba:be:a7:55:93:c9:98:c7:de:32:e6: d5:f9:b9:b0:b6:a9:6e:bb:80:86:35:0b:ab:16:eb:0a:a6:fb: 62:8c:6a:27:d5:be:0b:f6:a9:14:ed:69:3b:47:0d:78:b1:43: 73:f8:42:3c -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUByrTVLG+UdAL4Hg8c7E2IUIghUEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTUwNTZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDlhNTU1YmM2OGNkMWVhODFlOGRiMDliY2QyMjQ4N2YxMzk2MWMxODMzNTk4 ZGYxMWI2ZmQzYjQ5NTZhM2ZiNTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOEMPPxzDhOEIhgcTKYE9sMOeuKtiuF4Lr/unFCLZtfUB3QCHw45hlRm02Hq MES7yU1ji8aCoSt2kpkz5/PPXkp8rXYlVlo0Ee4sQAD/sKcafjyIG8oYnK4S1BB8 g0ci3QmqOpd17/IH0FPHCQFV7OcAeJkeW5irfm3E/AIdclLjEc3Z0UWPHrcyKE5z SDzPUTvaxqW3ipv/MenasTDLCucNVNSzErauGChwS2gt7Q6lzqRAz2Q+58eOQK3P FvG0eUOE1kT1v0jnmFJ0EliF5rmVcHck3TmQY7cszbJoOtziWtyQ0MiPndJ1bWsQ 1XpziaXshjmwaIliH/5DopWjwU0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTbBTzZ ojqFrzuV+j5fgfggHqSKHjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MjA3ODYwYzItOGYzOS00MmU3LTk2MzEtZTA2YjZhNTQ1YzdkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFg wDANBgkqhkiG9w0BAQsFAAOCAQEAZXc2q/6CnX60gTYol9fsTnNWirluACY902Dg 55Qow7A5quHFL7W4VmgxwhIMpWOWeeK69INrxbW+ippM7+ue5pLJXOUjrESzsVqM E+JFLXkQhXBaVj1R3ADHXREFJD47tXS9sT5PweJpIes1P+Heo1cmLV8kJE6HnGBp bFcV2MZio2ApeYFHux2zSa1qLcNkivTQyAlXHmGcJNN46P+FXjy2k4Y6PmGGUbdo ATyKmFV8AEukAjZ7aISEpIx+haP/U6/b0LhDb8+F/Ab+rrq+p1WTyZjH3jLm1fm5 sLapbruAhjULqxbrCqb7YoxqJ9W+C/apFO1pO0cNeLFDc/hCPA== -----END CERTIFICATE-----Generated at Mon Dec 15 15:29:39 2025 by rpki-client