This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa File: 21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa (raw, json) Hash identifier: Xe1wVOHXpLOOQAAiEDaD7YRPazzoSmCNyH1ZwDT5FQc= Subject key identifier: 4B:15:3F:42:D8:88:1F:F5:71:97:E5:64:58:B7:4E:E6:CF:D8:95:F2 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 6C04ED3C5D6029E1824B119CB615256AA5D993E6 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa Signing time: Sat 15 Nov 2025 06:10:43 +0000 ROA not before: Sat 15 Nov 2025 06:10:43 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d034:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:04:ed:3c:5d:60:29:e1:82:4b:11:9c:b6:15:25:6a:a5:d9:93:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:10:43 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=98541f3aca482e65defb8650c20012554f71aab45b74c2e200f7dcbf7e90ccb4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:4e:8c:04:c2:1c:9c:5a:30:2d:6b:39:bf:4c: 14:af:6e:5d:89:01:d6:4d:72:05:7f:06:3e:7f:66: d5:b5:1c:03:6c:ad:33:18:a1:ba:0b:8c:0a:6d:4c: 83:e4:de:56:2a:af:40:43:06:66:12:68:fe:42:74: f5:40:c9:58:fc:56:cb:02:5a:15:19:b2:8b:5f:53: 20:3f:33:8c:b3:fd:5c:ab:bf:66:ab:f2:84:69:0e: 5e:f7:7b:eb:92:53:83:a8:42:c6:c9:72:b8:78:a5: a0:11:1b:04:24:58:52:7c:07:aa:81:d0:b6:32:32: cc:45:c0:2c:1b:2f:b1:89:92:2c:bf:1b:40:74:cc: 9c:29:1c:89:94:3b:cf:f4:a4:a6:0a:a1:b5:64:28: b2:40:3b:f7:0e:a3:aa:92:ed:c4:86:dd:4a:78:92: d1:5a:7e:ed:b6:7f:13:c7:74:16:bc:aa:b1:cb:54: 6f:bb:e8:0c:b7:99:f1:1b:bc:16:64:0e:b8:60:53: 44:46:36:37:71:93:bc:63:43:7d:32:ce:d3:55:5b: 2f:f7:66:e3:6b:fd:f1:3b:10:ac:b4:99:47:5a:99: 85:3b:d6:9e:42:12:5a:68:9e:49:1e:2f:0c:5e:e7: bf:64:8e:0a:14:9e:98:86:5a:20:a5:1c:12:0c:83: 7b:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:15:3F:42:D8:88:1F:F5:71:97:E5:64:58:B7:4E:E6:CF:D8:95:F2 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d034:4000::/40 Signature Algorithm: sha256WithRSAEncryption c8:62:e7:62:14:44:e9:fc:a9:00:1e:40:9e:6c:db:51:18:3a: e0:fa:28:ce:9e:72:be:25:39:92:9b:ed:0d:90:88:de:af:cf: 17:3f:30:e0:c3:37:09:34:87:63:4c:b9:05:c5:03:e9:07:6d: c5:1b:29:e7:ac:4a:0f:e0:9a:6f:15:f9:d4:05:0f:5f:1d:de: 76:a7:7f:e6:a4:44:6b:34:c3:07:1d:e9:6f:34:57:0b:84:7f: b6:33:4c:df:e4:e4:39:2e:56:4d:9b:bd:c0:6f:38:72:74:7d: 2d:b2:ec:fb:3a:11:0b:af:0a:04:47:f0:2c:fc:c7:16:34:de: a6:8d:16:c5:d2:ae:02:4b:54:32:ff:13:ef:f6:37:51:18:dc: 01:0c:ad:54:c5:4c:47:3a:4d:3f:68:24:36:d7:81:49:83:31: 06:21:24:bd:f3:0d:09:ac:fd:4e:af:a5:0d:06:ab:78:f3:03: 9f:70:89:2a:a3:c7:11:33:d6:25:10:c0:48:dc:23:59:84:57: 02:2e:0d:08:3b:e0:1f:af:6f:7f:41:9a:38:f2:fe:3f:da:6c: 40:b5:3f:7c:99:e3:af:53:90:fb:43:7b:aa:59:66:67:b1:64: c7:6c:ed:52:44:cf:70:e8:04:f3:cb:c4:c3:4f:8d:b7:86:55: cd:ae:ba:d5 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUbATtPF1gKeGCSxGcthUlaqXZk+YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjEwNDNaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDk4NTQxZjNhY2E0ODJlNjVkZWZiODY1MGMyMDAxMjU1NGY3MWFhYjQ1Yjc0 YzJlMjAwZjdkY2JmN2U5MGNjYjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJZOjATCHJxaMC1rOb9MFK9uXYkB1k1yBX8GPn9m1bUcA2ytMxihuguMCm1M g+TeViqvQEMGZhJo/kJ09UDJWPxWywJaFRmyi19TID8zjLP9XKu/ZqvyhGkOXvd7 65JTg6hCxslyuHiloBEbBCRYUnwHqoHQtjIyzEXALBsvsYmSLL8bQHTMnCkciZQ7 z/SkpgqhtWQoskA79w6jqpLtxIbdSniS0Vp+7bZ/E8d0FryqsctUb7voDLeZ8Ru8 FmQOuGBTREY2N3GTvGNDfTLO01VbL/dm42v98TsQrLSZR1qZhTvWnkISWmieSR4v DF7nv2SOChSemIZaIKUcEgyDe3ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRLFT9C 2Igf9XGX5WRYt07mz9iV8jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MjFlMmY1YzgtZTAxMi00NGQwLWE2ZjItYzRhMDY1YjNiOTU0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DRA MA0GCSqGSIb3DQEBCwUAA4IBAQDIYudiFETp/KkAHkCebNtRGDrg+ijOnnK+JTmS m+0NkIjer88XPzDgwzcJNIdjTLkFxQPpB23FGynnrEoP4JpvFfnUBQ9fHd52p3/m pERrNMMHHelvNFcLhH+2M0zf5OQ5LlZNm73AbzhydH0tsuz7OhELrwoER/As/McW NN6mjRbF0q4CS1Qy/xPv9jdRGNwBDK1UxUxHOk0/aCQ214FJgzEGISS98w0JrP1O r6UNBqt48wOfcIkqo8cRM9YlEMBI3CNZhFcCLg0IO+Afr29/QZo48v4/2mxAtT98 meOvU5D7Q3uqWWZnsWTHbO1SRM9w6ATzy8TDT423hlXNrrrV -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:54 2025 by rpki-client