This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/288fb7c1-6c49-475a-9dd0-2637b4e09492.roa File: 288fb7c1-6c49-475a-9dd0-2637b4e09492.roa (raw, json) Hash identifier: iDPa7CvH+vdeigTAQFkA64UdL8tLCmlokEP0668h1t8= Subject key identifier: B7:83:6A:7C:F8:9A:DE:62:85:2B:27:12:C1:2A:47:BF:EE:53:99:70 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 4F70DD2EF9875A85777064F83912D4FBCC3DBC5C Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/288fb7c1-6c49-475a-9dd0-2637b4e09492.roa Signing time: Wed 10 Dec 2025 05:50:39 +0000 ROA not before: Wed 10 Dec 2025 05:50:39 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d01e:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:70:dd:2e:f9:87:5a:85:77:70:64:f8:39:12:d4:fb:cc:3d:bc:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:50:39 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=02de4ab62ffba2d137411559a20924472500bdfb1ac65b92331c0a32d95a7ed6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:7b:d7:0b:de:e4:06:11:f3:4f:45:09:f2:fa: 68:f5:f8:21:60:e9:4b:9a:92:a4:1b:19:9a:8e:bc: 08:bb:03:a7:8f:46:9b:d8:e0:f7:66:d8:5e:64:8d: ec:33:08:c0:07:86:ed:f2:52:fb:95:8e:02:65:d8: 17:8f:95:05:74:f0:fc:f8:46:7c:8c:a5:23:1d:16: ba:43:0e:79:7f:09:36:f1:47:6a:d2:8c:10:01:14: 1d:45:29:cc:e0:24:48:80:df:f3:a8:4c:1a:6d:ac: 2b:3c:89:10:10:07:c7:2e:2a:c1:72:ab:9d:7c:66: 6d:8c:b7:65:88:17:b1:fc:2a:e3:a6:8b:b5:64:81: 9d:01:ef:e3:42:e0:08:b2:02:27:61:1e:87:fc:d3: 8c:30:37:a4:13:db:de:c6:84:db:d0:7a:cf:cd:43: 7f:45:42:f4:eb:0b:9a:20:e6:48:ec:bb:fb:92:05: 34:6b:e4:d5:25:05:31:32:6e:cf:e1:5b:1e:4a:0d: 4f:ab:64:79:f9:6a:d2:60:92:70:c1:40:3d:39:85: 00:60:d1:a6:d2:22:bd:c5:ac:cd:3f:ff:5f:09:c3: a6:92:3d:cb:ab:22:f6:26:54:f7:ac:69:ae:e6:2f: 59:cb:c1:45:a6:64:61:f3:14:9e:56:01:fc:fd:6c: bc:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:83:6A:7C:F8:9A:DE:62:85:2B:27:12:C1:2A:47:BF:EE:53:99:70 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/288fb7c1-6c49-475a-9dd0-2637b4e09492.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d01e:400::/38 Signature Algorithm: sha256WithRSAEncryption 3a:02:64:96:de:c3:a5:5a:87:25:50:9d:58:c0:aa:50:33:4b: fd:da:b5:97:58:13:84:c5:ac:2e:dd:b4:71:bc:d7:ed:32:e8: 7b:81:e5:32:de:79:8b:bc:a7:42:2b:81:26:8f:94:83:ac:e4: 4c:0c:cd:da:d0:a6:a2:39:27:13:1f:32:93:fa:66:24:c2:11: ca:0f:06:d4:40:ed:dd:a5:5a:4d:b9:2c:62:3f:3e:b7:45:04: b1:20:70:73:c6:ac:82:a2:c4:82:b2:96:07:5d:39:0f:9d:e5: 49:de:33:3b:0f:31:ce:dc:ee:47:b6:ef:86:b2:f2:ef:f2:ed: 8b:f9:62:22:72:37:c9:fe:a7:ca:1d:2b:d9:24:08:59:2d:37: 5c:cc:c9:73:7e:12:6a:db:f3:0f:30:6a:de:e2:f7:5a:b7:4f: 68:ba:6a:82:ed:95:1f:73:d3:a6:7c:d4:fb:ce:66:31:0f:3e: 6f:7a:74:14:b3:bf:b2:28:e3:20:d8:99:b5:f1:84:36:10:36: b8:c9:77:d1:38:a5:75:95:48:a9:aa:eb:74:88:04:02:0f:af: e1:a0:bc:da:b4:41:da:eb:0b:12:23:af:ee:50:10:d2:8a:b0: 67:3e:70:b1:d5:17:f2:56:cd:9b:a4:2d:e1:3a:2c:f3:8e:08: 6b:a6:6e:3d -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUT3DdLvmHWoV3cGT4ORLU+8w9vFwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTUwMzlaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDAyZGU0YWI2MmZmYmEyZDEzNzQxMTU1OWEyMDkyNDQ3MjUwMGJkZmIxYWM2 NWI5MjMzMWMwYTMyZDk1YTdlZDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAId71wve5AYR809FCfL6aPX4IWDpS5qSpBsZmo68CLsDp49Gm9jg92bYXmSN 7DMIwAeG7fJS+5WOAmXYF4+VBXTw/PhGfIylIx0WukMOeX8JNvFHatKMEAEUHUUp zOAkSIDf86hMGm2sKzyJEBAHxy4qwXKrnXxmbYy3ZYgXsfwq46aLtWSBnQHv40Lg CLICJ2Eeh/zTjDA3pBPb3saE29B6z81Df0VC9OsLmiDmSOy7+5IFNGvk1SUFMTJu z+FbHkoNT6tkeflq0mCScMFAPTmFAGDRptIivcWszT//XwnDppI9y6si9iZU96xp ruYvWcvBRaZkYfMUnlYB/P1svOMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS3g2p8 +JreYoUrJxLBKke/7lOZcDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Mjg4ZmI3YzEtNmM0OS00NzVhLTlkZDAtMjYzN2I0ZTA5NDkyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4E MA0GCSqGSIb3DQEBCwUAA4IBAQA6AmSW3sOlWoclUJ1YwKpQM0v92rWXWBOExawu 3bRxvNftMuh7geUy3nmLvKdCK4Emj5SDrORMDM3a0KaiOScTHzKT+mYkwhHKDwbU QO3dpVpNuSxiPz63RQSxIHBzxqyCosSCspYHXTkPneVJ3jM7DzHO3O5Htu+GsvLv 8u2L+WIicjfJ/qfKHSvZJAhZLTdczMlzfhJq2/MPMGre4vdat09oumqC7ZUfc9Om fNT7zmYxDz5venQUs7+yKOMg2Jm18YQ2EDa4yXfROKV1lUipqut0iAQCD6/hoLza tEHa6wsSI6/uUBDSirBnPnCx1RfyVs2bpC3hOizzjghrpm49 -----END CERTIFICATE-----Generated at Tue Dec 16 00:29:53 2025 by rpki-client