This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa File: 2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa (raw, json) Hash identifier: rgQ6BusoExygka6rTT3ShjmbwnXalImtbpFrzE/JlO0= Subject key identifier: D9:C6:6D:37:BD:B2:FF:B4:9A:AF:CB:3E:1A:C6:80:E8:30:EC:97:AE Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5ED685778A7EDC5F318C302E2977015313A645A1 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa Signing time: Sat 15 Nov 2025 05:50:31 +0000 ROA not before: Sat 15 Nov 2025 05:50:31 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:6000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:d6:85:77:8a:7e:dc:5f:31:8c:30:2e:29:77:01:53:13:a6:45:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:50:31 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=535a5f9087ac06df15e818747a99f38ea8e94f4db7b2f5d79eda46ec530ad34d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:20:90:0b:29:55:62:d0:f5:70:b1:24:23:34: 86:b4:b2:c4:93:7e:ac:c3:5f:98:17:0b:4d:1d:48: 89:b8:ee:e9:95:fb:3d:66:06:5b:68:9f:9f:f0:19: f9:bb:fc:00:57:38:e5:11:c0:72:64:a6:17:3b:26: b5:e9:7c:32:a8:87:86:71:5a:d3:9b:93:a0:2c:20: 51:dd:02:79:66:ef:e3:d3:eb:78:f6:00:1b:a7:87: 4c:9a:b6:77:c0:0e:90:4e:99:e8:46:ce:a5:b5:9a: 8d:59:00:e7:40:95:61:29:96:ef:65:ed:ff:1b:b7: 9b:a6:59:ab:c4:2a:0d:06:e4:fc:34:2c:2a:c5:8a: ec:0f:35:ab:39:7d:b9:88:da:b0:f2:e7:8d:7f:09: c0:a0:40:87:56:90:9c:d2:a5:1b:01:29:03:e6:86: d6:1d:8d:4b:94:6d:3c:80:4b:0c:e9:4d:dc:c2:a8: dd:de:e5:89:c3:7f:ea:62:4e:65:6d:49:48:01:2f: 36:bf:2a:42:4b:8d:d4:30:77:f0:33:1a:75:51:58: e5:be:b6:f6:8f:92:c7:11:d6:bc:e6:3a:97:26:87: 9a:32:2c:a8:13:39:7d:39:79:0e:b1:e4:a2:59:13: cb:dc:8f:c4:b9:28:c8:68:7e:8e:68:09:23:83:00: 79:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:C6:6D:37:BD:B2:FF:B4:9A:AF:CB:3E:1A:C6:80:E8:30:EC:97:AE X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:6000::/40 Signature Algorithm: sha256WithRSAEncryption 23:b7:1d:10:3f:fc:5e:39:43:e5:09:5b:0b:97:91:63:06:7b: 2b:21:f1:0e:cd:4d:4a:0b:58:a3:bf:d9:e4:ca:b3:57:98:3d: d2:56:7c:3b:b1:0f:dd:48:69:d6:23:b7:c5:fc:28:b5:20:fe: f2:7d:21:fc:71:b9:12:77:41:32:45:9b:f5:a0:de:0a:64:39: d2:5e:b9:29:43:5d:35:2c:54:37:d0:07:01:50:f0:15:f7:a3: 3f:d4:07:5d:77:07:06:67:68:e2:d4:80:7b:dc:24:3b:ce:b5: 72:5f:38:5d:8f:90:c3:f7:36:31:ee:e9:fe:5f:60:8e:79:1c: 62:e2:be:27:68:de:22:3a:b8:ca:d7:d0:ee:6b:8a:4d:1e:55: a6:6b:90:95:b5:68:75:ea:8a:75:4d:b9:a4:d4:5f:45:da:b6: f6:d8:0b:35:61:22:f6:eb:8c:44:fb:fc:c6:fe:52:59:5e:b5: 65:0a:62:9f:83:18:90:b6:54:69:c1:9b:2b:2f:e4:e4:a2:a6: c2:c9:eb:c1:f2:eb:37:59:ec:3b:0d:e2:99:09:9b:9e:dd:de: 88:14:3e:ad:53:06:3c:69:80:57:9b:c7:48:1c:a7:92:88:08: 95:3c:52:03:7d:dd:3b:8a:9a:3b:36:4e:c6:c5:07:5d:8c:5a: 85:98:3c:e9 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUXtaFd4p+3F8xjDAuKXcBUxOmRaEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTUwMzFaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDUzNWE1ZjkwODdhYzA2ZGYxNWU4MTg3NDdhOTlmMzhlYThlOTRmNGRiN2Iy ZjVkNzllZGE0NmVjNTMwYWQzNGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN8gkAspVWLQ9XCxJCM0hrSyxJN+rMNfmBcLTR1Iibju6ZX7PWYGW2ifn/AZ +bv8AFc45RHAcmSmFzsmtel8MqiHhnFa05uToCwgUd0CeWbv49PrePYAG6eHTJq2 d8AOkE6Z6EbOpbWajVkA50CVYSmW72Xt/xu3m6ZZq8QqDQbk/DQsKsWK7A81qzl9 uYjasPLnjX8JwKBAh1aQnNKlGwEpA+aG1h2NS5RtPIBLDOlN3MKo3d7licN/6mJO ZW1JSAEvNr8qQkuN1DB38DMadVFY5b629o+SxxHWvOY6lyaHmjIsqBM5fTl5DrHk olkTy9yPxLkoyGh+jmgJI4MAed0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTZxm03 vbL/tJqvyz4axoDoMOyXrjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MmIwZGUxMmEtZWMxZC00NjViLThmMzgtNjhhMmRkNmExOWRmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ABg MA0GCSqGSIb3DQEBCwUAA4IBAQAjtx0QP/xeOUPlCVsLl5FjBnsrIfEOzU1KC1ij v9nkyrNXmD3SVnw7sQ/dSGnWI7fF/Ci1IP7yfSH8cbkSd0EyRZv1oN4KZDnSXrkp Q101LFQ30AcBUPAV96M/1AdddwcGZ2ji1IB73CQ7zrVyXzhdj5DD9zYx7un+X2CO eRxi4r4naN4iOrjK19Dua4pNHlWma5CVtWh16op1Tbmk1F9F2rb22As1YSL264xE +/zG/lJZXrVlCmKfgxiQtlRpwZsrL+TkoqbCyevB8us3Wew7DeKZCZue3d6IFD6t UwY8aYBXm8dIHKeSiAiVPFIDfd07ipo7Nk7GxQddjFqFmDzp -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:22 2025 by rpki-client