This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa File: 35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa (raw, json) Hash identifier: gpFYq8GdcSwVoUpzK+74ehV4FqecREisvR/ta82JyKs= Subject key identifier: EE:8E:41:75:9E:2B:D0:01:0E:79:0C:2D:01:BE:55:68:B8:E6:57:DA Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 591BE588EDEBA0B09B30DF3E98FD1626ECFB44F1 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa Signing time: Sat 15 Nov 2025 05:20:13 +0000 ROA not before: Sat 15 Nov 2025 05:20:13 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2a05:d059:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:1b:e5:88:ed:eb:a0:b0:9b:30:df:3e:98:fd:16:26:ec:fb:44:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:20:13 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=6ca2185f99e65271e616cd6fbdf2b77a900bfc1feeb6787a37240122c6668a87, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:96:63:84:e8:53:2b:b3:3e:c7:b3:6f:f8:c5: 32:ad:5f:49:a9:9f:f1:5e:52:1d:c4:52:5a:06:f2: 5d:4e:ae:7f:ec:30:54:4c:5d:1d:04:e6:79:5b:ed: 57:f6:69:ac:c9:65:b7:15:48:fb:65:26:50:86:b2: 40:7d:fe:9b:a2:e1:ea:b5:4e:2a:81:1a:4d:39:c7: 8a:08:15:31:50:1d:45:3b:d6:df:8d:79:97:bd:c2: c1:c5:09:db:06:16:42:67:45:3c:61:37:a2:97:e4: be:bb:3b:bf:f6:5c:a6:95:a0:d9:03:5c:6e:d3:47: 23:d4:69:3f:11:81:e3:ff:de:7d:8e:fe:ec:62:0a: 51:7b:1a:d3:2d:06:03:26:a3:c4:4c:c8:02:35:7d: dc:00:1d:64:1e:01:48:3d:e9:03:9e:a8:f1:d5:ef: 2c:37:4c:1b:a1:e4:b7:e4:16:c1:61:5d:62:87:24: 2b:02:f1:4b:aa:11:44:bd:98:48:2b:1a:42:cc:36: 20:90:d3:8d:86:5d:e5:61:78:02:dd:2e:b1:55:32: a5:0a:7b:b5:36:04:25:ca:5b:3e:ac:a0:77:19:40: 0b:90:ca:28:06:93:59:a6:ac:72:45:71:2d:d1:5b: 0e:2d:ed:7d:75:e2:38:19:11:f0:51:14:85:c4:c8: 62:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:8E:41:75:9E:2B:D0:01:0E:79:0C:2D:01:BE:55:68:B8:E6:57:DA X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d059:2000::/40 Signature Algorithm: sha256WithRSAEncryption a8:21:5c:84:dc:88:34:36:90:91:0c:1a:43:7b:a8:dc:a2:46: d6:c9:fe:b4:3b:37:f5:93:24:8f:88:7a:be:bf:00:c6:3b:af: 2f:68:80:01:9b:af:c9:da:f1:48:aa:a5:cc:32:27:31:e5:cc: 57:f5:d9:87:c1:ed:5a:b4:d8:2e:90:41:5b:c2:33:84:51:a4: ee:29:aa:33:b6:bf:65:e4:b3:d4:26:44:2e:89:c1:0b:ed:b5: 3d:17:f2:ea:99:ab:11:f4:92:26:09:a8:b0:7e:ae:5e:b2:ea: 59:fb:f7:00:30:36:17:d4:6f:d5:20:2e:53:b7:ea:6a:fe:ef: 37:32:bb:38:c3:cc:ed:85:e4:f0:97:d1:53:60:94:70:a8:7f: 67:73:08:bc:2a:7d:5a:58:ec:16:5d:91:b7:19:2b:2b:a8:a6: 34:84:bf:b1:2e:2b:66:9c:67:5d:90:e3:28:ff:d5:b6:34:2b: 37:9d:c3:c4:5f:a8:21:7b:f1:a1:1b:32:5c:93:58:13:19:69: ea:f4:22:eb:2b:47:c1:83:d4:f0:a6:5c:55:64:2e:2c:80:50: 63:0b:b2:07:56:59:cb:a5:d2:d0:1d:78:75:27:7b:a0:57:13: 18:33:66:f4:c7:83:67:cd:af:1f:b5:29:bf:34:bd:aa:c7:55: 0d:71:ef:7e -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUWRvliO3roLCbMN8+mP0WJuz7RPEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTIwMTNaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDZjYTIxODVmOTllNjUyNzFlNjE2Y2Q2ZmJkZjJiNzdhOTAwYmZjMWZlZWI2 Nzg3YTM3MjQwMTIyYzY2NjhhODcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALKWY4ToUyuzPsezb/jFMq1fSamf8V5SHcRSWgbyXU6uf+wwVExdHQTmeVvt V/ZprMlltxVI+2UmUIayQH3+m6Lh6rVOKoEaTTnHiggVMVAdRTvW3415l73CwcUJ 2wYWQmdFPGE3opfkvrs7v/ZcppWg2QNcbtNHI9RpPxGB4//efY7+7GIKUXsa0y0G AyajxEzIAjV93AAdZB4BSD3pA56o8dXvLDdMG6Hkt+QWwWFdYockKwLxS6oRRL2Y SCsaQsw2IJDTjYZd5WF4At0usVUypQp7tTYEJcpbPqygdxlAC5DKKAaTWaasckVx LdFbDi3tfXXiOBkR8FEUhcTIYq8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTujkF1 nivQAQ55DC0BvlVouOZX2jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MzVhODcxN2MtZWNmNi00Y2Y3LWE3M2MtZjU2NmY3ODg0YTE2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fkg MA0GCSqGSIb3DQEBCwUAA4IBAQCoIVyE3Ig0NpCRDBpDe6jcokbWyf60Ozf1kySP iHq+vwDGO68vaIABm6/J2vFIqqXMMicx5cxX9dmHwe1atNgukEFbwjOEUaTuKaoz tr9l5LPUJkQuicEL7bU9F/LqmasR9JImCaiwfq5esupZ+/cAMDYX1G/VIC5Tt+pq /u83Mrs4w8ztheTwl9FTYJRwqH9ncwi8Kn1aWOwWXZG3GSsrqKY0hL+xLitmnGdd kOMo/9W2NCs3ncPEX6ghe/GhGzJck1gTGWnq9CLrK0fBg9TwplxVZC4sgFBjC7IH VlnLpdLQHXh1J3ugVxMYM2b0x4Nnza8ftSm/NL2qx1UNce9+ -----END CERTIFICATE-----Generated at Sat Dec 6 22:33:43 2025 by rpki-client