This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c7c4703-2876-4e04-b857-8c0298bd0897.roa File: 3c7c4703-2876-4e04-b857-8c0298bd0897.roa (raw, json) Hash identifier: 8WGl+YaZJ8EqlmCa9uVYxFIwZKLwDzzcxGn/0yC2+C0= Subject key identifier: D0:A1:64:FA:18:7D:62:C2:C9:BA:0E:1D:B5:1F:77:63:CC:7A:28:F1 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 19EAE394C93BDA9511E27DB288E9B22A0F1DAD45 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c7c4703-2876-4e04-b857-8c0298bd0897.roa Signing time: Sat 15 Nov 2025 05:41:03 +0000 ROA not before: Sat 15 Nov 2025 05:41:03 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:b000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:ea:e3:94:c9:3b:da:95:11:e2:7d:b2:88:e9:b2:2a:0f:1d:ad:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:41:03 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=8d81330d5e4738c2eb59340410e207b39cb6bda476a2babeb5c3598ecd9db09d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:67:84:f0:e3:79:b2:07:f5:f6:af:b7:6b:a3: d9:09:84:3b:d7:09:24:77:95:5f:2e:b2:30:ad:e9: 25:24:2c:7a:b2:e9:91:cd:82:0b:0c:c6:77:e4:6e: 2f:f5:50:f8:95:14:8b:f1:c6:ee:aa:62:fc:bd:4f: 5a:72:4e:64:ff:40:64:65:0a:eb:b5:af:3c:ac:ef: 2f:25:15:ec:ba:5b:35:1e:fb:62:02:67:0c:28:b0: 2c:03:9d:03:f5:0d:a4:e7:09:4b:65:8d:76:c7:0b: bf:f4:83:9e:ce:ed:ba:49:81:ce:99:75:9b:80:61: 42:b3:c0:bd:b9:4e:6a:63:1c:74:00:f2:21:16:40: ce:d3:09:39:06:4d:a0:da:98:af:47:37:44:85:35: 96:83:15:45:9d:27:4a:20:ce:61:2f:7b:3f:59:09: 88:bd:51:50:f2:90:60:f4:cd:21:23:3b:3b:6e:a5: 14:08:0c:43:4d:65:8f:f8:75:ef:f5:cb:f3:20:0d: bd:38:ee:69:2f:1f:7f:eb:fb:eb:7a:b5:ec:16:9a: e7:88:ec:a8:e0:7c:88:e2:9c:ca:3b:e5:f0:4e:0b: 6b:25:6f:54:39:15:b2:f0:0f:c6:2f:25:9e:7d:f4: f8:49:f0:fb:c4:4d:15:16:ac:82:9f:5a:68:33:27: 52:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:A1:64:FA:18:7D:62:C2:C9:BA:0E:1D:B5:1F:77:63:CC:7A:28:F1 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c7c4703-2876-4e04-b857-8c0298bd0897.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:b000::/40 Signature Algorithm: sha256WithRSAEncryption 2b:8c:69:ec:50:ce:ff:6c:b9:9f:af:b3:2d:eb:91:51:72:c3: b9:0c:ee:24:3a:89:2d:10:f7:17:2d:0c:b4:3b:61:0d:04:61: 95:ed:fa:0e:f7:72:60:9a:9f:6c:f6:9a:83:45:c3:e3:f8:db: d5:2f:cf:45:90:6b:c9:ea:b9:87:f8:2e:c8:e6:08:96:0c:f2: c9:94:eb:d9:98:d4:23:89:cf:1e:dd:34:91:0d:63:d9:20:b4: d3:d3:ce:4d:99:28:6d:a3:af:8c:35:58:5e:3e:7f:ea:4e:4a: 7c:7c:52:c7:7f:7a:e5:3d:ee:4c:32:28:df:3b:ce:5e:68:1c: 16:aa:10:71:9b:b9:1f:bf:ed:60:60:7a:dd:96:60:04:e9:c3: 10:f7:ce:d0:5e:15:9b:b5:94:18:07:9c:36:8d:b5:0a:f2:1c: ac:8f:99:d6:49:6e:86:cf:de:6a:a5:36:67:e2:18:b7:de:2f: 1d:5b:48:e6:5b:84:1e:10:77:a2:c6:34:61:44:5d:c3:fb:2a: c9:45:fb:d7:b5:34:85:2d:04:59:8d:3d:29:cb:dc:46:ef:50: 3c:8a:e2:cf:5e:7b:a1:71:54:c3:1a:b8:ad:4e:fc:9f:5f:5f: 6a:b8:70:a7:e3:98:1c:4f:5d:86:4b:c8:dd:2e:e1:ca:45:bd: 73:dc:91:72 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUGerjlMk72pUR4n2yiOmyKg8drUUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTQxMDNaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDhkODEzMzBkNWU0NzM4YzJlYjU5MzQwNDEwZTIwN2IzOWNiNmJkYTQ3NmEy YmFiZWI1YzM1OThlY2Q5ZGIwOWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALFnhPDjebIH9favt2uj2QmEO9cJJHeVXy6yMK3pJSQserLpkc2CCwzGd+Ru L/VQ+JUUi/HG7qpi/L1PWnJOZP9AZGUK67WvPKzvLyUV7LpbNR77YgJnDCiwLAOd A/UNpOcJS2WNdscLv/SDns7tukmBzpl1m4BhQrPAvblOamMcdADyIRZAztMJOQZN oNqYr0c3RIU1loMVRZ0nSiDOYS97P1kJiL1RUPKQYPTNISM7O26lFAgMQ01lj/h1 7/XL8yANvTjuaS8ff+v763q17Baa54jsqOB8iOKcyjvl8E4LayVvVDkVsvAPxi8l nn30+Enw+8RNFRasgp9aaDMnUhECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTQoWT6 GH1iwsm6Dh21H3djzHoo8TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv M2M3YzQ3MDMtMjg3Ni00ZTA0LWI4NTctOGMwMjk4YmQwODk3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+w MA0GCSqGSIb3DQEBCwUAA4IBAQArjGnsUM7/bLmfr7Mt65FRcsO5DO4kOoktEPcX LQy0O2ENBGGV7foO93Jgmp9s9pqDRcPj+NvVL89FkGvJ6rmH+C7I5giWDPLJlOvZ mNQjic8e3TSRDWPZILTT085NmShto6+MNVhePn/qTkp8fFLHf3rlPe5MMijfO85e aBwWqhBxm7kfv+1gYHrdlmAE6cMQ987QXhWbtZQYB5w2jbUK8hysj5nWSW6Gz95q pTZn4hi33i8dW0jmW4QeEHeixjRhRF3D+yrJRfvXtTSFLQRZjT0py9xG71A8iuLP XnuhcVTDGritTvyfX19quHCn45gcT12GS8jdLuHKRb1z3JFy -----END CERTIFICATE-----Generated at Sat Dec 6 12:41:41 2025 by rpki-client