This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa File: 3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa (raw, json) Hash identifier: tdfOyd+hBAT8HAXLpcjuGt3O6qAxqEPJZv6dOHLvvAI= Subject key identifier: 02:26:6D:62:95:95:8E:1C:D2:57:A1:D9:3E:E6:B9:D0:66:ED:EA:97 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2FDB85475EEADC078212F558AA5A24F0E33B8C2C Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa Signing time: Sat 15 Nov 2025 06:30:32 +0000 ROA not before: Sat 15 Nov 2025 06:30:32 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d016::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:db:85:47:5e:ea:dc:07:82:12:f5:58:aa:5a:24:f0:e3:3b:8c:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:30:32 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=11e04040a63a09a5653bcfad179c3cb7d55da03631e542d8db05866d6217b68b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:e1:06:5d:ec:d2:41:30:50:90:86:f1:59:1a: 1e:51:80:d7:48:d2:cf:16:47:d2:64:85:97:59:52: 2d:72:06:5c:7f:9e:79:1f:6a:2a:00:25:ed:99:82: 12:61:d8:bf:22:41:48:63:dd:43:8e:19:a1:d9:c6: ed:65:37:2c:13:0d:4a:f1:fc:5b:e7:14:69:e5:4e: 7a:ce:1c:1f:07:1d:c3:2e:3a:91:64:de:0c:bc:97: bd:b6:72:52:72:bd:d7:ce:8c:8d:79:e0:48:1c:e4: 64:63:7c:4c:c0:f9:2f:56:fb:7d:57:c4:02:e0:05: 80:11:42:37:1e:8e:95:ef:08:df:f0:a4:e3:e3:2a: 21:36:96:bc:c7:4e:fe:ca:a9:fb:45:f8:a0:4b:b1: 7c:cf:70:10:06:1e:74:3c:8d:23:52:7c:9e:1d:1f: a6:63:9c:99:c9:a0:00:4d:ff:f0:ed:d0:5a:37:af: 69:b5:3c:eb:1a:bf:9a:bd:4a:96:7a:87:d9:24:53: ba:6d:f7:ff:e3:c7:f2:a3:75:38:49:e0:c3:86:27: a6:22:82:ec:c0:f4:6b:9b:5b:a8:e5:ad:84:ae:40: c8:34:ce:67:04:1e:4f:cd:0f:83:4e:d1:6c:36:e4: e6:0b:6b:af:76:c2:44:fd:c0:5c:be:23:8e:59:43: df:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:26:6D:62:95:95:8E:1C:D2:57:A1:D9:3E:E6:B9:D0:66:ED:EA:97 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d016::/38 Signature Algorithm: sha256WithRSAEncryption 8d:b7:d5:44:74:88:be:16:3c:3f:4a:29:c3:e5:69:6b:e1:00: 1b:67:9a:16:4b:fb:a0:77:7a:db:91:1f:dd:42:ad:29:69:e4: d6:1e:c0:39:2f:91:b9:5b:db:38:62:e2:d8:e8:c6:58:7a:d9: 72:4e:20:f5:c0:f8:35:ea:08:34:52:27:bc:94:bc:f2:b8:aa: 69:a1:02:05:21:fc:41:e8:86:3c:bf:ae:35:9c:06:5d:8e:0b: dc:a7:fd:df:09:bf:8b:e9:d3:dc:f0:f3:f1:fb:40:b5:ab:90: 02:8f:08:bd:c2:43:cf:26:61:93:97:82:47:24:c7:d9:3b:c8: 18:fc:eb:19:11:fb:7a:b6:f9:24:67:b8:a2:f3:6d:fc:6e:c8: aa:eb:8f:a8:ab:29:9d:a8:18:88:79:5f:a7:25:15:5e:14:c8: f8:c4:c7:25:71:66:a4:5e:0a:11:be:e5:6f:51:85:26:f1:18: 23:9c:5d:86:96:bf:0b:85:c2:64:29:9e:7e:e3:15:11:76:fa: cc:ae:69:94:ca:01:bf:e9:0e:74:56:cd:2e:72:04:2e:d1:eb: 56:94:47:21:f7:3c:73:51:b6:a8:15:5f:ad:1e:1e:b3:6d:fc: dc:41:cf:42:e5:7f:ab:6a:85:3b:f5:4e:28:93:72:3e:78:43: f8:28:2a:0b -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUL9uFR17q3AeCEvVYqlok8OM7jCwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjMwMzJaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDExZTA0MDQwYTYzYTA5YTU2NTNiY2ZhZDE3OWMzY2I3ZDU1ZGEwMzYzMWU1 NDJkOGRiMDU4NjZkNjIxN2I2OGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL7hBl3s0kEwUJCG8VkaHlGA10jSzxZH0mSFl1lSLXIGXH+eeR9qKgAl7ZmC EmHYvyJBSGPdQ44ZodnG7WU3LBMNSvH8W+cUaeVOes4cHwcdwy46kWTeDLyXvbZy UnK9186MjXngSBzkZGN8TMD5L1b7fVfEAuAFgBFCNx6Ole8I3/Ck4+MqITaWvMdO /sqp+0X4oEuxfM9wEAYedDyNI1J8nh0fpmOcmcmgAE3/8O3QWjevabU86xq/mr1K lnqH2SRTum33/+PH8qN1OEngw4YnpiKC7MD0a5tbqOWthK5AyDTOZwQeT80Pg07R bDbk5gtrr3bCRP3AXL4jjllD3+0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQCJm1i lZWOHNJXodk+5rnQZu3qlzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv M2NmN2FlOWQtZDg2My00ZGIyLTk2MzUtZmI4NjQ3OWNmMDlhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BYA MA0GCSqGSIb3DQEBCwUAA4IBAQCNt9VEdIi+Fjw/SinD5Wlr4QAbZ5oWS/ugd3rb kR/dQq0paeTWHsA5L5G5W9s4YuLY6MZYetlyTiD1wPg16gg0Uie8lLzyuKppoQIF IfxB6IY8v641nAZdjgvcp/3fCb+L6dPc8PPx+0C1q5ACjwi9wkPPJmGTl4JHJMfZ O8gY/OsZEft6tvkkZ7ii8238bsiq64+oqymdqBiIeV+nJRVeFMj4xMclcWakXgoR vuVvUYUm8RgjnF2Glr8LhcJkKZ5+4xURdvrMrmmUygG/6Q50Vs0ucgQu0etWlEch 9zxzUbaoFV+tHh6zbfzcQc9C5X+raoU79U4ok3I+eEP4KCoL -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:30 2025 by rpki-client