This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/41abc6c7-a6fb-4666-b503-a8a0784797a1.roa File: 41abc6c7-a6fb-4666-b503-a8a0784797a1.roa (raw, json) Hash identifier: G+/9mszfQl0JQVkUZWiXhmunDx4ZPGfFVClGDxGMTzk= Subject key identifier: 0D:26:4E:03:57:A0:B9:67:1D:F8:9A:CF:D9:D2:CE:8A:99:B8:3B:CF Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 47B17DA771C7FABFAC4E116E8DFA5DF8F2F099E6 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/41abc6c7-a6fb-4666-b503-a8a0784797a1.roa Signing time: Sat 15 Nov 2025 06:30:49 +0000 ROA not before: Sat 15 Nov 2025 06:30:49 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:b1:7d:a7:71:c7:fa:bf:ac:4e:11:6e:8d:fa:5d:f8:f2:f0:99:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:30:49 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=215ea99987a2c19e32321152aa6686037ed78a351c21ab125b49817eb624101f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:4e:54:13:8a:e4:48:ed:1c:21:5e:08:72:13: 41:37:d3:97:09:f6:fd:a3:cb:28:e0:6a:21:0a:f0: 09:8f:64:88:88:69:b7:2c:49:97:e8:92:7d:0d:cd: 6e:7a:e4:aa:27:0d:e4:9e:86:42:0d:55:c6:97:2d: a5:c5:16:e4:59:f6:d3:68:e1:9c:5e:f5:1c:38:4c: 1e:85:34:92:0e:d2:9b:a2:b9:6f:61:c0:d0:ad:ff: b3:49:ba:1d:ef:29:01:32:dd:a3:1e:6a:99:55:dd: 53:0e:f0:97:cb:f9:be:1f:74:d0:1f:86:da:4f:8c: 6d:ff:8d:79:70:25:d7:0b:a1:b8:f4:a8:0e:15:19: fa:42:54:09:7a:a8:c2:35:e8:c6:c4:92:b1:ad:70: 8c:90:c7:d1:a6:ef:8b:8e:bb:6d:d8:02:1b:b2:65: 90:3c:29:dd:7c:99:7d:8d:6d:01:17:55:d5:c3:98: 50:99:90:c5:be:a2:80:20:85:ae:7c:97:c3:c4:e7: f9:72:10:e3:cc:b9:cd:45:81:f7:4c:23:ca:8e:07: ac:e8:40:50:d9:e1:0e:5a:64:2b:ae:78:b6:3c:45: 97:b6:17:e9:15:38:0a:6c:a3:1a:7c:dc:77:46:5f: 78:df:1f:5c:2e:0d:7e:31:63:b8:bd:28:80:0f:bb: 8c:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:26:4E:03:57:A0:B9:67:1D:F8:9A:CF:D9:D2:CE:8A:99:B8:3B:CF X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/41abc6c7-a6fb-4666-b503-a8a0784797a1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:8000::/40 Signature Algorithm: sha256WithRSAEncryption 90:df:97:a8:c6:86:7e:8d:a3:cf:d9:e1:72:6e:2d:bd:05:de: 29:1f:36:51:c9:c9:ec:6e:06:23:af:f5:2c:d8:92:d9:5b:7d: 19:e6:36:62:25:76:32:67:dc:6d:14:bc:82:71:56:6e:d3:5f: 88:1c:42:f7:15:aa:f2:17:0d:4f:55:ab:53:87:16:72:7e:83: 8a:d1:0b:2d:af:72:dd:d8:66:90:12:bc:e4:37:fb:4a:7f:49: 8a:11:72:9d:4e:a9:c3:0d:25:50:e3:94:86:9d:33:ea:d7:12: 30:61:1b:cc:10:53:5a:29:cb:1f:dd:84:45:da:13:93:1d:47: b7:61:22:48:28:1a:9d:2e:10:7b:6d:97:31:59:8e:76:d3:f1: 30:14:b3:6e:38:07:ea:d2:a6:ce:f5:e2:75:f7:52:2a:71:28: dc:b6:06:b2:ce:a1:20:b2:fc:8e:f6:ba:de:56:14:f6:33:50: 18:8c:54:17:6b:f7:99:21:61:e1:75:26:29:af:73:9f:83:6e: 69:e3:d2:3b:47:84:28:dd:fd:7b:a0:98:35:2c:45:3e:77:00: d0:4f:f0:b1:fc:8a:30:c8:d6:e1:d4:73:b1:27:18:fd:c0:b6: d1:b7:ab:27:30:c4:9f:47:4c:4d:82:40:dd:3e:a4:db:03:98: 04:dd:1e:f0 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUR7F9p3HH+r+sThFujfpd+PLwmeYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjMwNDlaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDIxNWVhOTk5ODdhMmMxOWUzMjMyMTE1MmFhNjY4NjAzN2VkNzhhMzUxYzIx YWIxMjViNDk4MTdlYjYyNDEwMWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJhOVBOK5EjtHCFeCHITQTfTlwn2/aPLKOBqIQrwCY9kiIhptyxJl+iSfQ3N bnrkqicN5J6GQg1VxpctpcUW5Fn202jhnF71HDhMHoU0kg7Sm6K5b2HA0K3/s0m6 He8pATLdox5qmVXdUw7wl8v5vh900B+G2k+Mbf+NeXAl1wuhuPSoDhUZ+kJUCXqo wjXoxsSSsa1wjJDH0abvi467bdgCG7JlkDwp3XyZfY1tARdV1cOYUJmQxb6igCCF rnyXw8Tn+XIQ48y5zUWB90wjyo4HrOhAUNnhDlpkK654tjxFl7YX6RU4CmyjGnzc d0ZfeN8fXC4NfjFjuL0ogA+7jHcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQNJk4D V6C5Zx34ms/Z0s6Kmbg7zzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NDFhYmM2YzctYTZmYi00NjY2LWI1MDMtYThhMDc4NDc5N2ExLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ACA MA0GCSqGSIb3DQEBCwUAA4IBAQCQ35eoxoZ+jaPP2eFybi29Bd4pHzZRycnsbgYj r/Us2JLZW30Z5jZiJXYyZ9xtFLyCcVZu01+IHEL3FaryFw1PVatThxZyfoOK0Qst r3Ld2GaQErzkN/tKf0mKEXKdTqnDDSVQ45SGnTPq1xIwYRvMEFNaKcsf3YRF2hOT HUe3YSJIKBqdLhB7bZcxWY520/EwFLNuOAfq0qbO9eJ191IqcSjctgayzqEgsvyO 9rreVhT2M1AYjFQXa/eZIWHhdSYpr3Ofg25p49I7R4Qo3f17oJg1LEU+dwDQT/Cx /IowyNbh1HOxJxj9wLbRt6snMMSfR0xNgkDdPqTbA5gE3R7w -----END CERTIFICATE-----Generated at Sat Dec 6 09:51:07 2025 by rpki-client