This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/431d8e22-a384-419e-9218-32a80c0ce0e3.roa File: 431d8e22-a384-419e-9218-32a80c0ce0e3.roa (raw, json) Hash identifier: Y/TWYjzvWRWzn99Aq8h+ATU35vJLUO8QKuxnr1dQf84= Subject key identifier: 29:3F:20:2D:53:0F:0B:95:E5:A0:77:04:87:25:A0:7F:94:F8:4A:66 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 70ACFEF43DBAF01E3F414732208B50BCC6358F87 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/431d8e22-a384-419e-9218-32a80c0ce0e3.roa Signing time: Wed 12 Nov 2025 03:00:07 +0000 ROA not before: Wed 12 Nov 2025 03:00:07 +0000 ROA not after: Wed 17 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d076:e000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:ac:fe:f4:3d:ba:f0:1e:3f:41:47:32:20:8b:50:bc:c6:35:8f:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 12 03:00:07 2025 GMT Not After : Dec 17 23:59:59 2025 GMT Subject: serialNumber=e04fe7fa44887db06aa82b836281213ef27404f00060aa5133bccdfb038094a6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:2a:c8:f4:a5:6d:2c:1e:4d:5e:7f:20:9e:92: 08:1e:0f:3c:6e:f5:8d:94:c7:b4:19:7f:ee:5e:ea: 66:f1:d4:3d:51:b7:e5:ea:26:0c:ae:81:b2:b6:53: 6c:fb:94:8a:99:5e:d0:8d:97:04:6b:4c:52:23:76: 1a:95:bb:32:32:d3:f4:8b:b2:5e:a0:45:5c:66:e3: f1:b5:3c:3c:e7:c4:b9:eb:44:ca:ab:fe:84:da:8f: 92:3f:a1:24:c3:57:92:e1:87:d1:7a:96:ee:da:b8: ef:31:44:c2:cb:5d:0e:12:49:77:28:36:dd:84:34: db:78:0c:7d:98:31:bc:d3:69:1f:c1:cb:a0:80:c6: f2:0e:3f:bd:11:b2:e9:73:69:a6:7f:a9:50:a7:cc: 50:3c:ff:27:53:5c:11:bb:5a:be:4e:e6:f2:22:a0: 96:d1:d0:65:37:83:a0:5c:ae:25:46:33:e9:2d:e8: 9f:2f:ca:ae:4c:01:d3:7f:9d:54:97:e4:b6:3f:c6: 11:17:ab:68:a1:09:da:ce:76:33:3e:d8:78:c8:e4: a2:1d:8a:7f:c3:c5:02:37:9c:5b:e7:bd:bd:5d:fb: c6:1f:0e:f3:b7:0c:89:aa:03:e6:e9:a3:ab:f6:cb: 7d:be:e0:27:5a:de:83:18:27:3c:c0:db:0b:bf:ef: c0:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:3F:20:2D:53:0F:0B:95:E5:A0:77:04:87:25:A0:7F:94:F8:4A:66 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/431d8e22-a384-419e-9218-32a80c0ce0e3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d076:e000::/40 Signature Algorithm: sha256WithRSAEncryption 8b:47:9b:ad:f0:cd:b6:c1:d8:42:d9:eb:49:d8:e4:df:b9:65: 39:f8:4e:17:f1:53:fa:20:7a:ec:ce:78:2b:f1:2a:1a:c1:5c: 11:df:e5:51:2b:41:49:63:8a:cc:e1:e1:85:cf:d2:9d:eb:a1: dd:8b:42:7b:04:82:74:d0:84:ea:e7:42:5c:0a:8e:2d:01:b4: 1b:d4:33:c5:4e:2f:51:8d:e8:77:9b:9b:b0:16:9d:71:1f:f1: b5:85:29:ef:81:ef:bc:ed:09:72:38:44:d3:25:a8:c7:3c:8a: 50:cd:90:ea:67:85:9c:ee:73:e2:58:38:dd:b0:6f:94:c0:0a: 84:4c:42:67:56:da:c0:47:40:c3:11:b4:e6:ef:3f:08:45:ac: dc:f9:43:5c:d8:9d:dc:ec:a7:64:3e:a6:26:11:ec:ae:b2:9c: 80:07:41:6d:bf:44:a3:e6:85:cc:d3:07:12:b4:70:99:91:b0: 22:56:c8:2b:f9:63:99:6a:50:a1:b3:ca:36:db:0d:f1:59:c9: 6b:a5:66:0c:d2:08:c1:6c:a7:7b:48:27:f2:9a:33:e1:e8:06: 98:ee:26:64:25:91:69:7f:4b:40:05:24:8f:84:0a:c9:71:87: 08:d4:5e:e7:a2:f5:1b:a7:65:57:2e:a8:49:01:54:b0:04:4a: 8f:22:72:9b -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUcKz+9D268B4/QUcyIItQvMY1j4cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTIwMzAwMDdaFw0yNTEyMTcyMzU5NTlaMHoxSTBHBgNV BAUTQGUwNGZlN2ZhNDQ4ODdkYjA2YWE4MmI4MzYyODEyMTNlZjI3NDA0ZjAwMDYw YWE1MTMzYmNjZGZiMDM4MDk0YTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM0qyPSlbSweTV5/IJ6SCB4PPG71jZTHtBl/7l7qZvHUPVG35eomDK6BsrZT bPuUiple0I2XBGtMUiN2GpW7MjLT9IuyXqBFXGbj8bU8POfEuetEyqv+hNqPkj+h JMNXkuGH0XqW7tq47zFEwstdDhJJdyg23YQ023gMfZgxvNNpH8HLoIDG8g4/vRGy 6XNppn+pUKfMUDz/J1NcEbtavk7m8iKgltHQZTeDoFyuJUYz6S3ony/KrkwB03+d VJfktj/GEReraKEJ2s52Mz7YeMjkoh2Kf8PFAjecW+e9vV37xh8O87cMiaoD5umj q/bLfb7gJ1regxgnPMDbC7/vwP8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQpPyAt Uw8LleWgdwSHJaB/lPhKZjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NDMxZDhlMjItYTM4NC00MTllLTkyMTgtMzJhODBjMGNlMGUzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hbg MA0GCSqGSIb3DQEBCwUAA4IBAQCLR5ut8M22wdhC2etJ2OTfuWU5+E4X8VP6IHrs zngr8SoawVwR3+VRK0FJY4rM4eGFz9Kd66Hdi0J7BIJ00ITq50JcCo4tAbQb1DPF Ti9Rjeh3m5uwFp1xH/G1hSnvge+87QlyOETTJajHPIpQzZDqZ4Wc7nPiWDjdsG+U wAqETEJnVtrAR0DDEbTm7z8IRazc+UNc2J3c7KdkPqYmEeyuspyAB0Ftv0Sj5oXM 0wcStHCZkbAiVsgr+WOZalChs8o22w3xWclrpWYM0gjBbKd7SCfymjPh6AaY7iZk JZFpf0tABSSPhArJcYcI1F7novUbp2VXLqhJAVSwBEqPInKb -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:48 2025 by rpki-client