This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48ce7dfe-434d-4b57-b520-9001ae26be85.roa File: 48ce7dfe-434d-4b57-b520-9001ae26be85.roa (raw, json) Hash identifier: qde2g7QvGdyTTAVCS0JPpxX5cZbWYHZrBSokYfN4WUs= Subject key identifier: 95:7D:A3:80:9A:DC:78:7F:E5:6B:8C:CF:14:61:2D:DB:A8:BB:BA:0E Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5ACDF729429D4D31A6796C49B3409A88062037B4 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48ce7dfe-434d-4b57-b520-9001ae26be85.roa Signing time: Sat 15 Nov 2025 05:40:08 +0000 ROA not before: Sat 15 Nov 2025 05:40:08 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:8010::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:cd:f7:29:42:9d:4d:31:a6:79:6c:49:b3:40:9a:88:06:20:37:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:40:08 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=77692db862b0d15c9c44a1e8474dfbab99a233dcfab07717ce6bef87991f89f0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:b6:66:a3:a7:6b:49:83:16:dd:4d:31:df:8c: 34:39:b1:9c:17:99:69:1a:50:ea:ed:c1:f9:b5:8b: b2:91:6f:14:f4:37:3f:70:44:75:8c:80:d3:bb:3d: 34:b7:22:c8:68:a1:a5:87:ec:c3:58:b9:30:f7:63: ea:8c:4b:76:e4:c0:f8:cb:9e:45:94:1f:6d:fe:1b: 08:83:69:04:c2:1c:7c:d0:20:05:de:94:2f:92:93: be:8e:e7:4b:2b:31:ba:e5:6a:5b:3c:a4:56:c5:8d: 57:6d:64:8c:dd:12:3c:eb:c5:c1:bc:37:78:4a:2c: 04:82:b2:e9:ec:66:ea:8a:50:0a:fb:7e:a5:c1:a9: 69:16:b8:5b:3e:ab:24:3a:f0:3d:b2:66:46:df:1a: 69:9d:39:a5:97:c3:31:7d:ea:a7:d0:d1:1b:23:6c: 5f:e0:81:63:8d:75:9a:e7:90:cc:d8:25:d9:52:a3: 52:26:63:b3:68:08:f1:c8:53:94:cd:e8:74:32:72: d4:11:b3:5e:4e:26:3f:1d:89:0a:5b:40:cd:83:f4: ae:b2:bd:b8:bf:4c:ce:01:c2:df:e6:fe:d3:a9:d3: cb:d1:15:cf:54:c5:7f:25:5a:fe:16:34:58:6e:33: e3:66:72:f2:7f:4a:4b:75:c4:68:c3:aa:66:dc:1e: a6:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:7D:A3:80:9A:DC:78:7F:E5:6B:8C:CF:14:61:2D:DB:A8:BB:BA:0E X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48ce7dfe-434d-4b57-b520-9001ae26be85.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:8010::/48 Signature Algorithm: sha256WithRSAEncryption 88:7a:f1:8e:b0:ec:76:71:5f:be:f2:7e:51:e4:25:17:20:1e: b2:b6:63:07:8a:67:3a:f5:d8:a3:1e:82:4f:7e:a7:ea:b1:3e: 84:12:90:10:b4:23:37:d9:18:aa:03:cd:8c:bb:cd:e3:1b:80: 92:1f:9d:8d:fa:c3:66:27:61:21:42:c0:0e:27:3c:33:4c:48: 2b:52:a7:d6:fd:7e:dd:06:f1:ac:f6:f0:e2:2f:0e:87:94:c4: 37:ee:ef:75:bd:26:ce:dd:1d:be:62:1f:a8:d1:1c:d2:1b:f8: 0d:4c:93:07:32:db:49:00:ce:e4:58:bc:fa:e1:d3:85:31:6f: 48:d0:60:98:91:42:89:dc:c8:bf:4e:0d:a9:a0:49:7f:82:bc: dd:54:f2:66:64:39:56:ee:d2:94:b5:b8:b1:ec:ea:d9:00:45: ca:dc:80:4b:9f:6a:4f:90:55:32:13:9a:90:11:ca:89:00:f0: 9b:76:14:dd:5f:86:8b:10:3a:13:2f:06:5d:57:6f:ad:d9:4c: 68:91:91:f7:0c:6a:61:bc:91:27:74:6d:5e:23:7c:c7:82:da: 6d:97:fc:f8:26:d1:75:20:68:28:45:80:4a:07:ab:ee:f4:d2: d9:a0:d9:ff:63:cd:2d:27:75:bf:06:02:ac:3e:87:ba:54:88: cc:5a:a4:c7 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUWs33KUKdTTGmeWxJs0CaiAYgN7QwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTQwMDhaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDc3NjkyZGI4NjJiMGQxNWM5YzQ0YTFlODQ3NGRmYmFiOTlhMjMzZGNmYWIw NzcxN2NlNmJlZjg3OTkxZjg5ZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALO2ZqOna0mDFt1NMd+MNDmxnBeZaRpQ6u3B+bWLspFvFPQ3P3BEdYyA07s9 NLciyGihpYfsw1i5MPdj6oxLduTA+MueRZQfbf4bCINpBMIcfNAgBd6UL5KTvo7n SysxuuVqWzykVsWNV21kjN0SPOvFwbw3eEosBIKy6exm6opQCvt+pcGpaRa4Wz6r JDrwPbJmRt8aaZ05pZfDMX3qp9DRGyNsX+CBY411mueQzNgl2VKjUiZjs2gI8chT lM3odDJy1BGzXk4mPx2JCltAzYP0rrK9uL9MzgHC3+b+06nTy9EVz1TFfyVa/hY0 WG4z42Zy8n9KS3XEaMOqZtwepv8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSVfaOA mtx4f+VrjM8UYS3bqLu6DjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NDhjZTdkZmUtNDM0ZC00YjU3LWI1MjAtOTAwMWFlMjZiZTg1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA EDANBgkqhkiG9w0BAQsFAAOCAQEAiHrxjrDsdnFfvvJ+UeQlFyAesrZjB4pnOvXY ox6CT36n6rE+hBKQELQjN9kYqgPNjLvN4xuAkh+djfrDZidhIULADic8M0xIK1Kn 1v1+3QbxrPbw4i8Oh5TEN+7vdb0mzt0dvmIfqNEc0hv4DUyTBzLbSQDO5Fi8+uHT hTFvSNBgmJFCidzIv04NqaBJf4K83VTyZmQ5Vu7SlLW4sezq2QBFytyAS59qT5BV MhOakBHKiQDwm3YU3V+GixA6Ey8GXVdvrdlMaJGR9wxqYbyRJ3RtXiN8x4LabZf8 +CbRdSBoKEWASger7vTS2aDZ/2PNLSd1vwYCrD6HulSIzFqkxw== -----END CERTIFICATE-----Generated at Sat Dec 6 10:54:07 2025 by rpki-client