This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cb86308-98a0-48e5-8825-d398c0ce8099.roa File: 4cb86308-98a0-48e5-8825-d398c0ce8099.roa (raw, json) Hash identifier: 1pg5xV8YG+yL2xZo4oOqfhYSj3IcIedr+T8qYk3OOas= Subject key identifier: 0B:7D:2D:4B:B0:3A:C2:73:FE:D8:27:D4:AE:43:C1:F5:F0:61:C6:F2 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 26C90CC8A0BCE02B3A5503DB60C4F1ADF9B828F6 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cb86308-98a0-48e5-8825-d398c0ce8099.roa Signing time: Sat 15 Nov 2025 06:30:18 +0000 ROA not before: Sat 15 Nov 2025 06:30:18 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:5080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:c9:0c:c8:a0:bc:e0:2b:3a:55:03:db:60:c4:f1:ad:f9:b8:28:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:30:18 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=775837a66840c51eb285ffe5ed6f8ac2f724c208804020ed1fd708dd276e2576, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:86:76:e3:6e:ea:07:59:f9:54:67:02:53:96: e0:0d:84:1c:75:e4:46:bd:73:2f:c2:97:07:18:2f: 40:37:70:64:f3:c5:7a:f8:f6:7e:eb:3a:6c:a7:93: 2f:8b:79:71:10:c2:c4:9f:c3:01:bd:c2:bf:78:0d: 34:e9:e0:79:cf:6f:ca:4c:3e:a5:02:da:ce:3c:91: 46:ae:17:10:f1:f7:99:af:67:74:d6:79:80:9e:5a: cf:7a:41:84:a3:d6:2f:4f:e9:9e:b5:47:c8:b3:5e: 9c:a7:66:d0:c1:1b:55:b2:4f:04:a0:54:fa:38:7d: 97:8d:e8:50:c4:17:94:5e:e1:5a:9d:e3:af:07:00: 97:2f:f1:39:38:a4:4d:ea:48:45:47:d0:13:e6:99: 7b:7d:74:55:24:b1:12:7a:43:62:65:42:3b:3f:2a: 61:21:7e:2f:8c:a1:b9:3c:30:87:97:cf:51:31:f6: 7c:4d:c5:81:3c:3b:22:2f:f7:bf:56:f3:25:9a:fc: 41:d7:72:5d:3e:3b:af:a0:67:d3:3c:ce:c0:7f:a9: b4:2c:d6:06:5c:a6:ce:0a:1f:97:a0:7a:c9:68:cd: 24:50:9f:dd:81:9a:f2:86:e6:36:8a:f6:ce:87:93: 07:12:bc:6a:85:4d:21:34:98:05:7c:15:83:5a:e3: 2e:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:7D:2D:4B:B0:3A:C2:73:FE:D8:27:D4:AE:43:C1:F5:F0:61:C6:F2 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cb86308-98a0-48e5-8825-d398c0ce8099.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:5080::/48 Signature Algorithm: sha256WithRSAEncryption 3e:8b:16:a5:e1:f6:df:1e:f5:95:b8:49:ce:1e:e0:02:4a:01: 55:04:79:8f:f8:74:2f:09:31:6b:08:46:34:17:07:14:f3:ef: 26:70:be:47:1e:aa:a7:02:01:0c:d5:ee:46:72:ff:0f:a5:db: 0d:c7:78:33:f6:37:1d:2b:80:60:b0:4c:a9:64:ce:14:98:a5: ce:84:76:31:df:71:ee:b1:bb:7c:f5:c9:e0:37:66:bc:3b:09: bf:56:5a:d8:c2:c4:7b:a6:3b:ec:c8:81:af:4d:02:42:3c:a7: 54:c8:90:25:48:96:75:bd:16:ad:4a:5d:5c:1e:cf:b8:16:8a: 37:86:a2:9e:29:fd:27:b5:9f:3c:c0:5d:6a:2a:be:2e:08:7b: 91:56:89:99:f8:68:c9:4e:7a:55:89:47:19:53:0a:0c:c6:cc: 5f:5d:73:8a:55:7b:0c:59:d8:51:73:90:e4:2f:04:70:1c:34: 8e:b0:f1:1f:c4:5d:67:d6:a8:3f:56:70:34:fc:37:d3:a9:03: ff:f1:0a:0e:08:c1:6c:08:97:f0:85:92:fb:a7:76:ad:84:34: 31:74:ee:aa:4a:1a:04:b2:11:50:f9:13:39:19:ef:5c:8e:d7: c7:a4:63:37:b3:5d:68:9b:1c:a0:f3:26:50:35:85:7c:40:bb: f0:a0:2d:72 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUJskMyKC84Cs6VQPbYMTxrfm4KPYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjMwMThaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDc3NTgzN2E2Njg0MGM1MWViMjg1ZmZlNWVkNmY4YWMyZjcyNGMyMDg4MDQw MjBlZDFmZDcwOGRkMjc2ZTI1NzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ2GduNu6gdZ+VRnAlOW4A2EHHXkRr1zL8KXBxgvQDdwZPPFevj2fus6bKeT L4t5cRDCxJ/DAb3Cv3gNNOngec9vykw+pQLazjyRRq4XEPH3ma9ndNZ5gJ5az3pB hKPWL0/pnrVHyLNenKdm0MEbVbJPBKBU+jh9l43oUMQXlF7hWp3jrwcAly/xOTik TepIRUfQE+aZe310VSSxEnpDYmVCOz8qYSF+L4yhuTwwh5fPUTH2fE3FgTw7Ii/3 v1bzJZr8QddyXT47r6Bn0zzOwH+ptCzWBlymzgofl6B6yWjNJFCf3YGa8obmNor2 zoeTBxK8aoVNITSYBXwVg1rjLmsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQLfS1L sDrCc/7YJ9SuQ8H18GHG8jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NGNiODYzMDgtOThhMC00OGU1LTg4MjUtZDM5OGMwY2U4MDk5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABQ gDANBgkqhkiG9w0BAQsFAAOCAQEAPosWpeH23x71lbhJzh7gAkoBVQR5j/h0Lwkx awhGNBcHFPPvJnC+Rx6qpwIBDNXuRnL/D6XbDcd4M/Y3HSuAYLBMqWTOFJilzoR2 Md9x7rG7fPXJ4DdmvDsJv1Za2MLEe6Y77MiBr00CQjynVMiQJUiWdb0WrUpdXB7P uBaKN4ainin9J7WfPMBdaiq+Lgh7kVaJmfhoyU56VYlHGVMKDMbMX11zilV7DFnY UXOQ5C8EcBw0jrDxH8RdZ9aoP1ZwNPw306kD//EKDgjBbAiX8IWS+6d2rYQ0MXTu qkoaBLIRUPkTORnvXI7Xx6RjN7NdaJscoPMmUDWFfEC78KAtcg== -----END CERTIFICATE-----Generated at Sat Dec 6 12:41:56 2025 by rpki-client