This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e0cbb15-3cb7-449b-953a-b40949bdc32b.roa File: 4e0cbb15-3cb7-449b-953a-b40949bdc32b.roa (raw, json) Hash identifier: /ox6DY8jehjvTKNUwDkIWQErI/r1SA8ru74CSxF3YNc= Subject key identifier: 6F:B9:B9:B4:F0:98:E8:B8:49:65:9A:14:A6:F3:CD:18:5B:6B:2A:6B Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 11315AE5041BC7F336D1EA383E8F071F57FCBB98 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e0cbb15-3cb7-449b-953a-b40949bdc32b.roa Signing time: Sat 15 Nov 2025 06:00:34 +0000 ROA not before: Sat 15 Nov 2025 06:00:34 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06f:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:31:5a:e5:04:1b:c7:f3:36:d1:ea:38:3e:8f:07:1f:57:fc:bb:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:00:34 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=6b7809ef3a37734662be08f9c44b58f68abf2bf986178ea73b0266c856d468e7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:ab:49:58:65:a8:fa:49:9a:64:03:75:9b:ba: ee:0c:25:c9:60:a7:1c:0e:71:0e:6c:79:6f:9a:8a: d9:43:72:43:fa:c3:69:c3:65:67:8e:53:96:9d:13: 91:b8:60:f4:78:b1:56:bc:42:df:18:42:c2:25:c8: a6:bf:9b:d6:8a:b3:07:a7:6b:92:4a:ae:7e:00:7e: 85:d3:83:60:c4:84:a7:98:0f:bf:16:af:9a:14:f9: 6d:e1:b7:78:e5:1d:cb:6c:38:ee:77:84:ab:bb:2b: 20:f3:b2:13:3a:7a:df:1f:60:68:3d:85:7f:f9:70: 9f:0a:62:4c:58:69:a5:42:b6:e3:bb:9d:db:ab:3d: 25:f2:57:83:84:40:1b:b8:69:f2:5c:cc:e8:9a:2e: 9c:d9:3c:cc:4d:a4:6a:29:6f:e1:bf:9e:6e:70:0a: 28:a9:8a:fd:41:17:7d:46:23:92:e3:c7:45:d5:e2: f1:41:ed:a3:9a:73:36:9c:e4:03:1c:98:c5:7c:63: 5a:56:ab:e6:57:b7:ef:7e:db:f5:e5:c4:21:4b:3d: fc:df:d8:d1:5d:fa:82:dd:82:4c:69:49:ec:f7:02: 50:4b:d5:7d:87:0f:b9:4c:f2:52:00:a8:11:af:b1: 90:a8:59:4b:52:92:5f:d9:7c:d7:e8:c0:0e:a4:0d: d8:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:B9:B9:B4:F0:98:E8:B8:49:65:9A:14:A6:F3:CD:18:5B:6B:2A:6B X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e0cbb15-3cb7-449b-953a-b40949bdc32b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06f:9000::/40 Signature Algorithm: sha256WithRSAEncryption 0f:54:80:57:2b:96:fa:24:af:1b:ce:8b:12:57:2f:58:a7:b4: 36:e4:5c:8c:81:8c:e8:86:3a:1b:bf:c4:f9:4e:40:87:10:61: e8:e9:40:4d:35:61:b9:11:94:1c:25:5f:1b:55:48:86:aa:83: a5:9a:58:5b:e2:b7:e6:04:5b:df:81:86:6d:0f:5f:24:0f:5d: 6a:95:98:be:dc:f3:04:f9:7f:82:2c:4b:a7:54:02:15:12:de: e2:f5:75:43:49:85:75:9f:83:c4:82:0c:0d:87:f9:a5:96:ba: 25:3d:c6:95:e0:e9:45:62:82:22:6b:3e:33:38:7f:f7:81:ef: cd:68:8e:e5:4b:a7:43:4e:bc:34:f1:00:5a:e9:a6:63:3d:ea: dd:50:4e:de:d6:ec:1a:90:8a:38:ab:76:2b:7a:0d:1c:00:11: 9d:a4:b0:a3:d1:bb:ce:27:1d:c6:7b:51:9e:8d:4e:5f:b7:33: a4:8c:1c:ac:f1:3a:3e:17:40:10:ee:3d:10:71:c6:db:b1:ae: cc:7f:56:05:89:ce:09:c4:0f:15:32:ce:f8:28:7c:3e:ab:05: 57:e3:96:e7:ff:29:d1:cc:7a:62:c2:b5:f9:cf:1c:21:97:f3: 34:a3:be:36:3c:e4:56:92:f3:41:73:33:bf:fb:4a:a7:ca:87: f9:82:50:77 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUETFa5QQbx/M20eo4Po8HH1f8u5gwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjAwMzRaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDZiNzgwOWVmM2EzNzczNDY2MmJlMDhmOWM0NGI1OGY2OGFiZjJiZjk4NjE3 OGVhNzNiMDI2NmM4NTZkNDY4ZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALirSVhlqPpJmmQDdZu67gwlyWCnHA5xDmx5b5qK2UNyQ/rDacNlZ45Tlp0T kbhg9HixVrxC3xhCwiXIpr+b1oqzB6drkkqufgB+hdODYMSEp5gPvxavmhT5beG3 eOUdy2w47neEq7srIPOyEzp63x9gaD2Ff/lwnwpiTFhppUK247ud26s9JfJXg4RA G7hp8lzM6JounNk8zE2kailv4b+ebnAKKKmK/UEXfUYjkuPHRdXi8UHto5pzNpzk AxyYxXxjWlar5le3737b9eXEIUs9/N/Y0V36gt2CTGlJ7PcCUEvVfYcPuUzyUgCo Ea+xkKhZS1KSX9l81+jADqQN2AcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRvubm0 8JjouEllmhSm880YW2sqazAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NGUwY2JiMTUtM2NiNy00NDliLTk1M2EtYjQwOTQ5YmRjMzJiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+Q MA0GCSqGSIb3DQEBCwUAA4IBAQAPVIBXK5b6JK8bzosSVy9Yp7Q25FyMgYzohjob v8T5TkCHEGHo6UBNNWG5EZQcJV8bVUiGqoOlmlhb4rfmBFvfgYZtD18kD11qlZi+ 3PME+X+CLEunVAIVEt7i9XVDSYV1n4PEggwNh/mllrolPcaV4OlFYoIiaz4zOH/3 ge/NaI7lS6dDTrw08QBa6aZjPerdUE7e1uwakIo4q3Yreg0cABGdpLCj0bvOJx3G e1GejU5ftzOkjBys8To+F0AQ7j0Qccbbsa7Mf1YFic4JxA8VMs74KHw+qwVX45bn /ynRzHpiwrX5zxwhl/M0o742PORWkvNBczO/+0qnyof5glB3 -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:38 2025 by rpki-client