This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa File: 53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa (raw, json) Hash identifier: 4ULY8q5ggj6EG8k2prWEaJKwkhxtld8GOF/XR+ye3gY= Subject key identifier: 72:16:53:C8:99:B1:5B:5E:30:E4:87:8C:B4:53:DB:AB:76:0E:28:93 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 28898F53FE16A7178B0A65261D57DA6EA498D1F4 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa Signing time: Tue 02 Dec 2025 01:51:06 +0000 ROA not before: Tue 02 Dec 2025 01:51:06 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d076:2000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:89:8f:53:fe:16:a7:17:8b:0a:65:26:1d:57:da:6e:a4:98:d1:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 2 01:51:06 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=290c1fa0b76eaa8e2304e166781c64dd0e5254ee7ae6544dcc32c30493506c66, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:e6:3c:74:e3:55:cd:ba:9c:cb:82:69:e4:3a: 4f:bc:69:ed:78:fe:58:33:23:db:53:71:1c:dc:8e: de:ae:02:c3:5a:8a:3f:3d:76:3b:e7:83:00:56:e3: ff:44:f2:49:66:7f:0c:82:78:ae:bd:d3:62:3d:1a: e2:23:c2:6f:3c:5e:a4:de:cd:ca:17:d4:6d:ac:9a: 71:c5:00:c1:66:6d:88:7b:be:b8:f5:c3:93:82:fc: e9:b4:d9:9f:fb:9a:f0:15:69:5d:39:3e:8d:01:ab: 67:0a:0a:3d:09:cb:f6:2e:66:dd:bc:f7:e2:88:c4: 17:a8:07:c2:0a:87:76:e8:0c:58:0b:01:85:84:50: 9a:01:d5:e8:80:56:cc:d6:c7:80:23:ff:f1:ad:c1: 99:48:c5:2c:dd:47:84:c0:14:a9:28:58:34:7e:a9: 67:59:d3:c1:d7:71:cb:65:66:bd:78:75:9d:ff:32: a4:3d:03:05:db:52:d6:f5:e3:d6:8c:67:ae:45:8f: 93:5a:3d:46:c4:d3:8e:9e:ad:b4:0e:8b:cd:7a:eb: 62:4c:72:bd:40:09:60:0b:47:20:6e:56:52:f4:df: 24:48:44:fc:e5:82:72:ec:07:99:7a:17:1b:17:09: e8:fc:37:83:af:d4:9b:d0:fa:1a:65:a4:50:2a:77: fb:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:16:53:C8:99:B1:5B:5E:30:E4:87:8C:B4:53:DB:AB:76:0E:28:93 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d076:2000::/40 Signature Algorithm: sha256WithRSAEncryption b8:5f:51:ad:05:24:b7:41:2e:84:06:cf:c4:96:87:23:7a:2f: 6a:e7:b6:02:09:15:76:80:aa:ba:ae:b4:48:ed:4d:08:8e:e6: d5:d7:17:b3:64:c3:57:08:74:d3:c3:d5:e0:74:22:b8:99:e4: 26:75:17:d9:1d:0c:42:89:17:4a:c0:8a:d7:b4:f4:f9:9f:e8: 7d:f4:31:f3:7e:41:e3:d6:01:00:91:39:58:a9:b9:ec:33:f8: 2c:09:30:7e:e2:1a:a5:fd:a4:c8:3c:a0:bd:f1:87:d2:dd:9a: 41:8a:89:07:4b:0d:89:be:f5:b3:56:89:34:5d:32:4c:e2:a0: fc:45:47:42:5d:fe:46:e6:00:5a:6c:12:52:5e:cb:9a:b4:b7: f6:24:30:93:4b:e6:05:e9:49:49:5f:06:5c:ab:60:45:0b:d6: 2d:f1:d9:7f:e0:bc:77:f7:97:99:4c:f5:ab:d6:e5:1c:d3:1c: c6:63:8b:0f:f6:de:ba:be:22:cf:70:b2:d9:d9:d2:f5:52:01: 81:c7:b9:f8:ec:6e:03:70:5d:5d:43:b8:98:0f:99:c8:4b:1d: 45:43:3c:56:6d:d5:1a:aa:ff:6f:ed:8e:d7:67:83:f1:52:b9: b5:b3:1c:4e:00:f5:78:55:86:38:20:4b:28:36:58:09:4f:66: d9:dc:8b:37 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUKImPU/4WpxeLCmUmHVfabqSY0fQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDIwMTUxMDZaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDI5MGMxZmEwYjc2ZWFhOGUyMzA0ZTE2Njc4MWM2NGRkMGU1MjU0ZWU3YWU2 NTQ0ZGNjMzJjMzA0OTM1MDZjNjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL3mPHTjVc26nMuCaeQ6T7xp7Xj+WDMj21NxHNyO3q4Cw1qKPz12O+eDAFbj /0TySWZ/DIJ4rr3TYj0a4iPCbzxepN7NyhfUbayaccUAwWZtiHu+uPXDk4L86bTZ n/ua8BVpXTk+jQGrZwoKPQnL9i5m3bz34ojEF6gHwgqHdugMWAsBhYRQmgHV6IBW zNbHgCP/8a3BmUjFLN1HhMAUqShYNH6pZ1nTwddxy2VmvXh1nf8ypD0DBdtS1vXj 1oxnrkWPk1o9RsTTjp6ttA6LzXrrYkxyvUAJYAtHIG5WUvTfJEhE/OWCcuwHmXoX GxcJ6Pw3g6/Um9D6GmWkUCp3+4MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRyFlPI mbFbXjDkh4y0U9urdg4okzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NTNmZGQzNTQtMGViOC00MDRiLTgyMDMtYjVlODIxMWIyYjdlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HYg MA0GCSqGSIb3DQEBCwUAA4IBAQC4X1GtBSS3QS6EBs/Elocjei9q57YCCRV2gKq6 rrRI7U0IjubV1xezZMNXCHTTw9XgdCK4meQmdRfZHQxCiRdKwIrXtPT5n+h99DHz fkHj1gEAkTlYqbnsM/gsCTB+4hql/aTIPKC98YfS3ZpBiokHSw2JvvWzVok0XTJM 4qD8RUdCXf5G5gBabBJSXsuatLf2JDCTS+YF6UlJXwZcq2BFC9Yt8dl/4Lx395eZ TPWr1uUc0xzGY4sP9t66viLPcLLZ2dL1UgGBx7n47G4DcF1dQ7iYD5nISx1FQzxW bdUaqv9v7Y7XZ4PxUrm1sxxOAPV4VYY4IEsoNlgJT2bZ3Is3 -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:37 2025 by rpki-client