This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ba2d71-c4db-41f1-a648-b39b354abfa6.roa File: 55ba2d71-c4db-41f1-a648-b39b354abfa6.roa (raw, json) Hash identifier: aSF50zZ8paLvenonE+RNMr0nX+NorzquU/fyz7Fotdc= Subject key identifier: C9:A8:04:28:19:56:B4:95:64:2A:8E:43:CB:B1:15:BC:FA:69:21:0B Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 36220D07CFC2EE6376694A828511DD08065E394B Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ba2d71-c4db-41f1-a648-b39b354abfa6.roa Signing time: Sat 15 Nov 2025 05:50:49 +0000 ROA not before: Sat 15 Nov 2025 05:50:49 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d058:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:22:0d:07:cf:c2:ee:63:76:69:4a:82:85:11:dd:08:06:5e:39:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:50:49 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=6f0ed99f55812524f0ccecdfea95d73248c90ffe6c1e7fa22b24a2a93993d840, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:df:d9:e6:e4:ab:a8:56:82:63:4e:d6:03:8a: 0c:9f:a3:a0:2c:be:d6:75:01:f7:1d:15:0b:e5:10: f7:9b:c2:18:4c:d7:5f:5d:0a:fb:fc:75:85:4a:02: 51:f9:ae:08:39:fb:7f:33:5a:0a:91:31:c7:91:16: 0f:cb:f6:6b:41:aa:3d:ba:5b:2d:cb:41:37:69:6d: 28:6e:1a:23:c2:4c:95:bd:96:b6:c3:2b:f4:bc:68: 47:f4:55:30:4c:01:83:74:d9:34:8e:07:4d:27:d6: 78:19:53:61:16:d2:83:be:ea:e2:38:ee:aa:61:62: 84:7c:39:7a:f4:9d:98:af:fe:50:a9:da:19:96:cb: 1f:5b:9f:ec:b3:e9:9f:82:bb:22:ef:20:29:25:f7: fc:fc:0e:44:29:7d:cd:c0:ed:b4:33:b8:54:a9:bb: 82:6c:67:aa:b6:f1:62:ab:49:04:36:41:bc:49:14: 0d:bb:56:8f:81:05:2b:f0:1a:8a:fb:3b:38:5e:f5: 25:89:11:e3:1a:25:a9:14:40:75:e4:22:e9:81:db: 88:5c:e4:61:04:35:e1:01:b4:3a:58:e7:48:7c:09: 26:09:12:7e:a3:7c:6a:65:19:d0:4a:ed:bb:ab:94: 40:12:b0:5d:fe:d9:e0:2c:c7:48:92:4d:5c:77:a7: c3:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:A8:04:28:19:56:B4:95:64:2A:8E:43:CB:B1:15:BC:FA:69:21:0B X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ba2d71-c4db-41f1-a648-b39b354abfa6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d058:8000::/40 Signature Algorithm: sha256WithRSAEncryption 99:fa:1e:43:f5:de:12:64:0d:1c:cb:c8:44:99:74:53:dd:97: 09:db:d2:ae:4d:24:61:3d:af:1f:ec:a7:b6:b8:1f:84:64:37: b8:40:9c:7b:24:9c:35:a2:a2:aa:3a:62:44:85:76:06:b8:13: 95:fd:63:b4:38:79:2c:3f:73:dc:86:84:ca:44:99:2e:88:da: 35:03:05:99:e7:5e:77:8c:0d:60:b7:e9:71:b1:f8:26:47:bd: 10:90:61:83:de:4c:d0:c7:ff:7d:23:0d:96:f1:c9:f0:6a:9f: e6:00:9b:ab:a0:e5:11:51:53:5f:09:91:49:54:1a:6b:a2:76: bd:10:58:af:cd:66:dc:11:2e:b4:10:d1:b8:63:5d:b4:05:47: 18:a2:dc:0f:96:bf:a8:1a:9e:18:70:b9:66:90:7c:19:3d:3b: 0f:6f:53:32:ff:1a:fa:e5:b3:62:76:6d:df:da:5c:ec:d4:ec: a0:0b:80:fa:6f:e3:fb:b2:bc:7f:73:55:b2:e5:d8:53:a5:0c: d4:28:fc:82:57:6a:08:ef:bb:aa:b3:86:53:97:73:6e:80:42: 0d:4c:1a:4d:db:b6:a8:4f:68:4f:9e:b9:fe:0f:c4:46:cf:b9: 0f:a6:49:f9:b9:58:e2:68:db:5e:70:f0:43:83:15:54:82:71: 04:cc:8b:bb -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUNiINB8/C7mN2aUqChRHdCAZeOUswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTUwNDlaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDZmMGVkOTlmNTU4MTI1MjRmMGNjZWNkZmVhOTVkNzMyNDhjOTBmZmU2YzFl N2ZhMjJiMjRhMmE5Mzk5M2Q4NDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIvf2ebkq6hWgmNO1gOKDJ+joCy+1nUB9x0VC+UQ95vCGEzXX10K+/x1hUoC UfmuCDn7fzNaCpExx5EWD8v2a0GqPbpbLctBN2ltKG4aI8JMlb2WtsMr9LxoR/RV MEwBg3TZNI4HTSfWeBlTYRbSg77q4jjuqmFihHw5evSdmK/+UKnaGZbLH1uf7LPp n4K7Iu8gKSX3/PwORCl9zcDttDO4VKm7gmxnqrbxYqtJBDZBvEkUDbtWj4EFK/Aa ivs7OF71JYkR4xolqRRAdeQi6YHbiFzkYQQ14QG0OljnSHwJJgkSfqN8amUZ0Ert u6uUQBKwXf7Z4CzHSJJNXHenw80CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTJqAQo GVa0lWQqjkPLsRW8+mkhCzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NTViYTJkNzEtYzRkYi00MWYxLWE2NDgtYjM5YjM1NGFiZmE2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FiA MA0GCSqGSIb3DQEBCwUAA4IBAQCZ+h5D9d4SZA0cy8hEmXRT3ZcJ29KuTSRhPa8f 7Ke2uB+EZDe4QJx7JJw1oqKqOmJEhXYGuBOV/WO0OHksP3PchoTKRJkuiNo1AwWZ 5153jA1gt+lxsfgmR70QkGGD3kzQx/99Iw2W8cnwap/mAJuroOURUVNfCZFJVBpr ona9EFivzWbcES60ENG4Y120BUcYotwPlr+oGp4YcLlmkHwZPTsPb1My/xr65bNi dm3f2lzs1OygC4D6b+P7srx/c1Wy5dhTpQzUKPyCV2oI77uqs4ZTl3NugEINTBpN 27aoT2hPnrn+D8RGz7kPpkn5uVjiaNtecPBDgxVUgnEEzIu7 -----END CERTIFICATE-----Generated at Sat Dec 6 09:51:03 2025 by rpki-client