This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/599e0695-4b67-4a37-994a-8c71d61260b3.roa File: 599e0695-4b67-4a37-994a-8c71d61260b3.roa (raw, json) Hash identifier: v1h/v/wYsqfd9yshxQLZrcpYaavmmddOXoQrBVnY4+A= Subject key identifier: 57:37:7D:9C:D3:E9:CB:57:8B:34:62:C1:66:0A:2B:7D:DE:C7:C9:5F Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 724E96BA87F7761FEC372A96330BAABDD85EF089 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/599e0695-4b67-4a37-994a-8c71d61260b3.roa Signing time: Sat 15 Nov 2025 06:10:05 +0000 ROA not before: Sat 15 Nov 2025 06:10:05 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:a0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:4e:96:ba:87:f7:76:1f:ec:37:2a:96:33:0b:aa:bd:d8:5e:f0:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:10:05 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=eca1e5c65b172e8e49cc66929d9160b977a5c96993be4042ce971ca4ac58c637, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:8e:96:84:33:47:a5:b0:55:22:76:9f:49:49: a5:5c:72:ce:cf:f4:09:27:28:20:3f:1d:24:1d:ba: 93:33:be:49:56:e0:8f:e5:10:c0:32:a3:41:b7:af: b0:01:b6:78:17:43:78:8c:c5:03:a9:7a:b9:f3:86: 91:80:1b:35:06:d8:bd:3c:13:73:7f:87:8c:21:17: 22:68:d1:53:08:af:75:7a:94:6a:73:88:fc:4a:c5: 91:9c:1b:d4:83:8f:ee:6d:c0:eb:0f:82:16:1d:ad: 00:77:2e:4a:53:1d:1e:34:76:c0:ba:e5:66:2a:42: 47:3c:19:ec:00:27:dd:97:11:36:e2:f4:00:a7:6d: 8a:d3:2a:59:f4:ae:34:f6:a9:b1:af:11:e1:37:63: a5:33:67:51:d8:b1:60:b3:37:46:4c:e3:64:08:69: be:1d:ed:36:0b:40:ba:13:3b:22:fa:29:60:79:1c: e0:06:9f:a9:0c:a6:12:d5:57:f7:c4:fc:83:46:2a: b7:58:ea:0a:cd:82:03:bb:97:76:e2:9f:4d:f2:d0: 55:21:b8:d6:47:df:5f:31:04:93:c4:8b:c1:47:03: 6e:7c:32:48:f8:a2:b7:7a:d7:fd:fb:b5:ea:12:82: 06:e9:9f:64:1b:42:88:1f:b2:38:f7:03:ad:24:d7: a0:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:37:7D:9C:D3:E9:CB:57:8B:34:62:C1:66:0A:2B:7D:DE:C7:C9:5F X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/599e0695-4b67-4a37-994a-8c71d61260b3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:a0c0::/48 Signature Algorithm: sha256WithRSAEncryption 0c:4a:2e:17:c8:cb:4c:ff:08:23:e8:f9:29:4d:f2:ae:a3:01: ef:9f:5e:46:2a:74:94:55:c5:c9:0e:83:2d:45:78:4e:50:b8: e2:ac:f1:3c:01:82:99:2b:4c:2c:40:75:0b:06:9e:1c:b6:c1: b6:04:36:96:3a:ee:23:3d:5c:56:a7:ca:fe:4e:25:f7:7c:e6: e8:03:c4:90:60:4c:1f:b4:91:f3:af:ad:1d:45:cf:98:fa:ac: ab:95:f9:eb:f9:29:6a:c5:7f:bd:62:b8:7f:df:13:7c:b0:fe: c7:f3:78:7c:2f:9e:05:75:99:52:4b:51:61:42:55:0e:41:1b: 61:9a:64:9e:48:10:91:85:da:5b:37:96:59:60:55:23:fb:88: df:95:18:36:bf:c7:c4:ac:75:d5:d1:1f:b1:9d:44:9b:d8:ad: 10:52:37:30:3e:6b:72:eb:54:91:04:96:59:c0:b6:b7:b7:8c: e8:1f:be:de:f4:2d:74:f0:b2:bc:95:7f:06:2a:8f:0a:da:3b: f1:9a:89:3e:b0:a8:eb:90:61:38:d8:93:07:3a:e3:a2:62:b6: 6f:d9:58:2c:26:4c:de:c2:d7:78:99:0f:3c:ec:ef:88:76:f9: 1b:35:af:c3:4a:13:1a:99:74:b0:7b:9a:62:bd:2a:0f:68:63: 02:58:d5:1c -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUck6Wuof3dh/sNyqWMwuqvdhe8IkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjEwMDVaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGVjYTFlNWM2NWIxNzJlOGU0OWNjNjY5MjlkOTE2MGI5NzdhNWM5Njk5M2Jl NDA0MmNlOTcxY2E0YWM1OGM2MzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALSOloQzR6WwVSJ2n0lJpVxyzs/0CScoID8dJB26kzO+SVbgj+UQwDKjQbev sAG2eBdDeIzFA6l6ufOGkYAbNQbYvTwTc3+HjCEXImjRUwivdXqUanOI/ErFkZwb 1IOP7m3A6w+CFh2tAHcuSlMdHjR2wLrlZipCRzwZ7AAn3ZcRNuL0AKdtitMqWfSu NPapsa8R4TdjpTNnUdixYLM3RkzjZAhpvh3tNgtAuhM7IvopYHkc4AafqQymEtVX 98T8g0Yqt1jqCs2CA7uXduKfTfLQVSG41kffXzEEk8SLwUcDbnwySPiit3rX/fu1 6hKCBumfZBtCiB+yOPcDrSTXoDMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRXN32c 0+nLV4s0YsFmCit93sfJXzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NTk5ZTA2OTUtNGI2Ny00YTM3LTk5NGEtOGM3MWQ2MTI2MGIzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACg wDANBgkqhkiG9w0BAQsFAAOCAQEADEouF8jLTP8II+j5KU3yrqMB759eRip0lFXF yQ6DLUV4TlC44qzxPAGCmStMLEB1CwaeHLbBtgQ2ljruIz1cVqfK/k4l93zm6APE kGBMH7SR86+tHUXPmPqsq5X56/kpasV/vWK4f98TfLD+x/N4fC+eBXWZUktRYUJV DkEbYZpknkgQkYXaWzeWWWBVI/uI35UYNr/HxKx11dEfsZ1Em9itEFI3MD5rcutU kQSWWcC2t7eM6B++3vQtdPCyvJV/BiqPCto78ZqJPrCo65BhONiTBzrjomK2b9lY LCZM3sLXeJkPPOzviHb5GzWvw0oTGpl0sHuaYr0qD2hjAljVHA== -----END CERTIFICATE-----Generated at Sat Dec 6 18:34:32 2025 by rpki-client