This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b65b415-a397-41d3-99dc-207c8689d0ee.roa File: 5b65b415-a397-41d3-99dc-207c8689d0ee.roa (raw, json) Hash identifier: xkcX5h3KbwT//KQCiahwUzcYXtV8ClTbjIvSubDLQ/U= Subject key identifier: 47:96:55:8E:4D:D1:C4:11:2D:48:BF:4C:37:9D:4D:38:89:D3:07:41 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 61DA2D60DCF1603500E8BF5807CC83E782A90332 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b65b415-a397-41d3-99dc-207c8689d0ee.roa Signing time: Tue 02 Dec 2025 01:50:49 +0000 ROA not before: Tue 02 Dec 2025 01:50:49 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d076:6000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:da:2d:60:dc:f1:60:35:00:e8:bf:58:07:cc:83:e7:82:a9:03:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 2 01:50:49 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=6efda5cf986aff3a575581a179a2a4a6949ca67e77271ed9a421bae420497b0f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:13:a1:dc:66:7e:62:1b:2d:bd:58:5f:83:c7: b4:6b:1c:fb:14:2b:ea:8b:b7:a4:aa:13:12:da:e3: 57:f6:bf:a1:35:3e:bd:2e:8e:ca:13:dc:c1:e3:59: b8:4a:59:11:da:7f:8b:3b:a4:6d:ff:92:33:b2:22: 02:8d:25:79:6d:bc:f0:33:3a:9b:70:11:25:bd:20: 71:f3:0a:06:1c:5f:86:78:fa:c6:1a:c2:a0:08:30: c3:15:76:92:52:b6:63:10:8d:47:f0:80:08:cb:22: 11:53:74:84:ef:bb:b1:f7:8e:b8:2f:08:40:cc:ea: f3:db:f0:13:de:bf:ad:04:d5:1c:f5:3d:72:c3:e6: dc:82:ab:b6:00:72:61:e3:94:8b:48:e1:0d:8c:98: 7d:9d:56:e6:ae:7d:7e:82:18:55:95:e8:a6:9d:7a: f3:cb:e0:00:8c:a3:f2:31:85:ef:a2:0b:80:63:b5: c8:3e:ef:0f:c6:57:58:2a:9f:cb:cf:cf:6c:29:8c: fd:96:ba:dc:ff:d1:4a:e7:3b:c5:94:42:d1:7e:0f: 7d:14:db:42:1d:e6:81:4e:18:c5:de:4d:36:bd:49: 41:5b:03:2f:af:74:ef:79:f8:e6:b6:c3:7f:d9:8f: 82:f1:13:ac:62:42:d2:95:ed:e6:8f:30:d1:8e:d8: 1e:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:96:55:8E:4D:D1:C4:11:2D:48:BF:4C:37:9D:4D:38:89:D3:07:41 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b65b415-a397-41d3-99dc-207c8689d0ee.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d076:6000::/40 Signature Algorithm: sha256WithRSAEncryption 9a:e4:d0:46:96:1d:74:c7:01:a9:51:04:37:56:20:50:d7:ec: d1:d2:0c:fa:73:58:d7:b2:7b:c3:4a:5d:60:64:7f:de:7a:e2: d1:e6:1d:ee:d4:fc:46:a0:1f:b5:5b:7e:7d:5d:78:2a:f0:a7: 97:e5:69:29:d2:fd:ae:b0:4a:49:65:df:19:5a:59:d4:ec:b9: 5c:0a:c3:24:16:6e:cb:b2:88:f1:cd:eb:ae:2f:64:fc:dd:02: c8:03:23:b9:19:ab:7f:f8:7d:c6:f9:6b:57:14:be:84:b0:7e: 58:b8:b1:07:28:aa:1e:b2:7b:f6:06:97:fd:51:87:df:0c:98: 17:14:b5:f8:72:2f:b4:9f:2a:b0:4f:9b:4e:86:38:ab:81:f1: 07:a6:13:fd:8b:1e:d8:37:4a:44:aa:cf:02:0a:a4:55:7d:92: 3e:67:d3:c3:2f:a9:fa:47:7a:a4:55:72:d2:93:ce:2d:2b:70: 8f:7a:75:80:5e:2b:29:f1:7e:20:db:dc:a8:84:c5:2c:fe:4b: 69:8e:75:a5:32:1c:35:43:e8:ac:14:db:29:3a:8e:52:dc:af: 58:df:21:09:31:26:9a:b0:44:06:61:81:b7:3a:6f:37:7b:55: c8:79:f3:e8:25:f0:c9:27:bc:b7:10:e6:99:41:50:58:36:a4: dd:39:11:d3 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUYdotYNzxYDUA6L9YB8yD54KpAzIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDIwMTUwNDlaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDZlZmRhNWNmOTg2YWZmM2E1NzU1ODFhMTc5YTJhNGE2OTQ5Y2E2N2U3NzI3 MWVkOWE0MjFiYWU0MjA0OTdiMGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN0TodxmfmIbLb1YX4PHtGsc+xQr6ou3pKoTEtrjV/a/oTU+vS6OyhPcweNZ uEpZEdp/izukbf+SM7IiAo0leW288DM6m3ARJb0gcfMKBhxfhnj6xhrCoAgwwxV2 klK2YxCNR/CACMsiEVN0hO+7sfeOuC8IQMzq89vwE96/rQTVHPU9csPm3IKrtgBy YeOUi0jhDYyYfZ1W5q59foIYVZXopp1688vgAIyj8jGF76ILgGO1yD7vD8ZXWCqf y8/PbCmM/Za63P/RSuc7xZRC0X4PfRTbQh3mgU4Yxd5NNr1JQVsDL69073n45rbD f9mPgvETrGJC0pXt5o8w0Y7YHmkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRHllWO TdHEES1Iv0w3nU04idMHQTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NWI2NWI0MTUtYTM5Ny00MWQzLTk5ZGMtMjA3Yzg2ODlkMGVlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HZg MA0GCSqGSIb3DQEBCwUAA4IBAQCa5NBGlh10xwGpUQQ3ViBQ1+zR0gz6c1jXsnvD Sl1gZH/eeuLR5h3u1PxGoB+1W359XXgq8KeX5Wkp0v2usEpJZd8ZWlnU7LlcCsMk Fm7LsojxzeuuL2T83QLIAyO5Gat/+H3G+WtXFL6EsH5YuLEHKKoesnv2Bpf9UYff DJgXFLX4ci+0nyqwT5tOhjirgfEHphP9ix7YN0pEqs8CCqRVfZI+Z9PDL6n6R3qk VXLSk84tK3CPenWAXisp8X4g29yohMUs/ktpjnWlMhw1Q+isFNspOo5S3K9Y3yEJ MSaasEQGYYG3Om83e1XIefPoJfDJJ7y3EOaZQVBYNqTdORHT -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:37 2025 by rpki-client