This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa File: 5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa (raw, json) Hash identifier: dOd6ielnqj+u/YNaGhBqGpUdsb3EZyxc69xjVO+IWSQ= Subject key identifier: 6F:0B:9A:F7:0F:93:C1:A5:D9:39:D2:9B:06:16:DC:21:30:34:7C:FD Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2C5CD999B9E98EBD8FCA6227B1E42C6675A7E7AD Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa Signing time: Tue 02 Dec 2025 01:50:10 +0000 ROA not before: Tue 02 Dec 2025 01:50:10 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2a05:d030:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:5c:d9:99:b9:e9:8e:bd:8f:ca:62:27:b1:e4:2c:66:75:a7:e7:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 2 01:50:10 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=4b9f43a44ebefba40870bf15470b301e4654494ddfb255bfc067cc001e316cc5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:2c:ab:11:97:ab:b0:99:cf:11:f9:b6:c8:11: e5:92:10:8c:81:41:da:cb:1c:e3:08:1c:73:3c:33: 0f:07:7a:26:bf:fc:13:97:c6:ce:d8:3e:b9:1c:74: d5:e8:4a:3d:46:70:72:35:12:39:39:eb:aa:df:f8: 74:f5:92:26:cf:b8:fe:12:37:0a:32:54:aa:8f:38: 90:4e:92:a3:3c:19:4c:e9:2f:0c:0f:70:69:f9:06: ec:66:6a:b7:a3:4b:f0:44:b3:90:ee:c9:6e:c6:0e: 3b:3b:07:c1:b5:fe:c6:bd:b7:05:a6:52:c8:cf:72: b3:2b:a9:81:64:9e:ab:e3:d0:f1:95:3a:5d:cd:32: 70:43:ab:0c:a0:01:41:83:52:98:37:8a:6d:f3:04: f3:66:b7:77:9d:7f:59:9d:db:07:30:93:15:30:a8: 9e:00:70:66:50:22:10:1e:43:9c:2b:10:28:32:18: 95:e7:4c:e0:c5:9c:af:b7:27:47:05:61:a9:ba:3c: dc:4f:24:48:33:9b:91:35:69:95:88:a6:4c:51:33: 42:a7:2f:5f:01:2a:9b:a3:c7:c4:e3:bc:62:a2:d6: 02:3e:9f:e4:b6:f9:a7:61:4d:78:3d:9d:60:9d:55: 99:7c:a4:cc:33:d5:ef:d8:ae:af:76:8d:80:69:f5: 11:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:0B:9A:F7:0F:93:C1:A5:D9:39:D2:9B:06:16:DC:21:30:34:7C:FD X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d030:8000::/40 Signature Algorithm: sha256WithRSAEncryption 98:36:bd:f5:43:79:3a:87:5a:14:ee:81:99:38:eb:c0:56:d0: 77:66:db:a7:53:a4:e0:b9:18:60:e3:04:2e:c2:93:24:db:eb: 62:88:1c:3c:6a:11:d4:16:19:33:0e:b7:93:47:22:ad:d3:9e: 3a:e2:f7:ff:9b:05:57:9e:26:62:de:18:40:f8:51:51:b6:67: e7:07:ca:b9:2f:98:36:c3:29:f1:76:b9:ea:ed:8e:90:b1:a5: 97:b4:11:ea:21:8a:9b:ad:18:71:71:ee:a8:a7:ce:53:f2:7e: 20:cb:8d:bb:2e:d6:9f:97:cd:b9:b2:31:a3:9f:71:95:a2:1e: 58:78:9f:91:1a:4d:c7:a7:60:4a:13:12:17:be:aa:65:52:e8: 89:33:4f:38:8c:0b:f4:ca:d5:27:89:65:31:3e:2a:95:8b:02: 02:83:e2:92:0f:71:c4:c0:44:63:f3:80:3f:9b:3d:30:0d:50: e3:59:3d:ec:2b:6d:8a:f5:3c:6f:1a:e5:b8:c2:72:af:96:17: fc:c3:4d:9c:02:4f:1c:55:5e:7a:26:26:cd:11:94:8b:d7:4b: 95:58:6e:97:1c:79:83:1e:5f:8b:49:9a:b4:16:a2:25:c8:64: 95:10:4f:9a:21:c6:83:f1:94:7e:0d:58:04:ad:d8:a4:bb:98: 2e:0b:a9:8c -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIULFzZmbnpjr2PymInseQsZnWn560wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDIwMTUwMTBaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDRiOWY0M2E0NGViZWZiYTQwODcwYmYxNTQ3MGIzMDFlNDY1NDQ5NGRkZmIy NTViZmMwNjdjYzAwMWUzMTZjYzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMwsqxGXq7CZzxH5tsgR5ZIQjIFB2ssc4wgcczwzDwd6Jr/8E5fGztg+uRx0 1ehKPUZwcjUSOTnrqt/4dPWSJs+4/hI3CjJUqo84kE6SozwZTOkvDA9wafkG7GZq t6NL8ESzkO7JbsYOOzsHwbX+xr23BaZSyM9ysyupgWSeq+PQ8ZU6Xc0ycEOrDKAB QYNSmDeKbfME82a3d51/WZ3bBzCTFTCongBwZlAiEB5DnCsQKDIYledM4MWcr7cn RwVhqbo83E8kSDObkTVplYimTFEzQqcvXwEqm6PHxOO8YqLWAj6f5Lb5p2FNeD2d YJ1VmXykzDPV79iur3aNgGn1EQ0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRvC5r3 D5PBpdk50psGFtwhMDR8/TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NWI4Zjk4MzItZGY5Yi00ZmM4LTk0ZGEtNWU4ODNlMGQ2ZTQ3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCA MA0GCSqGSIb3DQEBCwUAA4IBAQCYNr31Q3k6h1oU7oGZOOvAVtB3ZtunU6TguRhg 4wQuwpMk2+tiiBw8ahHUFhkzDreTRyKt05464vf/mwVXniZi3hhA+FFRtmfnB8q5 L5g2wynxdrnq7Y6QsaWXtBHqIYqbrRhxce6op85T8n4gy427Ltafl825sjGjn3GV oh5YeJ+RGk3Hp2BKExIXvqplUuiJM084jAv0ytUniWUxPiqViwICg+KSD3HEwERj 84A/mz0wDVDjWT3sK22K9TxvGuW4wnKvlhf8w02cAk8cVV56JibNEZSL10uVWG6X HHmDHl+LSZq0FqIlyGSVEE+aIcaD8ZR+DVgErdiku5guC6mM -----END CERTIFICATE-----Generated at Sat Dec 6 11:47:35 2025 by rpki-client