This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa File: 5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa (raw, json) Hash identifier: tUahdO0nxclIs9E2OMBB1iPo1UI1L/yTIWfDi+/6e5I= Subject key identifier: 51:50:36:A0:46:DE:E4:08:1C:57:B2:E4:C5:A8:46:6E:24:D0:F6:C1 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 634558CACA4DB413737196D76DA4D87D0F508227 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa Signing time: Thu 13 Nov 2025 02:00:09 +0000 ROA not before: Thu 13 Nov 2025 02:00:09 +0000 ROA not after: Thu 18 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:45:58:ca:ca:4d:b4:13:73:71:96:d7:6d:a4:d8:7d:0f:50:82:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 13 02:00:09 2025 GMT Not After : Dec 18 23:59:59 2025 GMT Subject: serialNumber=3354475c5442c83ccc3b1f69e3776d4c37dcb2e799a002ab34d526e21a41370e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:a7:7a:00:4a:f1:3f:b9:18:a3:12:bf:27:0e: 4e:03:25:47:02:d8:f7:cb:ab:6a:4f:22:4e:ab:94: 98:40:29:c7:c7:5d:7c:20:57:95:77:5c:f9:32:5b: a9:ac:68:a1:92:68:bd:14:a1:f8:9a:49:b5:c8:42: 9c:6f:e0:cc:55:8c:ff:74:d1:d8:06:31:3f:59:23: c5:47:d1:be:42:0f:da:39:e5:f6:4b:cb:de:cd:5a: 68:cf:26:be:a3:f1:c6:40:8c:83:05:e3:eb:80:5c: da:84:ab:90:e7:a3:bb:6c:87:d6:a7:56:e1:04:ea: 25:df:3b:df:a1:5a:1c:20:0d:ce:9b:a9:27:02:82: c5:4e:71:2e:51:1d:3c:ae:7b:50:a7:45:ef:3b:4b: 93:c9:c0:9a:8e:7d:11:80:de:dd:78:10:3a:17:f0: fe:5f:d1:85:d2:54:00:63:3b:00:a4:52:b0:50:f0: 96:57:c8:5c:e1:6a:1d:48:25:21:c7:9d:50:4c:34: 79:05:bf:9c:39:45:c8:19:f7:37:ad:a0:ad:86:f4: 61:29:99:57:5c:cf:58:36:60:7c:43:1a:3b:96:1f: 8e:91:87:f6:4b:2d:70:8e:59:18:4f:9b:e0:c4:19: 9e:0d:e9:8b:f3:26:a5:43:b5:5e:6d:94:67:b0:70: ec:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:50:36:A0:46:DE:E4:08:1C:57:B2:E4:C5:A8:46:6E:24:D0:F6:C1 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:880::/48 Signature Algorithm: sha256WithRSAEncryption c7:52:45:3c:4e:33:d1:d6:ab:27:69:f8:cc:59:44:b3:06:cd: 36:7b:6b:67:10:db:b2:bd:55:f6:d6:ed:1f:86:4d:ed:7a:b5: 1c:14:ac:67:d7:5a:f0:12:4c:b1:46:e0:20:25:9c:73:b2:c8: 3e:4f:ef:ec:06:97:39:cd:f5:ca:b3:c7:c4:3f:4b:46:de:70: 96:59:f0:42:54:8a:b2:7d:51:89:67:63:2f:26:f9:f3:f2:b8: e7:5f:19:0e:71:83:87:8f:2d:b1:83:a6:67:2d:30:68:33:e2: f4:3d:dc:72:b3:de:b1:6e:12:52:70:a6:10:fb:ba:b0:28:91: 78:a2:a4:be:09:21:42:3a:fd:bc:03:d9:46:fa:74:33:71:43: 5b:48:23:80:11:c4:09:7a:d8:84:4b:be:a4:9e:e9:d6:89:7c: 42:6c:10:f4:39:d9:7c:05:95:90:8c:fd:c3:ff:cd:5e:d7:32: 93:39:43:43:a6:5f:8d:fe:2a:fb:fb:53:6a:5d:0d:c4:f4:7b: 2c:3b:76:9e:0d:b3:58:95:63:cd:35:a1:38:df:0e:51:09:5d: 2c:5f:01:d1:67:8d:0f:76:5c:7a:d5:0f:17:3b:4a:40:15:86: 1a:02:1f:d0:b0:6a:52:be:bc:cd:59:53:62:3c:10:b9:d1:b4: e9:c0:bc:8b -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUY0VYyspNtBNzcZbXbaTYfQ9QgicwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTMwMjAwMDlaFw0yNTEyMTgyMzU5NTlaMHoxSTBHBgNV BAUTQDMzNTQ0NzVjNTQ0MmM4M2NjYzNiMWY2OWUzNzc2ZDRjMzdkY2IyZTc5OWEw MDJhYjM0ZDUyNmUyMWE0MTM3MGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALKnegBK8T+5GKMSvycOTgMlRwLY98urak8iTquUmEApx8ddfCBXlXdc+TJb qaxooZJovRSh+JpJtchCnG/gzFWM/3TR2AYxP1kjxUfRvkIP2jnl9kvL3s1aaM8m vqPxxkCMgwXj64Bc2oSrkOeju2yH1qdW4QTqJd8736FaHCANzpupJwKCxU5xLlEd PK57UKdF7ztLk8nAmo59EYDe3XgQOhfw/l/RhdJUAGM7AKRSsFDwllfIXOFqHUgl IcedUEw0eQW/nDlFyBn3N62grYb0YSmZV1zPWDZgfEMaO5YfjpGH9kstcI5ZGE+b 4MQZng3pi/MmpUO1Xm2UZ7Bw7EUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRRUDag Rt7kCBxXsuTFqEZuJND2wTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NWM4YmUxYjEtNWNjOS00MGRjLWEwYzEtOTg5MjBjYzI5M2JkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HII gDANBgkqhkiG9w0BAQsFAAOCAQEAx1JFPE4z0darJ2n4zFlEswbNNntrZxDbsr1V 9tbtH4ZN7Xq1HBSsZ9da8BJMsUbgICWcc7LIPk/v7AaXOc31yrPHxD9LRt5wllnw QlSKsn1RiWdjLyb58/K4518ZDnGDh48tsYOmZy0waDPi9D3ccrPesW4SUnCmEPu6 sCiReKKkvgkhQjr9vAPZRvp0M3FDW0gjgBHECXrYhEu+pJ7p1ol8QmwQ9DnZfAWV kIz9w//NXtcykzlDQ6Zfjf4q+/tTal0NxPR7LDt2ng2zWJVjzTWhON8OUQldLF8B 0WeND3ZcetUPFztKQBWGGgIf0LBqUr68zVlTYjwQudG06cC8iw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:52 2025 by rpki-client