This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/613f885a-7f25-486b-9eff-fdd6b2c05b65.roa File: 613f885a-7f25-486b-9eff-fdd6b2c05b65.roa (raw, json) Hash identifier: yMdMfyibttDCCD6a9Ip8WmEW8SWlOcpm+HxmVmRHhQ0= Subject key identifier: F1:AC:AC:09:2E:51:21:CB:F8:AD:2A:EB:71:E5:F5:92:3E:D6:9A:8D Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5351E6BEF85E286B7C2D52B5F2E4F56A375DFB38 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/613f885a-7f25-486b-9eff-fdd6b2c05b65.roa Signing time: Wed 10 Dec 2025 06:30:10 +0000 ROA not before: Wed 10 Dec 2025 06:30:10 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:4080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:51:e6:be:f8:5e:28:6b:7c:2d:52:b5:f2:e4:f5:6a:37:5d:fb:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:30:10 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=c555738db1aa571fc889951e858a8bb53080abf9d2b61005dda5aab7d1647c5d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:e0:75:b7:17:71:35:2c:9d:b2:67:aa:ca:fd: 5d:10:ed:02:92:17:12:49:21:27:a3:8b:f9:6a:b4: 1e:18:d6:d5:0e:d0:4c:70:6b:79:5c:9a:23:44:e8: ba:7b:1e:55:ff:6a:e2:10:00:12:34:00:c7:2b:ed: 92:50:f7:24:14:65:a5:e9:93:16:3d:31:b0:f8:d0: 15:b8:4c:3a:fb:a4:05:86:d1:9c:76:71:5e:63:cd: 87:8e:a8:8a:6d:2c:72:34:5f:f3:4a:61:08:cf:d4: 3e:23:6b:4b:64:d3:32:7b:a3:48:9f:69:f3:41:9c: e3:3b:6e:17:5a:02:d3:54:de:cd:54:4e:a0:5f:89: 15:eb:99:c4:45:92:f9:97:f5:b1:95:1d:44:cc:d6: 11:63:d4:05:d6:99:83:93:f3:c6:9a:80:5b:36:c2: 74:7b:73:27:f6:65:37:45:46:17:36:db:82:f9:44: 20:bb:4a:6d:50:f4:e9:e4:8b:cd:c5:a6:2a:b4:7c: 04:48:8b:88:f9:3c:2b:28:9f:9f:84:53:cb:fd:24: 9f:63:2e:eb:7b:1b:bd:d1:0a:de:43:c7:8a:d6:f6: 30:15:77:c6:b3:ad:05:57:fb:28:f8:50:ab:95:1a: d5:26:e8:51:a8:f2:f9:5b:4e:33:c3:e0:90:e2:78: ed:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:AC:AC:09:2E:51:21:CB:F8:AD:2A:EB:71:E5:F5:92:3E:D6:9A:8D X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/613f885a-7f25-486b-9eff-fdd6b2c05b65.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:4080::/48 Signature Algorithm: sha256WithRSAEncryption 9a:c9:ac:85:13:fa:ea:e8:d2:cd:2a:eb:48:59:f1:67:77:41: 9c:e8:f9:7b:77:6a:c8:5c:83:23:2e:e0:a9:a4:a8:ac:f5:0e: 0f:54:73:38:2d:59:74:85:7e:78:78:9b:c7:02:d1:13:0f:b4: 63:f8:af:1a:36:57:39:4d:0f:9e:99:e4:93:06:9f:5e:b2:32: de:0d:1a:32:e5:64:81:e6:79:16:59:c8:7a:0a:79:44:ca:da: cb:0c:1d:d1:07:12:03:3f:01:c5:ab:26:f7:78:53:99:df:ed: 10:88:53:0e:2a:81:bf:71:7c:54:b2:63:cb:f0:1f:a8:5e:b9: 93:82:d6:63:5b:87:a5:60:16:3a:c6:40:72:73:cb:58:ec:6f: 84:a3:ce:8b:cb:2f:cc:3c:3b:44:33:28:7d:3a:98:f4:b2:a2: ae:d9:4a:93:4b:85:8d:85:48:9f:60:a9:1e:ae:e0:35:5e:d7: 47:0d:c5:34:a8:20:d5:c5:73:34:8e:a4:78:e8:a7:bc:cd:2a: 34:fc:d4:36:03:ac:38:11:f5:3c:ae:b9:01:03:b5:20:93:39: 5c:ca:7b:67:05:1a:e8:d9:f1:e8:b5:a3:9d:0e:d6:13:ec:f7: ce:93:b9:34:a9:93:56:e6:d9:8f:c7:da:b9:7a:7c:35:10:f1: 3f:fb:b1:ba -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUU1HmvvheKGt8LVK18uT1ajdd+zgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjMwMTBaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGM1NTU3MzhkYjFhYTU3MWZjODg5OTUxZTg1OGE4YmI1MzA4MGFiZjlkMmI2 MTAwNWRkYTVhYWI3ZDE2NDdjNWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKXgdbcXcTUsnbJnqsr9XRDtApIXEkkhJ6OL+Wq0HhjW1Q7QTHBreVyaI0To unseVf9q4hAAEjQAxyvtklD3JBRlpemTFj0xsPjQFbhMOvukBYbRnHZxXmPNh46o im0scjRf80phCM/UPiNrS2TTMnujSJ9p80Gc4ztuF1oC01TezVROoF+JFeuZxEWS +Zf1sZUdRMzWEWPUBdaZg5PzxpqAWzbCdHtzJ/ZlN0VGFzbbgvlEILtKbVD06eSL zcWmKrR8BEiLiPk8Kyifn4RTy/0kn2Mu63sbvdEK3kPHitb2MBV3xrOtBVf7KPhQ q5Ua1SboUajy+VtOM8PgkOJ47TsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTxrKwJ LlEhy/itKutx5fWSPtaajTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NjEzZjg4NWEtN2YyNS00ODZiLTllZmYtZmRkNmIyYzA1YjY1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA gDANBgkqhkiG9w0BAQsFAAOCAQEAmsmshRP66ujSzSrrSFnxZ3dBnOj5e3dqyFyD Iy7gqaSorPUOD1RzOC1ZdIV+eHibxwLREw+0Y/ivGjZXOU0PnpnkkwafXrIy3g0a MuVkgeZ5FlnIegp5RMraywwd0QcSAz8Bxasm93hTmd/tEIhTDiqBv3F8VLJjy/Af qF65k4LWY1uHpWAWOsZAcnPLWOxvhKPOi8svzDw7RDMofTqY9LKirtlKk0uFjYVI n2CpHq7gNV7XRw3FNKgg1cVzNI6keOinvM0qNPzUNgOsOBH1PK65AQO1IJM5XMp7 ZwUa6Nnx6LWjnQ7WE+z3zpO5NKmTVubZj8fauXp8NRDxP/uxug== -----END CERTIFICATE-----Generated at Mon Dec 15 20:05:41 2025 by rpki-client