This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/640a1f52-8635-44af-ae6e-cc941e49e749.roa File: 640a1f52-8635-44af-ae6e-cc941e49e749.roa (raw, json) Hash identifier: sC2Sihum2R6MhC6sVzP008POp+8L3TsuPgkGDfaXF8g= Subject key identifier: 31:A0:2F:B7:A6:C0:0C:38:C1:B9:8F:A2:67:47:2D:F2:16:10:76:39 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 26883B45BC3C8B0101C640389A83E6640E3E6FCC Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/640a1f52-8635-44af-ae6e-cc941e49e749.roa Signing time: Tue 18 Nov 2025 00:30:14 +0000 ROA not before: Tue 18 Nov 2025 00:30:14 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2a05:d034:6080::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:88:3b:45:bc:3c:8b:01:01:c6:40:38:9a:83:e6:64:0e:3e:6f:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 18 00:30:14 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=ba822a13bab09f2e00fdcf4cb2dbc849f0772f95ce117f037050c24d1621f906, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:fd:67:3d:39:ee:c9:43:15:16:a3:c1:82:2c: d0:c3:99:d2:37:b4:b2:45:4c:2d:d2:7e:45:73:53: 64:17:1e:8c:2d:52:1a:69:cb:f4:c0:31:de:f4:4c: f1:91:ab:cd:9f:16:c6:c5:e2:78:ba:d7:2d:5e:25: 3b:7e:a4:b1:6a:d6:6e:d0:3f:79:30:43:5e:59:77: 25:dc:af:29:c8:36:48:04:a8:16:ba:e5:51:65:af: 9a:ca:da:a7:39:8e:de:d2:1f:b4:cf:eb:ac:c8:c9: cf:b8:c4:15:b7:e3:a8:75:70:be:c2:b6:cc:53:83: f5:a0:5b:84:da:f2:b8:ff:14:a4:2a:8b:c3:a3:fc: 57:34:67:fd:77:7c:92:54:0e:00:39:10:a4:9b:3e: 67:2e:50:65:a7:81:95:30:0f:e4:89:fe:5a:8c:eb: 16:75:1e:b5:79:28:73:8f:ec:9d:6c:4d:c0:f9:78: 24:13:af:c0:ac:0b:ec:7d:2e:ac:84:f4:ea:81:82: 2a:3b:50:d8:34:8e:8d:0b:dc:39:21:a6:04:b3:3d: a6:3b:d5:c0:d4:77:49:74:63:c3:eb:07:cf:a5:f1: f1:55:9b:00:bc:ba:11:50:03:3b:dc:59:67:84:78: 94:a9:44:4f:d4:11:bc:5c:34:0e:18:14:ef:b5:6e: b8:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:A0:2F:B7:A6:C0:0C:38:C1:B9:8F:A2:67:47:2D:F2:16:10:76:39 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/640a1f52-8635-44af-ae6e-cc941e49e749.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d034:6080::/46 Signature Algorithm: sha256WithRSAEncryption 5e:60:30:49:76:5a:7f:48:b9:9e:a1:49:4a:45:42:4a:b8:b0: a5:ad:3d:48:3c:44:f4:c2:ff:54:e6:42:be:e5:32:db:d5:1e: f3:72:c5:6e:df:84:12:10:5c:98:13:a1:48:99:46:f1:04:f6: d0:a0:0a:5f:8e:5b:75:94:6e:26:c3:a1:70:f0:60:bb:b7:55: 19:91:8d:d2:87:dc:92:99:82:e7:60:44:4e:15:37:17:ad:d8: e4:e6:ff:5a:11:29:1c:01:63:27:7f:58:96:a2:36:65:65:fb: c2:43:05:c1:0f:61:a0:ec:46:98:c6:af:6b:c0:6d:c3:96:58: 46:c6:d2:a5:4d:b6:0e:55:5b:e8:cf:c2:0d:58:fe:15:65:08: 46:c8:ab:2d:8f:fd:8b:c3:60:8d:7d:b1:e6:5b:ff:0b:d1:a4: 68:3d:3f:7b:a2:4c:5f:f2:38:d8:2c:60:0c:9b:01:71:a6:e7: c2:30:6f:bd:93:3f:6b:b4:ff:35:2d:2c:ed:4d:06:84:d4:16: c0:c3:c4:f4:a1:55:d7:ad:3c:28:3c:1e:41:4d:2c:35:ac:b2: dc:69:74:c6:e1:b6:59:82:56:91:3f:a6:3e:f5:88:2e:28:b3: aa:67:fd:d4:cb:fa:f7:8b:73:16:de:a0:d3:78:e5:64:f6:37: 59:81:39:a6 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUJog7Rbw8iwEBxkA4moPmZA4+b8wwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTgwMDMwMTRaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQGJhODIyYTEzYmFiMDlmMmUwMGZkY2Y0Y2IyZGJjODQ5ZjA3NzJmOTVjZTEx N2YwMzcwNTBjMjRkMTYyMWY5MDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPP9Zz057slDFRajwYIs0MOZ0je0skVMLdJ+RXNTZBcejC1SGmnL9MAx3vRM 8ZGrzZ8WxsXieLrXLV4lO36ksWrWbtA/eTBDXll3JdyvKcg2SASoFrrlUWWvmsra pzmO3tIftM/rrMjJz7jEFbfjqHVwvsK2zFOD9aBbhNryuP8UpCqLw6P8VzRn/Xd8 klQOADkQpJs+Zy5QZaeBlTAP5In+WozrFnUetXkoc4/snWxNwPl4JBOvwKwL7H0u rIT06oGCKjtQ2DSOjQvcOSGmBLM9pjvVwNR3SXRjw+sHz6Xx8VWbALy6EVADO9xZ Z4R4lKlET9QRvFw0DhgU77VuuI8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQxoC+3 psAMOMG5j6JnRy3yFhB2OTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NjQwYTFmNTItODYzNS00NGFmLWFlNmUtY2M5NDFlNDllNzQ5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DRg gDANBgkqhkiG9w0BAQsFAAOCAQEAXmAwSXZaf0i5nqFJSkVCSriwpa09SDxE9ML/ VOZCvuUy29Ue83LFbt+EEhBcmBOhSJlG8QT20KAKX45bdZRuJsOhcPBgu7dVGZGN 0ofckpmC52BEThU3F63Y5Ob/WhEpHAFjJ39YlqI2ZWX7wkMFwQ9hoOxGmMava8Bt w5ZYRsbSpU22DlVb6M/CDVj+FWUIRsirLY/9i8NgjX2x5lv/C9GkaD0/e6JMX/I4 2CxgDJsBcabnwjBvvZM/a7T/NS0s7U0GhNQWwMPE9KFV1608KDweQU0sNayy3Gl0 xuG2WYJWkT+mPvWILiizqmf91Mv694tzFt6g03jlZPY3WYE5pg== -----END CERTIFICATE-----Generated at Sat Dec 6 13:37:02 2025 by rpki-client