This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67233a4e-590e-4497-a72c-fe940d42b798.roa File: 67233a4e-590e-4497-a72c-fe940d42b798.roa (raw, json) Hash identifier: YeKkZQ4Q7txx0qVIipjUbjefSGe4z2mQldxm8uhKZxs= Subject key identifier: EF:D9:FB:E0:0F:8B:93:5A:42:CB:70:67:AF:5E:3A:50:1A:4B:A4:8C Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5E6A618EC444829804A958307B4DAEC50F3CA5A1 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67233a4e-590e-4497-a72c-fe940d42b798.roa Signing time: Wed 10 Dec 2025 06:30:45 +0000 ROA not before: Wed 10 Dec 2025 06:30:45 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07c::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:6a:61:8e:c4:44:82:98:04:a9:58:30:7b:4d:ae:c5:0f:3c:a5:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:30:45 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=ca6c1520ec349b31b3bff40f66981dc7dbfcf0eda27c508edc4c63318649c443, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:a1:17:68:32:cf:b8:80:92:8a:34:e0:a6:e5: 2f:a7:cb:4c:5f:17:e1:27:50:9c:e2:88:10:68:22: 30:29:30:b2:9e:69:1e:9e:41:6c:b3:60:0c:d4:1f: ce:34:44:ef:b2:db:90:4d:4e:a1:32:5e:98:2f:4e: 51:21:39:6a:86:e6:f9:a4:25:bb:01:10:49:ec:c3: 7a:8d:c7:4a:9c:a5:c1:fa:72:af:dd:08:e0:03:16: 9d:8d:6a:ee:e1:a3:2f:12:17:eb:81:ac:35:bb:5c: bc:d2:ad:6e:fe:fd:f6:2e:06:7a:ad:94:1c:02:ea: 7b:f0:7d:0d:7f:c2:52:61:01:40:a1:64:33:a2:4e: 50:02:4b:af:1e:03:0e:ac:9a:91:f9:a8:5d:65:47: fe:bf:ba:15:81:5c:78:b9:51:d9:ed:2c:ee:68:2f: f4:e7:95:b5:f0:ca:c4:7a:97:b5:79:bd:f8:39:71: 9a:e2:c9:7a:b2:52:b5:b4:84:04:8c:1d:8e:81:29: d0:02:b6:be:df:5d:28:59:f2:1c:c6:bb:07:17:fa: 25:de:bf:69:b0:e6:5e:fb:49:8d:78:f5:05:3d:7e: e1:b1:1c:6d:ce:42:32:0b:42:47:9c:0e:81:4a:43: f6:5f:95:15:b8:cc:ba:82:2d:68:89:51:27:d0:01: 2c:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:D9:FB:E0:0F:8B:93:5A:42:CB:70:67:AF:5E:3A:50:1A:4B:A4:8C X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67233a4e-590e-4497-a72c-fe940d42b798.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07c::/32 Signature Algorithm: sha256WithRSAEncryption 0b:15:93:91:1d:30:79:0c:c0:fb:5a:43:c6:59:f4:c4:f6:d6: 0b:fb:d8:ca:fc:ed:c8:77:62:b9:fe:63:14:dc:c1:24:da:c6: 32:b9:60:bb:0c:5a:54:45:fd:50:d4:62:22:83:87:a5:8e:f2: 38:ee:51:80:6c:44:fd:14:c9:2c:46:ec:d1:97:82:15:6d:71: fe:ef:9a:7a:79:d6:a1:7d:4c:9a:47:69:35:a0:71:eb:62:61: 32:6c:20:18:72:f0:90:ce:4b:7c:a1:99:95:47:c9:a4:ad:df: 6c:d6:7d:74:04:c7:ae:f6:c9:07:a9:6a:31:ff:f4:6b:f3:5a: b4:8f:c3:c3:5f:19:fc:b5:76:57:16:96:f5:1e:02:67:5f:05: 03:38:11:25:19:76:0c:e9:ff:1a:64:51:4c:8e:00:91:fa:ca: 3d:d3:54:3f:fd:d5:40:fd:16:17:98:be:b2:38:69:35:a5:cd: 72:7b:c3:8a:d1:cd:43:aa:bd:10:79:ab:eb:30:40:34:d7:32: 77:38:6b:6a:08:20:44:cb:66:99:7d:a8:5e:25:3a:45:b4:74: d0:1f:eb:f0:eb:6d:87:78:f9:fe:1f:5b:7d:f6:e0:ae:7f:3c: c6:7b:8d:3d:1d:9e:ba:4c:a1:63:9f:f1:a1:01:72:92:9b:6a: e8:2f:1a:09 -----BEGIN CERTIFICATE----- MIIFXzCCBEegAwIBAgIUXmphjsREgpgEqVgwe02uxQ88paEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjMwNDVaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGNhNmMxNTIwZWMzNDliMzFiM2JmZjQwZjY2OTgxZGM3ZGJmY2YwZWRhMjdj NTA4ZWRjNGM2MzMxODY0OWM0NDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANmhF2gyz7iAkoo04KblL6fLTF8X4SdQnOKIEGgiMCkwsp5pHp5BbLNgDNQf zjRE77LbkE1OoTJemC9OUSE5aobm+aQluwEQSezDeo3HSpylwfpyr90I4AMWnY1q 7uGjLxIX64GsNbtcvNKtbv799i4Geq2UHALqe/B9DX/CUmEBQKFkM6JOUAJLrx4D DqyakfmoXWVH/r+6FYFceLlR2e0s7mgv9OeVtfDKxHqXtXm9+DlxmuLJerJStbSE BIwdjoEp0AK2vt9dKFnyHMa7Bxf6Jd6/abDmXvtJjXj1BT1+4bEcbc5CMgtCR5wO gUpD9l+VFbjMuoItaIlRJ9ABLP8CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTv2fvg D4uTWkLLcGevXjpQGkukjDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NjcyMzNhNGUtNTkwZS00NDk3LWE3MmMtZmU5NDBkNDJiNzk4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Hww DQYJKoZIhvcNAQELBQADggEBAAsVk5EdMHkMwPtaQ8ZZ9MT21gv72Mr87ch3Yrn+ YxTcwSTaxjK5YLsMWlRF/VDUYiKDh6WO8jjuUYBsRP0UySxG7NGXghVtcf7vmnp5 1qF9TJpHaTWgcetiYTJsIBhy8JDOS3yhmZVHyaSt32zWfXQEx672yQepajH/9Gvz WrSPw8NfGfy1dlcWlvUeAmdfBQM4ESUZdgzp/xpkUUyOAJH6yj3TVD/91UD9FheY vrI4aTWlzXJ7w4rRzUOqvRB5q+swQDTXMnc4a2oIIETLZpl9qF4lOkW0dNAf6/Dr bYd4+f4fW3324K5/PMZ7jT0dnrpMoWOf8aEBcpKbaugvGgk= -----END CERTIFICATE-----Generated at Mon Dec 15 15:35:36 2025 by rpki-client