This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68ece0e7-075e-4bcd-873e-0c74882a8546.roa File: 68ece0e7-075e-4bcd-873e-0c74882a8546.roa (raw, json) Hash identifier: 8xdM/ob0E/t7pvXb9E2OBmaLxzj7n0nVdBPidRa2BsI= Subject key identifier: 08:48:60:83:23:97:39:60:B5:C7:EE:25:B5:7C:3E:45:B2:00:38:8C Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 0269315549E1B227A7BC1C848E4076226F098873 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68ece0e7-075e-4bcd-873e-0c74882a8546.roa Signing time: Sat 15 Nov 2025 06:21:11 +0000 ROA not before: Sat 15 Nov 2025 06:21:11 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:8080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:69:31:55:49:e1:b2:27:a7:bc:1c:84:8e:40:76:22:6f:09:88:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:21:11 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=39e2803120e80a0fd756f53cb8c3514ebd78f4dc8d30de1d4ad3b6ee4ec48cba, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:7c:c5:fd:75:74:e9:6f:9b:16:69:74:47:55: 9e:df:f2:3c:c4:e0:1d:a7:14:70:77:87:b5:81:18: 3d:12:69:35:da:09:22:8f:4b:0d:19:93:f1:72:f5: ac:76:ad:80:91:b0:c8:45:02:ca:82:9c:d4:0f:a7: 40:29:b5:74:5a:29:39:36:1f:29:1f:04:7f:13:b4: 8c:37:ae:ec:73:db:2f:44:26:b3:bf:94:9c:63:73: 75:5b:81:78:61:9d:7e:49:55:67:3e:f0:78:2f:52: 0f:81:cf:a0:81:e1:d5:c9:f8:4b:97:98:4e:97:f4: a7:24:1a:6c:41:ae:b9:47:14:ca:78:86:ad:83:a8: eb:98:42:7c:8c:ac:6e:04:14:98:b7:51:73:a1:fc: 78:bb:b3:fd:b1:73:30:be:b6:6b:d9:e4:17:9f:67: 0d:bb:45:43:18:cb:9a:44:68:28:f0:6d:17:ea:0a: 3a:ea:63:b8:81:2e:b6:97:0e:e2:d9:92:d1:61:43: a9:77:19:70:66:ed:b7:c5:66:02:52:2b:2a:57:c4: 12:7d:47:cb:b0:5e:5f:cf:2e:a8:a0:4e:32:d9:df: e7:0b:46:53:91:87:32:f1:fa:c7:85:21:fa:4b:bf: 9e:12:72:c6:65:47:d8:77:e2:7a:1c:37:d1:7a:38: 6b:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:48:60:83:23:97:39:60:B5:C7:EE:25:B5:7C:3E:45:B2:00:38:8C X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68ece0e7-075e-4bcd-873e-0c74882a8546.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:8080::/48 Signature Algorithm: sha256WithRSAEncryption 5c:62:1b:91:b4:cf:13:01:42:ef:34:5a:f7:d2:80:86:70:00: b5:b8:73:ed:27:74:df:cb:f4:f2:f4:fa:88:9a:50:e8:10:9c: d2:7f:6f:30:84:4f:c0:89:57:86:81:08:7c:f6:b7:38:d3:ef: f3:23:3f:72:67:58:38:9e:2b:db:b1:57:fc:65:06:67:62:2c: 50:7a:91:ef:0e:9f:cb:69:82:1d:d4:16:bc:07:44:09:5b:dc: 62:48:e7:ae:28:f2:10:84:37:44:82:e8:30:19:46:fc:9a:c3: 63:52:f1:5d:38:d7:4c:8d:1d:bf:d1:aa:84:29:ff:70:4d:84: b3:5d:03:04:b9:77:68:07:3b:61:2e:1b:e1:40:b9:74:2c:8d: 4f:ed:13:1f:26:06:00:96:4c:d3:36:a9:2f:9c:f4:ac:1d:54: 5d:55:82:71:06:43:42:81:c9:4b:d0:ca:db:06:67:00:a8:83: 8b:94:2d:c4:70:c5:44:09:a5:f5:4e:4d:8a:9f:be:e8:ce:da: 33:a7:32:ec:d1:e3:de:91:08:83:26:6a:4f:2e:45:55:98:ac: b9:f7:4c:fd:3e:f2:5a:98:62:bc:5e:03:0a:f4:6f:cf:36:35: 0a:fd:d0:0c:59:87:fa:ef:84:8b:d0:ce:da:8e:9a:f9:ec:55: 58:5c:9e:9d -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUAmkxVUnhsienvByEjkB2Im8JiHMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjIxMTFaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDM5ZTI4MDMxMjBlODBhMGZkNzU2ZjUzY2I4YzM1MTRlYmQ3OGY0ZGM4ZDMw ZGUxZDRhZDNiNmVlNGVjNDhjYmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJZ8xf11dOlvmxZpdEdVnt/yPMTgHacUcHeHtYEYPRJpNdoJIo9LDRmT8XL1 rHatgJGwyEUCyoKc1A+nQCm1dFopOTYfKR8EfxO0jDeu7HPbL0Qms7+UnGNzdVuB eGGdfklVZz7weC9SD4HPoIHh1cn4S5eYTpf0pyQabEGuuUcUyniGrYOo65hCfIys bgQUmLdRc6H8eLuz/bFzML62a9nkF59nDbtFQxjLmkRoKPBtF+oKOupjuIEutpcO 4tmS0WFDqXcZcGbtt8VmAlIrKlfEEn1Hy7BeX88uqKBOMtnf5wtGU5GHMvH6x4Uh +ku/nhJyxmVH2Hfiehw30Xo4a7MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQISGCD I5c5YLXH7iW1fD5FsgA4jDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NjhlY2UwZTctMDc1ZS00YmNkLTg3M2UtMGM3NDg4MmE4NTQ2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A gDANBgkqhkiG9w0BAQsFAAOCAQEAXGIbkbTPEwFC7zRa99KAhnAAtbhz7Sd038v0 8vT6iJpQ6BCc0n9vMIRPwIlXhoEIfPa3ONPv8yM/cmdYOJ4r27FX/GUGZ2IsUHqR 7w6fy2mCHdQWvAdECVvcYkjnrijyEIQ3RILoMBlG/JrDY1LxXTjXTI0dv9GqhCn/ cE2Es10DBLl3aAc7YS4b4UC5dCyNT+0THyYGAJZM0zapL5z0rB1UXVWCcQZDQoHJ S9DK2wZnAKiDi5QtxHDFRAml9U5Nip++6M7aM6cy7NHj3pEIgyZqTy5FVZisufdM /T7yWphivF4DCvRvzzY1Cv3QDFmH+u+Ei9DO2o6a+exVWFyenQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:51 2025 by rpki-client