This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e11a1fd-46e4-4d91-84e8-f174e0774136.roa File: 6e11a1fd-46e4-4d91-84e8-f174e0774136.roa (raw, json) Hash identifier: MTnMMsd4UfH8CjSw8np3SoUcrm1AkpL7IE1hrmMHKUs= Subject key identifier: F7:EF:4F:D2:3B:34:41:88:F6:9D:18:E8:22:B5:BA:B6:76:64:4E:6F Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2346661451B1C21B5DE45533091553788CC6E7EE Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e11a1fd-46e4-4d91-84e8-f174e0774136.roa Signing time: Tue 25 Nov 2025 20:10:09 +0000 ROA not before: Tue 25 Nov 2025 20:10:09 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d073:e0c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:46:66:14:51:b1:c2:1b:5d:e4:55:33:09:15:53:78:8c:c6:e7:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 25 20:10:09 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=6cca98d95105b6aa1bf1bbc775e4cbd1c8bbc99caf843aa353361a8e4a289e47, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:ea:b6:c9:39:87:84:f3:39:fd:25:13:d4:db: cb:d7:6c:87:43:bf:25:f0:8f:1e:c0:d9:18:22:e1: 8a:2c:73:c6:a6:e4:03:8f:6b:49:42:6b:78:cd:e4: 84:bb:53:ed:0a:65:1a:bd:fb:ef:11:89:9e:27:13: 26:48:0a:28:b7:1c:e1:18:cc:18:2f:15:3c:2b:dd: a4:9d:3f:57:84:b2:31:22:79:6b:95:b7:06:92:2a: 8d:85:24:19:b7:1c:c1:70:78:63:90:c2:55:35:63: 1f:53:f3:75:00:61:ca:3a:49:fd:33:f7:92:98:70: 53:cb:9f:22:95:48:ff:27:f2:80:26:d9:b7:bf:ba: 57:30:93:23:f5:67:04:90:ac:fc:0c:2c:38:2f:98: 75:ee:38:b5:4c:ad:7d:2d:1d:6f:7e:df:2b:6f:fc: 14:cb:ed:f5:45:a6:d7:f3:08:89:73:c2:2b:a7:d3: de:6b:3a:85:6e:93:7b:22:52:dc:4e:ff:61:ca:16: 36:a6:ac:2e:6a:2e:d3:a9:9b:cb:e2:97:c1:75:2f: 0c:7a:2c:d1:64:d5:7c:ea:6d:3a:98:83:0a:5c:47: d3:e9:2b:33:30:c3:27:c6:36:21:1f:4c:d5:15:f4: ff:f0:42:68:e0:50:2b:32:fd:a2:37:8b:0a:60:d4: 6f:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:EF:4F:D2:3B:34:41:88:F6:9D:18:E8:22:B5:BA:B6:76:64:4E:6F X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e11a1fd-46e4-4d91-84e8-f174e0774136.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d073:e0c0::/46 Signature Algorithm: sha256WithRSAEncryption 93:9d:64:46:56:5b:eb:40:ae:7b:5f:30:ee:ba:06:01:86:57: a4:5b:6c:4b:c7:7a:0b:bb:f9:9a:fb:70:15:4e:0d:83:93:18: 3e:4e:ef:b3:26:11:a3:2b:d5:bb:b7:f6:2c:1a:ea:ce:3b:d6: 0b:c2:3b:4e:b3:9b:1b:43:db:56:f0:97:cf:0e:24:1c:6c:94: ec:4f:f0:8e:13:e0:64:33:f1:65:5e:5f:de:ec:cd:4f:1f:8a: 3a:01:1f:ef:31:c6:af:b0:de:cf:2c:d9:c2:f7:40:4f:39:81: e9:94:96:1e:f9:2a:2f:f8:4d:f6:60:69:09:d7:63:d1:ce:13: e4:f0:30:ea:04:d7:22:6c:af:ea:60:71:f6:30:0e:91:d0:4d: 84:b7:23:c2:95:0b:e0:b1:19:cd:db:ec:14:5c:ef:d6:00:15: 52:98:36:e1:f6:02:f6:c0:8a:e6:9e:df:f5:8e:f1:3e:74:76: 2a:77:43:77:58:7c:2a:62:b2:37:e5:cd:43:39:28:9d:57:5d: 72:04:3d:ea:33:91:df:6c:2c:c5:29:06:67:32:ac:49:b9:b1: 49:ff:88:7b:07:89:3b:45:21:30:4b:24:4b:0f:12:db:79:df: cd:31:72:b7:53:f1:cf:55:5e:2c:4c:b5:7c:6b:7b:7d:29:68: 61:75:82:71 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUI0ZmFFGxwhtd5FUzCRVTeIzG5+4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjUyMDEwMDlaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQDZjY2E5OGQ5NTEwNWI2YWExYmYxYmJjNzc1ZTRjYmQxYzhiYmM5OWNhZjg0 M2FhMzUzMzYxYThlNGEyODllNDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMTqtsk5h4TzOf0lE9Tby9dsh0O/JfCPHsDZGCLhiixzxqbkA49rSUJreM3k hLtT7QplGr377xGJnicTJkgKKLcc4RjMGC8VPCvdpJ0/V4SyMSJ5a5W3BpIqjYUk GbccwXB4Y5DCVTVjH1PzdQBhyjpJ/TP3kphwU8ufIpVI/yfygCbZt7+6VzCTI/Vn BJCs/AwsOC+Yde44tUytfS0db37fK2/8FMvt9UWm1/MIiXPCK6fT3ms6hW6TeyJS 3E7/YcoWNqasLmou06mby+KXwXUvDHos0WTVfOptOpiDClxH0+krMzDDJ8Y2IR9M 1RX0//BCaOBQKzL9ojeLCmDUb2ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT370/S OzRBiPadGOgitbq2dmRObzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NmUxMWExZmQtNDZlNC00ZDkxLTg0ZTgtZjE3NGUwNzc0MTM2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HPg wDANBgkqhkiG9w0BAQsFAAOCAQEAk51kRlZb60Cue18w7roGAYZXpFtsS8d6C7v5 mvtwFU4Ng5MYPk7vsyYRoyvVu7f2LBrqzjvWC8I7TrObG0PbVvCXzw4kHGyU7E/w jhPgZDPxZV5f3uzNTx+KOgEf7zHGr7DezyzZwvdATzmB6ZSWHvkqL/hN9mBpCddj 0c4T5PAw6gTXImyv6mBx9jAOkdBNhLcjwpUL4LEZzdvsFFzv1gAVUpg24fYC9sCK 5p7f9Y7xPnR2KndDd1h8KmKyN+XNQzkonVddcgQ96jOR32wsxSkGZzKsSbmxSf+I eweJO0UhMEskSw8S23nfzTFyt1Pxz1VeLEy1fGt7fSloYXWCcQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:54 2025 by rpki-client